Re: Data link NKE help
Re: Data link NKE help
- Subject: Re: Data link NKE help
- From: "Justin C. Walker" <email@hidden>
- Date: Thu, 18 Jul 2002 21:35:33 -0700
On Thursday, July 18, 2002, at 06:52 PM, Mike Cashwell wrote:
Greetings all!
I have a new project in front of me involving network port
authentication.
From what I can tell, I'll have a data link NKE and a user-land
daemon.
My plan is to be a good citizen and keep the in-kernel portion as small
and tightly focused as possible. I expect to use a startupitem to load
the
NKE and start the daemon.
After a trip to Apple's documentation and this list's archives I keep
finding references to a pdf file that discusses NKE development. The URL
is http://developer.apple.com/techpubs/macosx/Darwin/Extensions/NKE.pdf
but the file I get from it is only 1K in size and neither Acrobat Reader
nor Preview can make sense of it. Does anyone know of or have a good
copy
of this file? I realize it's out of date but it must be better than
nothing.
There have been references to
file:///Developer/Documentation/Darwin/Extensions/NKE.pdf, which is much
bigger than 1K; check that out.
While I'd like to read that pdf before peppering the list with a lot of
questions, here's what I'm looking for:
1: Page 123 of the KernelProgramming.pdf shows that Data Link NKEs can
be
both above and below the DLIL. What's the difference between these two
and
why would I choose one over the other? And once that's decided, how do I
in the code choose where my NKE plugs in?
This is discussed briefly in the doc; the deal is:
- above DLIL, it's a "protocol filter" NKE, and sits between a specific
protocol stack and a specific device
- below DLIL, it's an "interface filter" NKE, and sits above a specific
device
so the difference is in the former case, you get a look at all traffic
to and from a specified device, of a specified protocol type; while in
the latter, you get a look at all traffic to and from a specified
device, period. The distinction in the code is made by the registration
call you make.
2: Assuming my NKE/daemon approach is valid, how does the NKE find
network
interfaces (of interest) and insert itself so that traffic cannot bypass
it? It will need to do this when the NKE first loads and deal with
interfaces appearing and disappearing thereafter. Anyone have pointers
for
this? Is there only one "instance" of the NKE or is it one per
interface?
Check out the SharedIP NKE for an indication of how this is done. This
NKE handles the support for sharing an IP address with the Classic
(Streams) stack, so that a single IP address is needed for both
environments. The Classic app gets a list of the devices of interest
from the kernel, and sends the name of the device it wants to the NKE
via an IOCTL. There are other ways to communicate with a "filter-type"
NKE than IOCTL; this is used for SharedIP since the Classic app already
has a socket open to the device (a PF_NDRV socket, giving it 'raw'
access). See below.
3: And lastly, I will need the daemon and NKE to be able to communicate
with each other. How does the daemon find the NKE (or NKEs if there must
be one per interface)? How do they establish bidirectional
communication?
(I only need a small amount of data transferred infrequently. I'm not
sending all network traffic out to user land and back!)
Look for the NKEMgr NKE in the darwin repository; this is the (current)
mechanism used to communicate with NKEs, although in the longer term,
this will be incorporated into the base kernel. There's an NKE called
TCPLogger, and a command called tcplog, in the repository which show how
to use this scheme.
My plan for this (following what documentation I can find) is to use
syscall() for the daemon to send data to the NKE. But I will need to
allow
the NKE to send data or events back to the daemon independently (ie: no
polling!).
With the PF_NKE (as it's now called) scheme implemented by NKEMgr, you
get what you want. This is currently a "hack", awaiting integration
into the base system, but it will work.
In the IOKit world with a userclient I'd have a daemon thread wait on a
queue that it had made known to the NKE. But NKEs don't have workloops
or
userclients, right? Any guidance would be appreciated.
Of course data link NKE sample code would probably answer most of this.
Anyone ever seen any?
SharedIP and VLan are two that are in the repository.
Regards,
Justin
--
Justin C. Walker, Curmudgeon-At-Large *
Institute for General Semantics | If you're not confused,
| You're not paying attention
*--------------------------------------*-------------------------------*
_______________________________________________
darwin-kernel mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/darwin-kernel
Do not post admin requests to the list. They will be ignored.