• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: Using ipf_inject_input with Local Packets
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using ipf_inject_input with Local Packets

  • Subject: Re: Using ipf_inject_input with Local Packets
  • From: Josh Graessley <email@hidden>
  • Date: Mon, 20 Jun 2005 08:39:25 -0700

It may be possible that you aren't setting the rcvif correctly in the mbuf pkthdr. There is a check that the loopback packets are received on the loopback interface. Another possibility is that the checksum related flags are not being carried over. These flags indicate what checksums were performed in hardware. The loopback uses a trick where it never calculates the checksums on transmit. When the packet is looped back, the loopback interface sets the flags indicating that the checksums were calculated in hardware on the card and the checksums are correct. If you strip the flags indicating the checksum was correct according to hardware, the checksums will be performed in software. Since they were never calculated on the outbound path, the checksums will be wrong and the packet will be dropped. Look for bad checksums using netstat -s.

Or it could be something else completely.

-josh

On Jun 19, 2005, at 11:16 PM, Raj Doshi wrote:

Hello,

I would first like to thank Vincent Lubet for his help with my previous question on this list. Now, I have another question:

I'm intercepting incoming packets in my kext with KPI IP filters (Mac OS X 10.4.1), sending them to a user-space process, getting them back (possibly modified) from the user-space process, and re- injecting them with ipf_inject_input. I've got this working fine in most cases, like when accessing remote web sites. However, http connections to 127.0.0.1:80 fail and result in messages like "NetInfo connection failed for server 127.0.0.1/local" in console.log. To attempt to isolate the problem, I've tried the following:

1. Immediately re-injecting the mbuf that I receive from the filter. In this case, the local connection works.
2. Immediately re-injecting a copy (using mbuf_dup) of the mbuf that I receive from the filter. In this case, the local connection fails.

I am wondering what I can do so that these local connections will still work when I inject a copy of the original mbuf. If there is no good solution to this, then I am wondering exactly for which packets I need to avoid making copies of the mbuf.

Thanks,
Raj Doshi_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
40apple.com

This email sent to email@hidden


Attachment: smime.p7s
Description: S/MIME cryptographic signature

 _______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:

This email sent to email@hidden
  • Follow-Ups:
    • Re: Using ipf_inject_input with Local Packets
      • From: Raj Doshi <email@hidden>
References: 
 >Using ipf_inject_input with Local Packets (From: Raj Doshi <email@hidden>)

  • Prev by Date: Re: what happened to rtredirect()?
  • Next by Date: Re: Processes running path
  • Previous by thread: Using ipf_inject_input with Local Packets
  • Next by thread: Re: Using ipf_inject_input with Local Packets
  • Index(es):
    • Date
    • Thread