Re: DNS from a Kernel Extension
Re: DNS from a Kernel Extension
- Subject: Re: DNS from a Kernel Extension
- From: "Curtis Jones" <email@hidden>
- Date: Fri, 10 Nov 2006 21:30:39 -0500
On 11/10/06, William Kucharski <email@hidden> wrote:
WHY? This is just wrong on so many levels...
If you ever need to do this type of thing, you need to take a step back
and figure out why you're trying to this from the KERNEL. I can't even
really think of one.
The right way to do this is to have a user space process do the DNS
resolution and pass the information to your kernel extension; better yet would
be for a user space daemon to do both the DNS resolution AND all network
communication.
Thankfully in this case I'm not so masochistic as to want to do
network communication from within the kernel. A fun exercise perhaps,
but definitely not practical.
In this case I have a network kernel extension that is evaluating some
criteria ("rules") for each new socket connection (among other
things)*. One aspect of a rule is a remote endpoint address (or dns
name). So, this is where my need comes from to do the resolution. So
while I understand that I should do DNS resolution in the user space,
I would prefer to block as little as possible when within the data
path of a socket. Add a trip to user space and back is minor in
comparison with actually performing the DNS resolution, I know. I was
looking at each step and considering which could possibly be removed
for the sake of that aforementioned data path.
* Sounds like a firewall, I know. Similar concept; different application.
-Curtis
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden