Re: ipf_inject_input return error 45
Re: ipf_inject_input return error 45
- Subject: Re: ipf_inject_input return error 45
- From: "Mike C." <email@hidden>
- Date: Thu, 08 Dec 2011 18:57:49 +0100
Hello Vincent,
Thanks for your response!
I am not modifying the mbuf captured in the input_fn function by the
IP filter in any way. In fact, if I re-inject the mbuf right after
capturing it while I am still in the input_fn function, everything
works out as expected. However, when I re-inject the same mbuf later
(after receiving the processing result from user mode) I get an
ENOTSUP error. Am I not allowed to hold on to the mbuf reference to
re-inject it later??
Mike
2011/12/8 Vincent Lubet <email@hidden>:
> Mike,
>
> ENOTSUP is returned by ipf_inject_input() when the packet is not an IPv4 or IPv6 packet. You need to make sure the mbuf data pointer points to the start of the IPv4 or IPv6 packet.
>
> Vincent
>
> Le Dec 8, 2011 à 4:02 AM, Mike C. a écrit :
>
>> Hello,
>>
>> I am working on a Network Kernel Extension that re-injects packets
>> after they have been captured with an IP Filter. However, the
>> re-injection doesn't work. ipf_inject_input always returns error code
>> 45, which means "Operation not supported". What am I doing wrong? Here
>> is my setup and (simplified) code:
>>
>> mbuf_t *saved_packet = NULL;
>>
>> // function called by ip filter when new ip packet arrives
>> errno_t input_fn(void *cookie, mbuf_t *data, int offset, u_int8_t protocol) {
>>
>> // test, if packet is interesting for us
>> // [...]
>>
>> if (saved_packet != NULL) {
>> // Drop
>> return -1;
>> }
>>
>> // keep reference to packet for later injection
>> saved_packet = data;
>>
>> // send packet to usermode for further processing
>> mbuf_t new_mbuf;
>> mbuf_dup(*data, MBUF_WAITOK, &new_mbuf);
>> if (ctl_enqueuembuf(ctlref, ctrl_unit, new_mbuf, 0) != 0) {
>> // error, drop packet
>> saved_packet = NULL;
>> retrun -1;
>> }
>>
>> // EJUSTRETURN = the packet will not be freed
>> return EJUSTRETURN;
>> }
>>
>>
>> // function called when usermode sends processing result back
>> errno_t ctl_send_fn(kern_ctl_ref kctlref, u_int32_t unit, void
>> *unitinfo, mbuf_t m, int flags) {
>> int result;
>> mbuf_copydata(m, 0, sizeof(result), &result);
>>
>> if (result == 1) {
>>
>> // the following call returns 45 ("Operation not supported") - WHY??
>> errno_t errno = ipf_inject_input(*saved_packet, installed_filter);
>>
>> saved_packet = NULL;
>> } else {
>> // [...]
>> }
>>
>> return 0;
>> }
>>
>> Where is my mistake? Your help is greatly appreciated!
>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden