Re: ipf_inject_input return error 45
Re: ipf_inject_input return error 45
- Subject: Re: ipf_inject_input return error 45
- From: Vincent Lubet <email@hidden>
- Date: Thu, 8 Dec 2011 11:08:06 -0800
Mike,
It's not clear to me what's going wrong but in case like these I use printf to show the detail of the mbuf. I would compare the saved_packet
mbuf before calling ctl_enqueuembuf() and before ipf_inject_input().
Vincent
Le Dec 8, 2011 à 9:57 AM, Mike C. a écrit :
> Hello Vincent,
>
> Thanks for your response!
>
> I am not modifying the mbuf captured in the input_fn function by the
> IP filter in any way. In fact, if I re-inject the mbuf right after
> capturing it while I am still in the input_fn function, everything
> works out as expected. However, when I re-inject the same mbuf later
> (after receiving the processing result from user mode) I get an
> ENOTSUP error. Am I not allowed to hold on to the mbuf reference to
> re-inject it later??
>
> Mike
>
> 2011/12/8 Vincent Lubet <email@hidden>:
>> Mike,
>>
>> ENOTSUP is returned by ipf_inject_input() when the packet is not an IPv4 or IPv6 packet. You need to make sure the mbuf data pointer points to the start of the IPv4 or IPv6 packet.
>>
>> Vincent
>>
>> Le Dec 8, 2011 à 4:02 AM, Mike C. a écrit :
>>
>>> Hello,
>>>
>>> I am working on a Network Kernel Extension that re-injects packets
>>> after they have been captured with an IP Filter. However, the
>>> re-injection doesn't work. ipf_inject_input always returns error code
>>> 45, which means "Operation not supported". What am I doing wrong? Here
>>> is my setup and (simplified) code:
>>>
>>> mbuf_t *saved_packet = NULL;
>>>
>>> // function called by ip filter when new ip packet arrives
>>> errno_t input_fn(void *cookie, mbuf_t *data, int offset, u_int8_t protocol) {
>>>
>>> // test, if packet is interesting for us
>>> // [...]
>>>
>>> if (saved_packet != NULL) {
>>> // Drop
>>> return -1;
>>> }
>>>
>>> // keep reference to packet for later injection
>>> saved_packet = data;
>>>
>>> // send packet to usermode for further processing
>>> mbuf_t new_mbuf;
>>> mbuf_dup(*data, MBUF_WAITOK, &new_mbuf);
>>> if (ctl_enqueuembuf(ctlref, ctrl_unit, new_mbuf, 0) != 0) {
>>> // error, drop packet
>>> saved_packet = NULL;
>>> retrun -1;
>>> }
>>>
>>> // EJUSTRETURN = the packet will not be freed
>>> return EJUSTRETURN;
>>> }
>>>
>>>
>>> // function called when usermode sends processing result back
>>> errno_t ctl_send_fn(kern_ctl_ref kctlref, u_int32_t unit, void
>>> *unitinfo, mbuf_t m, int flags) {
>>> int result;
>>> mbuf_copydata(m, 0, sizeof(result), &result);
>>>
>>> if (result == 1) {
>>>
>>> // the following call returns 45 ("Operation not supported") - WHY??
>>> errno_t errno = ipf_inject_input(*saved_packet, installed_filter);
>>>
>>> saved_packet = NULL;
>>> } else {
>>> // [...]
>>> }
>>>
>>> return 0;
>>> }
>>>
>>> Where is my mistake? Your help is greatly appreciated!
>>
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Darwin-kernel mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden