site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:in-reply-to:references:mime-version:content-type:message-id:cc:from:subject:date:to:x-mailer; b=f83gNLimRN0xagpslZVUL6ehtexPXDGgB5UJ69ZSMzrba617YuGla6SdbpizmBMrh/glJucPuwwNd5zDf1scRCzXMvwszeSUYVcgCB/Fb5b5OixulF8rat8TCLh2EHKM/c32HF7lurd3cS/Tr0ojSJ28MRCFoJApLNTkRKCivyM= Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:in-reply-to:references:mime-version:content-type:message-id:cc:from:subject:date:to:x-mailer; b=WabKhsdK/5v876KzKFK3/XzXCUt+EyG11Wv6ofjidc6He7tGh3z6QZdIxp4Bc9/F8CmuxlD/dY4jdsvujzdaUjLdLqQj8itKHB57+9Yn/magPiH7WzFotXLdIrO7xF3hixzO7IUKMwJZj3Ry7YHfEYVB7ZdMbAYp3u/A5W6WARQ= On Mar 15, 2007, at 22.34.28, Josh Graessley wrote: Thanks. -- Curtis Jones curtis.jones@gmail.com _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... This email sent to site_archiver@lists.apple.com The best solution is to write a filter that runs in a process in user space. Your in kernel kext is responsible for intercepting the outbound connection via the connect out filter. If the socket is a synchronous/blocking socket, call sock_connect with the loopback address and the port your user space process is listening on. Send the address and port the connect was initially trying to reach to your user space process. Have your user space process connect to that destination and then relay the connect result back to your kext. If the result was success, return EJUSTRETURN from your out filter function. Otherwise, call sock_shutdown on the socket and return the error. If the socket is a non-blocking socket, things may be a little trickier. I can't remember the exact details, but it can be made to work. Anyhow, once you have done this, the client thinks their connected to some remote server when they're really connected to your process. Your process is responsible for forwarding data between the two sockets. When the remote socket closes, you can finish writing your data before closing the socket between your transparent proxy app and the app that initiated the connection. There are some other tricky things related to TCP half closes and whatnot. I think I have this just about 95% done ... and I'm stuck. Unless I'm doing something tragically wrong ... it appears that the data_out callback is never called for the socket for which EJUSTRETURN is returned from connect_out - that is, the socket that some process is trying to create, for which I want to usher the data through another socket. I've primarily been using telnet to test. The service to which I'm connecting immediately sends data which is properly received by my second socket and is successfully injected into the process's socket and received by the process and printed to the terminal while sending data never amounts to the data_out callback being called. Any ideas? Is there anything special that I need to do to the "EJUSTRETURN socket"? smime.p7s