On Friday, October 11, 2002, at 10:40 AM, Michael Cashwell wrote: Greetings, I'm working on a datalink NKE which is a port of a body of code that works on Solaris and Linux. At this point I'm trying to get the darwin-specific parts of the kernel/userland IPC mechanism figured > out. The Linux code seems to blindly hijack the PF_KEY domain and excuses doing so with a rather lame comment that anything else using it would conflict with the module anyway so it's OK. I'd rather not do this on darwin / MacOS X and am eyeing the NKE Manager. Conceptually I think I get it. It marshals connections to a domain specifically create to allow userland code to find an NKE based on its handle. You're right, hijacking PF_KEY would be bad since PF_KEY is used for Mac OS Xs IPSec implementation. The NKE Manager is one way to go. With Jaguar, there is a better way using a PF_SYSTEM socket. I can not recall the details unfortunately. Perhaps someone else in the know will respond? As for the NKE Manager, there should be a sample NKE that makes use of it. Again, I can't recall the details. I'll ask around and see if anyone remembers. -josh _______________________________________________ darwin-kernel mailing list | darwin-kernel@lists.apple.com Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/darwin-kernel Do not post admin requests to the list. They will be ignored.