site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:date:message-id :subject:from:to:content-type; bh=j5maG4SNsn+rPw3Lu4VrO7aYxtcO6+w+tuXLKGfSN3I=; b=CvsckxQ5rBD3puAx2AecHYksPngkQgLUoqjqaczN1X3jwhBK0rCncZnHH3smt62lUw Mr7swfS6Xie6zf+FbLyO1gin0bvCYp5MCIyl6WUBgLyMOweItG7FFbRdb5umAQCxW7BI nHHceRRD485WHB3Nc3g5Yc2jEvYg6EZ0Uft4Q= Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=Dyd0nkThyboqK835DW8KHMAD+12odVdGv+0FxjuRdEUmZJDXdbNMpBK2RimmyW1rMK mqy6QE4Ty/UM5ThEbYM5xS0Oc7fElkbbO0BRxvdQl5AjkNsbYBpIAdRz1Ga5DHsfh0No ZPD+MBUOcDrZuI7U8T3WefuuZAd09BpiGA1BQ= Hi, I'm using the ipf_filter KPI for delaying some TCP packets, by returning EJUSTRETURN or some other non-zero value from the ipf_input callback. Apparently the callback receives the same mbuf (20 times in less than a second) unless I reinject the packet in the next 100msecs or so. I am clearly misunderstanding the way packets should be dropped, so I'd appreciate a hint. Minimal 1-page source code that shows what I'm doing is attached. Thanks, Bogdan Harjoc #include <mach/mach_types.h> #include <libkern/libkern.h> #include <sys/systm.h> #include <sys/kpi_mbuf.h> #include <netinet/in.h> #include <netinet/ip.h> #include <netinet/tcp.h> #include <netinet/kpi_ipfilter.h> static ipfilter_t ip_filter_ipv4_ref = NULL; static errno_t pr_ip_input(void* cookie, mbuf_t *data, int offset, u_int8_t protocol) { struct ip *ih; struct tcphdr *th; if (! (data && *data)) return 0; if (protocol != IPPROTO_TCP) return 0; ih = mbuf_data(*data); th = (struct tcphdr *)(((char *)ih) + offset); #define F(v) !!(th->th_flags & v) printf("in: %p syn=%d ack=%d fin=%d rst=%d\n", *data, F(TH_SYN), F(TH_ACK), F(TH_FIN), F(TH_RST)); if (th->th_flags & TH_FIN) return EINVAL; else return 0; } static errno_t pr_ip_output(void* cookie, mbuf_t *data, ipf_pktopts_t options) { return 0; } static void pr_ip_detach(void* cookie) { } static struct ipf_filter ip_filter_ipv4 = { .name = "ipftest", .ipf_input = pr_ip_input, .ipf_output = pr_ip_output, .ipf_detach = pr_ip_detach, }; kern_return_t ipftest_start(kmod_info_t * ki, void * d) { printf("=== start\n"); return ipf_addv4(&ip_filter_ipv4, &ip_filter_ipv4_ref); } kern_return_t ipftest_stop(kmod_info_t * ki, void * d) { printf("=== stop\n"); return ipf_remove(ip_filter_ipv4_ref); } extern kern_return_t _start(kmod_info_t *ki, void *data); extern kern_return_t _stop(kmod_info_t *ki, void *data); __private_extern__ kern_return_t ipftest_start(kmod_info_t *ki, void *data); __private_extern__ kern_return_t ipftest_stop(kmod_info_t *ki, void *data); KMOD_EXPLICIT_DECL(dsd.kext.ipftest, "1.0.0d1", _start, _stop) __private_extern__ kmod_start_func_t *_realmain = ipftest_start; __private_extern__ kmod_stop_func_t *_antimain = ipftest_stop; __private_extern__ int _kext_apple_cc = __APPLE_CC__; _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... This email sent to site_archiver@lists.apple.com