site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com Dear all, The start function of the NKE does something like and the callback function is similar to bzero((void *)&msg, sizeof(struct msghdr)); bzero((void *)cmsgbuf, CMSG_SPACE(sizeof (struct in_addr))); msg.msg_name = NULL; msg.msg_namelen = 0; msg.msg_iov = NULL; msg.msg_iovlen = 0; msg.msg_control = (void *)cmsgbuf; msg.msg_controllen = CMSG_LEN(sizeof (struct in_addr)); msg.msg_flags = 0; length = (1<<16); error = sock_receivembuf(so, &msg, &packet, 0, &length); ... However the application level firewall is blocking the reception of packets for the kernel socket except for selecting 'Allow all incoming connections', which opens it up completely. How can I tell the application level firewall that it is OK to allow packets for an application called kernel or do I have to do more than the above to tell the alf that accepting packets on that socket is OK. Best regards Michael _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... I have a network kernel extension which opens and reads on a kernel UDP socket. error = sock_socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP, callback, NULL, &so); memset((void *)&addr, 0, sizeof(struct sockaddr_in)); addr.sin_len = sizeof(struct sockaddr_in); addr.sin_family = AF_INET; addr.sin_port = htons(PORT); addr.sin_addr.s_addr = htonl(INADDR_ANY); error = sock_bind(so, (const struct sockaddr *)&addr); This email sent to site_archiver@lists.apple.com