On Monday, August 19, 2002, at 09:30 , devdrvr.net Multi-Platform SW wrote: Need to write one for on the fly encryption commercial project. Are there examples for how I might hook into the running packet stream and be in kernel space? There are several NKE examples in the Darwin repository: TCPLogger - an example of a "socket NKE" that grabs every incoming and outgoing TCP connection, and logs the start and termination time, along with the number of packets (as best it can tell) and bytes transmitted in each direction SharedIP - an "interface filter" NKE that is used to support the sharing of an IP address between Mac OS X and Classic to allow Classic to use its own IP stack without (much) modification. This NKE grabs all incoming and outgoing traffic that uses a specified network device (ethernet). VLan - a "psuedo network device" NKE that grabs all the traffic through a specified device, acting like a protocol on the bottom, and a device on the top, to emulate a (port on a) VLAN switch. IPFirewall - a "port" of the freebsd "ipfw" implementation, to work with Darwin and the SharedIP implementation, so it protects Classic networking as well as Mac OS X/Darwin traffic. There's also documentation in file://Developer/Documentation/Darwin/Extensions/NKE.pdf. Regards, Justin -- Justin C. Walker, Curmudgeon-At-Large * Institute for General Semantics | Men are from Earth. | Women are from Earth. | Deal with it. *--------------------------------------*-------------------------------* _______________________________________________ darwin-kernel mailing list | darwin-kernel@lists.apple.com Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/darwin-kernel Do not post admin requests to the list. They will be ignored.