site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com JP On 17 Dec 2004, at 19:49, Matt Jaffa wrote: Matt On Dec 17, 2004, at 8:45 PM, John Davidorff Pell wrote: Why aren't you using the firewall? JP On 17 Dec 2004, at 19:36, Matt Jaffa wrote: Hi, (void)thread_funnel_set(network_flock, funnel_state); return 0; } Thanks, Matt This email sent to johnpell@mac.com -- - /~\ The ASCII \ / Ribbon Campaign X Help cure HTML Email / \ _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... This email sent to site_archiver@lists.apple.com I am not an expert at the firewall, but I think that it is possible to defer sending a packet using the existing firewall. Then, a user-land app can determine if the packet should be sent (by asking the user) and then return to the kernel. Thus, there is no NKE needed. I am not sure though. If you have already investigated that, then I'm sorry for the noise. :-) Because I am writing an application based firewall. With easy to configure rules, and alerts on an outgoing connection you don't have a rule for. I have written a Socket NKE filter that filters UDP traffic, in the send function I want to know what the foreign ip address is and the port number. I have tried a couple of ways, and both don't work: Here is what I have tried: static int tl_send2(struct socket *so, struct sockaddr **nam, struct uio **uio, struct mbuf **m, struct mbuf **control, int *flags, struct kextcb *kp) { boolean_t funnel_state; funnel_state = thread_funnel_set(network_flock, TRUE); printf("UDP: %d\n",current_proc()->p_pid); if(nam && *nam) { struct sockaddr_in * jk = (struct sockaddr_in *)*nam; printf("Here: %s\n", inet_ntoa(jk->sin_addr)); printf("Sorry: %u\n", jk->sin_addr.s_addr); } else { // what to do if it falls in the else clause? printf("Sorry: It is not null jaffa\n"); } I need to know what to do if it falls in the else statement of this if else. _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/johnpell% 40mac.com -- "Faith: Belief without evidence in what is told by one who speaks without knowledge, of things without parallel." - A.B. smime.p7s