Re: Programmatic Interface to pf (firewall)
On Oct 17, 2013, at 1:50 PM, comex <comexk@gmail.com> wrote:
On Thu, Oct 17, 2013 at 2:02 AM, Scott Davies <code-poet@hotmail.com> wrote:
I have begun research on this and have just started to read about Network Kernel Extensions, however, I am curious if there is a way to do this from user space or if it is only a kernel space option. In particular, an Objective-C interface for this to use from user space would be beneficial.
The /dev/pf ioctl interface is the same as the one documented in BSD:
A word of caution: the PF ioctls are not a public API for OS X and they exist in xnu only to support the needs of pfctl(8). That means the PF ioctls are not supported and may be modified or even removed from any release without advance notice. Vincent _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: https://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.... This email sent to site_archiver@lists.apple.com
participants (1)
-
Vincent Lubet