site_archiver@lists.apple.com Delivered-To: darwin-kernel@lists.apple.com On Nov 24, 2010, at 2:39 PM, Quinn The Eskimo! wrote:

On 24 Nov 2010, at 22:30, eveningnick eveningnick wrote:

...

Is there a way to determine, which process tried to establish connection from an NKE driver

What type of NKE? A socket filter NKE can reasonably get this information, but that's not true for other NKEs.

Also worth noting, even with a socket filter NKE, the current PID can be deceptive, especially for network file system sockets or sockets that are created for an incoming connection on a listening socket. -josh _______________________________________________ Do not post admin requests to the list. They will be ignored. Darwin-kernel mailing list (Darwin-kernel@lists.apple.com) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/darwin-kernel/site_archiver%40lists.a... This email sent to site_archiver@lists.apple.com