• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: interception of socket connections?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: interception of socket connections?


  • Subject: Re: interception of socket connections?
  • From: Quinn <email@hidden>
  • Date: Wed, 27 Aug 2003 19:30:42 +0100

At 19:18 -0400 26/8/03, Peter Lovell wrote:
it is possible but it is not easy. It's done using "Network Kernel
Extensions" which, as the name suggests, are loaded into the kernel and
can intercept and deal with network traffic.

Another option is to use a firewall divert socket. This avoids the need for messing around with NKEs (which is good for a number of reasons, see below), at the cost of having to mess around with the firewall (which, as I mentioned earlier today, has no useful API on Mac OS X). "man ipfw" gives you more information about the facilities of the firewall.

NKEs are problematic for a number of reasons:

1. They live in the kernel and, as a general rule, you should avoid running code in the kernel if you can.

2. They're part of the BSD subsystem, which currently has no binary compatibility guarantee. Apple is planning on adding a binary compatibility promise to the BSD parts of the kernel in the future (we discussed this Kernel Programming Interfaces (KPI) effort at WWDC this year), but for now NKE developers often have to rev when the system revs.

S+E
--
Quinn "The Eskimo!" <http://www.apple.com/developer/>
Apple Developer Technical Support * Networking, Communications, Hardware
_______________________________________________
macnetworkprog mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/macnetworkprog
Do not post admin requests to the list. They will be ignored.

  • Follow-Ups:
    • Re(2): interception of socket connections?
      • From: "Peter Lovell" <email@hidden>
    • Re: interception of socket connections?
      • From: Douglas Davidson <email@hidden>
References: 
 >interception of socket connections? (From: Apple Developer <email@hidden>)
 >Re: interception of socket connections? (From: "Peter Lovell" <email@hidden>)

  • Prev by Date: Problems building with SCF and XCode
  • Next by Date: Re: interception of socket connections?
  • Previous by thread: Re: interception of socket connections?
  • Next by thread: Re: interception of socket connections?
  • Index(es):
    • Date
    • Thread