Dear All,
I am writing a network analysis tool. To implement one of the requested features, I need to hold / block outgoing connections attempts from processes, pending user decision.
The idea is to limit the traffic going through all interfaces by selectively allowing only some user-selected process to establish outgoing connections and send data (all apps trying to send data will appear in a list).
One of the requirements to this project is that the connection must not be denied, but rather put on hold, so that as soon as the go is given by the user, the process can send its data, as if nothing ever occured.
My question is : How can I hold a process outgoing network communication, without denying the connection, for quite a long time ?
What happens, for the calling process if I return EJUSTRETURN in the sf_bind_fun function ?
- Is the socket bind operation put on hold ? Is there a timeout occurring for the calling process ? => if so, will the NKE be notified when the requesting process gives up on the connection attempt ? - And more importantly, will the calling process be prevented from trying to open more sockets (kernel resources are limited).
I am certain some of these questions must seem very bottom-line for experienced NKE developers. So, I would like to thank you for taking the time to read me and for your answers.
Best regards, jean
|