Re: ip level NKE - how to trace the process that generates traffic?
Re: ip level NKE - how to trace the process that generates traffic?
- Subject: Re: ip level NKE - how to trace the process that generates traffic?
- From: James J <email@hidden>
- Date: Wed, 28 Mar 2012 19:00:21 +0300
Hi Matt,
Yes, I was thinking to use control socket for userland/kernel land communication, and i was thinking about using proc_selfpid().
However, you described the diverting mechanism (ipfw divert rule) - a socket level redirect, whereas what I need is forwarding (ipfw forward rule) - working on an IP level (and redirecting whole IP packets to the proxy).
On Mar 28, 2012, at 10:38 AM, James J wrote:
> I am writing a transparent proxy server, which is a user mode application, and i need to redirect all the packets to that application except those, that were generated by Proxy App itself (these packets need to be bypassed freely)..
>
> The only problem I have, is determining, whether the IP packet is generated by the Proxy Application (to which all the other packets should be redirected, in an ipfw manner).
The way I solved this was to create a control socket, over which the proxy application would register with the kernel extension. From the ctl_setopt() callback, I cached the results of proc_selfpid() as well as details about the proxy's listener port. From then on, when a new outgoing connection was created, my sf_connect_out_func() would divert or allow the request based on after comparing against the caller's pid. WHen the control socket closed, I'd clear the cached pid and stop diverting requests.
Matt
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macnetworkprog mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden