Menu
I am trying to obtain handle key for socket-filter for registering packet filtration. I have already register it for TCP packets now I want to register it for UDP packet. This handle key needs to be unique from another applications.
sflt_filter.sf_handle = 0xAACAF333;
I have obtained it before about 2 years ago using the link (http://developer.apple.com/datatype/) but it get redirected to different link now.
I have read the link it says that Creator Codes are ignored by 10.6 and above. But for implementing kext for packet-filtration we need that code to be unique.
Does any one know how to obtain the unique key? OR it is not required to obtain the unique key? OR their is different way to use handle now?
Thanks in advance.
247
I know the question is very outdated, but I faced the same problem, and just for next one who will too:
now you can register and obtain unique handle for filter calling kev_vendor_code_find function from sys/kern_event.h, passing bundle id and pointer to uint32 variable.
After that, in user space you can get this handle by SIOCGKEVVENDOR ioctl, passing pointer to kev_vendor_code structure with same bundle id in vendor_string field.
You should not do any things to "unregister" this handle (but you should unregister the filter with this handle in driver::stop() )
113
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
