PF (packet filter) is a kernel-level firewall, included in BSD-like kernels (Darwin kernel is basically BSD), and BSD man pages provide detailed documentation about these headers, letting control PF programmatically. PF is included in OSX kernel, even though it's disabled by default.
I know it's possible to control PF in OSX someway, because applications like Murus exist, providing user-friendly GUI for this low-level "king of firewalls", and this API is not not manual /etc/pf.conf parsing, as I suspected first.
Any way to add these headers and control PF from my OSX applications?
MacOS Sierra 10.12.6
Xcode 9.2 (9C40b)
UPDATE Some information I found, a bit out-of-date though
the <net/pfvar.h> you are looking for is at the link below (for MacOS Mojave and Catalina) - Older versions are also available.
https://opensource.apple.com/source/xnu/xnu-4903.221.2/bsd/net/pfvar.h.auto.html
Here is <net/pfvar.h> for the MacOS Sierra:
https://opensource.apple.com/source/xnu/xnu-3789.70.16/bsd/net/pfvar.h.auto.html
If you need a full working application example, I ported pfctl from BSD to MacOS and compiled it using all the MacOS kernel headers and system libraries. I can upload the full working source-code tree on GitHub for you. Currently I am using it on Catalina, and I can control anything on the PF subsystem. You can then learn from it and use the routines on your app. The code, functions and parameters are simple to understand and can easily meet your needs.
Related
I'm working on an app that, due to restrictions that are beyond my control, is being built as an x86_64 app using an outdated macOS SDK (in this case the macOS 10.15 SDK).
It runs fine on an Apple Silicon mac using Rosetta 2, but the app needs to get the current version of macOS, and the available APIs lie to it under these conditions, consistently reporting the version is 10.16 when really it should be macOS 11.x or 12.x.
In other circumstances where the system API lies, I've been able to get the real info using sysctl, but in this case calling sysctlbyname("kern.osproductversion", ...) still lies to my app and reports 10.16.
How can I get the true version of macOS under these circumstances?
The only solution I've found so far is to launch the sysctl command line utility as a separate process and use it to query the system version. Here's a C++ implementation using Qt:
QProcess *p = new QProcess;
p->setProgram("/usr/sbin/sysctl");
p->setArguments({"-b", "kern.osproductversion"});
p->start();
if (!p->waitForFinished(2000)) {
// handle unlikely error here
}
QByteArray systemVersion = p->readAllStandardOutput();
On the bright side, this only ever needs to be executed once as the system version presumably won't change over the course of a process's life. Nonetheless I'll leave this question open in case someone has a better solution.
I am in the process of installing SDL 2 on Mac OSX 10.9 via macports, and for reference I have been following the official documentation as well as any sdl-specific information I can find.
https://guide.macports.org/ is straight-forward, as is:
https://guide.macports.org/#using.variants.invoking
I see that sdl2lib is available...
libsdl2 has the variants:
universal: Build for multiple architectures
x11: Enable X11 support
but despite having looked through pages at the above links and having searched for documentation for "SDL with X11", I can't seem to find information about whether I need X11 (and/or universal AKA powerpc) support. I wouldn't want to install SDL only to find that something is broken or missing.
Then again, there were some issues with X11 being enabled by default back when Mac OSX 10.1 was new:
https://forums.libsdl.org/viewtopic.php?t=2871&sid=52ca72a72c285196dd25fd8619715ae9
(That is another problem: much of the information I discover applies to outdated operating systems.)
Apparently SDL wasn't thread-safe at one point unless you used X11, but this was mentioned when SDL verson 1 was the main version:
http://forum.freegamedev.net/viewtopic.php?f=3&t=1078
How am I meant to proceed (Which flags, if any, are usually chosen?)
port install libsdl2 <???>
I would appreciate any help and follow-up warnings for the next stepsinstallation steps.
Thank you in advance.
Most people have moved to Homebrew as their package system, but Macports should work just fine.
Universal does not mean PowerPC necessarily. In fact almost no one needs it anymore. Universal means a fat binary, which architectures this defines is set in your Macports configuration.
SDL2 should work just fine under Quartz, no need to have X11 - as also makes deployment annoying and difficult as you need to have XQuartz installed.
Also don't be afraid to reinstall SDL2 with other options if you miss something, it shouldn't take to long.
TL;DR Just install it without any additional flags unless you discover you need something special.
I've been reading about youcompleteme plugin for VIM.
The problem is, however, that I want a setup I just can move onto my other dev platforms (OpenIndiana, FreeBSD, Linux and OS X).
Wouldn't using macvim make that somewhat difficult, moving plugin from platform to platform?
Cheers
MacVim is simply a distribution of Vim for Mac OS but most of Vim plugins are compatible with the multiples versions of Vim for the different OS.
Still YouCompleteMe comports a compiled component so your question is legit to wonder if it will work on different OSes. According to the installation section of the Readme of the project, YCM can be installed on OSX, Linux and FreeBSD with a plugin manager like Vundle. (I really don't know OpenIndiana and it isn't mentioned on the Readme page so I can't say if you'll have a problem with this one)
One point you should take care is that if you update the plugin and the compiled component has changed you'll have to recompile it but it doesn't happen that often and you should get a warning at the update.
TL;DR This shouldn't be an issue to use YCM on most of the common OSes but when updating remember that you might need to recompile the compiled component sometimes.
Hi stackoverflow community!
I am about to start developing patches for FreeBSD Ports Collection (pkgng utility) using C programming language.
The problem is that I am using Mac OS X and I am really do not want to switch to another operating system. I have installed Freebsd 9.0 on Parallels Desktop VM. Xcode 4.1 seems to be rather nice development tool for C.
Is it possible to implement development for FreeBSD via Xcode 4.1? How to set up project environment for such form of development and compile source for FreeBSD?
I am also opened for any other suggestions concerning cross-platform development using MacOS X to develop patches for FreeBSD. Which is the best way to organize all necessary stuff?
Since you want to develop patches for pkgng, I would strongly suggest that you compile and test the code on FreeBSD, because it is the only system that uses the ports and packages system that pkgng interfaces with. So unless it can cross-compile for FreeBSD, using any OS X IDE is probably not a good idea.
I'm not familiar with Parallels, but there is probably a file-sharing mechanism that you can set up between OS X and the FreeBSD running in the VM. That way you can edit your files on OS X and use them under FreeBSD.
X Code is really nice, and I would lean toward using it but then doing regular builds on a system actually running FreeBSD. If you have source for everything you're using (except standard libraries whose interfaces match), there is no reason not to work on OS X with Xcode. You can build your own libraries if need be. One thing writing cross platform does (provided you regularly build on the other platform) is make your code more portable. It's easier to avoid using platform specific "extensions".
The OSX command line tool nettop (I think it was added with Lion) can display per app network throughput without requiring root privileges. I browsed through the Darwin source code on http://www.opensource.apple.com/ but couldn't find it's source code. Is it open source at all or did I just missed it. Incase the source is not publicly available, does anyone have an idea via which api nettop is getting its data?
nettop is open source only in its BSD version, but Apple's version uses their private NetworkStatistics framework (new in Lion) so I doubt you will find the sources since Apple tends to not release private code.