On Windows, it's possible to program an LSP service on top of Winsock which provides the ability to do a lot of manipulation/etc. with networked applications. For instance, some anti virus applications register an LSP and analyse network traffic that way. Is there a friendly way to accomplish the same sort of thing on OSX?
IPFW (same/similar to IPFW in other BSDs) is the Mac OS X firewall: http://developer.apple.com/mac/library/documentation/Darwin/Reference/ManPages/man8/ipfw.8.html
Depending on what you're after you may want to look into using divert:
http://blog.loudhush.ro/2008/06/using-divert-sockets-to-log-http.html
http://developer.apple.com/mac/library/documentation/Darwin/Reference/ManPages/man4/divert.4.html
Related
Is there any way to allow only specific devices to connect a computer through MTP protocol in Macos as well as Windows and block the rest. Thanks in advance.
Since Windows and OS X are very different OS, there will be no uniform way to manage MTP devices on each of them.
For the Windows system I recommend you to investigate filter drivers.
For the OS X there is no default way to use devices through MTP, so you should decide what exactly users interactions you want to filter out, and then decide to block some library using or maybe write a kernel extension that will be filter out access to some /dev/xxx node.
I want to monitor packets on specific ports in Mac OS X. Being able to read their contents and sometimes changing their contents (if possible). I was wondering if it's possible by writing a KEXT or can I do this in an application and showing results instantly. I would appreciate any information on libraries and approaches I can use to achieve this.
"Monitor packets" in what sense?
If you mean "watch what packets to or from specific TCP or UDP ports are sent" or "what packets are sent or received on particular network interfaces", you would use the pcap library, just as on other UN*Xes. libpcap/WinPcap is the library that Wireshark - and tcpdump - use; on OS X, the underlying kernel mechanism it uses is BPF (the Berkeley Packet Filter), which is built into XNU (it is open-source - see the bsd/net/bpf.c and bsd/net/bpf_filter.c files, and the header files they include, in the XNU source) and doesn't require a kext. (Wireshark does not have its own kext; it uses libpcap/WinPcap so that it can work on Linux and OS X and *BSD and Solaris and HP-UX and AIX and Tru64 UNIX and IRIX and so on, as well as on Windows if WinPcap is installed, so, on OS X and *BSD, it ultimately uses BPF.)
Libpcap/WinPcap doesn't, except on Linux, allow you to capture on all interfaces with one "handle"; you would have to use pcap_findalldevs() to find all the currently-available interfaces, and then open separate handles for each of them. If by "ports" you mean "network ports", so that one "port" is your Ethernet port and another is your Wi-Fi adapter, you'd have to individually open all the "ports" on which you want to capture.
If by "ports" you mean TCP or UDP ports, and you only want to watch traffic to or from particular ports, you'd have to specify a "filter" expression, translate it to "BPF code" with pcap_compile(), and then make it the filter for a particular libpcap/WinPcap handle with pcap_setfilter().
If you want to use a Cocoa wrapper for pcap, a Google search I did a while ago found packetsniffer and CapKit; I have not used either of those, so I can't recommend one or the other.
Have you seen Apple's overview documentation on Network Kernel Extensions? That should get you started.
The downloadable source code for this book also contains a few packet filtering example NKEs at various levels of the network stack. (The book of course also explains this stuff in some detail in chapter 13)
You also may be able to re-use an existing open source kext for pure monitoring: The Wireshark application already does this, and you should be able to hook into its kext. For actually modifying the packet stream, you will probably have to do that purely in the kernel.
Because OS X and iOS are Unix and Objective-C is C, the answer is, "the same way you do it on Unix in C" - Cocoa is high-level and what you want to do is low level. I can't find the question on SO but someone suggested looking at the source for MenuMeters as an example of network monitoring.
I'm running a Core Duo Macbook pro and I'm trying to emulate a 3G connection for connected devices via wifi internet connection sharing. I've tried a few options (e.g. speedlimit) but they only impact the macbook's browser and not the connected devices. Are there any other options out there? I'm running leopard as anything more modern overheats the system.
I have a T60 as an alternative, but the intel 3935abg chipset isn't supported by any windows 7 VirtualMiFi tools, and I need to connect Android devices to this network.
I found this very useful tool for testing various types of connection.
Slowy app: http://slowyapp.com/
It has some preset (56K, EDGE, 3G, LTE and DSL) but allows you to set various parameters to limit the network traffic to a specified destination port or interface.
I recommend everyone to try it.
You are in luck - your version of OSX should still support IPFW; so one can do
sudo ipfw pipe 1 config bw 15KByte/s
sudo ipfw add 1 pipe 1 src-port 80
to cut down anything, in above example for port 80. Be sure to make the rule cover the traffic going through your mac. See http://intrarts.com/throttled.html
or http://www.hanynet.com/waterroof/ for friendlier tools.
Beyond Leopard - you want to look at pfctl. http://blog.segment7.net/2009/07/27/bandwidth-limiting-with-pf-and-altq and http://www.openbsd.org/faq/pf/queueing.html are good starts. Note though that by default you cannot use ALTQ (it is not in the default OSX kernel).
I have some code that using UNIX sockets. But I need to compile it for winodws(using mingw32 on mac os x) but I don't want to use winsock because I'm worried about compatibility! Is there is a way to use UNIX sockets on windows?
If you stick to the BSD API that Winsock provides then you wont have that many problems. A small amount of start up and shutdown code will be Windows specific but most of the socket code will be cross platform.
I'd suggest looking into cygwin (http://www.cygwin.com/), they make every effort to be compatible. However, I have no idea how you would cross-compile for that environment on Mac OSX.
I need to write an app on Mac OS X that would send remote command to Windows applications to perform some tasks. The computers will be sitting on the same subnet and the Mac and Windows computers all have a fixed IP.
The data sent over really are just some string or boolean parameters so that the Windows app can perform specific tasks.
Someone will be writing the Windows app and I will be writing the Mac app.
I can find in the developer's doc about Mac to Mac communication, but nothing about what I need.
What's the best way to achieve this? What protocol is best suited for this?
Take a look at the Bonjour SDk for Mac and Windows: http://developer.apple.com/opensource/
There are (at least) two separate problems here:
#1 is how you discover the other app. Bonjour is one possibility, as is a local broadcast, as is explicitly configuring the hostname of the peer
#2 is how you talk to the other machine once you find it. For that part, I would suggest:
a) use TCP instead of UDP (in most cases), so you don't have to worry about retransmissions & sequencing
b) rather than inventing your own client-server protocol on top of TCP, use an existing one. I hear there's something called "HTTP" that's starting to catch on...
Could you just use UDP to broadcast a message out to the network? Your apps (regardless of whether they are running on Mac or Windows) can listen for the message and process them as needed.