Post

Replies

Boosts

Views

Activity

Reply to Endpoint Security and Vnode_lookup
We are looking at vnode_fsnode of the vnode if that is what you are asking. We use this value to get smb_node to check if the offline bit is set or not. Any other alternative for this will be highly useful for us. We are blocking apps based on this value. Since this value will be able to be fetched only from the kernel, is it possible to have a kernel extension just for this purpose and do the blocking from the endpoint security side?
Mar ’21
Reply to Inbound Connections not getting identified as flow in Network Extension Content Filter
Hi Matt, As I mentioned before I did try that first and then only went for the generic condition. It was not working when I gave a specific port number and only inbound connections as the filter rules. So I decided to go for a generic condition to check if at least I am able to receive an inbound flow. But unfortunately I am not receiving any inbound flows. Thanks
Apr ’21