While it is possible to create an IPPROTO_DIVERT socket and bind a divert port successfully, I couldn't find any command piece neither in pf manuel page nor in the web for diverting packets like divert-to, divert etc.
My questions:
Is packet divert mechanism still active in Sonomo ? If so, what is the correct rule syntax for PF for diverting packets on a specific port?
Post
Replies
Boosts
Views
Activity
Hi,
I'm trying to test the NetworkingDriverKitSampleApp at https://developer.apple.com/documentation/networkingdriverkit/connecting_a_network_driver for a while but I couldn't reach the final steps described in the documentation.
My setup: Xcode 15.4, MacBook Pro M3 with Sonoma 14.5, SIP is disabled.
I prepared the required provisinning profiles with required entitelements.
Dext and app builds successfully. Build path starts with "/Applications".
"Install Dext" operation is successful without any error after allowing necessary permission.
However, neither System Settings shows any new enXX interface, nor ioreg command shows a registered service while "systemextensionctl list" shows the expected result as a com.apple.system_extension.driver_extension record with [ activated enabled ].
I repeated the same steps for "Driver Kit Sample" at https://developer.apple.com/documentation/driverkit/driverkit_sample_code, "Install Dext" step succesful but "Communicate With Dext" results in "Driver is not connected" message. Similar to previous project, ioreg doesn't show any service for the dext while systemextensionctl lists [activeted enabled]. I also test an updated version of DriverKitSample at https://github.com/DanBurkhardt/DriverKitUserClientSample, which reproduced the same results.
Finally, my device experiences seldom crashes after passing sleep state when the dext remains installed; where crash report points "IOReg".
Is there any lacking steps on Apple documentation for Sonoma 14.5 or XCode 15.4 versions?
Thanks.
Hi,
I'm trying to test "https://developer.apple.com/documentation/networkingdriverkit/connecting_a_network_driver" on MacBook Pro M3 with 14.5 Sonoma, XCode 15.4, SIP is disabled.
Build steps are succesful, after running App, "Install Dext" is succesful, there is no error in XCode; "systemextensionctl list" show a record for "com.apple.system_extension.driver_extension" with [ activated enabled ] tag.
But, "ioreg" doesn't show any service for the dext; and no new interface with name "enXX" appears in System Settings in contrast to what the document describes. In addition, seldomly my device experiences crash when the dext remains installed where crash report points "IOReg" function.
I tried also Driver Kit Sample ( https://developer.apple.com/documentation/driverkit/driverkit_sample_code ) and a github project based on this sample having last commits 9 months ago. However, Dext installation reveals similar behavior and "Communicate with Dext" step is unsuccessful with the message "Driver is not connected".
Is there an updated version of Networking Driver Kit documentation to reach a running sample app for Sonoma 14.5?
Thanks.
Hi,
I'm responsible for extending my company's Firewall application with MacOS support. The easiest and fastest way requires a simple API similar to netmap/nfq in Unix/Linux systems or NDIS/WinDivert in Windows platform where
All network traffic passing NIC's or WiFi adapter should beforwarded to our FW application,
FW application should process the raw packets with its own connection tracking mechanism, modify them if needed, generate new ones if needed,
FW application should inject forwarded or new packets to continue their ways.
In other words, the required API should stand between NIC/WiFi driver and networking stack and allow packet manipulation. My questions follow:
I can't decide on which method to focus further, throughout three alternatives;
kext - It can satisfy the requirements, but deprecated, difficult to progress and have no guarantee to be applicable in future versions of MacOS, am I right ?
networkingdriverkit - It can satisfy the requirements, am I right ?
networkextension - can it satisfy the requirements? Also there is a serious performance problem as mentioned in https://developer.apple.com/forums/thread/757071.
Can anyone help me to decide on the most proper method for?
Thanks.