Post not yet marked as solved
Hi guys,I tried same thing and faced similar issue. Could you help on how it is solved??I tried starting a new discussion but it is stuck at "waiting on moderator approval" from last couple of days.
Post not yet marked as solved
I was just looking into "Packet Tunnel Provider" and "App Proxy provider".As my current kext works on per packet, I think Packet Tunnel Provider can be an approach forward but not sure exactly how.So my idea here is,1. My system extension will get the packets from kernel using NEPacketTunnelProvider2. Then instead of sending the packets to some external VPN server, I can send to my local server which will another application responsible for mentioned caching.3. After the caching and modification is done, I will forward new data to its original destination.I am developing this for macOS.Quinn, is it something that seems possible for my case? Any restrictions that I should be aware of?or there is "Transparent Proxy" also, I still have to go through it. Just wanted to understand which will be better to use.
Post not yet marked as solved
Hi, Any updates on this?Really looking for some pointers as need to get it done before 10.16 which is going to deprecate my current kext.
Post not yet marked as solved
Thanks for the reply.Could you point me to some types which I can start exploring for this purpose.Basic functionality of my software is to avoid duplication by caching the network data and only send what is new and refrences for cached data. For this purpose my extension have to consume the packet which will indicate that now we are responsible for the packet and we will in turn send new data which will be understood by destination. This functionality is present in kext but i am not able to find how to do it in system extensions.Please point me to some refrences which can be used to achieve mentioned functionality in system extensions.
Post not yet marked as solved
| If you mean forwarding a packet that has been altered from the NEFilterPacketHandler then I would recommend against this. | This could have negative impacts on the packet's routing and the likelihood of the packet to reach it's destination.When I say altering the data, I meant actual data and not headers and other routing info. Also even if we change the header it will be intentional.We already have a software which does this using kexts. In that we get the entire mbuf and work on that. It is a filter driver software.What I want to understand is how can I implement the same functionality using system extensions.| Also, you will want to be careful here as performing any computation can have a performance impact on your network speeds.Yes understood. Thanks for pointing it out. We are ok with any impacts on network speed due to this.
