MAC Framework, Socket information
s
s at samu.pl
Thu Jul 28 19:26:16 UTC 2011
Hi,
I need to get some info about the socket being created by the user.
What I want to do is log all TCP/UDP outgoing connections that are being
made. I *need* to get the local and remote address, as well as the local
and remote port. I managed to get all of the remote data, but this is
useless to me, if I haven't got the local port. Here is what I have
already written:
static int slog_socket_check_connect(struct ucred *cred,
struct socket *socket, struct label *socketlabel,
struct sockaddr *sockaddr)
{
if(sockaddr->sa_family == AF_INET) {
struct sockaddr_in sa;
log(LOG_SECURITY | LOG_DEBUG, "Somebody made a socket:
%d:%d (%d)\n",
cred->cr_ruid,
ntohs(((struct sockaddr_in*)sockaddr)->sin_port),
ntohs(((struct in_endpoints*)sockaddr)->ie_lport)
);
}
return 0;
}
--
Pozdrawiam,
Jakub 'samu' Szafrański
More information about the freebsd-hackers
mailing list