Communication between kernel and userspace via local socket

Julian Elischer julian at
Sat Nov 19 09:02:51 UTC 2011

On 11/17/11 11:40 AM, Maxim Ignatenko wrote:
> Julian Elischer wrote:
>> On 11/16/11 12:55 AM, Ed Schouten wrote:
>>> * Maxim Ignatenko< at>, 20111115 21:18:
>>>> I'm currently inventing the wheel^W^W^Wwriting a firewall from scratch and
>>>> looking for most convenient way to establish communication between
>>>> userspace processes and kernel part. Communication pattern best fits to
>>>> listening PF_LOCAL socket opened from kernel and userspace processes
>>>> connecting to it.
>>> What's wrong with a character device?
>> you can't easily have a different character device depending on which
>> jail you are in..
>> (well, you can but it gets tricky).. see the problem with /dev/pflog
>> and vimages.
>> Maxim, look at the usage of sockets with netgraph ng_socket node..  also
>> divert sockets.
> Did you meant ng_ksocket? I've looked on it, but in case of ng_ksocket
> connections accepted upon receiving control message NGM_KSOCKET_ACCEPT, but I
> need to accept connections without such "punch". As far as I understand, I
> need to spawn kernel process or thread which will listen for incoming
> connections and respond to requests, just like normal network daemon does, but
> I don't know how to do this.
> divert(4) will not do the job, since packets written to divert socket goes to
> IP stack.

No I meant ng_socket..  you wanted to communicate between userland and 
that ng_socket is the interface between kernel and userland for netgraph.

I also meant, "look at how the divert sockets create the sockets", not 
that you should use divert.

ng_ksocket is something else.

More information about the freebsd-hackers mailing list