![]() ![]() These modules can monitor and modify network traffic, and can receive notification of asynchronous events from the driver layer, such as interface status changes.Įach of the networking KPI mechanisms performs a specific task. NKEs allow you to create modules that can be loaded and unloaded dynamically at specific positions in the network hierarchy. ![]() Little Snitch uses a network kernel extension to intercept network traffic. Is this rule written correctly to achieve what I would like to achieve? Has anyone else attempted something like this using PF? This is causing the app to hang while it waits for the connection attempt to timeout. It seems to be blocking the packets properly, but instead of returning an RST packet, it is silently dropping the outgoing packets. It should block only TCP packets to that IP and reply with a RST packet. From what I've read, the following rule should be correct: block return-rst out quick on en0 inet proto tcp from any to xxx.xxx.230.191 However, I'm running into some problems blocking outgoing connections. I've been using IceFloor to modify the PF configuration to block incoming connections with great success. I find their asking price too high, and the built in firewall should be able to do the trick. However, this is not a viable solution for me. I understand that a commercial utility like LittleSnitch would make this a trivial endeavor. I am looking to use Lion's built in PF firewall to achieve this. I would normally add the reporting server's hostname to /etc/hosts, but the app does not perform a DNS lookup and connects directly by IP. I am running an application that regularly phones home and reports a little more information than I'm comfortable with. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |