How to find a certain socket?
Taras Danko
gortaur at gmail.com
Thu Sep 21 11:29:47 PDT 2006
2006/9/21, Robert Watson <rwatson at freebsd.org>:
>
>
> What are you trying to do, exactly?
>
The idea is the following: I have a module which replaces the "socket"
system call with my own "extended" socket syscall which adds some
restrictions for "socket" callers. After my module is kldloaded - some
processes/users/domains become restricted in creation of some type of
TCP/UDP sockets. This part is quite obvious. But I also want to handle
the situation when a restricted process has created a sockets _before_
my module was loaded. So I want to close its sockets so the process
will have to recreate them passing through my restriction policy this
time.
> > And the second question: whats the correct way to close the socket which was
> > found?
>
> I'm not sure there's really a "correct" way to go about ripping a socket out
> from under an application. tcpkill does the next closest thing, which is to
> simulate a RST on the TCP connection and force it to close, which is
> propagated up the stack in a way the application will understand.
As I understand, RST will take effect only for the client side
sockets but the server side "listening" socket still will be alive
awaiting for another connections. And I want to be able to close
sockets of both server and client types (sure if they were created by
my restricted process mentioned above).
Taras Danko
--
contact me:
email: gortaur at gmail.com
icq: 166956956
More information about the freebsd-hackers
mailing list