Date: Thu, 28 Jul 2011 21:26:14 +0200 From: s <s@samu.pl> To: <freebsd-hackers@freebsd.org> Subject: MAC Framework, Socket information Message-ID: <86304693fe3634eeb038db14bdee8779@samu.pl>
next in thread | raw e-mail | index | archive | help
Hi,
I need to get some info about the socket being created by the user.
What I want to do is log all TCP/UDP outgoing connections that are being
made. I *need* to get the local and remote address, as well as the local
and remote port. I managed to get all of the remote data, but this is
useless to me, if I haven't got the local port. Here is what I have
already written:
static int slog_socket_check_connect(struct ucred *cred,
struct socket *socket, struct label *socketlabel,
struct sockaddr *sockaddr)
{
if(sockaddr->sa_family == AF_INET) {
struct sockaddr_in sa;
log(LOG_SECURITY | LOG_DEBUG, "Somebody made a socket:
%d:%d (%d)\n",
cred->cr_ruid,
ntohs(((struct sockaddr_in*)sockaddr)->sin_port),
ntohs(((struct in_endpoints*)sockaddr)->ie_lport)
);
}
return 0;
}
--
Pozdrawiam,
Jakub 'samu' SzafraĆski
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86304693fe3634eeb038db14bdee8779>