Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: [launchd] Creating a basic firewall
Operating Systems OS X (Apple) [launchd] Creating a basic firewall Post 302375163 by ASGR on Thursday 26th of November 2009 05:47:21 PM
Old 11-26-2009
Thanks.

That was going to be an alternative solution to the preferable
of letting launchd handle the whole process but I couldn't find a
way for launchd to detect when a socket was 'created' for it to
down the connection or execute a script.

I would have to shift the whole process to bash and run the script
in daemon mode using, as someone suggested, lsof or dtrace. I did
look into both those binaries but the output from them would have
been too much to parse.

I was thinking of using the 'WatchPath' or 'QueueDirectories' to
monitor the /tmp directory, but I don't know if the socket name
file would be consistent.

Also, I 'll email the dev team to see if I'm missing something
or if they will consider it for a future release. In the mean time,
I'll have to consider a purpose built binary like snort.

A.
 

5 More Discussions You Might Find Interesting

1. OS X (Apple)

interval in a launchd script

Hi, i'm planning a to automate my backup with a rsync user deamon in my launchd and let that run every 2 hours. my server contains a lot of video data which can expand rapidly , up to 1TB, in an interval of 2 hours. now i'm wondering what will happen when a rsync is running longer then the... (1 Reply)
Discussion started by: wessel
1 Replies

2. Programming

Creating a basic UNIX shell script for chatting

Hey guys, This is quite simply what I'm trying to make: A program that runs in a UNIX terminal that you can output text messages to from another machine. These text messages would be prepended with a customized prompt. I'd also like to have the window spew out random dumps of flavor text not... (1 Reply)
Discussion started by: AcerAspirant
1 Replies

3. UNIX for Dummies Questions & Answers

Launchd-owned processes unexpected behavior

Ok, so I have been struggling with this for a few days and I think I need an explanation of a few things before I go any further. I'm not sure it's possible to do what I'm trying, so before I pull my hair out, here is what I'm doing: I have written a program in LiveCode that sits on our... (2 Replies)
Discussion started by: nextyoyoma
2 Replies

4. Shell Programming and Scripting

Expect command when triggered by launchd

Hi folks, Im having trouble with an expect command in a shell script I use to back up mac os x servers. This one is being run on a 10.8.2 Server as part of a larger bash script. The script executes perfectly all the way through when triggered on the command line, but when launchd triggers it at... (4 Replies)
Discussion started by: rowie718
4 Replies

5. IP Networking

iptables nat/masquerade - how to act as a basic firewall?

edit: SOLVED - see below for solution Hi there, I've inherited a gob of Linux hosts and so am learning linux from the bottom of the deep end of the pool (gotta say I'm warming up to Linux though - it's not half bad) Right now iptables is confusing me and I could use some pointers as to how... (0 Replies)
Discussion started by: Smiling Dragon
0 Replies

LEARN ABOUT MOJAVE

launch

launch(3)						   BSD Library Functions Manual 						 launch(3)

NAME

     launchd APIs -- interfaces for interacting with a launchd job.

SYNOPSIS

     #include <launch.h>
     #include <servers/bootstrap.h>

     kern_return_t
     bootstrap_check_in(mach_port_t bp, const name_t service_name, mach_port_t *sp);

     int
     launch_activate_socket(const char *name, int **fds, size_t *cnt);

DESCRIPTION

     A launchd(8) job may have resources that are held on behalf of it while it is not running to facilitate launch-on-demand. These interfaces
     allow for the job to retrieve these resources as part of its initialization.

     Currently supported resource types are XPC listener connections, Mach ports, and sockets. Use of XPC with launchd(8) is documented in the
     xpc(3) family of manual pages.

MACH PORTS

     The bootstrap_check_in() routine allows for a launchd(8) job to retrieve the receive right to a Mach port that launchd(8) has created on
     behalf of the job.  launchd(8) creates this port and advertises it in the appropriate Mach bootstrap namespace by parsing the MachServices
     entry of the job's launchd.plist(5).  The first argument to bootstrap_check_in() should always be the bootstrap_port() global. The second
     argument should be the name of the service whose port you wish to retrieve, as specified as an entry in the job's MachServices dictionary.
     The final argument, upon successful return, will be the name of the receive right corresponding to the port that launchd(8) had advertised in
     the bootstrap namespace.

     If the job closes the receive right to the port with mach_port_mod_refs() or exits, the receive right obtained by this routine will be send
     back to launchd(8) rather than being closed. This allows launchd to resume advertising the same port in the Mach bootstrap namespace and
     frees clients from the need to re-query for the send right to that port when the job dies.

SOCKETS

     The launch_activate_socket() routine allows a launchd(8) job to retrieve a set of file descriptors corresponding to a socket service that
     launchd(8) has created and advertised on behalf of the job by parsing the Sockets entry in the job's launchd.plist(5).  The first argument
     should be the name of the socket entry as specified in the launchd.plist(5).  The second argument, upon output, will point to an array of
     integers whose count is filled into the third argument upon success. This array represents all the sockets that launchd(8) created corre-
     sponding to the entry in the job's Sockets dictionary. Depending on the properties specified, a single Sockets entry may have multiple
     descriptors created for it (one for IPv4 and one for IPv6, for example). This array is allocated on the heap, and it is the caller's respon-
     sibility to call free(3) to dispose of the memory when it is no longer needed.

RETURN VALUES

     If launch_activate_socket() succeeds, zero is returned. In the event of failure, a non-zero POSIX-compatible error code indicating the nature
     of the error is returned. This error may be decoded with strerror(3).

     If bootstrap_check_in() succeeds, KERN_SUCCESS is returned. In the event of failure, a non-zero error code that may be decoded with
     bootstrap_strerror().

ERRORS

     bootstrap_check_in() will fail if:

     [BOOTSTRAP_UNKNOWN_SERVICE]
			The Mach service name specified does not exist in the caller's launchd.plist(5).

     [BOOTSTRAP_SERVICE_ACTIVE]
			The specified Mach service has already been checked in by the job.

     launch_activate_socket() will fail if:

     [ENOENT]		The socket name specified does not exist in the caller's launchd.plist(5).

     [ESRCH]		The calling process is not managed by launchd(8).

     [EALREADY] 	The specified socket has already been activated.

SEE ALSO

     xpc(3), xpc_connection_create(3), socket(2), launchd(8), launchd.plist(5).

Darwin								  31 March, 2014							    Darwin
All times are GMT -4. The time now is 07:33 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy