Is this reasonably possible?

Discussion in 'Mac Programming' started by Macula, May 27, 2010.

  1. Macula macrumors 6502

    Macula

    Joined:
    Oct 23, 2006
    Location:
    All over the place
    #1
    Like many crazy ideas, this one originates in a longstanding wish of mine: To be able, independently for each application running on my system, to determine whether that application will channel its internet traffic through a proxy server or not.

    For some inexplicable reason, very few apps out there provide their own, "local" settings. Most rely on the global OS settings (under System Preferences > Networking). OmniWeb and DevonAgent, for instance, are two tools that lack this capability, and I find that to be a glaring omission. Numerous users share this view on the forums.

    So, here's an idea: Would it be possible to create a "wrapper" application which would "hijack" the internet traffic of a given application and route it via a proxy server, overriding the global OS setting? Would this be feasible via Cocoa APIs or would it require some dark programming magic?

    Thank you.
     
  2. robbieduncan Moderator emeritus

    robbieduncan

    Joined:
    Jul 24, 2002
    Location:
    London
    #2
    If it's possible the latter. Cocoa is for high-level GUI programming, not low level system hackery.
     
  3. Cromulent macrumors 603

    Cromulent

    Joined:
    Oct 2, 2006
    Location:
    The Land of Hope and Glory
    #3
    You could write a kernel extension which interrupts all packets before they reach the networking device and do what you want with them then but that's pretty advanced stuff. You'll be using C for it too because Apple do not provide any Objective-C interfaces for kernel stuff as far as I am aware.

    I don't think there is a method to capture all traffic to and from the networking layer in user land code. At least not a reliable one.
     
  4. philips macrumors regular

    philips

    Joined:
    Oct 14, 2004
    Location:
    Baden-Württemberg, Germany
    #4
    One doesn't need kernel extensions to intercept traffic. Mac OS X has extension similar to some BSDs which allows a plain process to intercept all packets for a protocol like TCP or UDP. Check raw sockets documentation.

    Yet the packets are coming from TCP/UDP/IP layer, as if prepared to be passed to the network adapter, and unless one implements custom TCP it would be very burdensome to redirect the traffic somewhere else.

    Under Linux I did once a proxy server which was using a hack to find from client socket information a PID of the process. From PID I could derive the process name and take special actions (I used Perl+CPAN libraries to implement the proxy which was my own ad/flash blocker). That required root privileges.

    If there is something similar to Linux' procfs under Mac OX X - or any other way to map socket information back to a local process - then the trick could be used here too. Write a custom proxy (check free libraries to reuse or existing proxies to hack) to run locally, configure your Mac to use it. When new connection comes, identify the process and depending on the process either go directly to the net or pass the connection to another proxy.
     
  5. Catfish_Man macrumors 68030

    Catfish_Man

    Joined:
    Sep 13, 2001
    Location:
    Portland, OR
    #5
    Isn't this basically how GlimmerBlocker works?
     
  6. Macula thread starter macrumors 6502

    Macula

    Joined:
    Oct 23, 2006
    Location:
    All over the place
    #6
    Many thanks to everyone for the useful responses.

    Philips, that was an encouraging post :) I will explore the avenue you suggest. Thank you.
     

Share This Page