In my MacBook Pro, I have one "c++ application in user space, one kernel module and IOKit interface between them to exchange messages. I have some hook functions for network operations APIs like socket(), connect(). If any network operation performs, I catch them in hook functions and I will perform policy evaluations on them in kernel and will perform my own actions.
Now I want to remove hook functions in kernel and I want to catch network operations using content filters in my c++ application at userspace. Once I catch network operations using content filter, I want to evaluate my own polices on them and will perform my own actions based on the result.
I have done some R&D about this but not found samples on content filters in objective-c or c++ except simplefirewall example in swift language.
Anyone pls provide some samples in objective c or c++ to register network extensions, to catch all non-browser network operations, to extract local & remote address (port & ip) details.
So that I can refer the samples to get network operation details at user space in my c++ application, I will send those details to kernel using IOKit to evaluate my own rules and perform my own actions.
Thanks.