10.6 Snow Leopard PowerPC Development

[ChrisCharman]

All of those files were already the same on my disk as on the Alpha5 disk image, all ppc (verified by rsync) except for tclsh8.4 which was linked into a framework that had an intel binary. I updated that one, no change. DNS still doesn't work without utdns and the Network Browser shows nothing.

If you have both images, compare /bin, /sbin, /usr/bin, /usr/sbin and /usr/share on your system vs the build I shared. I’m at work currently so can’t share specific paths to all the changes off the top of my head.

Could you also please verify binary compatibility using ‘file’ and or ‘otool’ instead of rsync?

Seen you’re using ethernet on a G4 iMac6.3. If all files are identical to those on machines that have confirmed working internet functionality then it could also be a hardware driver issue requiring another kext from 10.5.8 specific for that machine.

 

[atester2001]

If you have both images, compare /bin, /sbin, /usr/bin, /usr/sbin and /usr/share on your system vs the build I shared. I’m at work currently so can’t share specific paths to all the changes off the top of my head.

Could you also please verify binary compatibility using ‘file’ and or ‘otool’ instead of rsync?

Seen you’re using ethernet on a G4 iMac6.3. If all files are identical to those on machines that have confirmed working internet functionality then it could also be a hardware driver issue requiring another kext from 10.5.8 specific for that machine.

I installed from the Alpha5 image onto an external firewire drive and networking is working, DHCP, DNS, etc.
I'll do a comparison to see what is different.
I can browse from the Connect to Server finder option now and I see my shares both samba and appletalk on linux. I can't connect to any of them without an error.
I CAN connect from the command line using nfs.
mount_nfs server:share /localmountpoint
It's very slow to run that command, a couple of minutes but when it finishes the share is mounted and I can copy from it.

 

[ChrisCharman]

That’s great! There are many things that can block ports if they’re not functioning correctly. If you don’t resolve the issue by synching your system to reflect Alpha 5 please share your console logs for review.

 

[atester2001]

That’s great! There are many things that can block ports if they’re not functioning correctly. If you don’t resolve the issue by synching your system to reflect Alpha 5 please share your console logs for review.

It looks like it was in /Library somewhere. Still trying to track it down.

 

[atester2001]

I figured out how to get around the massive time it takes to mount a nfs share, playing around with the options.
I'm connecting to a debian bookworm nfs share.
mount_nfs -orw,soft,nfsvers=4.0alpha,tcp,rsize=8192,wsize=8192 serverdnsname_or_ipaddress:/sharepath mountpath
It's VERY fast reading, not so fast writing but it works. I haven't tried to track down the reason for the read/write performance issue yet.
The main thing that made a difference in the mount time seems to be the nfsvers=4.0alpha option.
Still no luck with SMB.

 

[atester2001]

A couple of odd things, I see in the firewall log a block on a connection from the NFS server to my Mac. Origin TCP port 703, destination port 49158. I can't figure out what's going on, what's listening to 49158 on the Mac.
netstat -an shows the port being listened on but lsof -iTCP won't show what's listening on it.

The other issue is a continuous entry into the system log and console log (every second) which appears to be coming from launchd like it's failing to launch something but I've not figure out what that is.

 

[ChrisCharman]

Have you tried using lsock?

I have a link in the tools table of the wikipost:

Spoiler: “Tool Table”

Tool	Hyperlink	Description
psx	…	An extended ps-like command which can display detailed information about processes and threads in OS X. The tool requires no special permissions if when viewing processes owned by the user, but will require root permissions otherwise. This tool is free and open source.
Jtool	Download	While for most binary functions one can use the OS X built-in otool, it leaves out useful information when analysing the data section. Jtool improves on otool, by addressing the shortcomings of otool, and offers useful new features for static binary analysis. The tool has many useful features, like finding references in files and limited disassembly functionality. The tool is freeware but is closed source.
lsock	Download	The functionality of netstat -o, which shows the processes owning the system sockets is missing in OS X. The tool uses an undocumented kernel control protocol called com.apple .network.statistics to obtain real-time notifi cations of sockets as they are created. This tool is easy to incorporate into scripts, which makes it useful as a connection event handler.
BatchMod	…	BatchMod allows you full control over permissions within a simple and easy to use GUI.
​ GDB	…	GDB, the GNU Project debugger, allows you to see what is going on `inside' another program while it executes -- or what another program was doing at the moment it crashed.

​

 

[atester2001]

lsock doesn't appear to have a PPC section

 

[ChrisCharman]

A couple of odd things, I see in the firewall log a block on a connection from the NFS server to my Mac. Origin TCP port 703, destination port 49158. I can't figure out what's going on, what's listening to 49158 on the Mac.
netstat -an shows the port being listened on but lsof -iTCP won't show what's listening on it.

The other issue is a continuous entry into the system log and console log (every second) which appears to be coming from launchd like it's failing to launch something but I've not figure out what that is.

Can you share the output of the launchd log please?

 

[ChrisCharman]

lsock doesn't appear to have a PPC section

Oh! I may have linked to the wrong version…

How about this one?

 

[atester2001]

Can you share the output of the launchd log please

It doesn't seem to producing a runtime log. There is only a shutdown log for it.

 

[atester2001]

Oh! I may have linked to the wrong version…

How about this one?

That download link does weird things on tenfourfox and curl and wget, it just gives an html page.
When I try to extract a url from it I still get a x86_64 and arm64 fat binary

 

[ChrisCharman]

That download link does weird things on tenfourfox and curl and wget, it just gives an html page.
When I try to extract a url from it I still get a x86_64 and arm64 fat binary

Ok that’s annoying. Apologies.

I’ll try and track down the correct version and update the link.

If not i’ll try and build it as the source is available:

#include <sys/types.h>
#include <sys/ioctl.h>
#include <sys/socket.h>
#include <sys/sys_domain.h>
#include <sys/kern_control.h>
#include <net/if_utun.h>
#include <sys/stat.h>
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>    // malloc
#include <arpa/inet.h> // inet_ntop

#include <string.h>
#include <syslog.h>
#include <unistd.h>
#include <netinet/in.h>
#include <time.h>
#include "lsock.h"

#include <ncurses.h>

int wantCurses =1;
int wantUDP = 1;
int wantListen = 1;
int wantTCP = 1;
int wantColors = 1;
int wantRefresh = 1;

/**
  * lsock.c : A TCPView inspired netstat(1)-clone (in text mode) for OS X/iOS
  *
  * Coded by Jonathan Levin - but may be freely distributed (not to mention improved!)
  *
  *
  * Arguments: "nc" - disable full-screen (will automatically disable curses if piping output)
  *            "tcp" - start in TCP-only mode
  *            "udp" - start in UDP-only mode
  *
  *
  * Commands for full screen mode: 'T' - TCP, 'U' - UDP, 'L' - Listeners, 'C' - Colors
  *
  * Possible improvements (which I may actually get to, if I have the time/space)
  *
  *    - GUI: Make this more like Windows' TCPView and Procmon
  *    - Remote monitoring
  *    - Periodic polling on sources: Currently only when a source notification is received do
  *      I poll its description
  *    - Add routing provider (prov #1)
  *    - Show provider statistics, too
  *
  * BUGS: When not filtering on TCP and/or UDP, sometimes not all sockets show. Need to fix that
  *       On iOS6, you need to kill UserEventAgent; some notifications don't make it.
  *       
  *       Note: To use curses on iOS, you will need to copy over /usr/share/terminfo from OS X.
  *             If you don't, ncurses will fail on initscr() - you will need "nc" instead
  *             
  *
  */

 

int fd;
void
print_header (WantCurses)
{
    char *header = "Time     Local Addr        \tRemote Addr              \tIf\tState    \tPID   (Name)\n";
    if (WantCurses) {
    
    attrset(COLOR_PAIR(0));
     attrset(A_UNDERLINE| A_BOLD);
      mvwaddstr(stdscr, 1,0 ,header);
    attroff(A_UNDERLINE); attron(A_NORMAL);
    attrset(COLOR_PAIR(0));
    }
    else printf ("%s\n",  header);

}

int
setupSocket(void)
{
        struct sockaddr_ctl sc;
        struct ctl_info ctlInfo;
        unsigned int num = 0;
        int fd;


        memset(&ctlInfo, 0, sizeof(ctlInfo));
        if (strlcpy(ctlInfo.ctl_name, "com.apple.network.statistics", sizeof(ctlInfo.ctl_name)) >=
            sizeof(ctlInfo.ctl_name)) {
                fprintf(stderr,"CONTROL NAME too long");
                return -1;
        }
        if ((fd = socket(PF_SYSTEM, SOCK_DGRAM, SYSPROTO_CONTROL)) == -1) {
                fprintf(stderr,"socket(SYSPROTO_CONTROL): %s", strerror(errno));
                return -1;

        }
        if (ioctl(fd, CTLIOCGINFO, &ctlInfo) == -1) {
                fprintf(stderr,"ioctl(CTLIOCGINFO): %s", strerror(errno));
                close(fd);
                return -1;
        }
        sc.sc_id = ctlInfo.ctl_id;
        sc.sc_len = sizeof(sc);
        sc.sc_family = AF_SYSTEM;
        sc.ss_sysaddr = AF_SYS_CONTROL;
        sc.sc_unit = num + 1;           /* zero means unspecified */
        if (connect(fd, (struct sockaddr *)&sc, sizeof(sc)) == -1) {
                fprintf(stderr,"connect(AF_SYS_CONTROL): %s\n", strerror(errno));
        if (errno == EBUSY )
        {
           printf("Apparently some other process is using the system socket. "
           "On iOS, this is usually UserEventAgent. Kill it (-9!) and immediately start this program\n");
        }

                close(fd);
                return -1;
        }
         return fd;
}


const char *
stateToText(int State)
{

  switch(State)
    {
        case TCPS_CLOSED: return ("CLOSED");
        case TCPS_LISTEN: return ("LISTENING");
        case TCPS_ESTABLISHED: return ("ESTABLISHED");
        case TCPS_CLOSING: return ("CLOSING");
        case TCPS_SYN_SENT: return ("SYN_SENT");
        case TCPS_LAST_ACK: return ("LAST_ACK");
        case TCPS_CLOSE_WAIT: return ("CLOSE_WAIT");
        case TCPS_TIME_WAIT: return ("TIME_WAIT");
        case TCPS_FIN_WAIT_1 : return ("FIN_WAIT_1");
        case TCPS_FIN_WAIT_2 : return ("FIN_WAIT_2");

    
        default:
          return("?");
    }

} // stateToText

#define MAX_DESC 2000
char *descriptors[MAX_DESC];
int descriptorsModded[MAX_DESC];

int maxDesc = 0;


char *message = "                                          ";

void
setMessage (char *Message)
{
     message = Message;
}
void
print_descriptors()
{

    int i;
    int j = 3;


    if (!wantUDP && !wantTCP) { setMessage ( "Warning: Both TCP and UDP are filtered");}
    if (wantCurses) {
            attrset(COLOR_PAIR(0) | A_BOLD);
            mvwaddstr(stdscr, 2,0 ,message);

            attroff(A_BOLD);
            }

    if (wantCurses && wantRefresh)
    {
        wantRefresh = 0; erase();print_header(wantCurses);
    }

    for (i = 0; i < MAX_DESC; i++)
    {   
        if (descriptors[i])
        {
            // This is a quick and dirty example - So instead of mucking around with
            // descriptor data structures, I look at the text output of each, and figure
             // out from it whether or not it's UDP, or the TCP state, etc..

            if (strstr(descriptors[i], "N/A")) // UDP have a state of "N/A"
            {
                if ( ! wantUDP) continue;
                if (wantColors) {
                  if (wantCurses) { init_pair(4,COLOR_CYAN, COLOR_BLACK); attrset(COLOR_PAIR(4)); }
                 else
                    printf (GREEN);
                
                }
            }
            else // TCP (not showing route for now)
            {
                if (!wantTCP) continue;
                
                if (wantColors)
                    {
                    if (wantCurses)    attrset(COLOR_PAIR(0)); else printf(NORMAL);
                    }
                 if (strstr(descriptors[i], "ESTABLISHED") )  {
                    if (wantColors)
                        {
                    if (wantCurses) { init_pair(3, COLOR_GREEN, COLOR_BLACK); attrset(COLOR_PAIR(3));}
                    else printf(GREEN);
                        }
                    } // ESTABLISHED

                 if (strstr(descriptors[i], "LISTEN") )  {
                    if (!wantListen) continue;
                    if (wantColors)
                          {
                    if (wantCurses) { init_pair(2, COLOR_BLUE, COLOR_BLACK); attrset(COLOR_PAIR(2));}
                    else printf(BLUE);
                        }
                    } // ESTABLISHED

                 if (strstr(descriptors[i], "SYN_SENT") ) {
                    if (wantColors) {
                    if (wantCurses) { init_pair(5, COLOR_RED, COLOR_BLACK); attrset(COLOR_PAIR(5));}
                    else printf(RED);
                        }
                    } // SYN_SENT


            } // TCP
            if (wantCurses) {

              mvwaddstr(stdscr, j++,0 ,descriptors[i]);
            }
            else
            { if (descriptorsModded[i]) printf( "%s\n", descriptors[i]); }
            descriptorsModded[i] = 0;
          
            if (wantColors && !wantCurses) printf (NORMAL);
        }

    }

    clrtobot();
    refresh();
    }

char *
print_udp_descriptor (char *desc, int prov, int num)
{

   nstat_udp_descriptor *nud = (nstat_udp_descriptor *) desc;

  
   int f;

  int ipv6 = 0;
  char localAddrPrint[40];
  char remoteAddrPrint[40];
  const char *localPrint, *remotePrint;
  unsigned short localPort, remotePort;
  char timeBuf[30];
  time_t    now;
  struct tm *n;
  char *returned = (char *) malloc(1024);

  returned[0]  ='\0'; // Dont need AF_ because we have this already in the address, right?
  time(&now);
   n = localtime(&now);
  
    memset(timeBuf,'\0', 30);
  strftime(timeBuf, 29, "%H:%M:%S", n);
 // sprintf(timeBuf, "%d......", num);

   sprintf (returned + strlen(returned), "%-8s ", timeBuf);
   if (nud->local.v4.sin_family == AF_INET6) {
        ipv6++; }
  if (!ipv6)
  {
     localPort = ntohs(nud->local.v4.sin_port);
     remotePort = ntohs(nud->remote.v4.sin_port);
  }
  else {
     localPort = ntohs(nud->local.v6.sin6_port);
     remotePort = ntohs(nud->remote.v6.sin6_port);
  }
 
  if (nud->remote.v6.sin6_family == AF_INET6) {
       localPrint = inet_ntop(nud->local.v6.sin6_family,&(nud->local.v6.sin6_addr), localAddrPrint, 40);
       remotePrint = inet_ntop(nud->remote.v6.sin6_family,&(nud->remote.v6.sin6_addr), remoteAddrPrint, 40);
 
 }
  if (nud->remote.v4.sin_family == AF_INET) {
       localPrint = inet_ntop(nud->local.v4.sin_family,&(nud->local.v4.sin_addr), localAddrPrint, 40);
       remotePrint = inet_ntop(nud->remote.v4.sin_family,&(nud->remote.v4.sin_addr), remoteAddrPrint, 40);
 
 }
 
  if (localAddrPrint) {
     sprintf (localAddrPrint + strlen(localAddrPrint),":%-5hu", (unsigned short) localPort);
    if (remotePort == 0)
    {
        sprintf(returned + strlen(returned),"%-21s\t*.*                    \t        ", localAddrPrint);

    }
     else
        sprintf(returned + strlen(returned), "%-21s\t%-21s %-5hu\t", localAddrPrint, remoteAddrPrint, (unsigned short) remotePort);
 
     }
   sprintf(returned + strlen(returned), "%d\tN/A         \t", nud->ifindex);
   sprintf(returned + strlen(returned), "%-5d ", nud->pid);
   if (nud->pname[0]) { sprintf(returned + strlen(returned), "(%s)",   nud->pname );}
   else { sprintf(returned + strlen(returned), "                 ");}
 
   return (returned);

}

void refreshSrc (int Prov, int Num)
{
    int rc ;
    nstat_msg_get_src_description gsdreq;

           gsdreq.hdr.type= 1005; //NSTAT_MSG_TYPE_GET_SRC_DESC
           gsdreq.srcref=Num;
           gsdreq.hdr.context = Prov; ;//;nmsa->provider;
           rc = write (fd, &gsdreq, sizeof(gsdreq));



}
char *
print_tcp_descriptor (char *desc, int prov, int num)
{

   nstat_tcp_descriptor *ntd = (nstat_tcp_descriptor *) desc;

  
  int ipv6 = 0;
  char localAddrPrint[40];
  char remoteAddrPrint[40];
  const char *localPrint, *remotePrint;
  unsigned short localPort, remotePort;
  char timeBuf[30];
  time_t    now;
  struct tm *n;

  char *returned = (char *) malloc(1024);

  returned[0]  ='\0'; // Dont need AF_ because we have this already in the address, right?
  time(&now);
   n = localtime(&now);
  strftime(timeBuf, 29, "%H:%M:%S", n);

 //sprintf(timeBuf, "%d......", num);
   sprintf (returned + strlen(returned), "%-8s ", timeBuf);


// sprintf(returned+strlen(returned), "%d\t", ntd->sndbufused);

   if (ntd->local.v4.sin_family == AF_INET6) {
        //printf("IPv6\t");
        ipv6++; }
  if (!ipv6)
  {
     localPort = ntohs(ntd->local.v4.sin_port);
     remotePort = ntohs(ntd->remote.v4.sin_port);
  }
  else {
     localPort = ntohs(ntd->local.v6.sin6_port);
     remotePort = ntohs(ntd->remote.v6.sin6_port);
  }
 
  if (ntd->remote.v6.sin6_family == AF_INET6) {
       localPrint = inet_ntop(ntd->local.v6.sin6_family,&(ntd->local.v6.sin6_addr), localAddrPrint, 40);
       remotePrint = inet_ntop(ntd->remote.v6.sin6_family,&(ntd->remote.v6.sin6_addr), remoteAddrPrint, 40);
 
 }
  if (ntd->remote.v4.sin_family == AF_INET) {
       localPrint = inet_ntop(ntd->local.v4.sin_family,&(ntd->local.v4.sin_addr), localAddrPrint, 40);
       remotePrint = inet_ntop(ntd->remote.v4.sin_family,&(ntd->remote.v4.sin_addr), remoteAddrPrint, 40);
 
 }
 
  if (remoteAddrPrint)
    {
       sprintf (remoteAddrPrint + strlen(remoteAddrPrint),":%-5hu", (unsigned short) remotePort);

    }
    else sprintf (remoteAddrPrint, "*.*");

  if (localAddrPrint) {
     sprintf (localAddrPrint + strlen(localAddrPrint),":%-5hu", (unsigned short) localPort);
    if (remotePort == 0)
    {
        sprintf(returned + strlen(returned),"%-21s\t*.*                    \t        ", localAddrPrint);

    }
     else
        sprintf(returned + strlen(returned), "%-21s\t%-25s\t", localAddrPrint,  remoteAddrPrint);
 
     }
   sprintf(returned + strlen(returned), "%d\t%-10s\t", ntd->ifindex,  stateToText(ntd->state));
   sprintf(returned + strlen(returned), "%-5d ", ntd->pid);
   if (ntd->pname[0]) { sprintf(returned + strlen(returned), "(%s)",   ntd->pname );}
   else { sprintf(returned + strlen(returned), "                 ");}
 
   if ( strstr(returned, "CLOSED") && strstr(returned,"("))
    {
        refreshSrc(prov,num);

    }
   return (returned);

}

int
print_nstat_msg (void *msg, int size)
{
  nstat_msg_hdr *ns = (nstat_msg_hdr *) msg;
 
  switch (ns->type)
    {

       case  10001: // NSTAT_MSG_TYPE_SRC_ADDED               = 10001
         {
          nstat_msg_src_added *nmsa = (nstat_msg_src_added *) (ns);
        
         // printf("Src Added - %ld\n", sizeof(nstat_msg_src_added));
    //    printf ("PRovider: %d, SrcRef: %d\n", nmsa->provider, nmsa->srcref);
        
        return (10001);
        
        }
          break;
       case 10002: //NSTAT_MSG_TYPE_SRC_REMOVED             = 10002

        // remove this descriptor
          return (10002);
        //remove_descriptor(...)

        break;
       case 10003: // ,NSTAT_MSG_TYPE_SRC_DESC                = 10003
         {
          nstat_msg_src_description *nmsd = (nstat_msg_src_description *) (ns );
        if (nmsd->provider == 2)
        descriptors[nmsd->srcref]  =print_tcp_descriptor((char *)nmsd->data, nmsd->provider,nmsd->srcref);
        else if (nmsd->provider == 3)
         {descriptors[nmsd->srcref] = print_udp_descriptor((char *) nmsd->data, nmsd->provider, nmsd->srcref);
            }
          descriptorsModded[nmsd->srcref] = 10;

        }
          break;

           case 10004: //NSTAT_MSG_TYPE_SRC_COUNTS              = 10004
        {
        nstat_msg_src_counts *nmsc = (nstat_msg_src_counts *) (ns );
    //    printf ("RX: %d TX:%d\n", nmsc->counts.nstat_rxpackets , nmsc->counts.nstat_txpackets );

    
        } break;
    
        case 1:
        {
            if (ns->context < MAX_DESC && !descriptors[ns->context]) break;
            printf ("ERROR for context %lld - should be available\n", ns->context); break;
        }
        case 0: // printf("Success\n"); break;
        break;
       default:
        printf("Type : %d\n", ns->type);
    }
    fflush(NULL);
return (ns->type) ;
}



int main (int argc, char **argv)
{

 
 int rc = 0;
 char c[2048];
 memset (&descriptors, '\0', sizeof(char *) * MAX_DESC);
 memset (&descriptorsModded, '\0', sizeof(int) * MAX_DESC);
  fd =setupSocket ();

 if (fd == -1)
    {
        fprintf(stderr,"Unable to continue without socket\n"); exit(1);
    }
 struct stat stbuf;
 fstat(1, &stbuf);
 
 if (stbuf.st_mode & S_IFCHR) { wantColors = 1; wantCurses = 1;} else {wantColors = 0; wantCurses = 0;}
 

 int arg = 1;
 for (arg = 1; arg < argc; arg++)
    {
 if (strcmp(argv[arg], "nc") == 0) wantCurses = 0;
 if (strcmp(argv[arg], "udp") == 0) { wantUDP = 1; wantTCP = 0;}
 if (strcmp(argv[arg], "tcp") == 0)  { wantTCP = 1; wantUDP = 0;}
    }



nstat_msg_query_src_req qsreq;

nstat_msg_add_all_srcs aasreq;

nstat_msg_get_src_description gsdreq;
char ch;



if (wantUDP)
{
aasreq.provider = 3; //
aasreq.hdr.type = 1002; //NSTAT_MSG_TYPE_ADD_ALL_SRCS
aasreq.hdr.context = 3;
rc = write (fd, &aasreq, sizeof(aasreq));
}

if (wantTCP)
{
aasreq.provider = 2 ;
aasreq.hdr.type = 1002; //NSTAT_MSG_TYPE_ADD_ALL_SRCS
aasreq.hdr.context = 2;
rc = write (fd, &aasreq, sizeof(aasreq));
}



 if (wantCurses)
    {
  initscr(); cbreak(); noecho(); start_color();
 nodelay (stdscr,1);

    }


    print_header(wantCurses);

while (1) { //rc > 0) {

  if (wantCurses)
    {
        fd_set    fds;
        struct timeval to;
        to.tv_sec = 0;
        to.tv_usec = 100;
        FD_ZERO (&fds);
        FD_SET (fd, &fds);
        // select on socket, rather than read..
        rc = select(fd +1, &fds, NULL, NULL, &to);

        if (rc > 0) rc = read(fd,c,2048);

    }
  else
     rc = read (fd, c, 2048);
  // check rc. Meh.


  if (rc > 0)
   {
     nstat_msg_hdr *ns = (nstat_msg_hdr *) c;

  switch (ns->type)
   {
    case 10001:
      {
         nstat_msg_src_added *nmsa = (nstat_msg_src_added *) (c);

       gsdreq.hdr.type= 1005; //NSTAT_MSG_TYPE_GET_SRC_DESC
       gsdreq.srcref=nmsa->srcref;
       gsdreq.hdr.context = 1005; // This way I can tell if errors get returned for dead sources
       rc = write (fd, &gsdreq, sizeof(gsdreq));


         descriptorsModded[nmsa->srcref] = 1;
       break;
      }
    case 10002:
      {
        //struct nstat_msg_src_removed *rem;


         nstat_msg_src_removed *nmsr = (nstat_msg_src_removed *) (c);
       if(wantCurses) mvhline(nmsr->srcref + 2, 1, '-' , strlen(descriptors[nmsr->srcref]));
       descriptors[nmsr->srcref] = NULL; // or free..
       descriptorsModded [nmsr->srcref] = 1; // or free..
      


      
       break;
      }
    
    case 10003:
          rc = print_nstat_msg(c,rc);
        break;

    case 10004:
        rc = print_nstat_msg(c,rc);
        break;
    case 0:

    break;

    case 1:

        //Error message - these are usually for dead sources (context will be 1005)
        break;
    
    default:

    break;
    
   }
 
    }

 if (wantCurses)
  {
    int i;
        ch = getch();
    if (ch != ERR) {
    if (ch == 'H' || ch =='h') printf("HELP\n");
    if (ch == 'U' || ch =='u') {wantUDP = !wantUDP; setMessage("Toggling UDP sockets"); }
    if (ch == 'T' || ch == 't') { wantTCP = !wantTCP; setMessage("Toggling TCP sockets"); }
    if (ch == 'L' || ch == 'l') { wantListen= !wantListen; setMessage("Toggling TCP listeners"); }


    if (ch == 'C' || ch == 'c') { wantColors = !wantColors; setMessage("Toggling color display"); }
    wantRefresh = 1;
    }
    

  }

  print_descriptors();

}


return (0);

}

 

[barracuda156]

@ChrisCharman @educovas Could you say whether internet sharing from another Mac (with 10.4/10.5, for simplicity) works currently and if yes then how? )
My usual network is down, and I thought to hook up a PowerBook to iPhone over wifi and then PowerMac with 10.6.8 to PowerBook over Ethernet. Internet works in 10a190 but not 10.6.8. I tried reproducing network settings manually, connection appears green but nothing works. Both with and without utdns running.

 

[ChrisCharman]

@ChrisCharman @educovas Could you say whether internet sharing from another Mac (with 10.4/10.5, for simplicity) works currently and if yes then how? )
My usual network is down, and I thought to hook up a PowerBook to iPhone over wifi and then PowerMac with 10.6.8 to PowerBook over Ethernet. Internet works in 10a190 but not 10.6.8. I tried reproducing network settings manually, connection appears green but nothing works. Both with and without utdns running.

I can test when i get home from work tonight (After 22:00 UK time) and see if i have the same issue mate.

 

[barracuda156]

I can test when i get home from work tonight (After 22:00 UK time) and see if i have the same issue mate.

Thank you!
P. S. To be clear, I do not make a claim it is certainly broken, it is possible that I did not figure out how to do it correctly. Also, this is not the latest image, so there is a chance it was already fixed.

 

[ChrisCharman]

Thank you!
P. S. To be clear, I do not make a claim it is certainly broken, it is possible that I did not figure out how to do it correctly. Also, this is not the latest image, so there is a chance it was already fixed.

There seems to be a number of different issues on version 5 as well, relating to Sharing and some that i’ve noticed with Wifi and personal hotspots. I will need to spend a lot more time looking into this.

There are some framework differences between 10.5.8 and 10.6.8 related to network filesystems and AppleShare for example 10.6.8 only has AppleShareClientCore whereas 10.5.8 also has AppleShareClient, and only 10.6.8 has NetFS framework. I’ll share findings once i have made some progress.

Unrelated but might interest you @barracuda156 - there is an update for Leopard named ‘performance update’ that contains an update to one of the AHCI kexts bumping the minor version number up by 1. I’ve installed it on the PowerBook and there haven’t been any negative side effects, might be worth testing it on a PCIe G5.

 

[jktwice]

There seems to be a number of different issues on version 5 as well, relating to Sharing and some that i’ve noticed with Wifi and personal hotspots. I will need to spend a lot more time looking into this.

There are some framework differences between 10.5.8 and 10.6.8 related to network filesystems and AppleShare for example 10.6.8 only has AppleShareClientCore whereas 10.5.8 also has AppleShareClient, and only 10.6.8 has NetFS framework. I’ll share findings once i have made some progress.

Unrelated but might interest you @barracuda156 - there is an update for Leopard named ‘performance update’ that contains an update to one of the AHCI kexts bumping the minor version number up by 1. I’ve installed it on the PowerBook and there haven’t been any negative side effects, might be worth testing it on a PCIe G5.

Where can I find this performance update? This has piqued my interest.

 

[educovas]

There seems to be a number of different issues on version 5 as well, relating to Sharing and some that i’ve noticed with Wifi and personal hotspots. I will need to spend a lot more time looking into this.

There are some framework differences between 10.5.8 and 10.6.8 related to network filesystems and AppleShare for example 10.6.8 only has AppleShareClientCore whereas 10.5.8 also has AppleShareClient, and only 10.6.8 has NetFS framework. I’ll share findings once i have made some progress.

Unrelated but might interest you @barracuda156 - there is an update for Leopard named ‘performance update’ that contains an update to one of the AHCI kexts bumping the minor version number up by 1. I’ve installed it on the PowerBook and there haven’t been any negative side effects, might be worth testing it on a PCIe G5.

I've noticed the problems with AppleShareClientCore and NetFS, fixed them locally, and there was another copyright problem with smbfs.kext. After fixing those, file sharing almost worked properly. I can access my PowerBook from a different machine with no problems but when I tried to connect from the PowerBook to another machine, it does not accept the password. I don't know if it was already possible to access the PowerBook from a different machine before fixing those but it still needs more work anyways.

The AHCI kexts I've used in this build is from 10A190 and the version from 10.5.8 is considerably newer. I mentioned this a while ago but I don't know if @barracuda156 tried yet.

I'll be hopefully getting a PowerBook A1138 this week so hopefully I should be able to see what's wrong with keyboard brightness on these machines.

 

[ChrisCharman]

I've noticed the problems with AppleShareClientCore and NetFS, fixed them locally, and there was another copyright problem with smbfs.kext. After fixing those, file sharing almost worked properly. I can access my PowerBook from a different machine with no problems but when I tried to connect from the PowerBook to another machine, it does not accept the password. I don't know if it was already possible to access the PowerBook from a different machine before fixing those but it still needs more work anyways.

The AHCI kexts I've used in this build is from 10A190 and the version from 10.5.8 is considerably newer. I mentioned this a while ago but I don't know if @barracuda156 tried yet.

I'll be hopefully getting a PowerBook A1138 this week so hopefully I should be able to see what's wrong with keyboard brightness on these machines.

I can only see other machines but not access or share currently.

I forgot to check if i’d updated the AHCI kexts in the version 5 image. The performance update bumps it up slightly on 10.5.8 from the existing version. I’ll find a link as i obtained it from Macintosh Garden in a collection of Leopard updates generously collated by someone and posted there.

Edit: I did update the AHCI kexts in build 10.6.8_A5

 

[ChrisCharman]

Where can I find this performance update? This has piqued my interest.

Here it is PerformanceUpdateHardware.zip

It bumps the BlockStorage kext within /System/Library/Extensions/IOAHCIFamily.kext/Contents/PlugIns/ to v1.2.3 from v1.2.2. The newer version is dated Oct 12 2009.

 

[atester2001]

I did a bunch of testing of the networking from Alpha5 and what I found is that the app firewall seems broken.
If you tell it to "Allow all incoming connections" it blocks them all and can't do DHCP. If I use the second option to only allow restricted use it will allow ssh, printer and afp. DNCP works. If I use the 3rd option and specify the services to open for it only allows ssh to connect. DHCP works. None of the options allow VNC connections into the 10.6.8 machine (G4 iMac6,3)

Here are some diagnostics using nmap.
All incoming open. Can’t get IP address.

nmap -sS -Pn 169.254.76.143
Starting Nmap 7.80 ( https://nmap.org ) at 2025-02-02 18:32 CST
Nmap scan report for 169.254.76.143
Host is up (0.00026s latency).
Not shown: 995 closed ports
PORT STATE SERVICE
22/tcp filtered ssh
88/tcp filtered kerberos-sec
515/tcp filtered printer
548/tcp filtered afp
5900/tcp filtered vnc
MAC Address: 00:0A:95:F0:E5:02 (Apple)

nmap -sU -Pn 169.254.76.143
Starting Nmap 7.80 ( https://nmap.org ) at 2025-02-02 18:31 CST
Nmap scan report for 169.254.76.143
Host is up (0.00032s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
68/udp open|filtered dhcpc
88/udp open|filtered kerberos-sec
3283/udp open|filtered netassistant
5353/udp open|filtered zeroconf
MAC Address: 00:0A:95:F0:E5:02 (Apple)
No open tcp ports connect.

Only restricted open
nmap -sS [ip address]
Starting Nmap 7.80 ( https://nmap.org ) at 2025-02-02 18:17 CST
Host is up (0.00036s latency).
Not shown: 996 filtered ports
PORT STATE SERVICE
22/tcp open ssh
88/tcp open kerberos-sec
515/tcp open printer
548/tcp open afp
MAC Address: 00:0A:95:F0:E5:02 (Apple)

nmap -sU [ip address]
Starting Nmap 7.80 ( https://nmap.org ) at 2025-02-02 18:20 CST
Host is up (0.0051s latency).
Not shown: 998 open|filtered ports
PORT STATE SERVICE
3283/udp open netassistant
5353/udp open zeroconf
MAC Address: 00:0A:95:F0:E5:02 (Apple)
All open tcp ports connect.

Specified access
nmap -sS [ip address]
Starting Nmap 7.80 ( https://nmap.org ) at 2025-02-02 18:49 CST
Host is up (0.00019s latency).
Not shown: 983 closed ports
PORT STATE SERVICE
13/tcp filtered daytime
22/tcp open ssh
88/tcp open kerberos-sec
211/tcp filtered 914c-g
515/tcp open printer
548/tcp open afp
1580/tcp filtered tn-tl-r1
2557/tcp filtered nicetec-mgmt
3766/tcp filtered sitewatch-s
3809/tcp filtered apocd
4126/tcp filtered ddrepl
5900/tcp filtered vnc
5998/tcp filtered ncd-diag
9009/tcp filtered pichat
23502/tcp filtered unknown
32774/tcp filtered sometimes-rpc11
49159/tcp filtered unknown
MAC Address: 00:0A:95:F0:E5:02 (Apple)

nmap -sU [ip address]
Starting Nmap 7.80 ( https://nmap.org ) at 2025-02-02 18:50 CST
Host is up (0.00031s latency).
Not shown: 997 closed ports
PORT STATE SERVICE
88/udp open|filtered kerberos-sec
3283/udp open netassistant
5353/udp open zeroconf
MAC Address: 00:0A:95:F0:E5:02 (Apple)
Even though I added screen sharing from core services I still can’t connect to it.
Only ssh connects.

When I couldn't get DHCP to work, I recopied all of /Library from the 10.6.8_A5 image. It only replaced a few files, among them the network preferences so I concluded that it probably would have worked without installing 10.6.8_A5 if I hadn't tried to turn off the firewall.

I also removed the appfirewall files in libexec hoping to totally disable it but it was more like it was totally blocking everything then.

I wonder if there is a way to access and control the firewall from the command line? The Security configuration dialog seems broken to me.

 

[ChrisCharman]

I did a bunch of testing of the networking from Alpha5 and what I found is that the app firewall seems broken.
If you tell it to "Allow all incoming connections" it blocks them all and can't do DHCP. If I use the second option to only allow restricted use it will allow ssh, printer and afp. DNCP works. If I use the 3rd option and specify the services to open for it only allows ssh to connect. DHCP works. None of the options allow VNC connections into the 10.6.8 machine (G4 iMac6,3)

Here are some diagnostics using nmap.
All incoming open. Can’t get IP address.

nmap -sS -Pn 169.254.76.143
Starting Nmap 7.80 ( https://nmap.org ) at 2025-02-02 18:32 CST
Nmap scan report for 169.254.76.143
Host is up (0.00026s latency).
Not shown: 995 closed ports
PORT STATE SERVICE
22/tcp filtered ssh
88/tcp filtered kerberos-sec
515/tcp filtered printer
548/tcp filtered afp
5900/tcp filtered vnc
MAC Address: 00:0A:95:F0:E5:02 (Apple)

nmap -sU -Pn 169.254.76.143
Starting Nmap 7.80 ( https://nmap.org ) at 2025-02-02 18:31 CST
Nmap scan report for 169.254.76.143
Host is up (0.00032s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
68/udp open|filtered dhcpc
88/udp open|filtered kerberos-sec
3283/udp open|filtered netassistant
5353/udp open|filtered zeroconf
MAC Address: 00:0A:95:F0:E5:02 (Apple)
No open tcp ports connect.

Only restricted open
nmap -sS [ip address]
Starting Nmap 7.80 ( https://nmap.org ) at 2025-02-02 18:17 CST
Host is up (0.00036s latency).
Not shown: 996 filtered ports
PORT STATE SERVICE
22/tcp open ssh
88/tcp open kerberos-sec
515/tcp open printer
548/tcp open afp
MAC Address: 00:0A:95:F0:E5:02 (Apple)

nmap -sU [ip address]
Starting Nmap 7.80 ( https://nmap.org ) at 2025-02-02 18:20 CST
Host is up (0.0051s latency).
Not shown: 998 open|filtered ports
PORT STATE SERVICE
3283/udp open netassistant
5353/udp open zeroconf
MAC Address: 00:0A:95:F0:E5:02 (Apple)
All open tcp ports connect.

Specified access
nmap -sS [ip address]
Starting Nmap 7.80 ( https://nmap.org ) at 2025-02-02 18:49 CST
Host is up (0.00019s latency).
Not shown: 983 closed ports
PORT STATE SERVICE
13/tcp filtered daytime
22/tcp open ssh
88/tcp open kerberos-sec
211/tcp filtered 914c-g
515/tcp open printer
548/tcp open afp
1580/tcp filtered tn-tl-r1
2557/tcp filtered nicetec-mgmt
3766/tcp filtered sitewatch-s
3809/tcp filtered apocd
4126/tcp filtered ddrepl
5900/tcp filtered vnc
5998/tcp filtered ncd-diag
9009/tcp filtered pichat
23502/tcp filtered unknown
32774/tcp filtered sometimes-rpc11
49159/tcp filtered unknown
MAC Address: 00:0A:95:F0:E5:02 (Apple)

nmap -sU [ip address]
Starting Nmap 7.80 ( https://nmap.org ) at 2025-02-02 18:50 CST
Host is up (0.00031s latency).
Not shown: 997 closed ports
PORT STATE SERVICE
88/udp open|filtered kerberos-sec
3283/udp open netassistant
5353/udp open zeroconf
MAC Address: 00:0A:95:F0:E5:02 (Apple)
Even though I added screen sharing from core services I still can’t connect to it.
Only ssh connects.

When I couldn't get DHCP to work, I recopied all of /Library from the 10.6.8_A5 image. It only replaced a few files, among them the network preferences so I concluded that it probably would have worked without installing 10.6.8_A5 if I hadn't tried to turn off the firewall.

I also removed the appfirewall files in libexec hoping to totally disable it but it was more like it was totally blocking everything then.

I wonder if there is a way to access and control the firewall from the command line? The Security configuration dialog seems broken to me.

Excellent information thank you!

To remove Firewall rules:

sudo ipfw flush

Ipfw manpage can be referenced for other commands



/Library contains user specific configs
/System/Library relates to system owned configs. If there’s anything in /Library that has changed it will most likely be based on my personal setup.

If you’re interested in playing with the firewall configuration files, there are some useful articles on the web. Below are a few:

• http://www.ibiblio.org/macsupport/ipfw/
• https://silvester.org.uk/OSX/wrangling_ipfw.html
• https://www.madirish.net/532

In the wikipost i have a section dedicated to useful references and documentation and have recently added WWDC Developer Sessions for 2007-2009 via internet archive. There are some specific to networking. There is also a link to the Apple Documentation Archive and some useful books.

REFERENCE & DOCUMENTATION​

• Welcome to Snow Leopard Documentation
• Mac OS X & iOS Internals Free book by Johnathon Levin
• Apple Developer Documentation Archive
• Mac OS X Internals A Systems Approach A book by Amit Singh
• Apple Open Source Releases
• Apple OSS GitHub
• What’s New in 10.6 Snow Leopard
• Siracusa/ArsTechnica comprehensive review of Snow Leopard retail edition, Aug. 2009
• SSEN’S BLOG - Building XNU from Source
• Snow Leopard on Unsupported PowerPC Macs
• WWDC 2007 Developer Sessions
• WWDC 2008 Developer Sessions
• WWDC 2009 Developer Sessions

 

[atester2001]

Excellent information thank you!

To remove Firewall rules:

sudo ipfw flush

Ipfw manpage can be referenced for other commands



/Library contains user specific configs
/System/Library relates to system owned configs. If there’s anything in /Library that has changed it will most likely be based on my personal setup.

If you’re interested in playing with the firewall configuration files, there are some useful articles on the web. Below are a few:

• http://www.ibiblio.org/macsupport/ipfw/
• https://silvester.org.uk/OSX/wrangling_ipfw.html
• https://www.madirish.net/532

In the wikipost i have a section dedicated to useful references and documentation and have recently added WWDC Developer Sessions for 2007-2009 via internet archive. There are some specific to networking. There is also a link to the Apple Documentation Archive and some useful books.

REFERENCE & DOCUMENTATION​

• Welcome to Snow Leopard Documentation
• Mac OS X & iOS Internals Free book by Johnathon Levin
• Apple Developer Documentation Archive
• Mac OS X Internals A Systems Approach A book by Amit Singh
• Apple Open Source Releases
• Apple OSS GitHub
• What’s New in 10.6 Snow Leopard
• Siracusa/ArsTechnica comprehensive review of Snow Leopard retail edition, Aug. 2009
• SSEN’S BLOG - Building XNU from Source
• Snow Leopard on Unsupported PowerPC Macs
• WWDC 2007 Developer Sessions
• WWDC 2008 Developer Sessions
• WWDC 2009 Developer Sessions

Unfortunately ipfw doesn't seem to do anything.
If I have the firewall turned on, and I just do a
sudo ipfw list
It shows everything open which isn't the case.
Give it a try on your end and see what you get.

 

[barracuda156]

@ChrisCharman @educovas Feature request [not for immediate implementation, but perhaps once we move to update packages instead of whole new images]:
Remove X11 from default image, make it available via an installer. This is desirable, because multiple versions of X11 do not live well together, and a newer/better X11 is available via a port. Which currently requires then an end-user to remove existing Apple X11 manually, which is a hassle. Also, official release of 10.6.8 allowed to install the OS without installing X11; like Rosetta, it was an optional component. There is also an XQuartz version (though targeting 10.5.8), which may be preferred by someone as an alternative.