Ok so what I want to do is create a background agent that monitors http traffic to/from a certain application and performs actions when there are requests and responses to a certain website. Is there a good way to do this in Cocoa? I'd like to avoid using really low level sniffing and/or requiring root access to do this (admin access is ok).
If the application your trying to monitor supports proxy servers you could write one and use that in your app. That probably is the easiest solution.
If that doesn’t work you could use something like mach_inject
and mach_override
to overwrite some socket system calls (socket
and write
probably are enough) in the program you’re going to monitor. That’s some kind of dark art though, so you’re probably better off using a packet sniffer like tcpdump
and control that using a pipe.
Admin privileges (which are almost the same as root) are required for all of this, except the proxy solution.
Here's tcpdump and it's library libpcap:
http://www.tcpdump.org/tcpdump_man.html
and
http://www.tcpdump.org/pcap3_man.html
There's a tutorial here:
http://www.tcpdump.org/pcap.htm
Like Sven said you'll need admin privileges to do anything spectacular.