Please note that as of October 24, 2014, the Nokia Developer Wiki will no longer be accepting user contributions, including new entries, edits and comments, as we begin transitioning to our new home, in the Windows Phone Development Wiki. We plan to move over the majority of the existing entries. Thanks for all your past and future contributions.

How to block IP packet with IPhook module based on IP address

From Wiki
Jump to: navigation, search
Article Metadata
Created: mahbub_s60 (14 Jun 2010)
Last edited: hamishwillee (26 Jul 2012)



IPHooks are plugin modules that are used to extend the functionality of the TCP/IP stack. They enable us to process incoming and outgoing data packets at the IP level. The hooks are loaded by the socket server as specified in an esk file. There could have several IP hooks that can be loaded by stack. It is responsibility of one hook to pas the packet to next hook. The stack maintains an internal chain terminator (T), which will pass the packet to the NIF using the flow context (F) attached to the packet.
In this article, we try to explain how we can use IPhook plug in to process the packet so that packet can be blocked with particular IP address. This can be done for both inbound and outbound packet, Here we take a look about outgoing packet. This blocking mechanism can be implemented in device management software that does not allow to connect to particular IP address from the device.

Outbound post processing

We need to implement virtual methods of CProtocolPosthook. This is base class for the IP hook that lies between IP (Internet Protocol) and NIF (Network Interface). If a hook before the terminator (T) does not pass the packet forward in chain, then the packet can be dropped. The flow context is the only way for the terminator (T) to know the target NIF. If the packet has not flow context, the terminator drops the packet. The flow context is detached from the packet before it is passed to the NIF.

Following are the steps for a packet from application to NIF level.

1.The application uses a socket API ( RSocket) to write data to the connection.

2. The Service Access Point (SAP) represents the application socket within the protocol stack. The SAP for TCP implements the TCP protocol over the IP. The stream data from application is converted into IP packets being exchanged between the TCP end points. The SAP will send packets starting with the upper layer header (TCP) to the IP layer using the Send(packet) method.

3. Most of the work for outbound direction is done within the SAP and the protocol instance does not have much to do here. If used, it’s Send method just passes the packet to the IP layer

4. The IP layer adds the IP headers (IPv4 or IPv6) and other extension headers if required by additional modules.

5. Optional (outbound, and here we can process /check the packet and control the flow of IP packet) module(s) can be added between the IP and Interface for additional processing

6. Driver receives the packet from the protocol stack (Send(packet))

If we drop a packet in step 5, it must also take care of releasing the flow context.

Code Example

TInt CProtocolProbe::Send(RMBufChain &aPacket, CProtocolBase* aSrc)
if (DropPacket(aPacket)) // Check if the packet should be dropped
RMBufSendInfo *info = RMBufSendPacket::PeekInfoInChain(aPacket);
if (info)
info->iFlow.Close(); // Close it
aPacket.Free(); // free the packet
return 1;
// No action needed, packet is flowing as usual
TInt ii = CProtocolPosthook::Send(aPacket, aSrc);
return ii;
TBool CProtocolProbe::DropPacket(RMBufChain &aPacket)
TBool aRetBool = EFalse;
RMBufPacketBase copy;
TRAPD(err, copy.CopyPackedL(aPacket));
if (err == KErrNone)
// Reuse the protocol and flags fields of
// RMBufPktInfo to store the time-stamp
RMBufPktInfo* info = RMBufPacket::PeekInfoInChain(copy);
//RMBufSendInfo aInfo;
//TUint32 ip = aInfo.iFlow.FlowContext()->RemoteAddr().Address();
RMBufSendInfo *sendinfo = RMBufSendPacket::PeekInfoInChain(aPacket);
if (sendinfo)
TUint32 ip = sendinfo->iFlow.FlowContext()->RemoteAddr().Address();
_LIT8(KAd, "%d.%d.%d.%d");
TBuf8<100> add(0);
add.Format(KAd,(ip >> 24) & 0xff, (ip >> 16) & 0xff, (ip >> 8) & 0xff, ip & 0xff);
TRACE_INFO((_L8("CProtocolProbe::DropPacket RemoteAddr add = %S"), &add))
TRACE_INFO((_L("CProtocolProbe::DropPacket RemoteAddr ip = %d"), ip))
ip = sendinfo->iFlow.FlowContext()->LocalAddr().Address();
add.Format(KAd,(ip >> 24) & 0xff, (ip >> 16) & 0xff, (ip >> 8) & 0xff, ip & 0xff);
if( ip == iTargetIP)
aRetBool = ETrue;
return aRetBool;

Some related articles

How to block IP packet with IPhook module based on IP address
How to prevent data sending over Infrared programatically
Removing send via Bluetooth from send menu
How to prevent web browsing with WLAN programatically


[ Nokia Symbian^3 Developer's Library]

This page was last modified on 26 July 2012, at 03:16.
28 page views in the last 30 days.