The NIT packet filter is a SunOS 4.x facility that provides a means of directly accessing the network from user space. Typically, root privilege is required to use NIT.
Directory /usr/xkernel/user_level/build/Template/example2 contains example configuration files for building and running such a kernel. The graph.comp file specifies two protocol tables: the default prottbl.nonstd, and the prottbl.local file found in this directory. File prottbl.nonstd is included so that all protocols (most importantly, IP) are assigned nonstandard protocol numbers; this prevents messages designated for the x-kernel from being acted upon by the machine's native protocol stack, and vice versa.
The nit option in the ROM file is used to control NIT's packet filtering capabilities. The option in the example ROM instructs NIT not to deliver any normal IP packets (identified by value x0800) to higher layers in the protocol stack, thus allowing the x-kernel to process only relevant packets (i.e., with value x3900, the ``fake'' IP number assigned in prottbl.nonstd). Note that when NIT ``drops'' a packet, only a copy is discarded, not the packet itself. If an IP packet arrives belonging to a Unix socket connection on the machine, it will be received normally by the OS kernel, despite the actions of NIT.
The other entries in the ROM file are used by the ARP protocol to resolve IP addresses to hardware addresses. The arp entries contain the IP and Ethernet addresses for the hosts on which the x-kernel will be run.