Hi, I have applied below rule let filterRules = ["0.0.0.0", "::"].map { address -> NEFilterRule in       let localNetwork = NWHostEndpoint(hostname: address, port: "0")       let networkRule = NENetworkRule(remoteNetwork: nil,                           remotePrefix: 0,                           localNetwork: localNetwork,                           localPrefix: 0,                           protocol: .TCP,                           direction: .any)       return NEFilterRule(networkRule: networkRule, action: .filterData)     } I have written below code in method: override func handleInboundData if remoteEndpoint.hostname == "10.207.135.79" { os_log(.debug, log: self.log, "dropping for 10.207.135.79.");         return .drop() } From device 10.207.135.79 i am trying to send TCP as below: 1. ssh userName@10.213.175.1 It is getting drop as expected. kex_exchange_identification: Connection closed by remote host 2. Send via netcat(nc) nc 10.213.175.1 8888 During netcat, it's not getting drop. 3. Send via curl(nc) curl 10.213.175.1:8888 During curl, it's not getting drop. 10.213.175.1 is IP where system extension filter provider running. is this expected behaviour?

Hello, I have created raw socket as below rawSockfd = socket(AF_INET,SOCK_RAW,IPPROTO_IP) Added flag 5 sec SO_RCVTIMEO, IP_HDRINCL to 1 via setsockopt. Sending IP Packet as below: struct sockaddr_in connection = getSockAddr(dstIPAddress);  long bytes = sendto(rawSockfd, (uint8_t *)packet, size, 0, (struct sockaddr *)&connection, sizeof(struct sockaddr)); I am trying to receive as below: long rsize = recvfrom(rawSock, buffer, size, 0, (struct sockaddr *)&connection, (socklen_t *)&addrlen); This works fine for ICMP, UDP. recvfrom able to read packet back. We are facing issue during TCP. recvfrom returns error: Resource temporarily unavailable after 5 sec timeout. If we remove timeout flag SO_RCVTIMEO then it gets stuck forever. TCPdump shows following logs on destination. Instead of SYN ACK it's getting Reset: 09:21:03.972632 IP 10.215.179.1.54745 > 10.207.134.154.8181: Flags [SEW], seq 358899317, win 65535, options [mss 1380,nop,wscale 6,nop,nop,TS val 426499980 ecr 0,sackOK,eol], length 0 09:21:03.972755 IP 10.207.134.154.8181 > 10.215.179.1.54745: Flags [R.], seq 0, ack 358899318, win 0, length 0 is this something macOS not sending TCP response back to rawsocket or something is wrong in my code?