@Matt ,
We can check PID in handleNewFlow and allow the traffic as it is trusted process , but we would like to avoid that and stop filtering the traffic of a trusted process before handleNewflow with NEFilterRule as below . is it possible ?. and other thing is NE content filter is not able to handle the plenty traffic . I see it is limitation or bug in NE content filter . Let me know any README on how many network operations network extension content filter can handle ??.
class FilterDataProvider: NEFilterDataProvider {
override func startFilter(completionHandler: @escaping (Error?) -> Void) {
DGNetopsFilterCommsInit()
//For all traffic
let filterRules = ["0.0.0.0", "::"].map { address -> NEFilterRule in
let bothNetworkRule = NENetworkRule(remoteNetwork: nil,
remotePrefix: 0,
localNetwork: nil,
localPrefix: 0,
protocol: .any,
direction: .any )
return NEFilterRule(networkRule: bothNetworkRule, action: .filterData)
}
// Allow all flows that do not match the filter rules by default action as allow.
let filterSettings = NEFilterSettings(rules: filterRules, defaultAction: .allow)
apply(filterSettings) { error in
if let applyError = error {
os_log("Failed to apply filter settings: %@", applyError.localizedDescription)
}
completionHandler(error)
}
}
