I am developing a firewall program to block some DNS requests. It works normally on most Mac computers, but a few computers experience internet connectivity issues after installing the firewall. I have noticed a large number of logs in the console, such as "CFIL: Failed to create UDP flow".
I want to know what caused this?
Here is my code
override func handleNewFlow(_ flow: NEFilterFlow) -> NEFilterNewFlowVerdict {
guard
let socketFlow = flow as? NEFilterSocketFlow,
let endpoint = socketFlow.remoteEndpoint as? NWHostEndpoint,
let appToken = flow.sourceAppAuditToken
else {
return .allow()
}
if endpoint.port == "53" && socketFlow.socketProtocol == IPPROTO_UDP {
return .filterDataVerdict(
withFilterInbound: false,
peekInboundBytes: 0,
filterOutbound: true,
peekOutboundBytes: 1560)
}
return .allow()
}
override func handleOutboundData(from flow: NEFilterFlow, readBytesStartOffset offset: Int, readBytes: Data) -> NEFilterDataVerdict {
guard
let socketFlow = flow as? NEFilterSocketFlow,
let endpoint = socketFlow.remoteEndpoint as? NWHostEndpoint,
let appToken = flow.sourceAppAuditToken
else {
return .allow()
}
/* find rule... */
if let ruleName = ruleName {
return .drop()
}
return .allow()
}
Selecting any option will automatically load the page