Post

Replies

Boosts

Views

Activity

Reply to NEFilterControlProvider network extensions not working from iOS 16.1
As of now, we set only filterBrowsers. Expectation is to get the Browser flow traffic coming from the webkit based traffic, as our use case involves inspecting full URLs from browser traffic only. For testing purpose, we enabled filterSockets as well, and it seems that we are getting the Socket flow traffic. But the browser flow traffic, which is what our product depends upon is missing in action from iOS 16.1. We have logged a feedback assistant bug here: Previously, on iOS 16.0, we were testing this flow in the new feature of Per app control filter for managed devices and had observed the same issue. It seems from iOS 16.1 the same issue started occuring on the device wide control filter extensions as well. Is this a regression or is Apple removing browser flow support from control filter extensions?
Dec ’22
Reply to iOS 16 prefering to use DoH/DoT even if VPN has specified it does not support DoH/DoT in DNS Settings
I tried it in full tunnel mode as well, where I claim the default Route in my network settings' include routes. here also i observe that even though the NEDNSSettings value specifies clear text, if i use the public dns servers, I am still getting encrypted dns traffic. Surely looks like a bug, because in presence of a VPN, the VPN's network settings should be honoured and the platform should not select automatically.
Nov ’22
Reply to Not getting Browser flow traffic in per app Content Filter (NEFilterControlProvider))
yes, the application is installed via MDM and the ManagedApplicationAttribute is part of that. I have attached the command as well in the feedback assistant bug i logged Regarding the second question, wouldnt this be a loophole in our content filtering solution? Safari being the default browser, most of our users will open links in this browser. If we are not able to assign content filter to safari, our feature's story will not be working for most of the users.
Oct ’22
Reply to Per-app VPN and Device level VPN coexist, which one can intercept traffic
Hi, We are investigating a similar issue. We have a device wide enterpise VPN using Packet Tunnel Provider. If there is another third-party VPN provider providing per-app VPN facility our question is : If per app VPN is via a packet tunnel provider, will the packets go through per-app VPN or go through device wide VPN? As per our understanding, only one Packet Tunnel Provider can be active at a time and packets will go through the VPN which is currently active...Is this understanding correct? 2. If per app VPN is via a App Proxy Provider, will packets go through per app VPN or device wide VPN?
Nov ’20
Reply to Per-App VPN through Enterprise Systemwide VPN
Hi, We are investigating a similar issue. We have a device wide enterpise VPN using Packet Tunnel Provider. If there is another third-party VPN provider providing per-app VPN facility our question is : If per app VPN is via a packet tunnel provider, will the packets go through per-app VPN or go through device wide VPN? As per our understanding, only one Packet Tunnel Provider can be active at a time and packets will go through the VPN which is currently active...Is this understanding correct? 2. If per app VPN is via a App Proxy Provider, will packets go through per app VPN or device wide VPN?
Nov ’20