Hi Matt,
Thanks for the answer!
I have already tried delaying the packet, since I've seen it suggested in other threads. The problem is, it does not give any extra information when it is used in NEFilterPacketProvider (the NEFlowMetaData field is null). Apparently, that only works in some specific cases such as app proxy providers and NEPacketTunnelProvider in per-App VPN mode - https://developer.apple.com/documentation/networkextension/neflowmetadata.
I guess the current API simply does not support my use case and I will have to submit the enhancement request...
Best regards,
Darío
dlipicar
Users receive reputation points by contributing quality content to the forums.
Posts include post and replies published on the forums.
Post authors can mark replies as Accepted to indicate successful solutions.
Apple Developer Forums admins can mark replies as Apple Recommended to indicate an approved solution
Post
Replies
Boosts
Views
Activity
Allright! I imagined I would get better performance if I could get the filter to not capture the packets/flows at all. I might do some tests later, for the time being I'll just quickly return an allow verdict at the top of the handler.
Thanks!
Disregard this post
I've been able to get the same behavior in macOS Big Sur 11.2