Post not yet marked as solved
Hi, im making a daemon swift app for macos that uses the content filter network extension. When i run the app i see the following leak in Instruments.
2021-03-08 15:58:54.943753-0300 mhunt[23320:342851] [] nw_parameters_copy_default_protocol_stack called with null parameters
2021-03-08 15:58:54.950468-0300 mhunt[23320:342851] [] nw_parameters_copy_default_protocol_stack called with null parameters, dumping backtrace:
[x86_64] libnetcore-2288.80.2
0 libnetwork.dylib 0x00007fff247c82f8 __nw_create_backtrace_string + 120
1 libnetwork.dylib 0x00007fff242bb69b nw_parameters_copy_default_protocol_stack + 251
2 libnetwork.dylib 0x00007fff242dea0e nw_socket_connect + 1550
3 libnetworkextension.dylib 0x00007fff300c6102 ne_filter_protocol_connect + 396
4 libnetworkextension.dylib 0x00007fff300c73dc ne_filter_process_verdict + 1616
5 libnetworkextension.dylib 0x00007fff300cb5f7 __ne_filter_data_protocol_send_new_flow_block_invoke.65 + 148
6 libdispatch.dylib 0x000000010b5e8e78 _dispatch_call_block_and_release + 12
7 libdispatch.dylib 0x000000010b5ea0b0 _dispatch_client_callout + 8
8 libdispatch.dylib 0x000000010b5f406a _dispatch_workloop_invoke + 3277
9 libdispatch.dylib 0x000000010b600217 _dispatch_workloop_worker_thread + 1675
10 libsystem_pthread.dylib 0x000000010b693b15 _pthread_wqthread + 314
11 libsystem_pthread.dylib 0x000000010b692ae3 start_wqthread + 15
I have no idea how to debug this. As you can see on the log it says "libnetworkextension" so i thought i might have something to do with the network extension but the leak ocurrs even when the NE is not running.
I tried looking at the memory graph but when i go to click on the memory address that has the leak all i see is an icon of "OS_dispatch_group".
I know this might be not enough information to help me debug this so if you need anything else just let me know.
Post not yet marked as solved
Hi, I am making a Launch Daemon app in Swift for MacOS. This app needs to make a request to an api once every couple of minutes. I do this using a Timer but I have experienced that on some users machines the timer does not get restarted once the system comes back from sleep. I also have other repeating timers that have the same behaviour so it is not related to just one. When this happens the app does not crash the timers just suddenly stop.
This is the Timer im using:
class RepeatingTimer {
public var timer: DispatchSourceTimer?
init(interval: Int, queue: DispatchQueue, deadline: DispatchTime = .now(), eventHandler: @escaping ()- Void) {
timer = DispatchSource.makeTimerSource(flags: [], queue: queue)
timer?.schedule(deadline: deadline, repeating: .seconds(interval))
timer?.setEventHandler {
eventHandler()
}
}
func start() {
timer?.resume()
}
func stop() {
timer = nil
}
}
I stop the Timers on applicationWillTerminate
Hi im making a LaunchDaemon app that has a NetworkExtension. I built the Network Extension using the SimpleFirewall sample project provided by apple.
My problem is that sometimes the extension terminates and when it starts again it can't communicate with the main app.
I tried setting a repeating Timer on the main app that calls a function from IPCConnection to register with the provider but that doesn't seem to work.
How should i handle this scenario.
Hi, im building a Content Filter app and today while checking the logs in the console app i saw this one.
com.company.myapp.extension: Unsatisfied entitlements: com.apple.security.application-groups
Its weird because the extension loads fine and the content filter works. I have checked and the app group seems to be correctly set on both entitlement files (app and extension).
I would really appreciate the help. Thanks in advance.
Hi, I am working with a Content Filter Network Extension. I was wondering what information i could obtain from an unsigned process that is generating outbound traffic.
Will NEFilterFlows from this process come with a SourceAppAuditToken ?
If so, can i use this to find the location of this process and what command line arguments where used to execute it?
If this is possible how can i do this, i could not find documentation about this.
Thanks.
Basically i have to calculate the SHA-256 hashes of several files and when doing so my memory usage goes up to 800 mb.
My problem is explained in more detail in this stack overflow post - https://stackoverflow.com/questions/66147377/read-a-file-by-chunks. As you can see there i have tryed a couple of things but i cant get rid of the high memory usage.
Post not yet marked as solved
Hi, im trying to set up an inbound firewall to only allow localhost and other ips that will be added/removed dynamically. What do you guys think its the best way of doing this?
I have tried this
let rule = NENetworkRule(remoteNetwork: nil,
remotePrefix: 0,
localNetwork: nil,
localPrefix: 0,
protocol: .any,
direction: .inbound)
rules = [NEFilterRule(networkRule: rule, action: .filterData)]
let filterSettings = NEFilterSettings(rules: rules, defaultAction: .allow)
but when i make a request to a local api on 127.0.0.1:8080 from safari i am not receiving that flow on handleNewFlow. Am i doing something wrong?
Also, if i were to whitelist the ips when creating the NENetworkRule how could i modify this rules dynamically or change them when new ips are added.
Thanks for the help.
Post not yet marked as solved
Hello guys, im trying to make the NEFilterDataProvider work but i just cant seem to do so. Basically what i want to do is recieve all flows (in/out) in the handleNewFlow function.
What i intend to do there is drop all inbound flows but before doing that i want to log them. Also i want to allow all outgoing flows and also log them.
let anyHostAndPortRule = NENetworkRule(
remoteNetwork: nil,
remotePrefix: 0,
localNetwork: nil,
localPrefix: 0,
protocol: .any,
direction: .any
)
filterRules = [NEFilterRule(networkRule: anyHostAndPortRule, action: .filterData)]
let filterSettings = NEFilterSettings(rules: rules, defaultAction: .allow)
I understand that this rule alone should be able to acomplish what i want but for some reason im not receiving outbound traffic. Is there an explanation to this?
I think its weird because when i change the
defaultAction: .drop
to drop, i loose access to the internet so that means the outbound flows are not matching with the rule i showed you earlier. Why is that?
Thanks in advance
Hi, im building an app that uses the Content Filter feature of Network Extensions. The app is to be distributed outside the app store and will be deployed via mdm. The macs at the company i work at are enrolled on mdm but do not have dep, will i still be able to deploy the app?
Thanks in advance
Post not yet marked as solved
Hi, i have a Public Key string with the format:
----BEGIN PUBLIC KEY
			blah blah blah----END PUBLIC KEY
I want to use it to encrypt another string. I have been looking but i cant seem to find a way to do this. Thanks in advance.
