Hi, I have Simple Firewall example which is using FilterDataProvider. I have enabled socket level filtering. I want get the process name of event in handleNewFlow(). Following is the sample example handleNewFlow() API: override func handleNewFlow(_ flow: NEFilterFlow) -> NEFilterNewFlowVerdict { 		guard let socketFlow = flow as? NEFilterSocketFlow,      		 				let remoteEndpoint = socketFlow.remoteEndpoint as? NWHostEndpoint,      		 				let localEndpoint = socketFlow.localEndpoint as? NWHostEndpoint else {       			   						return .allow()    	 		}        } Please help me to get process name.

Hi, I am using content filter network extension to allow/drop the network operations. Here I want to get URL of the network flow. How can I achieve this? Please help me. Below is sample content filter NE handleNewFlow().  override func handleNewFlow(_ flow: NEFilterFlow) -> NEFilterNewFlowVerdict {     		guard let socketFlow = flow as? NEFilterSocketFlow,       		let remoteEndpoint = socketFlow.remoteEndpoint as? NWHostEndpoint,       		let localEndpoint = socketFlow.localEndpoint as? NWHostEndpoint else {        			  return .allow()     		}        }

Hi, I have Content Filter Simple Firewall extension app. I want to get read bytes for inbound data, write bytes for outbound data. Following is sample handleNewFlow() API. Please help me to get read(inBytes) and write(outBytes) bytes from following example.  override func handleNewFlow(_ flow: NEFilterFlow) -> NEFilterNewFlowVerdict {     guard let socketFlow = flow as? NEFilterSocketFlow,       let remoteEndpoint = socketFlow.remoteEndpoint as? NWHostEndpoint,       let localEndpoint = socketFlow.localEndpoint as? NWHostEndpoint else {         return .allow()     }       var bytes :Int32 = 0           if socketFlow.direction.rawValue == 1 {         // bytes = inBytes       }else {         //bytes = outBytes       }   }

Hi, I have Content Filter simple firewall app. I am dropping SSH connection as part my app as per my policy evaluation result and I am expecting my custom error type EACCES(permission denied) whenever user tries SSH But drop() is returning with EBADF (Bad file descriptor). Is it possible to return my custom error type as part of drop()? Below is sample code I have. override func handleNewFlow(_ flow: NEFilterFlow) -> NEFilterNewFlowVerdict { 		 DispatchQueue.global(qos: .default).async { 				 // errortype is EACCES for drop case and errorType is 0 for allow case  				userVerdict = errortype == 0 ? .allow() : .drop()  				self.resumeFlow(flow, with: userVerdict) 		 } 		 return .pause() }

I went through online but I haven't found way to convert variable type function handling. Can any one help to convert below C++ API to swift language: void netops_log(log_level level, const char *format, ...); void netops_log(log_level level, const char *format, ...) {   char msg[4096] = "";   va_list args;   va_start(args, format);   vsnprintf(msg, 4095, format, args);   LogMsg(level, msg);   va_end(args); } Here, LogMsg(log_level level, const void *msg) is C++ api in a library. Thanks.

I have an API with variable arguments in C++ library. I am trying to call this API from swift language. But I am facing with compilation errors as below. If I tried by removing variable arguments from the API then it is compiling. Please help to fix the error with variable arguments. API is void netops_log(enum log_level loglevel, const char *format, ...); Compilation errors: FilterDataProvider.swift:73:9: error: 'netops_log' is unavailable: Variadic function is unavailable     netops_log(LOGLEVEL_DEBUG, "Starting the filter... from NE")     ^~~~~~~~~~~~ __ObjC.netops_log:2:13: note: 'netops_log' has been explicitly marked unavailable here public func netops_log(_ loglevel: log_level, _ format: UnsafePointer<Int8>!, _ varargs: Any...)       ^

HI, I have a Content Filter Network extension program to filter the network data. I am using API in C&#92;&#43;&#92;&#43; library with bridge header for internal purpose. As part of the of C++ library API, I am trying to create new file But It is failed to open with "Operation not permitted" error. How to fix this. Please help me.

Hi, I am new to objective-c. I tried to run an app as part of my launchd application using openApplicationAtURL() API but I failed. I did R &amp;D also but I haven't found any example I have an app NetopsFilter.app and If I run this app with '--uninstallFilter' argument then it will deactivate the network extension. I tried from terminal and it is successfully deactivating the extension after entering the credentials in the popup. App path: /Applications/NetopsFilter.app argument: --uninstallFilter I tried as below but failed. Please help me to fix this. How can I pass arguments, necessary configuration settings to the API.   NSWorkspace *workspace = [NSWorkspace sharedWorkspace];   NSURL *url = [NSURL fileURLWithPath:[workspace fullPathForApplication:@"/Applications/NetopsFilter.app/Contents/MacOS/NetopsFilter"]];  NSArray *arguments = [NSArray arrayWithObjects:@"--uninstallFilter", nil];    [workspace openApplicationAtURL:url configuration:(NSWorkspaceOpenConfiguration *)arguments nil]; Thanks

Hi, I have an app and network extension. As part of app, I have couple of APIs to activate/deactivate/enable/disable the network extension and exits from the app. I can do these operations by providing the argument to the app and I able to perform all operations from the terminal. I have another C++ application, as part of this application i am handling activate/deactivate/enable/disable operations by invoking app with help of system() API. Here I able to activate/enable/disable the network extension but failed to deactivate the network extension and I am getting below error. Failed to authorize right 'com.apple.system-extensions.admin' by client '/Applications/NetopsFilter.app' [1298] for authorization created by '/Applications/NetopsFilter.app' [1298] (3,0) (-60007) (engine 106) error. Pls help to fix my issue.

HI, I have Simple Firewall Content filter example which available in online. This is working fine in both SIP enabled & disabled case If I have tried with Apple Developer. Also It is working if SIP is disabled & we do code sign by attaching provisional profile. But Also It is not working if SIP is enabled and code sign by attaching provisional profile. Is this problem with certificate or entitlement? What may be the problem? Please help. I am getting below errors default 15:42:19.757925+0530 sysextd request contains no authorizationref default 15:42:19.758070+0530 sysextd shouldMoveAppToTrash: file:///Applications/SimpleFirewall.app/ (requestor: /System/Library/CoreServices/Finder.app/Contents/MacOS/Finder) default 15:42:19.758588+0530 sysextd Realizing target path: file:///Applications/SimpleFirewall.app/Contents/Library/SystemExtensions/com.sample.simplefirewall.systemextension/ default 15:42:19.758832+0530 sysextd Bundle class: UncachedBundle default 15:42:19.769768+0530 sysextd shouldMoveAppToTrash: no extensions found, allowing delete default 15:42:56.485811+0530 sysextd attempting to realize extension with identifier com.sample.simplefirewall default 15:42:56.497551+0530 sysextd Realizing target path: file:///Applications/SimpleFirewall.app/Contents/Library/SystemExtensions/com.sample.simplefirewall.systemextension/ default 15:42:56.497812+0530 sysextd Bundle class: UncachedBundle default 15:42:56.517482+0530 sysextd staging extension with identifier com.sample.simplefirewall default 15:42:56.540700+0530 sysextd Making activation decision for extension with teamID teamID("BGLHCMSU7"), identifier com.sample.simplefirewall default 15:42:56.540740+0530 sysextd No extension policy -- activation decision is UserOption default 15:42:56.540766+0530 sysextd validating extension with identifier com.sample.simplefirewall default 15:42:56.554285+0530 sysextd MacOS error: 3 default 15:42:56.557821+0530 sysextd Error checking with notarization daemon: 3 error 15:42:56.559103+0530 sysextd bundle code signature is not valid - does not satisfy requirement: -67050 code failed to satisfy specified code requirement(s) default 15:42:56.559453+0530 sysextd extension failed to validate! uninstalling... default 15:42:56.559500+0530 sysextd uninstalling invalid extension com.sample.simplefirewall default 15:42:56.565893+0530 sysextd finished uninstalling extension com.sample.simplefirewall Following is my 'SimpleFDirewall' app entitlement <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict>     <key>com.apple.application-identifier</key>     <string>BGLHCMSU7.com.sample.simplefirewall</string>     <key>com.apple.developer.team-identifier</key>     <string>BGLHCMSU7</string>     <key>com.apple.developer.system-extension.install</key>     <true/>     <key>com.apple.security.app-sandbox</key>     <true/>     <key>com.apple.security.application-groups</key>     <array>         <string>BGLHCMSU7.com.sample.simplefirewall</string>     </array>     <key>com.apple.developer.networking.networkextension</key>     <array>         <string>content-filter-provider-systemextension</string>     </array> </dict> </plist> Following is my 'SimpleFirewallExtension' entitlement: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> <plist version="1.0"> <dict>     <key>com.apple.application-identifier</key>     <string>BGLHCMSU7.com.sample.simplefirewall</string>     <key>com.apple.developer.team-identifier</key>     <string>BGLHCMSU7</string>     <key>com.apple.security.app-sandbox</key>     <true/>     <key>com.apple.security.application-groups</key>     <array>         <string>BGLHCMSU7.com.sample.simplefirewall</string>     </array>     <key>com.apple.developer.networking.networkextension</key>     <array>         <string>content-filter-provider-systemextension</string>     </array> </dict> </plist>

HI, Simple Firewall Content Filter example is not prompting for 'Security Preferences' for permissions if I changed the code signing through script. If I have tried with Apple developer or If I have tried by attaching provisional profile in x-code for code signing, this is working fine. But It is not working if I have tried to provide code sign through a script at Build Phases in xcode. To make code sign from script, I have changed 'Code Sign Style' to Automatic from manual. I have verified code sign details using codesign -vvvv -d -r- <process name> command on both working & non-working SimpleFirewall processes. I have noticed difference in 'designated' tag and remaining tags are same for both. The difference is lack of one leaf node in non-working one as below. For Non-working one: designated => identifier "com.test.sample" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = ABCD1234XYZ For working one: $ designated => anchor apple generic and identifier "com.test.sample" and (certificate leaf[field.1.2.840.113635.100.6.1.9] /* exists */ or certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = ABCD1234XYZ) Code sign command in script: cp "<path>/MacDistribution_NetworkExtension.provisionprofile" "$TARGET_BUILD_DIR/$WRAPPER_NAME/Contents/embedded.provisionprofile" touch "$TARGET_BUILD_DIR/$WRAPPER_NAME" codesign -vfs "Developer ID Application: Sample Test, Inc. (ABCD1234XYZ)" --entitlements "<path>/SimpleFirewallExtension.entitlements" --timestamp "$TARGET_BUILD_DIR/$WRAPPER_NAME" Please help me to fix the issue.

Hi, I have took Content Filter Simple Firewall example from Apple site and modified as per my requirement and I able to compile & run with my developer id account. Here I had signing settings as below at Build Settings: Code Signing Identity -> Apple Developer Development Team -> <My Team ID> Provisional Profile -> Automatic Now I want to change the signing procedure with help of new provisional certificate without developer account. For this, We have created & downloaded provisional certificate and I have modified as below at Build Settings: Code Signing Identity -> Placed Empty value Development Team -> Placed Empty value Provisional Profile -> Automatic And we are running a script as below for code signing from Build Phases section. cp "$PROJECT_DIR/install/MacDistribution_NetworkExtension.provisionprofile" "$TARGET_BUILD_DIR/$WRAPPER_NAME/Contents/embedded.provisionprofile" touch "$TARGET_BUILD_DIR/$WRAPPER_NAME" codesign -vfs "Developer ID Application: Test, Inc. (ABCDEFGH)" --entitlements "$PROJECT_DIR/install/dgnetopsfilter.plist" --timestamp "$TARGET_BUILD_DIR/$WRAPPER_NAME" My application å extension is compiled But my app is not asking for permissions for registration and my network extension is not running. How to compile and run Content Filter Simple Firewall with provisional certificate? Please help me. I have a doubt, Is Code Signing with Apple Development mandatory to run Content Filters?

Hi, I am trying to send pid_t type value from swift language application to kernel space through IOKit by using C++ library. While I am printing 'pid_t' value in swift application it is showing proper value but it is not showing same value in C++ library function. I have declared variable with type pid_t in both swift application and c++ library. I tried same for other type variable like Int32 in swift and int in C&#92;&#43;&#92;&#43; library. Here values are showing properly. Is there any difference between swift and C++ for pid_t type?

I have a SimpleFirewall app in swift language and I have C&#92;&#43;&#92;&#43; library in my MacBook Pro. I have couple of APIs as part of C++ libraries. One of API is message logging API also. I have called APIs in library from my SimpleFirewall app and have linked C++ library to my SimpleFirewall app with help bridge header wrapper file. All are compiled well. After running my simplefirewall app, None of C++ library API (even file logging API also) haven't executed their functionality even though APIs are invoked from my simplefirewall swift program. What may be the possible reason? Please help me.

Hi, I have one c&#92;&#43;&#92;&#43; library in Macbook Pro. I am trying to call one of the API of c&#92;&#43;&#92;&#43; lib in my swift file using Bridge-Header. I have included header & library path and included my c++ library. I have fixed all compilation errors and but facing with below linking errors. How to link C&#92;&#43;&#92;&#43; library to swift program language? Please help me. Undefined symbols for architecture x86_64:  "std::terminate()", referenced from:    ___clang_call_terminate in libNetopsFilterLib.dylib(NetopsControl.o)  "operator delete(void*)", referenced from:    _NetopsFilterCommsInit in libNetopsFilterLib.dylib(NetopsFilterInterface.o)    _NetopsFilterCommsExit in libNetopsFilterLib.dylib(NetopsFilterInterface.o)    NetopsControl::NetopsControl() in libNetopsFilterLib.dylib(NetopsControl.o)  "operator new(unsigned long)", referenced from:    _NetopsFilterCommsInit in libNetopsFilterLib.dylib(NetopsFilterInterface.o)    NetopsControl::NetopsControl() in libNetopsFilterLib.dylib(NetopsControl.o)  "___cxa_begin_catch", referenced from:    ___clang_call_terminate in libNetopsFilterLib.dylib(NetopsControl.o)  "___gxx_personality_v0", referenced from:    _NetopsFilterCommsInit in libNetopsFilterLib.dylib(NetopsFilterInterface.o)    Dwarf Exception Unwind Info (__eh_frame) in libNetopsFilterLib.dylib(NetopsFilterInterface.o)    NetopsControl::NetopsControl() in libNetopsFilterLib.dylib(NetopsControl.o)    NetopsControl::~NetopsControl() in libNetopsFilterLib.dylib(NetopsControl.o)    Dwarf Exception Unwind Info (__eh_frame) in libNetopsFilterLib.dylib(NetopsControl.o) ld: symbol(s) not found for architecture x86_64 clang: error: linker command failed with exit code 1 (use -v to see invocation)