Post

Replies

Boosts

Views

Activity

Reply to How to get inBytes & outBytes as part of Content Filter simple firewall extension
I got some help on NEFilterReport from https://developer.apple.com/forums/thread/665784?answerId=645327022#645327022. Looks like, able to get in & out Bytes after allowing/dropping the connection. I want to get this data before allowing/dropping the connection, So that I can send in & out bytes to my custom API to evaluate the rule & to prepare the report and then decide allow/drop. So, Is it possible to get the in & out Bytes data before allow/drop the connection? Thanks.
Dec ’20
Reply to How to get inBytes & outBytes as part of Content Filter simple firewall extension
Looks like https://developer.apple.com/documentation/networkextension/nefilterreport gives read & write Bytes. But how to use this to get bytesInboundCount & bytesOutboundCount? Please help.   override func handleNewFlow(_ flow: NEFilterFlow) -> NEFilterNewFlowVerdict {		 		guard let socketFlow = flow as? NEFilterSocketFlow,       				let remoteEndpoint = socketFlow.remoteEndpoint as? NWHostEndpoint,      			  let localEndpoint = socketFlow.localEndpoint as? NWHostEndpoint else { return .allow()     		} 		DispatchQueue.global(qos: .default).async {				  				     		var bytes :Int32 = 0          				if socketFlow.direction.rawValue == 1 {         						// bytes = inBytes       				}else {         						//bytes = outBytes       				} 				 				let userVerdict: NEFilterNewFlowVerdict 				var error = customAPIToDecideAllowOrDrop() 				userVerdict = error == 0 ? .allow() : .drop() 				 				self.resumeFlow(flow, with: userVerdict)		 		}		 		return .pause() }
Dec ’20
Reply to Please convert variable type C++ function to swift language
Thanks for quick response. I got '@' as output with %@. I. have tried with first approach also as below. But the result is same. I am getting properly value in console if did with os_log() void vnetops_log(log_level level, const char *format, va_list args) {		 		char msg[4096] = "";		 		vsnprintf(msg, 4095, format, args);	 		LogMsg(level, msg); } func netopsLog(level: log_level, format: String, _ args: CVarArg...) {		 		withVaList(args) {vaList in				 											vnetops_log(level, format, vaList)		} } Is there any thing wrong with withVaList() or Is there any problem with way of calling netopsLog() with args?
Nov ’20
Reply to Please convert variable type C++ function to swift language
Sorry improper inputs. It does compile and no runtime error, but shows unexpected result int LogMsg(int severity, const void *data); is the C++ library API, which dumps log to my custom file. Here, int severity indicates severity which decides based on enum log_level and const void *data indicates message. enum log_level looks like as below: enum log_level{   LOGLEVEL_NONE = 0,   LOGLEVEL_ERROR,   LOGLEVEL_WARNING,   LOGLEVEL_INFO, 	LOGLEVEL_DEBUG }; When I am calling like netops_log(level: LOGLEVEL_DEBUG, format: "Hi, I am in Main") in my swift, this message showing properly in the log. But when am calling like netops_log(level: LOGLEVEL_DEBUG, format: "Hi, I am in Main : %s", stringValue) in my swift then I am getting some garbage value for 'stringValue' in the log. So I am missed any thing? my netops_log API in swift: func netops_log(level: log_level, format: String, _ args: CVarArg...) {						 LogMsg(level, String(format: format, arguments: args)) }
Nov ’20
Reply to Please convert variable type C++ function to swift language
Thanks for reply. I am trying use your second suggestion by calling C++ API LogMsg() from swift as below. It is working if I send only string without any arguments. But it is not working if I have variable args. So I want to convert String(format: format, arguments: args) in to void* type. But I am failing. Is there any way to convert String(format: format, arguments: args) in void pointer type before passing to LogMsg() func netops_log(level: log_level, format: String, _ args: CVarArg...) {		 				 LogMsg(level, String(format: format, arguments: args)) } LogMsg() declaration is as below in C++ lib: int LogMsg(int severity, const void *data);
Nov ’20
Reply to Failed to run the app using openApplicationAtURL()
Thanks for reply. My application is managing with launchd daemon and I am trying to deactivate the network extension as part of my application. If you have a launchd daemon than you can’t reliably sublaunch GUI apps from it. That’s because the daemon is running in a global context and apps need to run it a specific GUI login context.  Is there any other way to deactivate/uninstall the network extension if SIP is enabled? I haven't found any other way to deactivate/uninstall network extension without using GUI? Is there any other way remove the my NetopsFilter app using Finder.app (from terminal or as part of script) so that it automatically uninstalls the extension? This is like removing app manually from Finder. One more doubt, If I manage my environment with MDM tool, Is it possible with launchd daemon to deactivate the network extension? Thanks.
Nov ’20
Reply to Failed to run the app using openApplicationAtURL()
I am working with content filter network extension. Whenever my app receives "--uninstallFilter" argument internally we have functionality to deactivate the extension. So I want to run "/Applications/NetopsFilter.app/Contents/MacOS/NetopsFilter --uninstallFilter" as part my application to deactivate the extension. I am trying to use openApplicationAtURL() API to invoke the app with "--uninstallFilter" argument. But I haven't found much information on this usage to pass arguments & configuration to run the app using openApplicationAtURL(). Please help me to run the app like "/Applications/NetopsFilter.app/Contents/MacOS/NetopsFilter --uninstallFilter" from my objective-c application.
Nov ’20
Reply to SimpleFirewall Content Filter is not working if SIP is enabled & code sign with provisional profile
I have tried with two different bundle identifiers for container and extension. But still I am facing with same issue. My Container bundler Id: com.sample.simplefirewall My Extension bundle id: com.sample.simplefirewall.networkextension I have notices couple of messages in console. Please clarify them. When I copy app to /Applications and run for first time, I have noticed below msg. Is there any relation with code sign with this? Even I have tried by removing from entitlement. But still facing with code signing issue. My group value is BGLHCMSU7.com.sample.simplefirewall com.digitalguardian.dgnetopsfilter: Unsatisfied entitlements: com.sample.simplefirewall My NEMachServiceName value is BGLHCMSU7.com.sample.simplefirewall.networkextension. Is there any relation between code signing issue and this value? I have noticed Error checking with notarization daemon: 3 error in console. Is notarization mandatory to run app? I able to run app by disabling SIP(with developer id/proviosnal cert) but failed to run with SIP enabled & by attaching provisional certificate only. This is blocker for me. Please provide inputs ASAP.
Oct ’20
Reply to SimpleFirewall Content Filter is not working if SIP is enabled & code sign with provisional profile
Thanks for your response. This may be due to the container app's identifier being put on both, but it does worry me when the log says: You mean, the policy issue is due to having same bundle identifier for both container & extension? From here I would make sure the entitlements from the signed binary match the entitlements from the provisioning profile. So, No issues with entitlements & provisioning profile. correct? After that, run the signed binary on a fresh VM with SIP enabled to see if you come up with anything different here. I have tried on fresh VM with same bundle ids for both container & extension by enabling SIP and result is same as previous. One more thing, we should have two different provisional profiles for both container & extensions as Bundle Ids are different. Correct? Thanks.
Oct ’20