@DTS Engineer, I tried this on the macOS 15.1 RC build, and it works fine for me. Thanks, will wait for 15.1 public release.

Yes, we are using a transparent app proxy provider to capture L4 traffic, but while the transparent app proxy is connected, the messaging app is not working on macOS 15.0.1. It works fine on macOS 15 and earlier. Some users have reported the same issue with other VPN providers as well here, https://discussions.apple.com/thread/255802764?sortBy=rank

Thanks for the reply. We have tried the suggestion but are still seeing the error. Attached are the config file (please remove the .txt format after downloading the config) and the screenshot. ApplicationProxy.VPN.mobileconfig.txt

In my case, the WIFI (en0) interfaces is active. and ideally, dns query should reach to en0. Below is the API call. DNSServiceQueryRecord(sdRef kDNSServiceFlagsReturnIntermediates | kDNSServiceFlagsTimeout, kDNSServiceInterfaceIndexAny, query, rrtype, rrclass, dns_callback, context); We validated via Wireshark, but packets are not reaching to any interface."

What interface is it failing to query? When we provided "kDNSServiceInterfaceIndexAny," it did not reach any of the interfaces.

@eskimo, Yes, it is a VPN product, and we are creating a utun interface to route all DNS traffic. There we observed NIMLOC dns query for sonoma.

@eskimo: Yes, we have created this using socket(AF_SYSTEM, SOCK_DGRAM, SYSPROTO_CONTROL));

@eskimo, I tried, but I'm not getting any flow. NENetworkRule *traffic = [[NENetworkRule alloc] initWithRemoteNetwork:nil remotePrefix:0 localNetwork:nil localPrefix:0 protocol:NENetworkRuleProtocolTCP direction:NETrafficDirectionInbound];

@eskimo, Any suggestion on this?

Hi @eskimo, Sorry for the confusion; I was referring specifically to the flow. I attempted the settings below in order to receive incoming flow. NENetworkRule *dnsInboundTraffic = [[NENetworkRule alloc] initWithRemoteNetwork:nil remotePrefix:0 localNetwork:[NWHostEndpoint endpointWithHostname:@"0.0.0.0" port:@"12345"] localPrefix:0 protocol:NENetworkRuleProtocolTCP direction:NETrafficDirectionInbound]; settings.includedNetworkRules = @[dnsInboundTraffic]; But I'm not receiving incoming flow; it is functioning correctly for outgoing flow. Please correct me if I'm doing anything wrong while creating the NENetworkRule.

Hi @eskimo, We have tried the code provided above and we have observed outgoing packets on port 12345, but there are no incoming packets. NSArray<NENetworkRule *> *includedNetworks = @[ @[@"0.0.0.0", @0], @[@"::", @0] ]; NSMutableArray<NENetworkRule *> *networkRules = [NSMutableArray array]; for (NSArray *network in includedNetworks) { NSString *addr = network[0]; NSNumber *prefix = network[1]; NWHostEndpoint *endpoint = [NWHostEndpoint endpointWithHostname:addr port:@"12345"]; NENetworkRule *networkRule = [[NENetworkRule alloc] initWithDestinationNetwork:endpoint prefix:prefix.intValue protocol:NENetworkRuleProtocolTCP]; [networkRules addObject:networkRule]; } settings.includedNetworkRules = networkRules;

Hi @eskimo, We attempted to capture all TCP/UDP traffic using NETrafficDirectionInbound or NETrafficDirectionAny, but we did not receive any data in handleNewUDPFlow(...) or handleNewFlow(...)

Hi @eskimo, We tried acquiring whole UDP/TCP traffic with NETrafficDirectionInbound but we are not getting anything in handleNewUDPFlow or handleNewFlow Also, we have tried to set NETrafficDirectionAny but nothing is coming in handleNewUDPFlow or handleNewFlow Could u pls suggest?

@meaton, thanks for the reply, Is there a way to remove DNS cache? I tried sudo killall -HUP mDNSResponder, but it only removed the system DNS cache. There is also the browser cache (Chrome) that remains unaffected, and it will persist until its TTL expires. When we switch off the WIFI and then enable it again, all DNS caches, including the browser cache (Chrome), are cleared. Is there anything else we can try to remove the DNS cache?

@meaton: Could u pls suggest here?