Hi there, In order to get the remote tcp port from a NEAppProxyTCPFlow, what I did is: (NEAppProxyTCPFlow as! NWHostEndpoint).port But I do not think that is a good way of achieving it. Is there any proper way for it? And I believe the ip address can be fetched by: NEAppProxyTCPFlow.remoteHostName Is that right? Thanks in advance for any suggestion.

Hi there, I am using AppProxyProvider and it can capture packets as I defined. But when I try to exclude traffics with excludedNetworkRules, but it seems does not work. Below is my code for setting things up. I capture all 443 port traffic for includedNetworkRules and exclude facebook.com for excludedNetworkRules. But facebook.com:443 traffic is still captured. private func includeRules() - [NENetworkRule] { // Web mode let hosts = [("0.0.0.0", "443")] var rules: [NENetworkRule] = [] for host in hosts { let ep = NWHostEndpoint(hostname: host.0, port: host.1) let rule = NENetworkRule.init(remoteNetwork: ep, remotePrefix: 0, localNetwork: nil, localPrefix: 0, protocol: .any, direction: .outbound) rules.append(rule) } return rules } private func excludeRules() - [NENetworkRule] { let hosts = [("facebook.com", "443")] var rules: [NENetworkRule] = [] for host in hosts { let ep = NWHostEndpoint(hostname: host.0, port: host.1) let rule = NENetworkRule.init(remoteNetwork: ep, remotePrefix: 0, localNetwork: nil, localPrefix: 0, protocol: .any, direction: .outbound) rules.append(rule) } return rules } ... settings.includedNetworkRules = includeRules() settings.excludedNetworkRules = excludeRules() If I replace like below in excludeRules() by replacing facebook.com domain name with its ip address, then all 443 port traffics is not captured at all. let hosts = [("157.240.8.35", "443")] Am I doing anything wrong? Thanks in advance for any suggestion.

Hi there, I am using AppProxyProvider. While doing some speed test, via some web sites, it raised some error like below and the appproxy restart itself. "app receive buffer is full, queueing *** bytes" "failed to write a message: no buffer space available" Good thing is that no crash happens. Wonder what is going on with the TCPFlow: no fast enough to handle incoming data? Any way to avoid that? Thanks in advance for any suggestion.

Hi there, Currently I am able to use the app proxy with NENetworkRule setup with separate port. Is it possible to setup the rule with a range of port without the need list one port after the other? Thanks in advance for any suggestion.

Hi there, When I check the SSLContext class, it says  most of the api deprecated: 10.15, use Network.framework instead. Do you have any suggest on the example code of using this new tls implementation with Network.framework? Thanks and regards

Hi there, I am using AppProxyProvider that generates a app proxy. It captures tcp, udp flows and connect to remote endpoints by createTCPConnection() createUDPSession(). In most cases it just works well. There is one thing quite annoying: while browsing with a web browser, sometimes the app proxy can restart itself, seems related to some connection that broken. Is there any suggestion to avoid such app proxy reconnect itself even if any underlying connection is broken? Thanks in advance.

Hi there, I am developing a software with Network Extension and it is half way through. One of the requirement is to fetch back local tcp port from a tcp flow that connect to remote endpoint by createTCPConnection(). I can get the local tcp port with connection.localAddress after the the connection is connected. But that is a bit late. If it is possible to get it from createTCPConnection, that will be perfect. But seen from the document, createTCPConnection has only remoteEndpoint, no localEndpoint. Thanks in advance if any suggestion.

Solved