Post

Replies

Boosts

Views

Activity

Reply to NEAppProxyProvider with dynamic rules
No problem. In that case you could try the approach of: Return YES from handleNewFlow: and then immediately call closeReadWithError: and closeWriteWithError: on the flow. Thanks much Matt, it worked on Catalina (macOS 10.15.7). Having inherent issue on BigSur(macOS 11) with NETransparentProxyProvider and so couldn't try it on BigSur, will open DTS for this.
May ’21
Reply to NEAppProxyProvider with dynamic rules
Thanks Matt, Use NEAppProxyProvider instead of NETransparentProxyProvider. Couldn't get above completely, NETransparentProxyProvider extends NEAppProxyProvider and NETransparentProxyProvider available in macOS 11.0 (BigSur). We have extended NETransparentProxyManager in our TransparentProxy, and receiving flow at handleNewFlow:
May ’21
Reply to NEAppProxyProvider with dynamic rules
Hi Matt, So the workflow could be to filter on all traffic, decide if the application is coming from an app you want to filter and return true to handle the filter. Return false to let the flow traverse the system as normal. As mentioned in the above, in NETransparentProxyProvider, Returning NO from handleNewFlow: lets the flow traverse the system as normal, but we have a requirement where we want to stop flow traversing the system as normal in this case (achieving something similar to "Connection Refused" in NEAppProxyProvider). Any suggestions or workarounds will be very helpful here. Thanks
Apr ’21
Reply to Packet tunnel provider on macOS vs Apple Configurator 2
Hi Mike.ly/Quinn, We are also facing the second issue where authorisation or security dialog is getting prompted while our AppProxyProvider using the configured client certificate with IdentityReference - https://developer.apple.com/documentation/networkextension/nevpnprotocol/1406609-identityreference, please let us know if there is any workaround with config or code changes to solve this issue. Below log messages are seen in console during the issue 19:41:19.378021+0530 securityd no tag given; looking for all ACL entries debug 19:41:19.383491+0530 securityd Bundle: private, key: -2147411889, value: -2147411889, table: SecDebugErrorMessages, localizationName: (null), result: CSSMERR_CL_UNKNOWN_TAG info 19:41:19.383609+0530 securityd displaying keychain prompt for /Applications/Tunnel.app/Contents/PlugIns/AppProxyProvider.appex Thanks
Apr ’21