Post

Replies

Boosts

Views

Activity

Reply to Can't create outbound TCP connection from NEFilterDataProvider
Comments aren’t designed for creating long replies; it’s better to just put your reply in the badly named Your Answer box [1]. I guess I should have figured that out from other forum postings. (Still pine for the simpler lists.apple.com days of yore.) Glad to know I'm not the only one misled by the “Your Answer” heading though. :) The docs do explain the philosophy behind this. Consider this quote from the top-level Content Filter Providers page: I had read that overview in the past, but had forgotten the caveats once I'd moved on to the API documentation and appeared to be getting somewhere. That does seem adequately explicit. Note that this only applies to iOS. The filter provider story on macOS is less restrictive. Alas, we haven’t updated the docs to cover that development. In fact we've already deployed such an implementation on MacOS, with the System Extension EndpointSecurity entitlement, to much success. I was hoping a similar approach could be used on iOS. There is no similar entitlement available to elevate the sandbox privileges, I suppose? Would a Packet Tunnel Provider be a reasonable alternative approach?
Apr ’22