Problem with sending UDP and TCP packets from NE Filter Control Provider after upgrading to iOS 13

Hello there.

So we have our application using Control Provider sending small data packets using UDP or HTTP depending on client configuration. Our Control Provider uses BSD socket API to send UDP packets and URLSession to send HTTP requests.

The App was working fine on iOS 12, but after upgrading to iOS/iPadOS 13 our Control Provider stopped sending UDP packets completely (while BSD sendto() returns correct nuber of bytes sent which matches the size of original payload) and for HTTP we can see only socket init packets, SYN - SYN/ACK – ACK, but no PUSH, so no data transfer. We tried to capture packets on both sides – on server side and on remote virtual interfave (rvi0) on iPad. We see same bahaviour on a few iPads in our lab.

Any ideas to what we are missing or what has changed since iOS 12?


Regards.

Up vote post of macduck Down vote post of macduck
1.2k views
Posted by
macduck
Reply
Add a Comment

Replies

It’s hard to say what’s going on here. Just for the sake of testing, try issuing an 

NSURLSession
request to a known good server from your control provider. Does it go through?

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment

I tried URLSession, to my local network server – SYN-SYN/ACK-ACK, but no PUSH from client side. Just tried www.apple.com, same here.

Posted by
macduck
Up vote reply of macduck Down vote reply of macduck
Add a Comment

Ok,what I just found is that there is no problem with sending udp or tcp traffic from handleNewFlow(:), but only if we intercept NEFilterBrowserFlow only, using MDM configuration. So if I turn Socket Traffic interception off in MDM,sendind traffic from handleNewFlow starts working. Now I just tried to filter out socket flow inside handleNewFlow (while both Socket and Browser traffic was to be intercepted from MDM configuration) and send data on Web flow only but it doesn't work, so Socket flow needs to be turn off on MDM...


if let thisSocketFlow : NEFilterSocketFlow = flow as? NEFilterSocketFlow

{

controlVerdict = NEFilterControlVerdict.allow(withUpdateRules: false)

completionHandler(controlVerdict)

return

}

else {

... Sending UDP or HTTP data doesn't work here...

}


What is going on there?

Posted by
macduck
Up vote reply of macduck Down vote reply of macduck
Add a Comment

So if I turn Socket Traffic interception off in MDM, sending traffic from 

handleNewFlow
starts working.

That sounds like a bug to me, especially as this was working on iOS 12. Please file it as such, then post your bug number here, just for the record.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
Posted by
eskimo
Up vote reply of eskimo Down vote reply of eskimo
Add a Comment