/Hi
My query is specific to multiple NEAppProxyProvider and NEDNSProxyProvider providers on macOS platform.
If multiple NEAppProxyProvider/NEDNSProxyProvider(s) are on the machine and all are active at the same time. Which provider will receive the TCP/UDP segment first? which is instantiated first or instantiated last?
Regards,
Anand Choubey
This is probably less to do with instantiation order and more to do with how each Network Extension is configured on your system. Consider the following case; you setup AppProxyProvider with a NENetworkRule to proxy all TCP traffic. Next, you setup your DNSProxyProvider to handle all DNS flows and your DNS flows just happen to be running over UDP, which is a common case. So in this example you will most likely see the DNS traffic pass through the DNSProxyProvider because it's UDP based and the DNS traffic is not going through your AppProxyProvider because it's setup to proxy TCP. Long story short, this will be something you have to test yourself based on your configuration.
Matt Eaton
DTS Engineering, CoreOS
meaton3 at apple.com
Thanks, meaton!
I developed two App Proxy Extensions with the Same rules. It shows whichever instantiate later, receives the Flow. I would like to confirm it.
Is there any command which can show me all the Network rule set by different Extensions on the macOS system? It will help us to debug the interoperability issues in the field?
Regards,
Anand Choubey
No problem. You asked:
| Is there any command which can show me all the Network rule set by different Extensions
| on the macOS system?
Not sure this will get you exactly what you need, but you could take a look at the network configurations with scutil:
# VPN related details:
$ scutil --nc help
# Show network information
$ scutil --nwi
# Show DNS configuration.
$ scutil --dns
# Show "proxy" configuration.
$ scutil --proxyMatt Eaton
DTS Engineering, CoreOS
meaton3 at apple.com