HI,
I would like to capture all the DNS requests in my Transparent App Proxy on macOS 10.15.4.
First I tried different combinations but no luck:
1 NENetworkRule *includeRule3 = [[NENetworkRule alloc] initWithDestinationNetwork:[NWHostEndpoint endpointWithHostname:@"" port:@"53"] prefix: 0 protocol:NENetworkRuleProtocolAny];
It captures all TCP/UDP traffic along with DNS
2. NENetworkRule *includeRule = [[NENetworkRule alloc] initWithDestinationNetwork:[NWHostEndpoint endpointWithHostname:@"0.0.0.0" port:@"53"] prefix: 0 protocol:NENetworkRuleProtocolAny];
It does not capture anything.
3. NENetworkRule *includeRule = [[NENetworkRule alloc] initWithDestinationHost:[NWHostEndpoint endpointWithHostname:@"" port:@"53"] protocol:NENetworkRuleProtocolAny];
It also captures all TCP/UDP traffic along with DNS
4. I setup DNS resolver:
NSString *dnsServerIP = @"10.0.0.10";
NSArray<NSString *> *dnsServerList = [NSArray arrayWithObjects: dnsServerIP, nil];
NEDNSSettings *dnsSettings = [[NEDNSSettings alloc] initWithServers: dnsServerList];
NSString* TLD1 = @"com";
NSString* TLD2 = @"in";
NSArray<NSString *> *dnsMatchDomainList = [NSArray arrayWithObjects: TLD1, TLD2, nil];
dnsSettings.matchDomains = dnsMatchDomainList;
dnsSettings.domainName = @"gp.com";
settings.DNSSettings = dnsSettings;
I also setup Filter rule to capture DNS server IP address "10.0.0.10".
NENetworkRule *includeRule = [[NENetworkRule alloc] initWithDestinationNetwork:[NWHostEndpoint endpointWithHostname:@"10.0.0.10" port:@"53"] prefix: 8 protocol:NENetworkRuleProtocolAny];
No DNS request is captured.
scutil --dns shows DNS resolver:
DNS configuration (for service-specific queries)
resolver #1
nameserver[0] : fe80::1
nameserver[1] : 10.0.0.10
service_identifier : 1
flags : Service-specific, Supplemental, Request A records, Request AAAA records
Still DNS request is not received to Transparent App Proxy.
Could you please help to get the right way to receive all the DNS requests to my Transparent App Proxy?
Regards,
Anand Choubey