Ignore a domain with NEDNSProxyProvider

App & System Services Core OS
telo42 OP
Created Oct ’20
Replies 3
Boosts 0
Views 742
Participants 2
Hi,
I'm writing DNS proxy extension for supervised device.

When
Code Block 
func handleNewFlow(_ flow: NEAppProxyFlow) -> Bool {

is called, I make a DNS request on my server (https://example.com/dns/)

But my DNS server is a domain not an IP, and iOS try to resolve example.com with my DNS proxy whereas it should resolve it with system dns.

Is it possible to ignore this domain name with NEDNSProxyProvider?

Regards.
Replies  3
Boosts  0
Views  742
Participants  2
Systems Engineer OP
Apple
Oct ’20
If your provider receives the flow you will need to proxy the flow somewhere, whether that be to your server or another location. If you do not wish to do this you can return false but the flow will be terminated. There is not a standard mechanism to exclude or include routes like there is with a Packet Tunnel provider. I would open an enhancement request for this.


Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com
1
telo42 OP
Oct ’20
Hi,

Thanks for your answer.

I have a last question,
Is it mandatory to use an IP for the DNS server (no domain name possible)?

Regards.
0
Systems Engineer OP
Apple
Oct ’20
Looking at some logs I captured for NEDNSProxyProvider, they are all IP based, which does make sense. You can look at the NEFlowMetaData, if it's available on the flow, to see if you are able to see which app your flow is coming from to further detect what URL the IP is associated with if this helps at all. Otherwise it will continue to be an enhancement request for the URL on the flows

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com
0
Ignore a domain with NEDNSProxyProvider
First post date Last post date
 
 
Q