Hey guys,
I am currently working on a network content filter app for iOS and have a few questions when it comes to using features from the network extension.
I am a bit confused because this blog post
https://www.x2mobile.net/blog/implementing-a-network-filter-on-an-ios-device
mentions that when using the network extension you must supervise the apple device and create configuration profiles for the device. But when checking the example project provided by apple Apple Developer Documentation I see that they don’t mention these things. Why is this functionality only available for supervised iOS devices? Would every user who installs this app later on would need a configuration profile or am I completely wrong? Would be nice if you can tell me if that is necessary in my case.
The same question can be formed differently. What do I have to adjust when using the example project from apple as a template for my iOS app?
When it comes to storing rules I thought of adding them into a json file just for the beginning. Afterwards I thought of storing them into a database using Core Data since I want the user to also add custom rules to the filter. Since you also talk about the FilterControlProvider, I see in the documentation that the class FilterControlProvider is responsible for writing and reason information to disk. Would this class be responsible for fetching the rules from my database ?
Thankful for any help
But when checking the example project provided by apple Apple Developer Documentation I see that they don’t mention these things.
The sample you are referencing for SimpleFirewall is a macOS Network System Extension and does not need to be run on a supervised device, although it can if needed. Network System Extensions are different than Network Extensions that run on iOS. On iOS a NEFilterDataProvider that is run in a Network Extension does need to be run on a supervised device. Please see the documentation on this at the bottom of the overview section here.
Now, the one exception to this rule is when using the Screen Time and Family Controls APIs, as these APIs can be submitted to the iOS App Store. To use the Screen Time and Family Controls entitlements in Development you do not need to have any special entitlements. For distribution of the Family Controls APIs, you will need to get this approved by applying for the entitlement here.
Regarding:
When it comes to storing rules I thought of adding them into a json file just for the beginning. Afterwards I thought of storing them into a database using Core Data since I want the user to also add custom rules to the filter.
For storing rules, I have seen both of the following techniques implemented above. Keep in mind that there are memory limits to an iOS Network Extension, and so if your rule set gets tool large it may need to be store offsite also.
Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com