NEFilterDataProvider's NENetworkRule not working for netcat(nc)

Hi, I have applied below rule

let filterRules = ["0.0.0.0", "::"].map { address -> NEFilterRule in
      let localNetwork = NWHostEndpoint(hostname: address, port: "0")
      let networkRule = NENetworkRule(remoteNetwork: nil,
                          remotePrefix: 0,
                          localNetwork: localNetwork,
                          localPrefix: 0,
                          protocol: .TCP,
                          direction: .any)
      return NEFilterRule(networkRule: networkRule, action: .filterData)
    }

I have written below code in method: override func handleInboundData

if remoteEndpoint.hostname == "10.207.135.79" {
        os_log(.debug, log: self.log, "dropping for 10.207.135.79.");
        return .drop()
}

From device 10.207.135.79 i am trying to send TCP as below:

1. ssh userName@10.213.175.1

It is getting drop as expected. kex_exchange_identification: Connection closed by remote host

2. Send via netcat(nc) nc 10.213.175.1 8888

During netcat, it's not getting drop.

3. Send via curl(nc) curl 10.213.175.1:8888 During curl, it's not getting drop.

10.213.175.1 is IP where system extension filter provider running.

is this expected behaviour?