I created a NEAppProxyProvider
with the following rule:
let settings = NETransparentProxyNetworkSettings(tunnelRemoteAddress: "127.0.0.1")
settings.includedNetworkRules = [
NENetworkRule(destinationHost: NWHostEndpoint(hostname: "example.com", port: "443"), protocol: .TCP)
]
According to the documentation this should match all TCP port 443 traffic to hosts in the "example.com" domain.
But when I test this rule with a client app, I get a "No route to host error" and the handleNewFlow
method is not called:
curl https://example.com -v
* Trying 93.184.216.34:443...
* Immediate connect fail for 93.184.216.34: No route to host
* Closing connection 0
curl: (7) Couldn't connect to server
If I use a network rule with a destination network then it works as expected:
settings.includedNetworkRules = [
NENetworkRule(destinationNetwork: NWHostEndpoint(hostname: "93.184.216.34", port: "443"), prefix: 32, protocol: .TCP)
]
Any idea what might be wrong with my domain based rule?