On the [documentation page](Implement a completely custom DNS proxying protocol) it says
For example, a DNS proxy provider might: Implement a completely custom DNS proxying protocol
I would like to add some filtering logic to the NEDNSProxyProvider
(for example, return nxdomain if the flow is not passing the filtering process). Is it possible to implement with NEDNSProxyProvider
? It also says that
func handleNewFlow(_ flow: NEAppProxyFlow) -> Bool
from NEDNSProxyProvider
returns a Boolean
value set to true if the proxy implementation decides to handle the flow, or false if it instead decides to terminate the flow link. Does it mean that the filtering logic could be added here by just returning false for the flows that are not matching the rules?
Because I first tried to handle UDP flows like this in handleNewFlow(_ flow: NEAppProxyUDPFlow)
function and form my own packets in connection.transferData
, by first passing empty Data object and then by setting RCODE to 3, which is supposedly a nxdomain response code. However, both implementations didn't work: even though I was getting logs about handling failure, the flow was still able to go through.
try await flow.open(withLocalEndpoint: flow.localEndpoint as? NWHostEndpoint)
let datagrams = try await flow.readDatagrams()
let results = try await datagrams.parallelMap {
let connection = try DatagramConnection($0)
return try await connection.transferData()
}
try await flow.writeDatagrams(results)
flow.closeReadWithError(nil)
flow.closeWriteWithError(nil)
I am new to NEDNSProxyProvider
and my networking knowledge is on a pretty basic level, so I would be very grateful to hear any suggestions. Thank you!