User Profile

Posts

Posts

Post marked as solved
5 Replies
800 Views

NEFilterDataProvider - how to get socket's interface

I'm implementing NEFIlterDataProvider where I would like to drop sockets that will be bound to specific interface, but I can't find interface parameter anywhere. Is that even possible to do? I tried to do the same thing with NEFilterPacketProvider, which provides interface information in packetHandler callback, but callback always provides physical interface (en0) even though I'm connected to VPN and should provide virtual interface. Can you give me a hint how could I drop packets or sockets bound to specific network interface?
Posted
by Galactico.
Last updated
.
Post not yet marked as solved
7 Replies
2.7k Views

Get socket's file descriptor in NEFilterDataProvider callbacks

Few years ago I developed kext with socket filter which I used to implement firewall and split tunneling. Since kext will be banned from macOS 10.16, I'm trying to use SystemExtension and NEFilterDataProvider to replace the kext. I managed to implement firewall using NEFilterDataProvider, but not split tunneling. Is there a way in which I can get socket's file descriptor in handleNewFlow, handleInboundData, handleOutboundData callbacks? I need it to bind sockets to specific network interface in order to implement split tunneling. I noticed that descriptor can be retrieved from NEPacketTunnelFlow:packetFlow.value(forKeyPath: "socket.fileDescriptor") as? Int32,but that doesn't work with NEFilterSocketFlow.
Posted
by Galactico.
Last updated
.