Hello
In past days we have done many tests on a product based on the SimpleFirewall example. The objective is simple, grab a new flow, perform some analysis on the data content and then emit a verdict based on that analysis. To achieve this our app implements FilterDataProvider and does the following steep:
-
handleNewFlow -> if the data available in NEFilterFlow does not satisfy the requirements to perform the analysis, we ask for more data through FilterNewFlowVerdict.init(passBytes: passBytesCount, peekBytes: Int.max)) otherwise we return the result of the analysis, either .allow or .deny.
-
handleInboundData and handleOutboundData, both are called with the available data and only if we previously (handleNewFlow) requested more data. We pause the flow and perform the analysis in an async queue, only then we return the verdict.
-
handleInboundDataComplete and handleOutboundDataComplete. We use these two implementations to fulfil the FilterDataProvider.
These process works very well so far and from the tests performed, we noticed that our implementation is not aware of any changes in the connection status, for example if one of the end-point closes (abruptly or not). Our questions are:
-
It is possible for FilterDataProvider to handle of these types of close?
-
If is not possible, can you point out any other way to properly handle this?
Thanks in advance
carlos M