Dumb question about pf

pf is not considered a developer API on macOS, so DTS doesn’t maintain expertise in it. Someone else might chime in here, but if you not then I recommend you ask over in Apple Support Communities, run by Apple Support.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

I asked here because we want to block a single udp port while our app is running, which means making a packet filter extension seems overkill. But I'm thinking that we may not have a lot of choice.

Folks do base products on pf but my experience is that it ends badly. The issue is that there’s no documented way to arbitrate the pf rule set between system functionality and third-party products, so changes in the system can and do break these products regularly.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Ok, back to adding a second network extension I guess. (First one being a Transparent Proxy Provider, as oft mentioned. I know I can in fact put a packet filter into the same executable [although I have no idea if that's supported], but the management got annoyingly complicated.)