NEFilterPacketProvider severely reduces bandwidth

App & System Services Networking
Anonymous999 OP
Created Nov ’23
Replies 1
Boosts 0
Views 278
Participants 3

Hello everyone,

I'm currently developing a firewall using a network extension that employs two methods: NEFilterDataProvider, which specifically filters UDP and TCP connections, and NEFilterPacketProvider, designed to filter all packets. However, I've noticed that utilizing NEFilterPacketProvider results in a 50% reduction in bandwidth compared to when it's not in use.

Within my packetHandler closure, I'm only returning 'allow.' I suspect this slowdown might be due to the packet data cache being passed to my extension, with only one active thread available to handle it.

I'm wondering if there's a way to adjust the size of the packet buffer, increase the number of threads dedicated to processing packets, or configure specific rules to mitigate this issue.

Thank you.

Replies  1
Boosts  0
Views  278
Participants  3
DTS Engineer OP
Apple
Nov ’23

NE providers certainly have an impact on performance. If you have a packet filter provider that just returns .allow, there’s nothing you can do to improve performance. You should feel free to file a bug about this performance impact, but I think it’s fair to say that the NE team is aware of that already.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
NEFilterPacketProvider severely reduces bandwidth
First post date Last post date
 
 
Q