NEFilterFlow localEndpoint property is (almost) always nil?

Question

Created Dec ’17

Replies 2

Boosts 0

Participants 3

I have been testing a bare-bones Content Filter on an iOS 11.1.2 device where the callbacks of the NEFilterDataProvider just log the properties of the NEFilterFlow. My results have shown that the localEndpoint property of the NEFilterFlow objects in all of the callbacks are (almost) always nil.

Oddly, there are usually one or two flows that _do_ have a non-nil localEndpoint as soon as I start the Chrome app. But every other app that I have tried always shows nil localEndpoints in the NEFilterFlow objects passed to all callbacks. And Chrome also generally has nil localEndpoints after that first flow or two.

The documentation for the NEFilterSocketFlow localEndpoint property states:

An

NWEndpoint
object containing details about the socket’s local endpoint. This endpoint object may be nil when [NEFilterDataProvider handleNewFlow:]
is invoked; if so, it will be populated upon receiving network data. In such a case, flow filtering may still be performed based on its socket type, socket family, or socket protocol.

However, even after data is received on the flow, I still generally see localEndpoints that are nil. Is this a bug?

Note that my issue is not with the remoteEndpoint. The remoteEndpoint is consistently set to valid values. My concern is specifically with the localEndpoint.

--Chris

Boost

Answer 1

DTS Engineer OP

Apple

Dec ’17

I’ve not looked into this issue specifically, but I suspect that the reason why you’re seeing

localEndpoint

set up in some cases and not others relates to whether the app explicitly bound the socket.

A good way to test this is to a write a small test app that uses BSD Sockets to make an outgoing connection. You can then see whether calling

bind

makes a difference.

Regardless of what you find, it seems like a bug report is in order here. At a minimum, the code and the documentation needs to be aligned.

Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

0

Answer 2

chofstaedter OP

Dec ’17

Thanks for the good idea and suggestion. I just tried it out and it looks like you're correct. When I explicitly bind my socket to a local address, I see the non-nil localEndpoint property. When I allow it to bind to INADDR_ANY and the ephemeral port, the localEndpoint property of the flow remains nil throughout.

I'll write up a bug for the docs issue. However, it would be much more useful if the localEndpoint could get populated with the assigned address and port after the connection gets fully bound and established - which i would expect to be the case by the time data arrives from the remote host. So I'll also include a request for that as well.

0