Hi all,
I have a requirement to intercept and modify inbound connections on macOS. For example, if I’m running a server on TCP port 8080 on macOS, I want to intercept all traffic to and from this port. I’m open to working at the level of TCP flows or even raw Ethernet packets, depending on what’s feasible.
I’m already successfully using NETransparentProxy to intercept outbound traffic, but I haven’t found a way to handle inbound connections using any of the Network Extension APIs.
Is there any supported or alternative approach for intercepting inbound traffic (via NE, NKEs, PF, or something else)? Any guidance would be greatly appreciated.
Thanks in advance!
Is there any supported or alternative approach for intercepting inbound traffic …?
Not that I can think of.
I coulda sworn that transparent proxy would work for this, but the docs make it pretty clear that’s not the case:
The matchDirection property must be .outbound.
I suspect I was mixing up transparent proxy and content filter, which also uses NENetworkRule. And content filter won’t help you because you need to modify the traffic on the incoming connection.
My only advice is that you file an enhancement request for support for this within transparent proxy. Please post your bug number, just for the record.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"