Hello!
As a foreword, our issue is not on any version prior to macOS Sequoia.
While testing our content filter on Sequoia, we found out that localhost traffic/flows were not being forwarded to the filter for evaluation. When setting up our default settings, we apply these rules that would forward loopback traffic to our filter:
let ipv4localhost = NWHostEndpoint(hostname: "127.0.0.1", port: "0")
let ipv4localhostRule = NENetworkRule(remoteNetwork: ipv4localhost, remotePrefix: 0, localNetwork: ipv4localhost, localPrefix: 0, protocol: .any, direction: .any)
let ipv6localhost = NWHostEndpoint(hostname: "::1", port: "0")
let ipv6localhostRule = NENetworkRule(remoteNetwork: ipv6localhost, remotePrefix: 0, localNetwork: ipv6localhost, localPrefix: 0, protocol: .any, direction: .any)
let filterSettings = NEFilterSettings(rules: [NEFilterRule(networkRule: ipv4localhostRule, action: .filterData), NEFilterRule(networkRule: ipv6localhostRule, action: .filterData)], defaultAction: .filterData)
We found out that these initialisers are deprecated in Sequoia https://developer.apple.com/documentation/networkextension/nenetworkrule/3143646-init and are replaced by https://developer.apple.com/documentation/networkextension/nenetworkrule/4365499-init.
After replacing the deprecated calls, we do indeed see loopback traffic in the filter again.
Our question is, is this intentional? Will deprecation of these methods mean that the "old" code will not work with macOS Sequoia anymore, or is it a bug?
I'm asking this as it will force us to upgrade our builder nodes to be able to compile the new code, however as everything is still in beta there is a higher risk of problems that could accompany this.
Thanks in advance, I wish you a nice day.