Traffic logging with UI output using Content Filter Providers

App & System Services Networking
AndriiSulimenko OP
Created Aug ’24
Replies 7
Boosts 0
Views 374
Participants 2

Hey, I have been working on the app that implements both Content Filter Providers and DNS Proxy for custom network security app. However, I would like to display traffic logs from Content Filter. What's the best way to do that?

I know that it works with UserDefaults under shared container with App Group. But I am not sure that it's the best approach for storing data that is constantly changing. I also tried to use CoreData with:

FileManager.default.containerURL(forSecurityApplicationGroupIdentifier: appGroup)

But I receive error that "The file couldn’t be saved because you don’t have permission., ["reason": No permissions to create file; code = 1]" because my FilterDataProvider has access to CoreData model.

Answered by DTS Engineer in 802034022

FYI, it’s best if you reply as a reply, rather than in the comments. See Quinn’s Top Ten DevForums Tips for this and other titbits.

On iOS, content filters are very tightly sandboxed. It’s not possible for a filter data provider to escape data from its sandbox. The Content filter providers documentation explains this idea in more detail.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Replies  7
Boosts  0
Views  374
Participants  2
DTS Engineer OP
Apple
Aug ’24

What platform are you targeting?

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
DTS Engineer OP
Apple
Aug ’24
Recommended

FYI, it’s best if you reply as a reply, rather than in the comments. See Quinn’s Top Ten DevForums Tips for this and other titbits.

On iOS, content filters are very tightly sandboxed. It’s not possible for a filter data provider to escape data from its sandbox. The Content filter providers documentation explains this idea in more detail.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
AndriiSulimenko OP
Aug ’24

Thank you for your response!

Is there any other way to log socket flows then?

0
DTS Engineer OP
Apple
Sep ’24

To what end?

As a debugging tool for your own purposes? Or in a product?

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
AndriiSulimenko OP
4w

I already have it as a debug tool. I use Console App to see system scope logs. However, I would like to add logs from Content Filter on UI in a product as traffic logs. Because my app implements both Content Filter and DNS Proxy, I wanted to show how it affects networking on the device

0
DTS Engineer OP
Apple
4w
However, I would like to add logs from Content Filter on UI in a product as traffic logs.

I don’t think that’s viable given the security constraints on content filters. Indeed, if you found a way to do that, I’d consider it a security bug.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
AndriiSulimenko OP
4w

Okay, I see now. Thank you for your response. Then no traffic logs it is

0
Traffic logging with UI output using Content Filter Providers
First post date Last post date
 
 
Q