Hi guys, I try to create a content filter app by using network extension api. When it comes to a https/tls remote endpoint, the remoteEndpoint.hostname will always be "<private>" instead of the actual hostname. How can I extract the actual hostname?
private func filterTraffic(flow: NEFilterSocketFlow)
-> NEFilterNewFlowVerdict
{
// Default action from settings will be used if no rules match
logger.error("filter traffic...")
guard let remoteEndpoint = flow.remoteEndpoint as? NWHostEndpoint
else {
logger.error("not a NWHostEndpoint)")
return .allow()
}
logger.error("host name: \(remoteEndpoint.hostname)")
if remoteEndpoint.hostname.hasSuffix("google.com"){
logger.error("google.com")
return .drop()
}
return .allow()
}
code-block
The <private> isn’t coming from Network Extension but rather the logging subsystem. You’ve not configured the logging system to record private data, and thus it’s showing this value as <private> because the real value isn’t available.
You can learn more in Your Friend the System Log and the various resources it links to.
Having said that, there’s no guarantee that a DNS name will actually be available. See my response on this thread.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"