search

objective-see / DNSMonitor

A DNS Monitor, leveraging Apple's NEDNSProxyProvider/Network Extension Framework
GNU General Public License v3.0
162 stars 19 forks source link

can't run even in /Applications folder #7

Closed xilu-wang closed 10 months ago

xilu-wang commented 10 months ago

(base) [/Applications]$ DNSMonitor.app/Contents/MacOS/DNSMonitor 2023-11-17 13:57:15.748 DNSMonitor[39355:804331] Started dnsmon.app (pid: 39355, parent: com.apple.Terminal) 2023-11-17 13:57:15.748 DNSMonitor[39355:804331]

ERROR: As dnsmon uses a System Extension, Apple requires it must be located in /Applications

(base) [/Applications]$

env:

Apple M1 Max, Version 14.0 (23A344)

objective-see commented 10 months ago

Ah, this also checks the app's name:

#define APP_NAME @"DNSMonitor.app"

if(YES != [NSBundle.mainBundle.bundlePath isEqualToString:[@"/Applications" stringByAppendingPathComponent:APP_NAME]]) {

    NSLog(@"\n\nERROR: As %@ uses a System Extension, Apple requires it must be located in /Applications\n\n", [APP_NAME stringByDeletingPathExtension]);

}

I'll update it to just check for /Applications so you can name it whatever you want ...but for now, to "fix" this issue, just make sure the app is called "DNSMonitor.app" or if you're recompiling, change APP_NAME to your app's name.

xilu-wang commented 10 months ago

Hi @objective-see , Thanks so much for the quick response! The new code doesn't have the error now. But I see another error:

  1. `(base) [/Applications]$
  2. (base) [/Applications]$
  3. (base) [/Applications]$ DNSMonitor.app/Contents/MacOS/DNSMonitor
  4. 2023-11-18 13:42:54.771 DNSMonitor[73324:1441191] Started com.objective-see.dnsmonitor (pid: 73324, parent: com.apple.Terminal)
  5. 2023-11-18 13:42:54.772 DNSMonitor[73324:1441191] toggling System Extension (action: 1)
  6. 2023-11-18 13:42:54.772 DNSMonitor[73324:1441191] creating 'OSSystemExtensionRequest' activation request
  7. 2023-11-18 13:42:54.772 DNSMonitor[73324:14
  8. 41191] submitting request...
  9. 2023-11-18 13:42:54.783 DNSMonitor[73324:1441210] ERROR: method '-[Extension request:didFailWithError:]' invoked with <OSSystemExtensionActivationRequest: 0x600001039a10>, Error Domain=OSSystemExtensionErrorDomain Code=4 "Extension not found in App bundle" UserInfo={NSLocalizedDescription=Extension not found in App bundle}`

Here is the application layout on my setup:

Screenshot 2023-11-18 at 13 46 38

I didn't change anything in consts.h

I am new to the network extension. Any help would be very appreciated :). Thanks

objective-see commented 10 months ago

Well, if you changing the name of the app (and maybe other things), the OS won't be happy

Also, you'll have to build your own profile so you can load the extension. You can't use an extension named com.objective-see... that is in a non-Obj-See app.

I'd recommend watching: Network Extensions for the Modern Mac.

There are several prerequisites that you have to fulfill for your own extension: image

...so its better to start by building you own from scratch, vs. trying to change/modify this one.

I've given detailed on talk on how to do this, so I'd recommend starting there too: "Nothing but Net: Leveraging macOS's Networking Frameworks to Heuristically Detect Malware"