Implement a VPN client for a flow-oriented, custom VPN protocol.
A virtual private network (VPN) is a form of network tunnel where a VPN client uses the public Internet to create a connection to a VPN server and then passes private network traffic over that connection. If you want to build a VPN client that implements a flow-oriented, custom VPN protocol—one that works with the data passing through a TCP connection rather than the packets used to transport that data—create an app proxy provider app extension.
When the system starts a VPN configuration that uses your app proxy provider, it launches your app extension, instantiates your app proxy provider subclass within that app extension, and starts forwarding flows to your provider. Each flow represents either a TCP connection or a conversation over UDP. Your provider is expected to open a tunnel to a VPN server and forward each flow over that tunnel. Similarly, if your provider receives flow data from the tunnel, it should pass that back to the system via the appropriate flow.
App proxy providers are one form of per-app VPN, the other being a Packet Tunnel Provider in source application mode.
App proxy providers are supported in iOS on managed devices only, and in macOS for Mac App Store apps only.