The principal class for a packet tunnel provider app extension.
- iOS 9.0+
- macOS 10.11+
- Mac Catalyst 13.0+Beta
NEPacket class gives its subclasses access to a virtual network interface via the
packet property. Use the
set method in the Packet Tunnel Provider to specify that the following network settings be associated with the virtual interface:
Virtual IP address
DNS resolver configuration
HTTP proxy configuration
IP destination networks to be routed through the tunnel
IP destination networks to be routed outside the tunnel
By specifying IP destination networks, the Packet Tunnel Provider can dictate what IP destinations will be routed to the virtual interface. IP packets with matching destination addresses will then be diverted to Packet Tunnel Provider and can be read using the
packet property. The Packet Tunnel Provider can then encapsulate the IP packets per a custom tunneling protocol and send them to a tunnel server. When the Packet Tunnel Provider decapsulates IP packets received from the tunnel server, it can use the
packet property to inject the packets into the networking stack.
Creating a Packet Tunnel Provider Extension
Packet Tunnel Providers run as App Extensions for the
com extension point.
To create a Packet Tunnel Provider extension, first create a new App Extension target in your project.
For an example of an Xcode build target for this app extension, see the SimpleTunnel: Customized Networking Using the NetworkExtension Framework sample code project.
Once you have a Packet Tunnel Provider extension target, create a subclass of NEPacketTunnelProvider. Then, set the
NSExtension key in the the extension’s
Info to the name of your subclass.
If it is not already, set the
NSExtension key in the extension’s
Here is an example of the NSExtension dictionary in a Packet Tunnel Provider extension’s
Finally, add the Packet Tunnel Provider extension target to your app’s Embed App Extensions build phase.
In order to create a Packet Tunnel Provider extension, you must create a subclass of
NEPacket and override the methods listed below.