Hi there! I'm not a dev, but I use NLC to limit my Mac's bandwidth when I'm downloading files so that other people in the household won't get slower internet speed. In the past, I just needed to turn it on and that was it, but recently, whenever I turned it on on my Mac, I'm completely disconnected from the internet. I tried disconnecting and reconnecting the wifi to no avail, and I've tried all the profiles. Anyone has any ideas on how to resolve this? Is it a bug? Thanks in advance!

got crash when use xcode15 + iOS16, works fine one xcode15 + iOS17. example code: let httpsHost1 = NWEndpoint.Host("example.com") //crash let httpsHost2 = NWEndpoint.hostPort(host: "example.com", port: NWEndpoint.Port(rawValue: 80)!) // crash too why xcode cant compatible that？anyone helpppppppppp? : (

Hi, I want to write a custom NWProtocolFramerImplementation with a handshake. In the WWDC 2019 session 713 video, it is specified that the start(framer:) method must return a .willMarkReady and we must call markReady() later. Would it be possible to have an example? thanks

I'm seeing crashes within NWPathMonitor.pathUpdateHandler and in various parts of NWPath (sometimes on dealloc of NWPath). One thing I noticed is that we are using a global concurrent queue in the call to NWPathMonitor.start(queue:). Could this be the reason? The crash isn't easily reproducible, but I'll see if I can find a way to test this. It would be nice to have an authoritative answer about this, though. The documentation makes no mention that the queue must be serial. And NWPath is a struct, so it seems unexpected to require a serial queue. To be clear, I'm doing something like this: let nwPathMonitor = NWPathMonitor() nwPathMonitor.pathUpdateHandler = { [weak self] path in guard let self else { return } // do stuff with path } nwPathMonitor.start(queue: DispatchQueue.global(qos: .background))

I am trying to establish a TLS 1.3 connection to a server that only accepts the SECP256R1 and FFDHE2048 TLS key share groups using the following code but the server is failing the TLS handshake because my client is not using a supported key exchange group. How do I specify which TLS key exchange group my client should use during the handshake? let tlsOptions = NWProtocolTLS.Options() if let secIdentity = getSecIdentity(), let identity = sec_identity_create(secIdentity) { sec_protocol_options_set_min_tls_protocol_version( tlsOptions.securityProtocolOptions, .TLSv13) sec_protocol_options_set_local_identity( tlsOptions.securityProtocolOptions, identity) } let tlsParams = NWParameters(tls: tlsOptions, tcp: .init()) let endpoint = NWEndpoint.hostPort(host: NWEndpoint.Host(host), port: NWEndpoint.Port(port)) let nwConnection = NWConnection(to: endpoint, using: tlsParams) nwConnection.stateUpdateHandler = stateDidChange(to:) nwConnection.start(queue: queue) Thanks!

Is it actually usable as a fireawall in macOS? I tried (as an example) adding a rule to block port 80, and it did not seem to work. But, that's all I tried -- just added a line to /etc/pf.conf

After upgrading to xcode17, when I use init(host: NWEndpoint.Host, port: NWEndpoint.Port, using: NWParameters) to initialize the NWConnection, it runs on ios16.1 and crash!How to fix this problem?

please consider this code: [NEHotspotNetwork fetchCurrentWithCompletionHandler:^(NEHotspotNetwork *network) { if (network) { DebugLog(@"Network ssid: %@, bssid: %@", network.SSID, network.BSSID); } else { DebugLog(@"No available network"); } }]; For me, I have a strange situation - say that the BSSID of my network is "01:34:56:78:90" the string in the property is missing the first character! what is contains (and is printed) is "1:34:56:78:90" - the leading "0" is missing. So, I was wondering if this is a know thing, or if perhaps it's only Asus (my router)? Or, am I doing something wrong? Pointers would be much appreciated.

Hi everyone. I'm working on a Proxy product for traffic filtering, among the functionalities of which is the ability to bypass requests by IP addresses and Domains, in order to exclude contact of "unnecessary" requests with proxies. Regarding exclusion of requests based on their domains, I use an awesome proxy exclusion list that can be set in the proxy settings for a specific network interface. But also, MacOS offers IP address exclusion by default (as you can see in the screenshot: 169.254/16), but unfortunately this functionality doesn't work for external IP addresses of any resources. Requests regardless of IP address exclusion - go through the specified proxy. Could you tell me what limitations the exclusion list has, perhaps it requires specific formats for IP addresses, or works only for local addresses of a certain network, or MacOS may provide some other solutions in this regard?

I am using NWPathMonitor to check the connectivity status. let monitor = NWPathMonitor() monitor.pathUpdateHandler = { path in if path.status == .satisfied { print("Satisfied") } else { print("Not Satisfied") } } This method functioned properly before iOS 17. However, with iOS 17 and later versions, I notice the following log output: nw_path_evaluator_cancel [00000000-0000-0000-0000-000000000000] cancel Interestingly, this issue with MWPathMonitor only appears in my live app. I don't encounter any unusual behavior in Testflight or XCode. I'd appreciate any assistance on this matter.

Hi. I have docker on my MacBook air 15 M2 and inside I have a container with DNS. For this container, I need port 53 for TCP and UDP. After the update, I can't run this container anymore. Looks like some system demon of macOS use this port and does not allow other application to use it.. How to fix it?

I've been having connection issues with WebRTC in my app since updating my devices to iOS 17. The issues are inconsistent, but generally the video connection cuts out after a couple seconds, seemingly because of network issues. I saw that there was a mention of WebRTC in the security content of iOS 17, and I've seen some reports on Reddit about users of smart home devices with cameras having connection issues after updating to iOS 17. Is anyone else experiencing similar issues? This is the WebRTC package I'm using: https://github.com/stasel/WebRTC

We have a PacketTunnelProvider in a SystemExtension with split tunneling. We are configuring a private IP address range of 240.0.0.1/10 as included routes and specifying a few matching domains using NEPacketTunnelNetworkSettings. Once TunnelNetworkSettings has been applied successfully, a new utunx interface is created, and it includes routes for the 240.0.0.1/10 IP range. In our case, the interface name is utun3, where 'x' represents an integer value. According to our business logic, we need to establish connections with some IPs from this range. To achieve this, we are utilizing the NWConnection class API to create connections with IP addresses Like this func establishConnection() { // Specify the destination host and port let host = "240.0.0.19" let port = 80 // Create an NWHostEndpoint let endpoint = NWHostEndpoint(hostname: host, port: "\(port)") // Create an NWConnection let connection = NWConnection(to: endpoint, using: .tcp) connection.start(queue: .global()) } For the above code, we have observed different behaviour for IP packets when creating connections from different targets. In the first case, when we create a connection to the IP address 240.0.0.19 from the Main app target using the provided code, the IP packets correctly go through the utun3 interface because this address falls within the 240.0.0/10 range, which is part of the included routes. However, in the second case, when we use the same code to create a connection to 240.0.0.19 from the Extension target, the IP packets go through the primary interface en0 rather than the utun3 interface. **Question : ** Why do we have different behaviour for the same code? How can we achieve the same behaviour as the Main app target in the System Extension target? -- Thanks

I'm experiencing sporadic EINVAL result when I call writev syscall with a nonblocking TCP socket. The error happens at this line of doctest I don't see any errors when I run this test in Linux container. The test sends a static string "test" compiled into binary. The tested runtime allocates io_vec structure with a single buffer inside a loop until the whole buffer is fully sent. The io slice is captured in a task future (the only one in the test) that is allocated on the heap by async executor. The future is desugared into a state machine that has scopes corresponding to async functions nested in the task future. Rust compiler drops the io slice in the end of send function scope. This happens after each successfully finished write (when syscall result is not EAGAIN). The runtime retries writev syscall when kqueue driver signals that the socket file descriptor is readable. I get the EINVAL error in about 25% of test runs. Environment: macOS Ventura 13.5.2, Intel CPU.

Is there a way to disable TLS GREASE on NWProtocolTLS.Options.securityProtocolOptions. Because it adds a 40 bytes overhead to the ClientHello. Combined with other factors (the padding extension), this would cause the TLS handshake to take a significate amount of time on low bandwidth connections. I tried using the private funcion sec_protocol_options_set_tls_grease_enabled() but it did not work.

Background I am struggling with dock freezes and other strange problems, so I have moved some Launch agents, and also did a reinstall of the latest beta. After that I can't open the WatchGuard application. As it is, I haven't used that VPN since the last beta update, so I am not sure if it's due to me moving files, or if it's actually the beta that broke this. Error What happens is that the Watchguard tries to open, but closes immediately. If I open the sh file that's inside the app package I get this: Terminating app due to uncaught exception 'NSInternalInconsistencyException', reason: '-[NSViewController loadView] loaded the "(null)" nib but no view was set.' Test It's easy to test: Just download this app and see if it opens. https://cdn.watchguard.com/SoftwareCenter/Files/MUVPN_SSL/12_10/WG-MVPN-SSL_12_10.dmg Solution As it is now I don't know what to do. I have reinstalled the app with various versions to no avail. I removed ALL files that have anything to do with watchguard, and did an install after that. Same problem. I have cleaned all cache files, started up at another account on this Mac and tried to install from there. Same problem (This suggests that the fault actually is in the beta). I don't understand the error message or know what "NSInternalInconsistencyException" is. I guess the answer lies there. Any ideas?

Since iOS 17 and Xcode 15, the following warning appears in Xcode when debugging on device: "nw_parameters_set_source_application_by_bundle_id_internal Failed to convert from bundle ID ([Apps Bundle ID]) to UUID. This could lead to wrong data usage accounting." What does that mean?

I'm using an NWConnection to talk to a TCP endpoint. The connection steps are working fine and I'm able to receive some data, but not all the data I expect. I am posting to see if I misunderstand how the NWConnection is supposed to behave. The messages I want to receive have a header and a payload. The header tells me how many bytes are in the payload. To do that I am trying to call receive twice on the connection. The first receive looks something like connection.receive(minimumIncompleteLength: MessageHeader.PackedDataCount, maximumLength: MessageHeader.PackedDataCount) { … } The second receive call is very similar and tries to grab the payload. It looks something like: let payloadLength = messageHeader.payloadLength connection.receive(minimumIncompleteLength: payloadLength, maximumLength: payloadLength) { … } The first message sent by the server has the bytes [0x0F, 0x00, 0x01, 0x02]. The first three bytes are the header and indicate that the message type is 0x0F, of length 1 byte (0x0001) and the payload is one byte, 0x02. When I run my code, the first call to receive works fine. I get three of the four bytes sent by the server. The second call to receive, however, never returns the one remaining byte (the callback is never invoked). If I change the first receive call to ask for 1024 as a maximum length then I can see all 4 bytes from the server in the response so I know all the data I want was sent. But I can't receive it in two subsequent calls to the connection. Do I misunderstand the way that receive is supposed to behave? If the server sends four bytes, do I have to read them all in one call to receive?

As long as I have about 300 apps installed on my iPhone, Whenever I install a new app, after opening the app for the first time and granting network permissions, there is a period of 3-5 seconds when the app cannot connect to the network。 Device： iPhone 12 Pro Max iOS 17 I can also reproduce it on different devices and systems with a very high probability

Hello community, I'm encountering a perplexing issue with my React Native app on iOS, specifically related to network connectivity when making API calls using Axios. The problem manifests as intermittent network errors, and what's even more puzzling is that the issue seems to be specific to iOS devices and Apple browsers. Here's a brief overview of the problem: Intermittent Network Errors: Occasionally, when making API calls using Axios in my React Native app on iOS, I receive network errors. The strange part is that this issue is sporadic and doesn't occur consistently. Works on Cellular Network: When the app encounters these network issues on WiFi, I've observed that switching to a cellular network resolves the problem, and the API calls start working again. Android and Other Devices Are Unaffected: Interestingly, the app works flawlessly on Android devices and other platforms. The issue appears to be isolated to iOS and Apple browsers. Has anyone else in the community faced a similar problem or have any insights into what might be causing this? I've already ruled out general connectivity issues, as the app works perfectly on other devices and networks. Any suggestions, tips, or shared experiences would be greatly appreciated. I'm open to trying out different approaches or debugging techniques to get to the bottom of this issue. Thanks in advance for your assistance!