I want get all Wifi SSID and BSSID those are in my Range.

Hello eveybody,Currently I'm working on an app which connects to a device. During testing I encounter an internal error of NEHotspotConfigurationErrorDomain. See the log snippet:Domain=NEHotspotConfigurationErrorDomain Code=8 "internal error." UserInfo={NSLocalizedDescription=internal error.}This error appears randomly. In one day I encountered it three times. The only solution I can think of is catching this error somehow and then telling the user to restart the device.After this error appears, the wifi functionality of iOS in all third party apps seems to be broken. Only restarting helps as far as I know. Also there seems to be nothing we as app developers can do about it. Therefor I wonder if there is some way to prevent this error somehow? The only solution I can think of is catching this error somehow and then telling the user to restart the device.Also since there is not much information about this error on the web, it would be really nice if someone can clarify whats going on with this error.Regards.

We have a VPN solution that is intended to be long-running, so normally we just use a simple on-demand-rule: a single 'connect on any interface' rule. This lets us automatically reconnect the VPN after reboots.However one of our users is reporting that sometimes the VPN will stay connected for days (up to a week even), but will still randomly disconnect with NEProviderStopReasonUserInitiated. And clearly he did not manually disconnect it. This has happened quite a few times now, always with the same stop reason.Sometimes this happens when the device is in sleep for a long enough time, but not always.Does anyone know what actually causes this to happen? and if there is any way around it?@eskimo maybe?

Hi Guys,we have developed an VPN application for iOS 10, that basically just installs a VPN profile (developed using NETunnelProviderManager) that sets a special DNS for evey request to block malicious websites system-wide, that's it.Out can worked great under iOS 10 and even under iOS 11. But since updating the OS of the device to iOS 12, there is a "Update required" directly on the VPN profile:My question now is, did anybody else faced that problem?Because we already updated XCode, compiled the app for Deployment Target iOS 12, updated the application through the App Store, we already talked to the Apple Supported, that saif we should try using the develop forums so, can anybody htell us WHAT we should update to get rid off this message? The VPN profile itself still works, meaning the malicious websites still get blocked. But the label "Update Required" should vanish, but what should we do?Kind Regards,Mario

Hi,I create application "Connecting to WiFi in iOS"Code to connecting:Swiftlet configuration = NEHotspotConfiguration.init(ssid: "SSIDname", passphrase: "Password", isWEP: false)configuration.joinOnce = trueNEHotspotConfigurationManager.shared.apply(configuration) { (error) in if error != nil { if error?.localizedDescription == "already associated." { print("Connected") } else{ print("No Connected") } } else { print("Connected") }}and Xamarin[assembly: Dependency(typeof(WifiConnector))]namespace WiFiManager.iOS{ public class WifiConnector : IWifiConnector { public void ConnectToWifi(string ssid, string password) { var wifiManager = new NEHotspotConfigurationManager(); var wifiConfig = new NEHotspotConfiguration(ssid, password, false); wifiManager.ApplyConfiguration(wifiConfig, (error) => { if (error != null) { Console.WriteLine($"Error while connecting to WiFi network {ssid}: {error}"); } }); } }}Everything works fine but iOS always asks a question "Wants to Join Wi-Fi Network".Is there any possibility that it would not ask? For my application, this popup is a problem. Maybe list of preferred network?Thank you in advance!

Hi,I am lookig for a way to activate Hotspot from my app without existing to the netowrk settings screen.My goal is to have a minimum user interaction (defining hotspot name, hotspot password, ect..). All I want from the usre is permission to activate a hotspot (will be done by somekind of dialog).I looked into `NEHotspotConfiguration` and `NEHotspotConfigurationManager` to confiure a hotspot and connect as follow:```1. let hotspotConfig = NEHotspotConfiguration(ssid:***, passphrase:***, isWEP: false)2. hotspotConfig.joinOnce = false3. NEHotspotConfigurationManager.shared.apply(hotspotConfig)```This enable me to configure a personal wifi AC but I can't "see" it from other devices.My goal is to activate hotspot so other devices can connect to it.I understood that I need special approval from apple to use NetworkExtension framework and I sent a request over 2 weeks but I still did not recieve any reply besides a request number.

i am using the network extension to connecting my ikev2 serverbut it always disconnect from server after I call the startVPNTunnal function , and the last connection error information shows like below_lastDisconnectError NSError * domain: NEVPNConnectionErrorDomainPlugin- code: 7 0x0000000283a5da70my code is like thisfileprivatefunc connect() { DispatchQueue.main.asyncAfter(deadline: DispatchTime.now() + Double(Int64(1 * NSEC_PER_SEC)) / Double(NSEC_PER_SEC)) { self.vpnManager.loadFromPreferences { (error) in if let error = error { print(error.localizedDescription) self.delegate?.vpnConnectionStatusDidChanged(manager: self, status: .invalid) return } do { try self.vpnManager.connection.startVPNTunnel() print("success") } catch let error{ print("failed: " + error.localizedDescription) self.delegate?.vpnConnectionStatusDidChanged(manager: self, status: .disconnected) } } } } func savePassword(_ password: String, inKeychainItem: Data?) -> Data? { guard let passwordData = password.data(using: String.Encoding.utf8, allowLossyConversion: false) else { return nil } var status = errSecSuccess if let persistentReference = inKeychainItem { // A persistent reference was given, update the corresponding keychain item. let query: [NSObject: AnyObject] = [ kSecValuePersistentRef : persistentReference as AnyObject, kSecReturnAttributes : kCFBooleanTrue ] var result: AnyObject? // Get the current attributes for the item. status = SecItemCopyMatching(query as CFDictionary, &result) if let attributes = result as? [NSObject: AnyObject] , status == errSecSuccess { // Update the attributes with the new data. var updateQuery = [NSObject: AnyObject]() updateQuery[kSecClass] = kSecClassGenericPassword updateQuery[kSecAttrService] = attributes[kSecAttrService] var newAttributes = attributes newAttributes[kSecValueData] = passwordData as AnyObject? status = SecItemUpdate(updateQuery as CFDictionary, newAttributes as CFDictionary) if status == errSecSuccess { return persistentReference } } } if inKeychainItem == nil || status != errSecSuccess { // No persistent reference was provided, or the update failed. Add a new keychain item. let attributes: [NSObject: AnyObject] = [ kSecAttrService : UUID().uuidString as AnyObject, kSecValueData : passwordData as AnyObject, kSecAttrAccessible : kSecAttrAccessibleAlways, kSecClass : kSecClassGenericPassword, kSecReturnPersistentRef : kCFBooleanTrue ] var result: AnyObject? status = SecItemAdd(attributes as CFDictionary, &result) if let newPersistentReference = result as? Data , status == errSecSuccess { return newPersistentReference } } return nil } func connect(vpn_protocol:SGVPNProtocol, ip: String, username: String, password: String, psk: String) { vpnManager.loadFromPreferences { (error) in if error != nil { print("Load error: \(error?.localizedDescription as String?)") return } else { let configuration = NEVPNProtocolIKEv2() configuration.username = username configuration.passwordReference = self.savePassword(password, inKeychainItem: nil) configuration.authenticationMethod = .none configuration.useExtendedAuthentication = true configuration.disconnectOnSleep = false configuration.serverAddress = ip configuration.remoteIdentifier = ip configuration.localIdentifier = "" self.vpnManager.protocolConfiguration = configuration self.vpnManager.localizedDescription = "xxxx" self.vpnManager.isEnabled = true self.vpnManager.isOnDemandEnabled = false self.vpnManager.saveToPreferences(completionHandler: { (error) in if error != nil { print(error!.localizedDescription) self.delegate?.vpnConnectionStatusDidChanged(manager: self, status: SGVPNStatus.invalid) return } self.vpnManager.loadFromPreferences(completionHandler: { error in self.connect() }) }) } } }error information:Printing description of self.vpnManager._connection->_lastDisconnectError:Error Domain=NEVPNConnectionErrorDomainPlugin Code=7 "The VPN session failed because an internal error occurred." UserInfo={NSLocalizedDescription=The VPN session failed because an internal error occurred.}(lldb) i have done the capacities setting for Personer VPN and Network Extension

I grabbed Apple's sample project, SimpleFirewall, here https://developer.apple.com/documentation/networkextension/filtering_network_traffic. The app builds and runs, but when I press the start button it tells me this in the console:2019-06-05 15:00:38.032893-0500 SimpleFirewall[32086:151724] System extension request failed: App containing System Extension to be activated must be in /Applications folderOk, fair enough. Weirdly, the INSTALL_PATH in build settings is pointed to /Applications, but okay, I'll grab the product and the extension and shove it in /Applications myself and worry about how to debug this later. When I try that, it has me open System Preferences to enable the system extension--progress! However, even after that, the Start button on the application, which is intended to start filtering incoming connections, briefly spins and goes back to the red/disabled state.Any tips on how to run this within Xcode and debug it are appreciated. I know it's early and the session doesn't even air until Friday, but there's only so many days left in the summer 🙂.Best,Mark

Hello Eskimo,Hope you are doing well,I am looking for a solution for VPN.i am building iOS app for VPN using OpenVPN i tried many libraries but didn't got success. it is starting with connecting status and immediately it is getting disconnected.Can you please help me on that?Appreciate your help.FYI, below is the code snipet for your reference.In iOS after session.startTunnel() connection status stops on connecting stateWe are trying to connecting vpn (TCP & UDP) through “.ovpn” configuration using TunnelKit, But after calling startTunnel NEPacketTunnelProvider is not initiating.private func makeProtocol() -> NETunnelProviderProtocol { let credentials = OpenVPN.Credentials(textUsername.text!, textPassword.text!) let configurationFileURL = Bundle.main.url(forResource: “xyz”, withExtension: "ovpn") do { let file = try OpenVPN.ConfigurationParser.parsed(fromURL: configurationFileURL!).configuration var builder = OpenVPNTunnelProvider.ConfigurationBuilder(sessionConfiguration: file) builder.mtu = 1450 builder.shouldDebug = true builder.masksPrivateData = false let configuration = builder.build() return try! configuration.generatedTunnelProtocol( withBundleIdentifier: ViewController2.tunnelIdentifier, appGroup: ViewController2.appGroup, credentials: credentials ) } catch { print("Failed to send a message to the provider") return NETunnelProviderProtocol() } }func connect() { configureVPN({ (manager) in return self.makeProtocol() }, completionHandler: { (error) in if let error = error { print("configure error: \(error)") return } self.currentManager?.isEnabled = true let session = self.currentManager?.connection as! NETunnelProviderSession do { try session.startTunnel() print("start Tunnel called") } catch let e { print("error starting tunnel: \(e)") } })}Again thanks in advanced

Hi I have an issue here. User will have a landing page displayed in their phone via CNA once user connected to Wifi. Inside the landing page there is a link that point to my app in Appstore. But when user click on the link, there is no response at all. I tried with normal browser like safari, it works, but not with CNA.

HI, We faced an issue where the NEAppProxyProvider based per-app VPN fails to connect when device is enrolled in the User Enrollment mode. This occurs as NEAppProxyProvider can not lookup the client TLS identity based on the persistence reference passed in VPN profile. We are using following code to get the client identity and certificate from the VPN configuration persistence reference and the lookup fails with "-25300" status.NSDictionary *dict = @{ (__bridge id)kSecClass: (__bridge id)kSecClassIdentity, (__bridge id)kSecReturnRef: (id)kCFBooleanTrue, (__bridge id)kSecValuePersistentRef: persistantIdentityRef }; CFTypeRef identityRef = NULL; OSStatus status = SecItemCopyMatching((__bridge CFDictionaryRef)dict, &identityRef);Same logic works fine in Device Enrollment mode.Anyone faced the similar issue or is this bug on iOS side?

Altough we are using NEHotspotConfiguration API to configure the current Wi-Fi network, occasionally CNCopyCurrentNetworkInfo returns NULL. The only way to recover was rebooting the phone (I haven't tried resetting the network settings as was suggested else where). Regardless ,this sounds like a bug in the API and I was wondering if others see the same problem and/or if it's a known issue and is getting addressed.Thanks!

Hi,As suggested in the previous post, I want to check the code signature to prevent my XPC service in the Network Extension from unauthorized access, but my signature checking doesn't work in a sandboxed network extension.Here is the minimal working example, which checks if the code itself has a trusted signature:- (void)test { OSStatus ret; SecCodeRef mycode = NULL; SecRequirementRef myreq = NULL; CFErrorRef myerr = NULL; do { ret = SecRequirementCreateWithString(CFSTR("anchor trusted"), kSecCSDefaultFlags, &myreq); if (ret != errSecSuccess) break; ret = SecCodeCopySelf(kSecCSDefaultFlags, &mycode); if (ret != errSecSuccess) break; NSLog(@"validate start"); ret = SecCodeCheckValidityWithErrors(mycode, kSecCSDefaultFlags, myreq, &myerr); NSLog(@"validate return=%d err=%@", ret, myerr); } while ((0)); if (myerr) { CFRelease(myerr); } if (myreq) { CFRelease(myreq); } if (mycode) { CFRelease(mycode); } }This snippet works in sandboxed app and UN-sandboxed network extension. In a sandboxed network extension, however, it outputs validate return=-2147416000 err=Error Domain=NSOSStatusErrorDomain Code=-2147416000 "(null)" (CSSMERR_CSP_INVALID_CONTEXT_HANDLE)After digging into the logs from system frameworks, I find following two lines by which I believe the error is related to sandboxing.<Security`Security::MDSSession::LockHelper::obtainLock(char const*, int)> com.mycompany: (Security) [com.apple.securityd:mdslock] obtainLock: calling open(/private/var/db/mds/system/mds.lock) <Security`Security::MDSSession::LockHelper::obtainLock(char const*, int)> com.mycompany: (Security) [com.apple.securityd:mdslock] obtainLock: open error 1Is this a limitation in macOS system or I have to adjust my code for the sandbox in network extension?Thanks in advance.

I need to develop an extension that gets the current connected Wi-Fi signal strength, the app will be registered as a Hotspot Helper, but first, we need to do some testing.I don't see too much documentation about this and I don't know how to use the object.

We are moving our network kernel extension to NetworkExtension system extension. We use NEFilterPacketProvider to monitor all network traffics on a host. In testing we found even though NEFilterPacketProvider provides packets from/to physcical interfaces, it doesn't provide any virtual interface traffics, such as loopback, or utun[x] traffics, which we used to be able to intercept with an IP filter in network kernel extension. Is that intentional in the new NetworkExtension? If not, what should we do to correctly receive virtual interface traffics(utun traffic particularly) using NEFilterPacketProvider?

Am I able to add a subscriber inside of my Network Extension to receive reports?

I've implemented a custom VPN app for macOS (using Packet Tunnel Provider). I set includeAllNetworks at the protocolConfiguration. When this field is set, I can't connect and I can't send traffic even at the extension. Even simple calls at the extension, like getaddrinfo or curl fails. If I'm unsetting this variable (includeAllNetworks = false) then I can connect without a problem. In addition I can see those lines at the Xcode Console: Connection 2: encountered error(1:53) Connection 3: encountered error(1:53) Connection 1: encountered error(1:53) And those lines at the Console: No mDNS_Keepalive for interface en8/IOSkywalkLegacyEthernetInterface kr 0xE00002C0 NetWakeInterface: en8 <private> no WOMP uDNS_CheckCurrentQuestion: host unreachable error for DNS server <private> for question failed to send packet on InterfaceID 0x5 en8/4 to <private>:53 skt 74 error -1 errno 65 (No route to host) 

Using NEFilterProvider, I'm able to look at the remoteEndpoint property for each network flow that comes from a socket. However, the hostname property is an IP address and not a URL/domain name, whereas doing the same for a flow that comes from a browser returns a URL. Is there a way to retrieve the domain name for a network flow that comes from the socket?

I want Transparent Proxy(macOS Catalina) work below. The detailed operation example is as follows.The user tries to connect to 10.10.10.10:1000. At the same time as this process, change the destination to 20.20.20.20:2000 to connect. my question is program <--> Transparent Proxy <--> remote connect how to connect remote server how to read data from flow how to write data from flow to remote connection override func handleNewFlow(_ flow: NEAppProxyFlow) -> Bool { if let tcpflow = flow as? NEAppProxyTCPFlow { // 1. how to connect remote server // 2. how to read data from flow // 3. how to write data from flow to remote connection } } thank you