Hi,
I am looking into the feasability of porting one of my apps which monitors the network usage and consumption to iOS.
On macOS I was able to create a login item and use a LSUIElement app executing in background, monitoring network activity.
What about on iOS? Anyone care to share some insights about the ability or inability to create a kind of Widget doing the same things?
Thanks in advance.
Best,
Thierry
I strongly recommend against trying to create this sort of product for iOS. There’s two fundamental problems here:
The iOS sandbox is specifically designed to prevent one app from seeing what another app is doing. Sometimes there are leaks in that sandbox, but plugging those leaks is one of Apple’s ongoing security goals.
iOS puts strict limits on background execution of apps, which prevents an app from running continuously in the background.
Some folks have tried to do this sort of thing using the VPN infrastructure (using a Network Extension provider) but that’s tricky on both the technical and business fronts.
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"Hi eskimo,
Thank you very much for your answer.
I understand your point but now that iOS is more advanced, people tend to want more advanced tools. I don't see any activity monitor on iOS and some of us may want to track the activity of their device in regards to network consumption for example.
The app I am refering to is basically monitoring CPU/Network/Diskio and Memory usage. It uses mostly sysctl, mach and IOKit to get information and does not require acces to any process outside of its sandbox. Also it is very very lightweight < 0.3% CPU. One of the advantages of this app (besides being well written 😉) is that people with limited network traffic can check their consumption per month.
Yesterday I was reading the NetworkExtension framework's very narrow documentation (sorry to say that, I usually like Apple's documentations, is it purposely so light?). I downloaded the SimpleTunnel example app (which could require an update to the latest Swift version by the way since it cannot compile on the current Xcode version) and began to imagine I could make a FilterDataProvider that would only count bytes passing through and always return .allow() but it seams to me (from what I've read in other threads in this forum) that Content Filter extensions are only allowed on special kind of devices managed by some kind of supperior authorities like in the context of a company or a school or so. Besides I have tried to make such an extension but it fails to automatically create its provisioning profile stating that the extension "cannot be registered to your development team." (don't know if it is a consequence of the supposed limitations). I am stuck here.
So I guess the right question to ask is: Can I make a content filter network extension that can be registered/opted in/out by the user's will? if not, then it is pointless to continue this way. Are there any other alternatives?
I could also add that making a pure simple app that just shows CPU/Network stats while in the foreground could be done but could also be of more limited use.
Thanks and best regards,
Thierry
It uses mostly sysctl, mach and IOKit to get information and does not require acces to any process outside of its sandbox.
Four things:
I/O Kit is not API on iOS.
On modern versions of iOS
sysctlThese sandbox restrictions are getting tighter over time.
You mustn’t underestimate just how much privacy-sensitive information APIs like this can leak. I’ve talked about this sort of thing elsewhere on DevForums.
One of the advantages of this app … is that people with limited network traffic can check their consumption per month.
With regards that feature, I’ve discussed that extensively on DevForums. Consider this post and the post it links to.
Can I make a content filter network extension that can be registered/opted in/out by the user's will?
No. Network Extension content filters are restricted to supervised devices only.
Even if they weren’t, this is not the right technology to achieve your goal. For example:
You want your tool to be lightweight, and that’s not this.
Content filters run in a very tight sandbox, one that prevents you from exporting information from the filter.
Content filters were not designed for this job, and you’re likely to run into other technical problems that I’m not aware of.
Both the App Store Review Guidelines and the Apple Developer Program License Agreement both apply business restrictions on use of Network Extension providers.
I’m happy to answer any specific technical questions you have about this or other APIs, but you have to understand that in my opinion there’s no supported way to achieve your overall goal.
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"Hi Quinn,
Thank you for your very valuable answers and for your time.
Taking into account what you are saying, It would seem that it is indeed too soon to be able to port this app to iOS. I wish there were some lightweight hooks to handle this kind of use case in the provided frameworks. It may be worth submitting an enhancement request. I don't know if there were already filled enhancement requests for network consumption counters per interface, but i'll look into it.
Best regards,
Thierry
It may be worth submitting an enhancement request.
Absolutely.
I don't know if there were already filled enhancement requests for network consumption counters per interface, but i'll look into it.
The advantage of filing your own enhancement request is that it allows you to express your needs in your own terms, and allows iOS engineering to gauge the level of demand.
Share and Enjoy
—
Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware
let myEmail = "eskimo" + "1" + "@apple.com"