How to route all internet traffic of iOS device to Tor?

App & System Services Networking
al_h10 OP
Created Apr ’16
Replies 3
Boosts 0
Views 1.5k
Participants 2

I want to implement a functionality which is to route all internet traffic of iOS device through Tor using Network Extension Framework.

I have couple of questions in this regard

  1. Is it possible to achieve this?
  2. Does Apple allow this?

Thanks

Replies  3
Boosts  0
Views  1.5k
Participants  2
DTS Engineer OP
Apple
Apr ’16

1. Is it possible to achieve this?

Honestly, I don’t know. My don’t have a deep enough understanding of Tor to tell you whether it’s compatible with the Network Extension provider architecture.

2. Does Apple allow this?

This question hasn’t come up before, and thus the decision would have to be made by folks on the Network Extensions approval team. None of them read DevForums, alas.

The obvious way forward here is to apply for the entitlements and see what happens.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
0
al_h10 OP
Apr ’16

Hmm. The basic idea which I have is that the packets in packet tunnel provider can be sent to Tor. And I asked the question whether Apple allows this or not because I thought this functionality would only be possible if iOS device configuration is changed. By configuration I mean changing the default routing of the packets.


Thanks

0
DTS Engineer OP
Apple
Apr ’16

Hmm. The basic idea which I have is that the packets in packet tunnel provider can be sent to Tor. And I asked the question whether Apple allows this or not because I thought this functionality would only be possible if iOS device configuration is changed. By configuration I mean changing the default routing of the packets.

I don’t really understand the above. Please let me know if I’ve misinterpreted you.

My best guess is that you’re asking a very simple question: can a Network Extension packet tunnel provider set the default route on the device? And the answer to that is, yes. When the provider sets up its network settings (NEIPv4Settings, NEIPv6Settings), it includes routing information via the 

includedRoutes
and 
excludedRoutes
properties. Both the NEIPv4Route and NEIPv6Route classes have a class method, 
+defaultRoute
. If the provider wants to set the default route (and hence become a full tunnel), it should set 
includedRoutes
to be a single item containing the result from 
+defaultRoute
.

IMPORTANT With something as security-sensitive as Tor, you’d want to use an RVI packet trace to verify that the device is not leaking information in this state.

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware 

let myEmail = "eskimo" + "1" + "@apple.com"
0
How to route all internet traffic of iOS device to Tor?
First post date Last post date
 
 
Q