Start An NEPacketTunnelProvider Fail

App & System Services Networking
icefire_wang OP
Created Aug ’22
Replies 5
Boosts 0
Views 1.7k
Participants 3

My App is a VPN APP, use [com.apple.networkextension.packet-tunnel] extension app to provider a VPN service. A problem puzzled me for a long time: Sometimes the VPN doesn't start successfully, until the user restart the iOS System or reinstall my APP.

The detail is : The user use the app normally for many times, and suddenly can't start the vpn service, the APP log show API "startVPNTunnelWithOptions" call success, and return success. but the VPN extension status(NEVPNStatus) change from Disconnect to Connecting and then nothing happen, the VPN process not started, and not any log of the VPN extension created, my VPN log is start from the init function of the class inherit from PacketTunnelProvider, so can see that the vpn process not started.

My NETunnelProviderProtocol is :

    NETunnelProviderProtocol *tunnel = [[NETunnelProviderProtocol alloc] init];
    tunnel.providerBundleIdentifier = kTunBundleId;
    tunnel.serverAddress = @"";
    tunnel.disconnectOnSleep = NO;
    [self.providerManager setEnabled:YES];
    [self.providerManager setProtocolConfiguration:tunnel];
    self.providerManager.localizedDescription = kAppName;

very simple, because my app use openvpn3 to provide the vpn service,so no need to set the serverAddress.

Because when this problem happened, I can't get any useful log (because APP can't get the iOS system log), so this is a really trouble for me. Could any body help !

Answered by icefire_wang in 723436022

The trick here is to have the user trigger a sysdiagnose log as soon as they see the problem. Then can then pass this on to your for analysis. For more information about this, see Your Friend the System Log.

this can get entire iOS system log ? I don't find the way to do this after I read the documents.

I said before:

because APP can't get the iOS system log

means, the log of my app is no useful, because the APP seems ok. The job to start the NetworkExtension Process is not the host APP( MY APP).

Host APP only setup the configuration and call the system API, and the log of my app show nothing wrong here.

The log of my APP shows: when after call startVPNTunnelWithOptions: success, the NEVPNStatus change from NEVPNStatusDisconnected to NEVPNStatusConnecting (from NEVPNStatusDidChangeNotification) but long time (about 1 mins) the VPN Process not created, and status change to disconnect.

So I think if i want to known why the VPN process not create success, I need to got the entiry iOS system log, this may show why the iOS system start the process fail.

Replies  5
Boosts  0
Views  1.7k
Participants  3
DTS Engineer OP
Apple
Aug ’22

Realistically, you’re not going to be able to debug this by looking at your code; you need to see the system log. Apropos that:

because APP can't get the iOS system log

The trick here is to have the user trigger a sysdiagnose log as soon as they see the problem. Then can then pass this on to your for analysis. For more information about this, see Your Friend the System Log.

One key technique here is to use the system log for your own log points, so that you can correlate the failure as you see it from your code with the logging done by the rest of the system.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
icefire_wang OP
Aug ’22
Accepted Answer

The trick here is to have the user trigger a sysdiagnose log as soon as they see the problem. Then can then pass this on to your for analysis. For more information about this, see Your Friend the System Log.

this can get entire iOS system log ? I don't find the way to do this after I read the documents.

I said before:

because APP can't get the iOS system log

means, the log of my app is no useful, because the APP seems ok. The job to start the NetworkExtension Process is not the host APP( MY APP).

Host APP only setup the configuration and call the system API, and the log of my app show nothing wrong here.

The log of my APP shows: when after call startVPNTunnelWithOptions: success, the NEVPNStatus change from NEVPNStatusDisconnected to NEVPNStatusConnecting (from NEVPNStatusDidChangeNotification) but long time (about 1 mins) the VPN Process not created, and status change to disconnect.

So I think if i want to known why the VPN process not create success, I need to got the entiry iOS system log, this may show why the iOS system start the process fail.

0
DTS Engineer OP
Apple
Aug ’22

his can get entire iOS system log ?

Yes. Quoting the post I referenced previously:

Every sysdiagnose log includes a snapshot of the system log, which is ideal for debugging hard-to-reproduce problems. For more information about sysdiagnose logs, see the info on Bug Reporting > Profiles and Logs.

The resulting sysdiagnose log file is a .tar.gz file. When you unpack that you’ll find a .logarchive file that’s a snapshot of the system log.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0
icefire_wang OP
Oct ’22

Thanks for your help, I got a issue log

the issue log
It seems to be stuck by nw_path_necp_update_evaluator_block_invoke could you tell me what is this, and how can I avoid this.
0
hanshaobo OP
Mar ’24

Hello, I have the same question. The user use the app normally for many times, and suddenly can't start the vpn service, the APP log show API "startVPNTunnelWithOptions" call success, and return success.But the TunnelExtension process is not running, and there is nothing in the logs I have logged in the PacketTunnelProvider.Is there a solution to this problem now?

     [NETunnelProviderManager loadAllFromPreferencesWithCompletionHandler:^(NSArray<NETunnelProviderManager *> * _Nullable managers, NSError * _Nullable error) {
        if (managers.count > 0) {
            self.manager = [managers objectAtIndex:0];
            self.manager.localizedDescription = @"APP-VPN";
            self.manager.enabled = YES;
            self.manager.onDemandEnabled = YES;
        } else {
            NETunnelProviderProtocol *protocol = [[NETunnelProviderProtocol alloc] init];
            protocol.providerBundleIdentifier = @"com.***.***.extension";
            protocol.serverAddress = controlUrl;
            self.manager = [[NETunnelProviderManager alloc] init];
            self.manager.protocolConfiguration = protocol;
            self.manager.localizedDescription = @"APP-VPN";
            self.manager.enabled = YES;
            self.manager.onDemandEnabled = YES;
        }
        WS(weakSelf);
        [self.manager saveToPreferencesWithCompletionHandler:^(NSError * __nullable error) {
            SS(strongSelf);
            if (error) {
                NSLog(@"Error when saveToPreferencesWithCompletionHandler: %@", error);
            } else {
                    [strongSelf.manager loadFromPreferencesWithCompletionHandler:^(NSError * _Nullable error)  {
                            NSError *startError = nil;
                            BOOL isSucces = [strongSelf.manager.connection startVPNTunnelWithOptions:settDic andReturnError:&startError];
                            if (isSucces) {
                                NSLog(@"success");
                            } else {
                                NSLog(@"startError");
                            }
                    }];
                }
        }];
    }];
0
Start An NEPacketTunnelProvider Fail
First post date Last post date
 
 
Q