IP Packet reading through Network Extension

Question

NJain OP

Created Oct ’23

Replies 3

Boosts 0

Participants 2

Hi Developers,

First of all thanks for reading me…I’m trying to build an iOS app that lists all requests made from the device like Proxy App does. My idea is to have a Packet Tunnel Provider and set up a local VPN connection without an external VPN server. The traffic would then be internally routed to the packet tunnel, without requiring an external VPN server.

I have downloaded the SimpleTunnel sample code project from Apple, created the correct entitlements, and can now run the project and create a VPN configuration that gets listed under Settings. Still, I can't connect to the VPN tunnel.

I have also downloaded the source code at https://github.com/lxdcn/NEPacketTunnelVPNDemo but didn't get it to work either.

Let me know if any of you’ve come across a similar implementation.

Thank you for your time!

Boost

Answer 1

DTS Engineer OP

Apple

Oct ’23

Before you start down this path, be aware that you’ll be walking it without Apple’s company. Packet tunnel providers are intended to be used to provide VPN. Using them for other stuff, like network debugging tools, is not support.

See TN3120 Expected use cases for Network Extension packet tunnel providers for more on this.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

1

Answer 2

NJain OP

Oct ’23

Hi @eskimo , I understand that this is not the intended use case for packet tunnel providers and Apple does not support this functionality. I wanted to clarify if implementing a proxy server with SwiftNIO(https://github.com/apple/swift-nio) in my app and using it to monitor network traffic in this way would affect the ability for my app to pass the App Review and be published onto the App Store? I have observed that apps such as Proxyman and WebProxyTool are essentially doing the same thing or kindly recommend legitmate substitute to accomplist this functionality.

(Note: I currently do not intend to integrate MDM at this phase)

Regards!

0

Answer 3

DTS Engineer OP

Apple

Oct ’23

I wanted to clarify if … this way would affect the ability for my app to pass the App Review and be published onto the App Store?

App Review has the final say about what will or won’t be allowed on the store. I don’t work for App Review and can’t speak for them.

I do work for DTS and I can say that DTS doesn’t support this (hence TN3120).

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

0