Hi, we are developing a carpooling app. In our app, once, the car driver enters his car, the app connects automatically in the background to the car. The connection to the car is done either via CarPlay or Bluetooth. Currently, when setting up the app, the user has to define how the connection to the car is established. He can choose between three options: either 1)CarPlay, or 2)Bluetooth or 3)both. Is it correct, that starting with the AccessoyKit of IOS18, the user will only have to choose the device, he wants the app to be connected with? However, he no longer has to define the kind of connection, i. e. CarPlay or Bluetooth by which to connect to the device? So in future, users will be able to connect to their Car, but they do not even know, whether the connection is via Bluetooth or CarPlay? If that is the case, it would make our lives much easier;) Many thanks for your help! Greets, Simon

I want to make a program which configures my Mac to broadcast a Wi-Fi Direct hotspot: a peer-to-peer network without an internet connection which is joinable by other devices including non-Apple devices (e.g. Android devices). This connection would allow for low latency comunication between external devices and my Mac without the need for extra Wi-Fi router hardware. From my understanding, the Mac network interface must be configured to be in Host AP (Access Point) mode so that it can host other connections. How can I write a program which enables Host AP mode and broadcasts a Wi-Fi hotspot from my Mac? Note: I do not want to create an Ad-Hoc (IBSS) connection because Android devices do not support joining this kind of Wi-Fi connection. Many years ago, it was possible to set the Mac Wi-Fi interface to Host AP mode via a function in CoreWLAN: CWInterface.startHostAPModeWithSSID. You can see this function referenced in this gist. But sadly, this function is no longer accessible. At this point in time, I see no way in the CoreWLAN library to set a CWInterface to be in hostAP interface mode, although the CWInterfaceMode.hostAP enumeration suggests this is possible. It is possible to enable Host AP mode via the Settings app > Sharing > Internet Sharing settings. But this requires a legitimate internet connection to be present. For my use case, I do not want a connection to the internet. I simply want to allow devices to communicate with my Mac directly, peer-to-peer over Wi-Fi. Is there any alternative? Could I implement this functionality in a Network Extension or Kernel Extension? Thank you all for any help you can provide!

We have BLE on a vehicle that acts as a peripheral and pairs with the user's iOS device as a central device. As we understand, the only way for a peripheral to be "remembered" for the next connection is registration with ANCS. If we don't register while being connected and then the user goes away, when he next time is in range, fresh pairing has to happen. Is that the right understanding? Before we register, we are discovering the ANCS on an iOS device, with UID for ANCS and connection handle as arguments. There are times when discovering API returns 0x06 (implying service not available). At times, we are able to discover the service and are able to register. We wanted to know if there is a deterministic way to ensure ANCS to be discoverable from the peripheral side? If not, is there another way (say any other service) by which the peripheral can take some action to be remembered?

Hello all, I am working on a project to connect to infra-WIFI via hotspot 2.0 (passpoint in WiFi alliance) from a loyalty app (to load trust anchor and client certificate) into iOS device using EAP-TLS. Apple's documentation only describe generic hotspot 2.0 support (probably R1). The UX for loading certificate is not user friendly compare with Android. I wish to confirm if iOS can support Passpoint R2 / R3 from apple to complete the App UX design. Please advise. Thanks. I am not doing EAP-AKA like what mobile telco ATT does for cellular offload to infrastructure WiFi for data traffic. This URL outline what is passpoint well for reference. https://syndicated.wifinowglobal.com/resource/secure-and-seamless-carrier-wi-fi-services-with-passpoint/

I have the following scenario in my VPN app. When app is configured with split tunneling, the vpn dns nameservers are defined in /etc/resolver/example.com (example.com is the domain to be resolved through tunnel) and secondary vpn dns server is configured as 8.8.8.8 (google public dns server) and primary as 3.92.179.203. With the following configuration the dns request are not routed through the tunnel, when I try to ping example.com it does not use 3.92.179.203. Explicit routes are added in the routing table to route the traffic to 3.92.179.203 via VPN interface. It used to work on older macOS versions 12.6 from 14.4 it seems broken system behaves differently when 8.8.8.8 is defined as a vpn nameserver. DNS requests does not go through tunnel it is resolved outside tunnel. If I use 9.9.9.9 or 1.1.1.1 or anyother nameserver other than 8.8.8.8 then it all works correctly.

Hi Team, We are using the transparent app proxy in macOS and resolving DNS queries using DNSServiceQueryRecord in the TAP process. According to the documentation, when passing the interfaceIndex as 0, it should be queried on all interfaces, and based on IP rules, it assigns the query to that particular interface. However, when we pass 0, it does not query any of the interfaces. We need to provide the specific interface index.

I am developing a watchOS-only app, and whenever I attempt to make a network request, it always fails and throws the following error: Error Domain=NSURLErrorDomain Code=-1009 "The Internet connection appears to be offline." I noticed that when I turn off Wi-Fi and Bluetooth in the settings of the iPhone paired with the Apple Watch (thus disconnecting the Apple Watch from the iPhone), my app can successfully connect to the network. Additionally, when the app contains both an iOS app and a watchOS app, after granting network permissions on the iOS app, the watchOS app can access the network normally when connected to the iPhone. When opening some system apps on the Apple Watch (such as the "Workout" app), the app will display a network permission request similar to that on iOS, but this request does not automatically pop up when my watchOS app attempts to access the network. Is there a way to request network permissions in a watchOS-only app so that it can access the network while connected to the iPhone?

It looks like that, with Sequoia, it is not possible to open an NSURLSession or any other TCP connection to a machine on the local network if the application is not in the "Applications" folder. That is pretty inconvenient when debugging or running via Xcode since the build folder is not within the Applications folder. And, yes, the NSLocalNetworkUsageDescription key and description strings are in the Info.plist file (and it asks for permission). How can we expect to debug applications like that ? Is anybody else experiencing this ?

I've followed all the advice on these forums regarding developing network extensions. I'm working on a FilterDataProvider using the SimpleFirewall example project as a starting point. The issue I run into is that the copy of the extension binary that the system manages does not get updated by the system when I copy a new application into the /Applications directory. Here's my workflow: Build and run the application from Xcode. I've added a pre-run action that copies the extension into a /Applications/SysExtDev folder so I don't have to disable SIP. Test & make changes to code Disable & remove the extension in Settings > Network > Filters & Proxies Build and run the application from Xcode. New app binary loads, but the old extension binary loads. I also notice that the app will report that the extension is already registered even when it's not present in the UI in System Settings. And when I enable the extension in the newly launched app, I don't see the full flow of confirmation dialogs, only one indicating that the app wants to filter network content. If I run: ❯ diff /Applications/SysExtDev/SimpleFirewall.app/Contents/Library/SystemExtensions/com.example.apple-samplecode.SimpleFirewall2U6G6353D3.SimpleFirewallExtension.systemextension/Contents/MacOS/com.example.apple-samplecode.SimpleFirewall2U6G6353D3.SimpleFirewallExtension /Library/SystemExtensions/44022C0D-8BBA-4783-8314-83195A516DB5/com.example.apple-samplecode.SimpleFirewall2U6G6353D3.SimpleFirewallExtension.systemextension/Contents/MacOS/com.example.apple-samplecode.SimpleFirewall2U6G6353D3.SimpleFirewallExtension Binary files ... and ... differ it indicates that the binaries are not the same. In order to resolve this issue I usually have to wait around for awhile and/or reboot the machine. I can't find any rhyme or reason to it. I've tried removing the old app from /Applications before building the new copy but that doesn't seem to help either. The way I know things are going to work is, if when I launch and enable the extension, I see the full onboarding flow asking me to open settings and allow under privacy and security. I have tried running $ systemextensionsctl uninstall 2U6G6353D3 com.example.apple-samplecode.SimpleFirewall2U6G6353D3.SimpleFirewallExtension but that requires SIP to be disabled. I'm really close to just throwing in the towel and developing with SIP disabled. However, I feel like I must be missing something. Do I need to bump the version every time? Do I need to kill the extension process with launchctl so it can be cleaned up? Do I have to tickle the launch services or sfl db? What am I missing?

Hi, I had a Content Filter network extension. It is successfully working until Sonoma. I try to install and activate same network extension on Sequoia beta Intel Mac. But even I haven't got any user consent to activate and allow it. I haven't found any entry in Network settings. Do we need to make any changes in Sequoia MacOs to make it work? Thank you.

Hi, I'm using Multipeer Connectivity in my application and when I run it on my physical device, I receive following warning: NSNetServiceBrowser did not search with error dict [{ NSNetServicesErrorCode = "-72008"; NSNetServicesErrorDomain = 10; }]. I've found out that this is associated with not having proper permissions in info.plist according to https://developer.apple.com/forums/thread/653316 I've set description for Privacy - Local Network Usage Description, however, I'm not able to find any key for setting my Bonjour Services. Also, I do not see any popup on my device displaying request to approve local network usage. Could you please provide me an information how can I register my privileges properly?

Since I am uploading in the background, I need to save the request body off in a file. The documentation says this gets copied to a temporary storage area and uploaded from there. When can I delete the temporary file I generated? Deleting it just after the call to session.uploadTask(with: request, fromFile: filePath) seems to be a race condition where I will occasionally get a sharing violation deleting the file. Do I have to keep my temporary file around until DidCompleteWithError or DidReceiveData is called? I ask because I'm uploading an existing photo, so I have to generate a multi-part form file with the photo embedded, then iOS makes a copy of that file. This results in having the photo in storage on the device three times. We are uploading photos from an Event so there will be several hundred, so Im worried about device storage running out. Todd

Our macOS application (running as a LaunchDaemon) has been able to report the current Wi-Fi SSID and BSSID (if connected) using the airport command. Since airport has been removed from macOS, we have not been able to collect BSSID information. First, I demonstrate that the BSSID exists: I can option-click the Wi-Fi status menu icon and see the following: Wi-Fi Interface Name: en0 Address: a8:8f:d9:52:10:7d * * * Enable Wi-Fi Logging Create Diagnostics Report... Open Wireless Diagnostics... * * * Known Network polymorphic IP Address: 192.168.86.50 Router: 192.168.86.1 Security: WPA2 Personal BSSID: 88:3d:24:ba:36:81 Channel: 149 (5 GHz, 80 MHZ) Country Code: US RSSI: -60 dBm Noise: -89 dBm Tx Rate: 520 Mbps PHY Mode: 802.11ac MCS Index: 5 NSS: 2 * * * Other Networks * * * Wi-Fi Settings... This says to me that: The WiFi router I am connected to has SSID = polymorphic. The WiFi router I am connected to has BSSID = 88:3d:24:ba:36:81. My computer's Wi-Fi hardware has MAC address = a8:8f:d9:52:10:7d. My computer's Wi-Fi interface name = en0. To get this information now (from within an application), I have attempted to run: /usr/sbin/networksetup -listallhardwareports The output of that command includes the following Hardware Port: Wi-Fi Device: en0 Ethernet Address: a8:8f:d9:52:10:7d To get the SSID, I can then execute: $ /usr/sbin/networksetup -getairportnetwork en0 Current Wi-Fi Network: polymorphic But I still can't get the router's BSSID. So I try $/usr/sbin/networksetup -getinfo 'Wi-Fi' DHCP Configuration IP address: 192.168.86.50 Subnet mask: 255.255.255.0 Router: 192.168.86.1 Client ID: IPv6: Automatic IPv6 IP address: none IPv6 Router: none Wi-Fi ID: a8:8f:d9:52:10:7d Still no new information. $ /usr/sbin/networksetup -getmacaddress en0 Ethernet Address: a8:8f:d9:52:10:7d (Device: en0) This is not helpful either. Let's try another approach: $ /usr/sbin/netstat -nr -f inet | grep ^default default 192.168.86.1 UGScg en0 This tells me that my router's IP address is 192.168.86.1. The arp tool should be able to translate $ /usr/sbin/arp -a -n | grep "(192.168.86.1)" ? (192.168.86.1) at 88:3d:24:ba:36:7f on en0 ifscope [ethernet] This tells me that the router's MAC address is "88:3d:24:ba:36:7f", but it is not the same value as the router's BSSID, which we know to be 88:3d:24:ba:36:81! Another approach. I wrote the following Swift program: import CoreWLAN let c : CWWiFiClient = CWWiFiClient.shared() if let ifs : [CWInterface] = c.interfaces() { for i in ifs { print( i.interfaceName ?? "<nil>", i.powerOn(), i.ssid() ?? "<nil>", i.bssid() ?? "<nil>") } } When executing it with swift, I got: en0 true polymorphic <nil> So for some reason, the CoreWLAN API is hiding the BSSID, but not the SSID. When I use swiftc to compile before executing, I get: en0 true <nil> <nil> Why is the CoreWLAN API now hiding the SSID as well? I even tried an Objective-C program: // Link with: // -framework Foundation // -framework CoreWLAN #include <stdio.h> #include <CoreWLAN/CoreWLAN.h> void printWifi() { NSArray<CWInterface*>* ifs = [[CWWiFiClient sharedWiFiClient] interfaces]; for (CWInterface* i in ifs) { printf("%s %s %s %s\n", [i.interfaceName UTF8String], [i powerOn] ? "true" : "false", [[i ssid] UTF8String], [[i bssid] UTF8String]); } } int main() { printWifi(); return 0; } It prints out: en0 true (null) (null) Based on https://developer.apple.com/forums/thread/131636, I tried // Link with: // -framework Foundation // -framework CoreWLAN // -framework CoreLocation #include <stdio.h> #include <CoreWLAN/CoreWLAN.h> #include <CoreLocation/CoreLocation.h> void printWifi() { NSArray<CWInterface*>* ifs = [[CWWiFiClient sharedWiFiClient] interfaces]; for (CWInterface* i in ifs) { printf("%s %s %s %s\n", [i.interfaceName UTF8String], [i powerOn] ? "true" : "false", [[i ssid] UTF8String], [[i bssid] UTF8String]); } } CLLocationManager* startCoreLocation() { CLLocationManager* mgr = [[CLLocationManager alloc] init]; [mgr requestAlwaysAuthorization]; [mgr startUpdatingLocation]; return mgr; } int main() { CLLocationManager* locMgr = startCoreLocation(); printWifi(); return 0; } That change did not seem to make a difference. After more work, I found that I can not even figure out CLLocationManager authorization. So I attempted to create a minimal program that can get that: https://github.com/HalCanary/location. I am not sure how to proceed here. What is wrong with my location code? Will our application need to get the com.apple.security.personal-information.location entitlement in order to get the BSSID?

Hi, We are using HTTP3 only and hence using assumesHTTP3Capable for every request. It worked so far but now encountered one iPhone that never honor this flag and always tries to create a connection using TCP: [tcp] tcp_input [C1:3] flags=[R.] seq=0, ack=2023568485, win=0 state=SYN_SENT rcv_nxt=0, snd_una=2023568484 The request is created like this: let url = URL(string: urlString)! var request = URLRequest(url: url, cachePolicy: .reloadIgnoringLocalCacheData, timeoutInterval: 60.0) request.assumesHTTP3Capable = true return try await urlSession.data(for: request) iOS: 16 XCode: 15.3 In what cases iOS CFNetwork would not honor "assumesHTTP3Capable" ? (or how can I find out why?)

Hi, I'm responsible for extending my company's Firewall application with MacOS support. The easiest and fastest way requires a simple API similar to netmap/nfq in Unix/Linux systems or NDIS/WinDivert in Windows platform where All network traffic passing NIC's or WiFi adapter should beforwarded to our FW application, FW application should process the raw packets with its own connection tracking mechanism, modify them if needed, generate new ones if needed, FW application should inject forwarded or new packets to continue their ways. In other words, the required API should stand between NIC/WiFi driver and networking stack and allow packet manipulation. My questions follow: I can't decide on which method to focus further, throughout three alternatives; kext - It can satisfy the requirements, but deprecated, difficult to progress and have no guarantee to be applicable in future versions of MacOS, am I right ? networkingdriverkit - It can satisfy the requirements, am I right ? networkextension - can it satisfy the requirements? Also there is a serious performance problem as mentioned in https://developer.apple.com/forums/thread/757071. Can anyone help me to decide on the most proper method for? Thanks.

Forward posting from the Swift Forums. Within my iOS project (thesis project) I have set up a MITM server that is being sent data from a Packet Tunnel Provider. I am currently seeing that all IPv6 requests aren't able to have their IP address resolved when passed to Swift NIO that uses the default system DNS resolver. On the Packet Tunnel Provider, I have set it to use the DNS's 8.8.8.8 and 8.8.4.4 that are also the system defaults. I have also attempted to use my routers DNS routing to no avail. Both v4 and v6 traffic are proxied to the MITM server that uses Swift NIO, with v4 traffic successfully being processed on ingress and egress as intended. IPv6 traffic is failing to resolve with the following error: dev.thesis.apps.LocalProxyServer.ConnectHandler : [LocalPacketTunnelProvider] Connect failed: NIOConnectionError(host: "ipv6.mythic-beasts.com", port: 443, dnsAError: Optional(NIOCore.SocketAddressError.unknown(host: "ipv6.mythic-beasts.com", port: 443)), dnsAAAAError: Optional(NIOCore.SocketAddressError.unknown(host: "ipv6.mythic-beasts.com", port: 443)), connectionErrors: []) ipv6.mythic-beasts.com for the purposes of this is just a test website I am using that only has a AAAA record associated with it: When not connected to the Packet Tunnel Provider, the website is successfully resolved and can be viewed within the browser - so I have narrowed it down to either the server or tunnel configuration. The server uses the GetaddrinfoResolver, that utilises the iOS's system default DNS resolver. This should conform to necessary RFC. Could anyone provide me with a reason why this could be happening and if possible a link to a resource that could assist with remediating the issue? I'll be the first to admit this isn't my forte so would appreciate some support if possible. I am aware that this isn't an expected use cases for Network Extension packet tunnel providers (as per TN3120). I'm just concerned as IPv4 DNS records are resolving but IPv6 aren't so wondering if this is a wider issue. would expect the system DNS resolver to still work as intended though.

I am working on an app which is capturing photos and uploading them to a server. I have followed the URLSession configuration to properly support background transfers. However, I am now noticing that my photos are uploading way slower, even when the user has the app open and is interacting with the app. This is undesirable because the changes need to be reflected in real time to the server when the user is active in the app. Previously, when I was just using URLSession.shared.uploadTask with a completion handler, the photos uploaded right away in a matter of 1-2 seconds. Now it is taking 3-4 minutes per photo to upload. The photos are roughly 3mb in size each. I have tried setting the isDiscretionary property explicitly to false to no avail. Sometimes the users are without internet connection, which is why I wanted to use the background session (so that the uploads can be automatically retried by the system when the user connects back to the internet) So, in summary, I want the functionality of the background uploading (and to let the system retry when the user transitions from offline to online) however I also need realtime uploading when the user is interacting with the app. What is the preferred way to solve this problem?

Hi, I'm using network extension on my VPN app. I'm override the sleep method and send some data to my server when the method call. I noticed that the server requests are succeeded when I'm connecting with a WiFi networks and failed when I'm connecting with cellular networks. Does the OS blocks immediately the connectivity when I'm on the cellular networks and the device enter to sleep?

I am updating a universal app for release on iOS 17+ devices using Xcode15.2 and Solar2d v3708. The last release was 7 years ago. The app connects to the local network and used a custom UDP protocol to connect to and control specific hardware devices. The protocol involves transmitting and receiving both broadcast and unicast messages to/from IPV4 capable proprietary devices on the local network. When I run the app in the Solar2d simulator and when I run the current version installed from the App store on my iPad, communications work well. When I build the same code into a new development build and transfer it to my iPad, I found that attempts to send broadcast messages are failing. When I print out the error returned from the socket interface to the console, I see the message is "No Route to Host". I requested multicast capability from Apple and when it appeared on my development portal I updated the App Id to include the multicast entitlement. I updated the development profile to include our new 6th gen IPad and the updated AppID. I downloaded and installed the development profile. That new profile is what I am selecting / using to sign the app. I am using lua socket library to send broadcast messages I created a very basic project with just the basic networking code example and built this for my iPad the results are the same. local socket = require("socket") local main, errorMain = socket.udp6() main:setoption('broadcast', true) local ack, mError = main:sendto("", "::FFFF:255.255.255.255", 3100) print("My Debug Message: Main sending - " .. (ack or "nil") .. ", Error : " .. (mError or "None")) I also tried modifying my code to use udp4 as follows and the results were the same. local socket = require("socket") local main, errorMain = socket.udp4() main:setoption('broadcast', true) local ack, mError = main:sendto("", "255.255.255.255", 3100) print("My Debug Message: Main sending - " .. (ack or "nil") .. ", Error : " .. (mError or "None")) console output: My Debug Message: Main sending - nil, Error : No route to host Any help or insight would be greatly appreciated.

Hello, I am looking into the newly announced Accessory Setup Kit and I'd like to replace my manual WiFi connection setup with it, but I cannot find a way how to specify WiFi password when configuring ASDiscoveryDescriptor, only ssid or ssidPrefix can be specified? Is it really not possible to connect to WiFi with password with this new framework? That kind of makes it unusable for my use case :( Since the accessory has password.