I'm trying to implement support for grpc http/2 streams using NSURLSession. Almost everything works fine, data streaming is flowing from the server and from the client and responses are coming through my NSURLSessionTaskDelegate. I'm getting the responses and streamed data through the appropriate handlers (didReceiveData, didReceiveResponse). However, I cannot seem to find an API to access the trailers expected by grpc. Specifically, the expected trailer "grpc-status: 0" is in the response, but after the data. Is there no way to gain access to trailers in the NSURLSession Framework?

My external device can generate a fixed Wi-Fi network. When I connect to this Wi-Fi using my iPhone 17 Pro Max (iOS version 26.0.1), and my app tries to establish a connection using the following method, this method returns -1 int connect(int, const struct sockaddr *, socklen_t) __DARWIN_ALIAS_C(connect); However, when I use other phones, such as iPhone 12, iPhone 8, iPhone 11, etc., to connect to this external device, the above method always returns successfully, with the parameters passed to the method remaining the same. I also tried resetting the network settings on the iPhone 17 Pro Max (iOS version 26.0.1), but it still cannot establish a connection.

I'm developing an iOS application in Swift that performs API calls using URLSession.shared. The requests work correctly when the app is in the foreground. However, when the app transitions to the background (for example, when the user switches to another app), the ongoing API calls are either paused or do not complete as expected. What I’ve tried: Using URLSession.shared.dataTask(with:) to initiate the API requests Observing application lifecycle events like applicationDidEnterBackground, but haven't found a reliable solution to allow requests to complete when backgrounded Goal: I want certain API requests to continue running or be allowed to complete even if the app enters the background. Question: What is the correct approach to allow API calls to continue running or complete when the app moves to the background? Should I be using a background URLSessionConfiguration instead of URLSession.shared? If so, how should it be properly configured and used in this scenario?

I'm developing an iOS application in Swift that performs API calls using URLSession.shared. The requests work correctly when the app is in the foreground. However, when the app transitions to the background (for example, when the user switches to another app), the ongoing API calls are either paused or do not complete as expected. What I’ve tried: Using URLSession.shared.dataTask(with:) to initiate the API requests Observing application lifecycle events like applicationDidEnterBackground, but haven't found a reliable solution to allow requests to complete when backgrounded Goal: I want certain API requests to continue running or be allowed to complete even if the app enters the background. Question: What is the correct approach to allow API calls to continue running or complete when the app moves to the background? Should I be using a background URLSessionConfiguration instead of URLSession.shared? If so, how should it be properly configured and used in this scenario?

Configure the App ID in the Apple Developer Portal. In the Network Extensions section, the Packet Tunnel section is not displayed, as shown in the figure below How to proceed with the configuration of App ID. In the Network Extensions section: Display the Packet Tunnel section Our account is a China region account

Configure the App ID in the Apple Developer Portal. In the Network Extensions section, the Packet Tunnel section is not displayed How to proceed with the configuration of App ID. In the Network Extensions section: Display the Packet Tunnel section Our account is a China region account

Hello, We've been working on an app that uses the new NEUrlFilter API and we've got a question. Currently, the system is designed with the assumption that a single app == usecase == single remote database. But what if we would like to give the user the ability to use different blocklists? For example, the user may want to: Block scam domains Block tracking domains Block adult domains Or any composition of these 3 What should we do to give the user this option? It seems that we could differentiate different databases by using different PIR service hostnames, but that would also mean that we'll have to send several requests for the same usecase but with different PIR service hostnames (and they'll all share the same app bundle ID). Will these requests be accepted then? If not, is there an alternative? PS: By sending a request I mean submitting this form

I would like to understand the behaviour of Network framework when I have established a connection between 2 iOS devices which are connected through LAN and the same Wifi. Assumptions: Enabled includePeerToPeer. Devices are discovered and connected through Bonjour: When the connection establishes for the first time, does it automatically decide which interface to pick? I see some posts which point to Happy Eyeball algorithm but that seem to point more towards ipv4 vs ipv6 rather than Wifi vs LAN vs P2P. In the middle of a connection, if the established connection has issues, does the Network framework automatically switch to the best available interface? If not, I would assume the app will have to handle the switching in betterPathUpdateHandler callback? I’m curious what needs to be done here. Do I just create a new connection and hope that it picks the actual better path? The NWInterface.InterfaceType doesnt have a type for peer to peer wifi. Does that mean that when the interface actually switches to peer to peer, the InterfaceType will be other? It would be great if there is a workflow or example of how this needs to be handled with multiple available Interfaces.

I have some confusion around the usage of DeviceDiscoveryUI. The documentation suggests that it is available only on TVOS. But with the recent announcement of WifiAware, it has been used in iOS devices as well. Within DeviceDiscoveryUI, the DevicePicker or the DevicePairingView documentation seems to be available with iOS. Is this just a documentation mistake? Followup - Can I use DeviceDiscoveryUI's DevicePicker/ DevicePairingView to discover devices through Bonjour and then establish a connection through Network framework?

Hello, I’ve run into some strange behavior with the macOS System Extension using a Packet Tunnel. The issue showed up after the device went to sleep while the VPN was running. When I woke the computer, the VPN tried to reconnect but never succeeded — it just stayed stuck in the “connecting” state. I was able to turn the VPN off, but every attempt to turn it back on failed and got stuck at “connecting” again. Even removing the VPN configuration from Settings didn’t help. The only thing that worked was disabling the system extension completely. While checking the logs, I noticed thousands of identical log messages appearing within just a few seconds: nesessionmanager(562) deny(1) system-fsctl (_IO "h" 47) 17:11:52.481498+0200 NESMVPNSession[Primary Tunnel:Secure DNS: got On Demand start message from pid 5454 com.apple.networkextension 17:11:52.481568+0200 NESMVPNSession[Primary Tunnel:Secure DNS: got On Demand start message from pid 5454 com.apple.networkextension 17:11:52.481580+0200 NESMVPNSession[Primary Tunnel:Secure DNS: got On Demand start message from pid 5454 com.apple.networkextension 17:11:52.481587+0200 NESMVPNSession[Primary Tunnel:Secure DNS: got On Demand start message from pid 5454 com.apple.networkextension 17:11:52.481646+0200 NESMVPNSession[Primary Tunnel:Secure DNS: got On Demand start message from pid 5446 com.apple.networkextension 17:11:52.481664+0200 NESMVPNSession[Primary Tunnel:Secure DNS: got On Demand start message from pid 5446 com.apple.networkextension 17:11:52.481671+0200 NESMVPNSession[Primary Tunnel:Secure DNS: got On Demand start message from pid 5446 com.apple.networkextension 17:11:52.481676+0200 NESMVPNSession[Primary Tunnel:Secure DNS: got On Demand start message from pid 5446 com.apple.networkextension 17:11:52.481682+0200 NESMVPNSession[Primary Tunnel:Secure DNS: got On Demand start message from pid 5446 com.apple.networkextension 17:11:52.481687+0200 NESMVPNSession[Primary Tunnel:Secure DNS: got On Demand start message from pid 5446 com.apple.networkextension After the burst of these repeated messages, I started seeing logs like the following: 17:11:52.481759+0200 NESMVPNSession[Primary Tunnel:Secure DNS: Received a start command from Spotify Helper[69038] com.apple.networkextension 17:11:52.481790+0200 NESMVPNSession[Primary Tunnel:Secure DNS: Skip a start command from Spotify Helper[69038]: session in state connecting com.apple.networkextension 17:11:52.481949+0200 NESMVPNSession[Primary Tunnel:Secure DNS: Received a start command from Spotify Helper[69038] com.apple.networkextension 17:11:52.481966+0200 NESMVPNSession[Primary Tunnel:Secure DNS: Skip a start command from Spotify Helper[69038]: session in state connecting com.apple.networkextension 17:11:52.481986+0200 NESMVPNSession[Primary Tunnel:Secure DNS: Received a start command from Spotify Helper[69038] com.apple.networkextension 17:11:52.481992+0200 NESMVPNSession[Primary Tunnel:Secure DNS: Skip a start command from Spotify Helper[69038]: session in state connecting com.apple.networkextension 17:11:52.482003+0200 NESMVPNSession[Primary Tunnel:Secure DNS: Received a start command from Spotify Helper[69038] com.apple.networkextension 17:11:52.482011+0200 NESMVPNSession[Primary Tunnel:Secure DNS: Skip a start command from Spotify Helper[69038]: session in state connecting com.apple.networkextension 17:11:52.482022+0200 NESMVPNSession[Primary Tunnel:Secure DNS: Received a start command from Spotify Helper[69038] com.apple.networkextension 17:11:52.482028+0200 NESMVPNSession[Primary Tunnel:Secure DNS: Skip a start command from Spotify Helper[69038]: session in state connecting com.apple.networkextension 17:11:52.482039+0200 NESMVPNSession[Primary Tunnel:Secure DNS: Received a start command from Spotify Helper[69038] com.apple.networkextension 17:11:52.482049+0200 NESMVPNSession[Primary Tunnel:Secure DNS: Skip a start command from Spotify Helper[69038]: session in state connecting com.apple.networkextension 17:11:52.482060+0200 NESMVPNSession[Primary Tunnel:Secure DNS: Received a start command from Slack Helper[84828] com.apple.networkextension 17:11:52.482069+0200 NESMVPNSession[Primary Tunnel:Secure DNS: Skip a start command from Slack Helper[84828]: session in state connecting com.apple.networkextension 17:11:52.482079+0200 NESMVPNSession[Primary Tunnel:Secure DNS: Received a start command from sharingd[764] com.apple.networkextension 17:11:52.482086+0200 NESMVPNSession[Primary Tunnel:Secure DNS: Skip a start command from sharingd[764]: session in state connecting com.apple.networkextension It is clear that the connection is in a loop of submitting request to start and then failing. This problem occured only after sleep on macOS 26.0 and 15.6. This issue only occured after the system woke up from sleep. macOS 15.6 and 26.0. Is this a known problem, and how should I go about troubleshooting or resolving it?

I'm working with Apple's SimpleURLFilter sample project and consistently encountering an error when trying to implement the URL filter. Here are the details: Setup: Downloaded the official SimpleURLFilter sample project from Apple Set the developer team for both targets (main app and extension) Built and ran the PIR server on my laptop using Docker as per the sample instructions Built the iOS project on my iPhone running iOS 26.0.1 Server is accessible at my Mac's IP address on port 8080 Configuration: PIR Server URL: http://[my-mac-ip]:8080 Authentication Token: AAAA (as specified in service-config.json) Privacy Pass Issuer URL: (left empty) Fail Closed: enabled Code Changes: The only modifications I made were: Updated bundle identifiers to include my team identifier Updated PIR server's service-config.json to match: com.example.apple-samplecode.SimpleURLFilter[TEAM_ID].url.filtering Modified URLFilterControlProvider.swift: Added existingPrefilterTag: String? parameter to fetchPrefilter() method Added tag: "bloom_filter" parameter to NEURLFilterPrefilter initializer Issue: After configuring the filter and entering my passcode in Settings, I consistently see: Received filter status change: <FilterStatus: 'starting'> Received filter status change: <FilterStatus: 'stopped' errorMessage: 'The operation couldn't be completed. (NetworkExtension.NEURLFilterManager.Error error 9.)'> Questions: What does NEURLFilterManager.Error error 9 specifically indicate? Could the URLFilterControlProvider modifications be causing this issue? Are there debugging steps to get more detailed error information? Any guidance would be appreciated!

Hello, As I've been tinkering with the new URL filtering API I've been struggling to create bloom filters. I have been referencing this developer's post heavily: https://developer.apple.com/forums/thread/791352?answerId=851527022#851527022 He suggests that the expected FNV-1a implementation has the multiply and xor operations inverted, while an Apple engineer suggests that this will be updated on the offical iOS26 release (which has already happened). What is the "correct" FNV-1a implementation? In this sample project (which is from july, so pre-release ios 26): https://developer.apple.com/documentation/networkextension/filtering-traffic-by-url Is the included bloom filter data correct? I can only assume the other developer used this as a reference to then conclude that multiplying and xor-ing should be inverted, so I'm really not sure if this bloom filter bitVectorData here is trustworthy. Is there any reference implementation for this hashing procedure? How do we generate a bloom filter properly and know that it is correct?

We have observed a per-process limitation on the number of simultaneous nw_connection_t objects in certain macOS environments. On some systems, this limit does not appear to apply, but on others the limitation is reproducible. When a process attempts to establish a large number of connections (e.g. 512+), some connections enter the nw_connection_state_waiting state and report the POSIX error “Cannot allocate memory”. These connections remain stuck indefinitely, even after other connections are deallocated and resources should theoretically be available again. This behavior severely impacts use cases such as transparent proxies implemented via the NetworkExtension framework, which intercept system-wide traffic and must open connections on behalf of all client processes. In this scenario, a per-process limit effectively becomes a system-wide limit, leading to unexpected and hard-to-diagnose network failures in client applications. So, is there any way to disable this restriction for Network Extension processes? Are there any system settings that could affect this limitation and be modified by users?

I observed the following crash: Code Type: ARM-64 (Native) Parent Process: launchd [1] User ID: 0 Date/Time: 2025-10-07 13:48:29.082 OS Version: macOS 15.6 (24G84) Report Version: 12 Anonymous UUID: 8B651788-4B2E-7869-516B-1DA0D60F3744 Crashed Thread: 3 Dispatch queue: NEFlow queue Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000054 ... Thread 3 Crashed: Dispatch queue: NEFlow queue 0 libdispatch.dylib 0x000000019af6da34 dispatch_async + 192 1 libnetworkextension.dylib 0x00000001b0cf8580 __flow_startup_block_invoke.216 + 124 2 com.apple.NetworkExtension 0x00000001adf97da8 __88-[NEExtensionAppProxyProviderContext setInitialFlowDivertControlSocket:extraValidation:]_block_invoke.90 + 860 3 libnetworkextension.dylib 0x00000001b0cf8140 __flow_startup_block_invoke.214 + 172 4 libdispatch.dylib 0x000000019af67b2c _dispatch_call_block_and_release + 32 5 libdispatch.dylib 0x000000019af8185c _dispatch_client_callout + 16 6 libdispatch.dylib 0x000000019af70350 _dispatch_lane_serial_drain + 740 7 libdispatch.dylib 0x000000019af70e2c _dispatch_lane_invoke + 388 8 libdispatch.dylib 0x000000019af7b264 _dispatch_root_queue_drain_deferred_wlh + 292 9 libdispatch.dylib 0x000000019af7aae8 _dispatch_workloop_worker_thread + 540 10 libsystem_pthread.dylib 0x000000019b11be64 _pthread_wqthread + 292 11 libsystem_pthread.dylib 0x000000019b11ab74 start_wqthread + 8 ... It appears that the crash is caused by the flow director queue becoming NULL when dispatch_async is called (accessing address 0x0000000000000054). Meanwhile, my transparent proxy was still running. I'm wondering if this is a known issue or if anyone else has encountered the same problem. @eskimo

When filtering traffic to localhost (127.0.0.1), it causes Maven repository synchronization to fail in IntelliJ IDEA. However, Maven works correctly when local traffic is not filtered. I will provide a minimal code reproduction below. - (void)startFilterWithCompletionHandler:(void (^)(NSError *error))completionHandler { // Add code to initialize the filter NSMutableArray *rules = [NSMutableArray array]; NENetworkRule * rule = [[NENetworkRule alloc] initWithRemoteNetwork:nil remotePrefix:0 localNetwork:nil localPrefix:0 protocol:NENetworkRuleProtocolTCP direction:NETrafficDirectionAny]; [rules addObject:[[NEFilterRule alloc]initWithNetworkRule:rule action:NEFilterActionFilterData]]; rule = [[NENetworkRule alloc] initWithRemoteNetwork:nil remotePrefix:0 localNetwork:nil localPrefix:0 protocol:NENetworkRuleProtocolUDP direction:NETrafficDirectionAny]; [rules addObject:[[NEFilterRule alloc]initWithNetworkRule:rule action:NEFilterActionFilterData]]; NWHostEndpoint *hostEndpointIpv4 = [NWHostEndpoint endpointWithHostname:@"127.0.0.1" port:@"0"]; NENetworkRule *localHostRuleIpv4 = [[NENetworkRule alloc] initWithRemoteNetwork:hostEndpointIpv4 remotePrefix:32 localNetwork:hostEndpointIpv4 localPrefix:32 protocol:NENetworkRuleProtocolAny direction:NETrafficDirectionAny]; [rules addObject:[[NEFilterRule alloc]initWithNetworkRule:localHostRuleIpv4 action:NEFilterActionFilterData]]; NEFilterSettings *filterSetting = [[NEFilterSettings alloc] initWithRules:rules defaultAction:NEFilterActionAllow]; [self applySettings:filterSetting completionHandler:^(NSError * _Nullable error) { if (error) { NSLog(@"Failed to apply filter settring: %@", error.localizedDescription); } completionHandler(error); }]; } Maven Sync error: System Log: 默认 17:35:13.184509+0800 kernel cfil_inp_log:6179 <CFIL: outbound TCP data dropped for pre-existing un-filtered flow>: [41046 idea] <TCP out so 3bb6402f58a82e37 - flags 0x800840 0x80> lport 63166 fport 29735 laddr 127.0.0.1 faddr 127.0.0.1 默认 17:35:13.184510+0800 kernel cfil_inp_log:6179 <CFIL: outbound TCP data dropped for pre-existing un-filtered flow>: [41046 idea] <TCP out so d6dde374c8cb613b - flags 0x800840 0x80> lport 63165 fport 29735 laddr 127.0.0.1 faddr 127.0.0.1 默认 17:35:13.529546+0800 kernel cfil_inp_log:6179 <CFIL: outbound TCP data dropped for pre-existing un-filtered flow>: [41046 idea] <TCP out so cc915e74ba29f8cb - flags 0x800840 0x80> lport 63169 fport 39066 laddr 127.0.0.1 faddr 127.0.0.1 默认 17:35:13.529546+0800 kernel cfil_inp_log:6179 <CFIL: outbound TCP data dropped for pre-existing un-filtered flow>: [41046 idea] <TCP out so 2e15c3e54ebcc45 - flags 0x800840 0x80> lport 63168 fport 39066 laddr 127.0.0.1 faddr 127.0.0.1 默认 17:35:14.046094+0800 kernel cfil_inp_log:6179 <CFIL: outbound TCP data dropped for pre-existing un-filtered flow>: [41046 idea] <TCP out so 71f6d3a53472131f - flags 0x800840 0x80> lport 63172 fport 53241 laddr 127.0.0.1 faddr 127.0.0.1 默认 17:35:14.046145+0800 kernel cfil_inp_log:6179 <CFIL: outbound TCP data dropped for pre-existing un-filtered flow>: [41046 idea] <TCP out so c88a367c9717185b - flags 0x800840 0x80> lport 63171 fport 53241 laddr 127.0.0.1 faddr 127.0.0.1 Environment Details: Operating System: macOS 15.5 (Sequoia) IDE: IntelliJ IDEA 2025.1 Relevant Technology: NEFilterDataProvider (Network Extension) I have found reports of similar problems online： https://discussionschinese.apple.com/thread/255270330?sortBy=rank https://blog.csdn.net/weixin_42339552/article/details/137402307 They all seem to be caused by network extension。

Hi, My app uses the NetworkExtension framework to connect to an access point. For some reason, my app occasionally fails to find and/or connect to my AP (which I know is online and beaconing on a given frequency). This roughly happens 1/10 times. I am using an iPhone 17, running iOS 26.0.1. I am connecting to a WPA2-Personal network. In the iPhone system logs, I see the following: Oct 10 10:34:10 wifid(WiFiPolicy)[54] <Notice>: Dequeuing command type: "Scan" pending commands: 0 Oct 10 10:34:10 wifid(WiFiPolicy)[54] <Notice>: __WiFiDeviceCopyPreparedScanResults: network records count: 0 Oct 10 10:34:10 kernel()[0] <Notice>: wlan0:com.apple.p2p: WiFi infra associated, NAN DISABLED, , DFS state Off, IR INACTIVE, llwLink ACTIVE, RTM-DP 0, allowing scans Oct 10 10:34:10 kernel()[0] <Notice>: wlan0:com.apple.p2p: isScanDisallowedByAwdl[1148] : InfraScanAllowed 1 (RTModeScan 0 NonSteering 0 assistDisc 0 HTMode 0 RTModeNeeded 0 Immin 0 ScanType 1 Flags 0 ScanOn2GOnly 0 DevAllows2G 1) Oct 10 10:34:10 kernel()[0] <Notice>: wlan0:com.apple.p2p: IO80211PeerManager::setScanningState:5756:_scanningState:0x2(oldState 0) on:1, source:ScanManagerFamily, err:0 Oct 10 10:34:10 kernel()[0] <Notice>: wlan0:com.apple.p2p: setScanningState:: Scan request from ScanManagerFamily. Time since last scan(1.732 s) Number of channels(0), 2.4 only(no), isDFSScan 0, airplaying 0, scanningState 0x2 Oct 10 10:34:10 kernel()[0] <Notice>: wlan0:com.apple.p2p: IO80211PeerManager::setScanningState:5756:_scanningState:0x2(oldState 0) on:1, source:ScanManagerFamily, err:0 Oct 10 10:34:10 kernel()[0] <Notice>: wlan0:com.apple.p2p: Controller Scan Started, scan state 0 -> 2 Oct 10 10:34:10 kernel()[0] <Notice>: wlan0:com.apple.p2p: IO80211PeerManager::setScanningState:5756:_scanningState:0x0(oldState 2) on:0, source:ScanError, err:3766617154 Oct 10 10:34:10 kernel()[0] <Notice>: wlan0:com.apple.p2p: setScanningState[23946]:: Scan complete for source(8)ScanError. Time(0.000 s), airplaying 0, scanningState 0x0 oldState 0x2 rtModeActive 0 (ProxSetup 0 curSchedState 3) Oct 10 10:34:10 kernel()[0] <Notice>: wlan0:com.apple.p2p: IO80211PeerManager::setScanningState:5756:_scanningState:0x0(oldState 2) on:0, source:ScanError, err:3766617154 Oct 10 10:34:10 kernel()[0] <Notice>: wlan0:com.apple.p2p: Controller Scan Done, scan state 2 -> 0 Oct 10 10:34:10 wifid(IO80211)[54] <Notice>: Apple80211IOCTLSetWrapper:6536 @[35563.366221] ifname['en0'] IOUC type 10/'APPLE80211_IOC_SCAN_REQ', len[5528] return -528350142/0xe0820442 Oct 10 10:34:10 wifid[54] <Notice>: [WiFiPolicy] {SCAN-} Completed Apple80211ScanAsync on en0 (0xe0820442) with 0 networks Oct 10 10:34:10 wifid(WiFiPolicy)[54] <Error>: __WiFiDeviceCreateFilteredScanResults: null scanResults Oct 10 10:34:10 wifid(WiFiPolicy)[54] <Notice>: __WiFiDeviceCreateFilteredScanResults: rssiThresh 0, doTrimming 0, scanResultsCount: 0, trimmedScanResultsCount: 0, filteredScanResultsCount: 0, nullNetworksCount: 0 Oct 10 10:34:10 wifid(WiFiPolicy)[54] <Notice>: __WiFiDeviceManagerDispatchUserForcedAssociationCallback: result 1 Oct 10 10:34:10 wifid(WiFiPolicy)[54] <Error>: __WiFiDeviceManagerForcedAssociationCallback: failed to association error 1 Oct 10 10:34:10 wifid(WiFiPolicy)[54] <Notice>: WiFiLocalizationGetLocalizedString: lang='en_GB' key='WIFI_JOIN_NETWORK_FAILURE_TITLE' value='Unable to join the network \M-b\M^@\M^\%@\M-b\M^@\M^]' Oct 10 10:34:10 wifid(WiFiPolicy)[54] <Notice>: WiFiLocalizationGetLocalizedString: lang='en_GB' key='WIFI_FAILURE_OK' value='OK' Oct 10 10:34:10 wifid(WiFiPolicy)[54] <Notice>: __WiFiDeviceManagerUserForcedAssociationScanCallback: scan results were empty It looks like there is a scan error, and I see the error: failed to association error 1. I have also seen the iOS device find the SSID but fail to associate (associated error 2): Oct 8 12:25:52 wifid(WiFiPolicy)[54] <Notice>: __WiFiMetricsManagerCopyLinkChangeNetworkParams: updating AccessPointInfo: { DeviceNameElement = testssid; ManufacturerElement = " "; ModelName = " "; ModelNumber = " "; } Oct 8 12:25:52 wifid(WiFiPolicy)[54] <Notice>: __WiFiMetricsManagerCopyLinkChangeNetworkParams: minSupportDataRate 6, maxSupportDataRate 54 Oct 8 12:25:52 wifid(WiFiPolicy)[54] <Error>: Disassociated. Oct 8 12:25:52 wifid(WiFiPolicy)[54] <Error>: __WiFiMetricsManagerUpdateDBAndSubmitAssociationFailure: Failed to append deauthSourceOUI to CA event Oct 8 12:25:52 wifid(WiFiPolicy)[54] <Error>: __WiFiMetricsManagerUpdateDBAndSubmitAssociationFailure: Failed to append bssidOUI to CA event ..... <log omitted> ..... <log omitted> Oct 8 12:25:52 wifid(CoreWiFi)[54] <Notice>: [corewifi] END REQ [GET SSID] took 0.005530542s (pid=260 proc=mediaplaybackd bundleID=com.apple.mediaplaybackd codesignID=com.apple.mediaplaybackd service=com.apple.private.corewifi-xpc qos=21 intf=(null) uuid=D67EF err=-528342013 reply=(null) Oct 8 12:25:52 SpringBoard(SpringBoard)[244] <Notice>: Presenting a CFUserNotification with reply port: 259427 on behalf of: wifid.54 Oct 8 12:25:52 SpringBoard(SpringBoard)[244] <Notice>: Received request to activate alertItem: <SBUserNotificationAlert: 0xc20a49b80; title: Unable to join the network \M-b\M^@\M^\\134^Htestssid\134^?\M-b\M^@\M^]; source: wifid; pid: 54> Oct 8 12:25:52 wifid(WiFiPolicy)[54] <Notice>: __WiFiDeviceManagerUserForcedAssociationCallback: failed forced association Oct 8 12:25:52 SpringBoard(SpringBoard)[244] <Notice>: Activation - Presenting <SBUserNotificationAlert: 0xc20a49b80; title: Unable to join the network \M-b\M^@\M^\\134^Htestssid\134^?\M-b\M^@\M^]; source: wifid; pid: 54> with presenter: <SBUnlockedAlertItemPresenter: 0xc1d9f6530> Oct 8 12:25:52 wifid(WiFiPolicy)[54] <Notice>: __WiFiDeviceManagerDispatchUserForcedAssociationCallback: result 2 Oct 8 12:25:52 SpringBoard(SpringBoard)[244] <Notice>: Activation - Presenter:<SBUnlockedAlertItemPresenter: 0xc1d9f6530> will present presentation: <SBAlertItemPresentation: 0xc1cd40820; alertItem: <SBUserNotificationAlert: 0xc20a49b80; presented: NO>; presenter: <SBUnlockedAlertItemPresenter: 0xc1d9f6530>> Oct 8 12:25:52 wifid(WiFiPolicy)[54] <Error>: __WiFiDeviceManagerForcedAssociationCallback: failed to association error 2 Anyone able to help with this?

The environment: macOS 12.0 ~ 15.6 A NetworkExtension NEFilterDataProvider configured with filterSockets = YES, filterPackets = NO, and it doesn't actually block any network connection. QQMusic (download: https://y.qq.com/n/ryqq/download_detail/mac?ADTAG=YQQ) is constantly playing. Any of the following operations can reproduce the issue: Kill the NetworkExtension process and then restarted by the system. Disable the NEFilterDataProvider, and then enable it. When this problem occurs, there are two different phenomena on the NetworkExtension process: It is zombie, or is in high CPU state (100%). When the NetworkExtension process is zombie, obviously, the new network connections will enter it, and they can't be disposed by the old zombie process, so the network is disconnected. Spindump-qqmusic-ne-zombie When the NetworkExtension process is in high CPU state, its thread DispatchQueue "NEFilterExtensionProviderContext queue" is blocked in the kernel when calling close. Spindump-qqmusic-ne-cpuhigh In most cases, the network will recover after stopping QQ Music, that is the suspended zombie NetworkExtension process will exist or the cpu of it return to normal. To reproduce the issue in a simple environment, I have tried many ways to simulate the network behavior of QQMusic, but all failed. It seems that this issue is caused by UDP traffic of QQMusic, because everything is ok after blocking the UDP connections of QQMusic (the music is still playing at this time) in the NEFilterDataProvider.

Hi, Since iOS 26 (and any other apple system with a 26 version) there is a very weird behavior in the whole apple ecosystem (iOS, iPadOS, macOS and visionOS). I'm self-hosting a web project called mempool (https://github.com/Retropex/mempool). This project is entirely self-hosted on my own infrastructure, so I have advanced control to be sure it's just not an anti-DDoS feature that makes the bug happen. So the bug is once I visit my website, for example this page (https://mempool.guide/tx/d86192252a6631831e55f814aea901e65407b6dbda77e1abdea8ec27861e9682) the OS will lose the ability to connect to the underlying IP of the domain (mempool.guide) but the issue seems to affect only the HTTPS/HTTP port (443/80). The issue is system wide, not only is Safari. For exemple I have another domain that resolve to the same IP (haf.ovh) and if this link above trigger the bug then I will also lose the ability to connect to https://haf.ovh A temporary fix that I have is that if I turn off wifi/cellular then I turn it on again I can connect again to my server again until the bug is triggered again. I have done test with tcpdump on my server and the connection isn't making it to my server that's why I think it's an OS issue, especially given the fix above. This issue can be reproduced on any apple device out of the box with a system with >v26. All device (Mac, iPad, iPhone, vision) with version pre-26 are completely unaffected by the bug and can freely explore the website without loosing the connection macOS is less affected by this bug, it can be random with it. With iOS/iPadOS it's systematic. Another thing to note is that the same URL on firefox/chrome for iOS doesn't trigger the bug. Let me know if anyone has an idea on what's going on. Thanks, Léo.

While updating our test devices to iOS 26, we noticed that the connection between devices are flaky. Often when connecting to a Peer from a device running iOS 26 we can observe the invite coming through and when accepting said invite, both ends going to .connecting state and a while later going back to .notConnected within the peer(_ peerID: MCPeerID, didChange state: MCSessionState) function. This happens regularly and retrying the invitation process several times usually resolves it. Do anyone have any information or guidance on how to resolve this issue?

Hi Everyone, I have a query regarding capturing an NWConnection instance inside the receive closure, which gets invoked whenever some raw bytes are received. I want to know whether this will create a strong retain cycle or not. My understanding is that NWConnection holds a reference to the closure, and if I capture the NWConnection instance inside the closure, the closure will have a reference back to the connection, which, according to my understanding, creates a strong reference cycle. Is my understanding correct? If so, how can we break the strong reference cycle — using a capture list, or is there any other way as well? Thanks