Hello, We are have the exact same issue when uninstalling our Network Extension. The behaviour on previous version of macOS Monterey Betas and the behaviour on Beta 5 (the latest one at this point) is exactly the same as the one described by mdolan and paulfrommanchester. We have also submitted a bug report: FB9565942.

Additionally, if you want to open a TSI for this item, I will be happy to use that to allocate some time for setting up a test case for this scenario to see if there is any workaround available for NETransparentProxyProvider and Private Relay. Considering this is just the first beta and if it is a bug it will probably will be fixed at a point, I do not think it's necessary for now. For testing purposes we can use NEAppProxyProvider at this point. Thank you for opening the bug report, I see it internally and have copied myself on it for more information. Yes, I do see the note on your bug about the traffic being available in NEAppProxyProvider and not NETransparentProxyProvider while Private Relay is enabled and I suspect that is what is being investigated. If there is any more information or logs you need, let me know and I'll gladly provide them.

So if I am understanding you correctly, when Private Relay is turned on and NETransparentProxyProvider is running on the system, Safari connections are not seen in your NETransparentProxyProvider? However, when using NEAppProxyProvider with Private Relay, Safari connections are seen in your Proxy Provider, is that correct? Yes, This is correct. I filed the bug report: FB9189676 A thing I forgot to mention before, but I mentioned it in the bug report is that while using NETransparentProxyProvider the connections seem to use Private Relay (my guess is that this is the reason we do not see the connections) and while using NEAppProxyProvider the connections do not use Private Relay.

Thank you, Drewbadour for your quick answer. We tried to request the entitlement from Apple, but on https://developer.apple.com/contact/request/system-extension/ there are only this 3 entitlements: DriverKit Entitlement, Endpoint Security Entitlement and Virtual HID. This is also mention in the System Extension - https://developer.apple.com/system-extensions/ page: If you plan to deploy drivers built with DriverKit, allow other developers to use your system extensions, or use the EndpointSecurity API, you’ll need to request an entitlement from Apple. (maybe it has to be requested in a different way and I did not understand it). We also tried adding the Endpoint Security Entitlement to both the extension and the test application, but with the redistributable entitlement we still have the same error.

Hello, We are having the exact same issue. When filtering all TCP connections most of the sites seem to work fine, but YouTube's videoplayback requests fail because of Access-Control-Allow-Origin and the rest of the page is fine (the other connections seem to work fine). The same thing also happens on Twitch when playing a video / live stream. Our test application is injecting back all the data without modifying it. The problem only occurs with Safari when the extension is running. The issue does not appear on Chorme and Firefox with the extension running. From what we tested this problem occurs only when we filter all TCP connections. When we tried filtering only the ports used by the most common protocols, including 443, the videos seem to play fine. The way we filter all connections is by calling setTunnelNetworkSettings:completionHandler: with this settings: NETransparentProxyNetworkSettings* settings = [[NETransparentProxyNetworkSettings alloc] initWithTunnelRemoteAddress:@"127.0.0.1"]; NENetworkRule* rule = [[NENetworkRule alloc] initWithRemoteNetwork:nil remotePrefix:0 localNetwork:nil localPrefix:0 protocol:NENetworkRuleProtocolTCP direction:NETrafficDirectionOutbound]; settings.includedNetworkRules = @[rule]; and we create the connection using createTCPConnectionToEndpoint:enableTLS:TLSParameters:delegate: with the NWEndpoint received in handleNewFlow.