ok, did found the needed solution:
https://developer.apple.com/documentation/networkextension/nevpnmanager/1406382-enabled?language=objc
https://developer.apple.com/forums/thread/679975
Post
Replies
Boosts
Views
Activity
Can the DNS Proxy network extension be launched by the system as a result of (dns proxy and packet tunnel provider network extensions are embedded in the native app):
System launches packet tunnel provider network extension (as result of user switched on the VPN button in settings).
Successful connection (packet tunnel is opened and connected).
Can that be done?
When a user is using the native app, the app uses the APIs and triggers / launches the packet tunnel provider. Then on success opening / connection the app launches the DNS Proxy.
We would like to have the same abilities when the user triggers the packet tunnel provider from the settings app.
Can that be done?
iOS, macOS M1
The desired resolute is: when the tunnel packet provider is launched by the settings app, the dns proxy will be triggered and launch as a resort of successful opening of the tunnel packet provider.
Thanks for any help on that!
Thanks for the quick answer! However what is the reason that the DNSProxyProvider is not running on the Mac M1 (when execute / run using the Xcode)?
It is performing ok on any iOS device.
Have a similar issue on Mac M1 (Monterey - 12.2), on iOS that seams to work fine, but on the macOS M1 that appears as not running with a yellow dot.
Is to support the macOS on M1 I need to use system extension?
my tunnel provider implementation is running the same on any iOS device iPhone or the M1..
can any one explain..?
Did check that, the reasoults are the same as you prese nted.
Thanks! Will check.
Thanks for this info!However i did try to set that on the .kext bundle and got the same resoult "Kext rejected due to improper filesystem permissions".Any idea what i am missing what to try?Thanks a lot in advance,Reuven
Hi, and thanks for the detailed answer.I have descovered way i do not see the "kext-enabled" flag on my signings, it seams that only sertificate that is created by the account holder can include the kext-enabled flag.In any case i did lots of reading and experments and currently i have the following issue:% sudo kextload /Library/Extensions/***.kext/Library/Extensions/***.kext failed to load - (libkern/kext) authentication failure (file ownership/permissions)...Done all that i know that is needed:1. Signing (validated that i have the kext-enabled flag (1.2.840.113635.100.6.1.18)2. Notarize: % xcrun altool --notarize-app --primary-bundle-id ...... and validate using % xcrun altool --notarization-info (no errors - sucsses)3. Stample % sudo xcrun stapler staple -q ***.kext & validate using % sudo xcrun stapler validate ***.kext (The validate action worked!)However, when i try to load i get the above failureWhen execute the % sudo kextutil ***.kext get the folowing responce:Kext rejected due to improper filesystem permissions: <OSKext 0x7f98fb623100 [0x7fff86f26690]>Any i dea what i am missing, what to check how to overcome this?Thanks in advance,Reuven