Since iOS has double sim card devicesHow can I konw the user is using which sim to provide the 3G or 4G network ?The function: serviceSubscriberCellularProviders only provide a way to get sim card info, but not any info about the network.

Is there any way to change the dns resolve result for NSURLSession or CFStreamCreatePairWithSocketToHost? for example: set abcd.com DSN resolve to 127.0.0.1 ?

APP start VPN process code: BOOL suc = [self.providerManager.connection startVPNTunnelWithOptions:options andReturnError:&startError];  if (startError) {   SLTunWarn(@"start tun error %@ %@", startError, startError.localizedDescription);   SLAPPError *err = (SLAPPError *)[SLAPPError fromSystemError:startError];   callback(err);   return;  }  SLTunInfo(@"call startTunnelWithOptions success, start wait tun status"); startVPNTunnelWithOptions return success, and then the app log is [TUN] system notify: [Disconnect] [TUN] sys tun status [1]=>[2] [TUN] system notify: [Connecting] [TUN] system notify: [Connecting] [TUN] system notify: [Connecting] [TUN] sys tun status [2]=>[1] can see that VPN state changed, from disconnect to connecting and finally disconnect VPN Process Code: - (instancetype)init {  self = [super init];  if (self) {   [[SLEGlobalData shared] onLaunch];   NSLog(@"PacketTunnelProvider init");   self.wormhole = [SLEWormhole shared];  }  NSLog(@"init end");  return self; } the log "PacketTunnelProvider init" in init func shows, but not any other logs. So near certain startTunnelWithOptions not be called. And app process did not receive any errors. this problem occur occasionally。 Most of the time, VPN process start successfully. So Any suggestions?

My App use NEPacketTunnelProvider to start a VPN service for iOS device. And sometimes, after App Process call startTunnelWithOptions success, iOS system won't start the VPN process successfully. And it need to reinstall the IPA to make it work find again. After Recurrence problem and catch system log. We found this log Feb 14 10:09:22 nesessionmanager[13722] <Notice>: NESMVPNSession[Primary Tunnel:SecureLink:CFA3ACD5-6A37-44DD-8BE9-DB3317285D03:(null)]: Re-setting policies because the installed apps changed Feb 14 10:09:22 nesessionmanager[13722] <Notice>: NESMVPNSession[Primary Tunnel:CDNetwork:B5F6D081-F37E-4A27-B7A7-596C4AA03118:(null)]: Resetting VPN On Demand Feb 14 10:09:22 nesessionmanager[13722] <Notice>: NESMVPNSession[Primary Tunnel:SecureLink:CFA3ACD5-6A37-44DD-8BE9-DB3317285D03:(null)]: Resetting VPN On Demand Feb 14 10:09:22 nesessionmanager[13722] <Notice>: Found 0 (0 active) registrations for com.CDNetworks.ESA.packettunnel (com.apple.networkextension.packet-tunnel) Feb 14 10:09:22 nesessionmanager[13722] <Notice>: Found 0 (0 active) registrations for com.wangsu.securelink.packettunnel (com.apple.networkextension.packet-tunnel) Feb 14 10:09:22 nesessionmanager[13722] <Notice>: NESMVPNSession[Primary Tunnel:CDNetwork:B5F6D081-F37E-4A27-B7A7-596C4AA03118:(null)]: Plugin is installed Feb 14 10:09:22 nehelper[11452] <Error>: Denying connection from nesessionmanager (13722) because it is missing the com.apple.private.network.socket-delegate entitlement Feb 14 10:09:22 nesessionmanager[13722] <Notice>: NESMVPNSession[Primary Tunnel:SecureLink:CFA3ACD5-6A37-44DD-8BE9-DB3317285D03:(null)]: Plugin is installed Feb 14 10:09:22 nesessionmanager(libsystem_networkextension.dylib)[13722] <Notice>: UUID cache generation changed from 351 to 353 Feb 14 10:09:22 nesessionmanager(libsystem_networkextension.dylib)[13722] <Notice>: UUID cache miss for com.apple.VoiceMemos Feb 14 10:09:22 nesessionmanager(libsystem_networkextension.dylib)[13722] <Notice>: UUID cache generation changed from 353 to 354 Feb 14 10:09:22 nesessionmanager(libsystem_networkextension.dylib)[13722] <Notice>: UUID cache miss for com.apple.Translate Feb 14 10:09:22 nehelper[11452] <Error>: Denying connection from nesessionmanager (13722) because it is missing the com.apple.private.network.socket-delegate entitlement So could somebody tell me, what is com.apple.private.network.socket-delegate entitlement and how to fix that.

When switch the net network from 5G to 4G in Setting->Cellular->Primary(the current card using for WANN) -> voice & data -> change to 4G. The iOS API SCNetworkReachabilitySetCallback not callback. I try using CTServiceRadioAccessTechnologyDidChangeNotification to get the notification, but won't work too. And using addObserver:forKeyPath to observer the CTTelephonyNetworkInfo instance's currentRadioAccessTechnology value, it not change too. But if you create a new CTTelephonyNetworkInfo instance, the currentRadioAccessTechnology will return a new value which is correct. So it seems the only way to get the new currentRadioAccessTechnology in time， is to start a timer. Is there a graceful way to get it ?

My App is a VPN APP, use [com.apple.networkextension.packet-tunnel] extension app to provider a VPN service. A problem puzzled me for a long time: Sometimes the VPN doesn't start successfully, until the user restart the iOS System or reinstall my APP. The detail is : The user use the app normally for many times, and suddenly can't start the vpn service, the APP log show API "startVPNTunnelWithOptions" call success, and return success. but the VPN extension status(NEVPNStatus) change from Disconnect to Connecting and then nothing happen, the VPN process not started, and not any log of the VPN extension created, my VPN log is start from the init function of the class inherit from PacketTunnelProvider, so can see that the vpn process not started. My NETunnelProviderProtocol is : NETunnelProviderProtocol *tunnel = [[NETunnelProviderProtocol alloc] init]; tunnel.providerBundleIdentifier = kTunBundleId; tunnel.serverAddress = @""; tunnel.disconnectOnSleep = NO; [self.providerManager setEnabled:YES]; [self.providerManager setProtocolConfiguration:tunnel]; self.providerManager.localizedDescription = kAppName; very simple, because my app use openvpn3 to provide the vpn service，so no need to set the serverAddress. Because when this problem happened, I can't get any useful log (because APP can't get the iOS system log), so this is a really trouble for me. Could any body help !

I found that when make some HTTP request in VPN Process, the request won't go to the VPN tunnel, it won't be hijack. So I would like to ask if there is any way to make request hijack by the NEPacketTunnelProvider traffic, in NEPacketTunnelProvider Process

My App is a VPN APP, use [com.apple.networkextension.packet-tunnel] extension app to provider a VPN service.  Sometimes the VPN doesn't start successfully, until the user restart the iOS System or reinstall my APP And I got get sysdiagnose log, and find nesessionmanager was stack in connecting state. this is the log: Issue log It seems to be stuck by nw_path_necp_update_evaluator_block_invoke could you tell me what is this, and how can I avoid this.

Our App using NEPackTunnelProvider to provider VPN service. We add IP: 0.0.0.0 subnetMask: 0.0.0.0 to IPv4Settings includedRoutes (We want all traffic pass through VPN ). But we found LAN traffic not hajack by VPN. And after we add a route like : 192.168.3.33 mask 255.255.255.255 to IPv4Settings includedRoutes, which 192.168.3.33 is a host in the LAN, then VPN can hijack the traffic to 192.168.3.33. But the traffic could not be send to the host successfully. So, could you tell me that LAN traffic won't be hijacked by VPN, is that by design? If we want to hijack LAN traffic and send it normally, is it possible? When the traffic is sent to the host, the traffic seems to be hijacked by the VPN again, so it cannot be sent normally. Is there a way to avoid this?

Our app is provided to our client companies for download, so we are not sure how many people and devices will download the app. Only one range can be given at most, so we are worried that after the download volume exceeds our expectations, the App store will restrict users from downloading unllisted apps.

I create private certificate and install it on my iPhone, and in [certificate Trust Setting], I already enable it. But when I open the https website build by the private certificate, the safari still show "The Connection is not Private" warning. First I think maybe my cert or something else I done wrong. But, when I try install the same cert on my mac, and set always trust this cert in keychain then use safari of my mac to open the same website, it works( not show the warning) So can I get the same result on my iOS device ? Or there is some limit different between iOS and mac OS

testing ...

Our software is a VPN app that uses the PackTunnelProvider solution.Some customers have reported frequent failures to connect to the VPN server. Killing the app and restarting it does not work, but restarting the iOS system restores the connection. We checked the logs and found that the TCP connection could not be established, with the error message "No route to host". This is usually a network problem. However, the customer's other apps, including our host app, can access the network normally. To check the network quality, the VPN process pings apple domain at the same time. We found that every time the user cannot connect to the VPN server, the VPN process ping apple has the following error: kCFErrorDomainCFNetwork-Fehler 2. Can you tell me if there are any situations that could cause this problem?

We have found that the memory limit for NEPackTunnelProvider on some iOS 15 and iOS 16 devices is no longer 15MB and can reach up to 50MB. Could you please let me know the latest memory limit for NetworkExtension?

Here's the situation: Our app implements a VPN service using NEPackTunnelProvider. Recently, we noticed that when the DNS servers used in the WIFI environment are the same as those configured for the VPN, such as 8.8.8.8 and 8.8.4.4, DNS traffic will not pass through the VPN, which only occurs on iOS 16. I think this is an optimization of the iOS system. However, this creates a problem. Our VPN server performs DNS resolution. If we use 8.8.8.8 and 8.8.4.4 for resolution and it fails, we will use our customer's internal DNS server for resolution, and then return the result to the client. For the client, it seems like the resolution was done with 8.8.8.8, but it's not actually. Because iOS does not route traffic to 8.8.8.8 and 8.8.4.4 to the VPN, this causes our DNS resolution to fail. Is there any method (such as a configuration option) to allow traffic to 8.8.8.8 and 8.8.4.4 to still go through the VPN?