filterSettings = [[NEFilterSettings alloc] initWithRules:@[allowfilterRule1, filterRule] defaultAction:NEFilterActionAllow];

NEFilterRule* allowfilterRule1 = [[NEFilterRule alloc] initWithNetworkRule:allownetworkRule1 action:NEFilterActionAllow]; networkRule = [[NENetworkRule alloc] initWithRemoteNetwork:nil remotePrefix:0 localNetwork:nil localPrefix:0 protocol:NENetworkRuleProtocolAny direction:NETrafficDirectionOutbound]; filterRule = [[NEFilterRule alloc] initWithNetworkRule:networkRule action:NEFilterActionFilterData];

NWHostEndpoint remoteEndpoint1 = [NWHostEndpoint endpointWithHostname:@".vpn..com" port:@"443"]; NENetworkRule* allownetworkRule1 = [[NENetworkRule alloc] initWithRemoteNetwork:remoteEndpoint1 remotePrefix:32 localNetwork:nil localPrefix:0 protocol:NENetworkRuleProtocolAny direction:NETrafficDirectionOutbound ];

I can't see it in the network settings of the computer preferences. It is built into the app and can be used after logging into the app. I added the following code to allow the VPN-related domain name and IP before defining the filtering rules. After testing, I found that it would not cause the VPN to disconnect. Why is this? When adding the following code rules and starting the network filter, will the connection of the VPN domain name in the rule not be cut off?

According to your last tip, I created Network Extension sysex. I did not find the plist file related to my Network Extension sysex registered with launchd in the /System/Library/LaunchDaemons and /Library/LaunchDaemons directories, but I found Label: 'com.apple.sysextd', 'Program': '/System/Library/Frameworks/SystemExtensions.framework/Versions/A/Helpers/sysextd'. This is a daemon of the system extension framework. Is the system extension I activated registered in the system extension framework

In addition, 12.6.0 and 14.5.0 sometimes trigger SIGPIPE when starting the network filter, but not every time. How can I avoid triggering SIGPIPE?

At first, all my test machines would report errors because my mdm file was configured incorrectly. I configured PluginBundleID as the bundleid of the system extension, and then changed it to the bundleid of the extension container app. The same network filtering program implemented with the network extension would not trigger SIGPIPE in 10, 11, 13, and 14.6.1, but would still trigger SIGPIPE in 12.6.0 and 14.5.0. And on the machine without mdm, 12.6.0 and 14.5.0 would still trigger SIGPIPE.

I haven't found any other ways to install systemextension files from Apple's documentation. Is there any other way to install and start the systemextension program?

Regarding the first point you mentioned, I learned it from Apple's official document: https://developer.apple.com/documentation/systemextensions The system extension is in the Contents/Library/SystemExtensions directory of the application. My app program is only responsible for installing it using the OSSystemExtensionRequest provided in the document, and then the program will be found in the /Library/SystemExtensions directory.