Post

Replies

Boosts

Views

Activity

Packet Tunnel Provider with DNS possible?
I have created a NEPacketTunnelProvider which seems to work currently in testing. However I have noticed that the DNS do not go through the TUN interface, even setting a bogus DNS server in NEPacketTunnelNetworkSettings still has no effect and I'm able to browse just fine. I also know that there is the DNS Proxy Provider, can it be used in conjuction with Packet Tunnel Provider? Though from what I have read this is not available for the general public and can only be used on supervised / managed devices? Are there any supported methods of running a local DNS server, say on 127.0.0.1 and redirect all DNS queries to this server?
3
0
297
Sep ’24
How to set NEDNSSettings port, or how to bind on port 53 for MacOS Network Extension?
In my Packet Tunnel Provider, I'm setting the NEDNSSettings to localhost as I have a local DNS server listening on port 53 (this is a dns forwarder which conditionally forwards to different upstreams based on rules). On iOS it works just fine, I'm able to listen on localhost:53 in the Network Extension, then set NEDNSSettings servers to "127.0.0.1". However on macOS due to the port being under 1024, I get a Permission denied OS code 13 error. I'm assuming this is due to the Network Extension not running as root. Can this be changed? This could be rectified if you could customize the port in NEDNSSettings, as the listener could be on port 5353, but it doesn't look like it is possible? Just wondering if there is some other way to accomplish what I'm trying to do in the macOS Network Extension?
4
0
254
Sep ’24
Unable to install Network Extension of System Extension, stuck on validating
I'm trying to create a network extension packaged as a system extension on macOS, let request = OSSystemExtensionRequest.activationRequest(forExtensionWithIdentifier: "com.example.Desktop.PacketTunnelDesktop", queue: DispatchQueue.main) request.delegate = delegate // Submit the request to the system. let extensionManager = OSSystemExtensionManager.shared extensionManager.submitRequest(request) The application is installed in /Applications, I have also turned off SIP and systemextensionsctl developer on I'm not getting any breakpoint hits on my request delegate, but I am getting some logs in the console app: making activation decision for extension with teamID teamID("XXXXXX"), identifier com.example.Desktop.PacketTunnelDesktop no related kext found for sysex `com.example.Desktop.PacketTunnelDesktop` extension XXXXXXX com.example.Desktop.PacketTunnelDesktop (1.0/1) advancing state from validating to validating_by_category validate: category: com.apple.system_extension.network_extension, extension: com.example.Desktop.PacketTunnelDesktop waiting for external validation of extension with identifier com.example.Desktop.PacketTunnelDesktop It seems to stop here, and running systemsextensionsctl list shows: [validating by category] as the status. I'm trying to find some barebones example code for a network extension packaged as system extension but couldn't find any. Any ideas where to go from here?
2
0
242
Oct ’24