I've developed a VPN app for iOS and macOS with Packet Tunnel Provider.
Once the VPN is enabled all the traffic should go via the VPN. The VPN is configured to be on demand (isOnDemandEnabled is set), with a rule to always connect.
There are some cases where this configuration might cause a problem -
When the user goes to a place with a captive portal, the VPN won't be able to connect (because the user will first need to login to the captive portal), but the user also won't be able to login to the captive portal (because all traffic triggers the network extension).
In such a case, I need that the captive portal will be shown to the user, and I also need to exclude at least some of the traffic from the VPN, so the user would be able to login to the captive portal (but I don't want to open all traffic, just the traffic needed for the login).
Is there any API for those cases?
If the answer is no, I'll try to detect this case at the Extension. But I won't be able to open the captive portal from there, so the only thing I would be able to do is to display a message to the user, correct?
