I have a question regarding the VPN on-demand rule of type NEOnDemandRuleDisconnect (specifically, regarding Packet Tunnel Provider).
This is its description:
"When rules of this class match, the VPN connection is not started, and the VPN connection is disconnected if it is not already disconnected."
But when does the OS test if the rules of this class are matched? Is it happens every X seconds when the VPN is connected?
I want to be able to define some cases in which the OS will detect that the VPN should be stopped, so this seems like the way to go here.
Evaluation of the on-demand rules is done when connectivity of the device/machine changes or when a new connection if created and a NetworkExtension needs to evaluate these rules for the connection. There is not a continuous evaluation process examining these rules.
Matt Eaton
DTS Engineering, CoreOS
meaton3 at apple.com