Transparent proxy connection problem

App & System Services Networking
AlexPuskas OP
Created Jun ’21
Replies 3
Boosts 0
Views 1.1k
Participants 3

We try to install our network extension that uses NETransparentProxyProvider. The pop-up which requires approval for network extension installation is displayed and after the user approval the installation completes successfully.

A second pop-up to allow the proxy manager is displayed and after user approval the proxy manager is displayed in the "Network Preferences". However, when we try to connect the proxy manager in "Network Preferences", it is immediately disconnected. We encountered this issue on a few macOS computers.

In the system logs we can see the following errors from "nehelper" and "nesessionmanager":

error 08:10:20.609730-0600 nehelper connect failed on kernel control socket: [22] Invalid argument

error 08:10:20.609842-0600 nesessionmanager received invalid kernel control socket result 22

error 08:10:20.610177-0600 nesessionmanager Failed to get a flow divert control socket

The network extension is signed correctly and has the required entitlements, but from the above logs it looks like it can't be started.

Our query is why our proxy manager can't be started?

The "Console" logs are here:

" default 08:10:20.605458-0600 nesessionmanager Signature is valid and has the correct designated requirement

default 08:10:20.608908-0600 nesessionmanager NESMTransparentProxySession[Primary Tunnel: Proxy:9A2EB44C-9016-4DCD-9BEF-24D73031E9F3:(null)]: Plugin NEFlowDivertPlugin( xxxxxxxxxxxxxxxxxxxxxxxxxxxx[inactive]) initialized with Mach-O UUIDs ( "7CFFB72F-7430-3C24-B6BD-705714151EE4" )

default 08:10:20.609086-0600 nesessionmanager NESMTransparentProxySession[Primary Tunnel: Proxy:9A2EB44C-9016-4DCD-9BEF-24D73031E9F3:(null)] in state NESMVPNSessionStateStarting: plugin NEFlowDivertPlugin(xxxxxxxxxxxxxxxxxxxxxxxxxxxx[inactive]) started with PID 1178 error (null)

error 08:10:20.609730-0600 nehelper connect failed on kernel control socket: [22] Invalid argument error 08:10:20.609842-0600 nesessionmanager received invalid kernel control socket result 22 error 08:10:20.610177-0600 nesessionmanager Failed to get a flow divert control socket

default 08:10:20.610443-0600 nesessionmanager NESMTransparentProxySession[Primary Tunnel: Proxy:9A2EB44C-9016-4DCD-9BEF-24D73031E9F3:(null)] in state NESMVPNSessionStateStarting: plugin NEFlowDivertPlugin(xxxxxxxxxxxxxxxxxxxxxxxxxxxx[inactive]) disconnected with reason Plugin initiated

default 08:10:20.610516-0600 nesessionmanager NESMTransparentProxySession[Primary Tunnel: Proxy:9A2EB44C-9016-4DCD-9BEF-24D73031E9F3:(null)]: Leaving state NESMVPNSessionStateStarting

default 08:10:20.610551-0600 nesessionmanager NESMTransparentProxySession[Primary Tunnel: Proxy:9A2EB44C-9016-4DCD-9BEF-24D73031E9F3:(null)]: Entering state NESMVPNSessionStateStopping, timeout 20 seconds

default 08:10:20.610629-0600 nesessionmanager <NESMServer: 0x7f999b508660>: Request to uninstall session: NESMTransparentProxySession[Primary Tunnel: Proxy:9A2EB44C-9016-4DCD-9BEF-24D73031E9F3:(null)]

default 08:10:20.610661-0600 nesessionmanager NESMTransparentProxySession[Primary Tunnel: Proxy:9A2EB44C-9016-4DCD-9BEF-24D73031E9F3:(null)]: status changed to disconnecting

default 08:10:20.610717-0600 nesessionmanager NESMTransparentProxySession[Primary Tunnel: Proxy:9A2EB44C-9016-4DCD-9BEF-24D73031E9F3:(null)]: Updated network agent (inactive, compulsory, not-user-activiated, not-kernel-activated)

default 08:10:20.611387-0600 UserEventAgent Current file handles for com.apple.networkextension.file-descriptor-maintainer: ( "Network Agent Registration socket (162) 9A2EB44C-9016-4DCD-9BEF-24D73031E9F3 FFCC2D69-BA2F-4DFA-BC4B-C2740832466A 1 (null) agent flags 0", "Policy Session MasterSession socket (177)", "Policy Session LowPrioritySession socket (17😎 " )

default 08:10:20.611411-0600 nesessionmanager NESMTransparentProxySession[Primary Tunnel: Proxy:9A2EB44C-9016-4DCD-9BEF-24D73031E9F3:(null)]: Leaving state NESMVPNSessionStateStopping

default 08:10:20.611455-0600 nesessionmanager NESMTransparentProxySession[Primary Tunnel: Proxy:9A2EB44C-9016-4DCD-9BEF-24D73031E9F3:(null)]: Entering state NESMVPNSessionStateDisposing, timeout 5 seconds

default 08:10:20.611699-0600 UserEventAgent File Handle Maintainer listening for readable events on Network Agent Registration socket (162) 9A2EB44C-9016-4DCD-9BEF-24D73031E9F3 FFCC2D69-BA2F-4DFA-BC4B-C2740832466A 1 (null) agent flags 0

default 08:10:20.611953-0600 xxxxxxxxxxxxxxxxxxxxxxxxxxxx[Extension xxxxxxxxxxxxxxxxxxxxxxxxxxxx]: Session manager connection was invalidated

default 08:10:20.611989-0600 xxxxxxxxxxxxxxxxxxxxxxxxxxxx[Extension xxxxxxxxxxxxxxxxxxxxxxxxxxxx]: Deallocating

default 08:10:20.612198-0600 nesessionmanager NESMTransparentProxySession[Primary Tunnel: Proxy:9A2EB44C-9016-4DCD-9BEF-24D73031E9F3:(null)] in state NESMVPNSessionStateDisposing: plugin NEFlowDivertPlugin(xxxxxxxxxxxxxxxxxxxxxxxxxxxx[inactive]) dispose complete

default 08:10:20.612234-0600 nesessionmanager NESMTransparentProxySession[Primary Tunnel: Proxy:9A2EB44C-9016-4DCD-9BEF-24D73031E9F3:(null)] in state NESMVPNSessionStateDisposing: all plugins have disposed

default 08:10:20.612288-0600 nesessionmanager NESMTransparentProxySession[Primary Tunnel: Proxy:9A2EB44C-9016-4DCD-9BEF-24D73031E9F3:(null)]: Leaving state NESMVPNSessionStateDisposing

default 08:10:20.612406-0600 UserEventAgent Current file handles for com.apple.networkextension.file-descriptor-maintainer: ( "Network Agent Registration socket (179) 9A2EB44C-9016-4DCD-9BEF-24D73031E9F3 FFCC2D69-BA2F-4DFA-BC4B-C2740832466A 1 (null) agent flags 0", "Policy Session MasterSession socket (180)", "Policy Session LowPrioritySession socket (181)" ) "

Replies  3
Boosts  0
Views  1.1k
Participants  3
Systems Engineer OP
Apple
Jun ’21

nehelper connect failed on kernel control socket: [22] Invalid argument error

It looks like a XPC connection cannot be made to you network extension because the process is not alive or it is in a weird state. How are you testing this? Are you creating a build and running it from the /Applications directory? Do you have SIP enabled?

Matt Eaton
DTS Engineering, CoreOS
meaton3@apple.com
0
AlexPuskas OP
Jun ’21

On the computers where we encountered this error, there was an antivirus which also uses a network extension. That antivirus was uninstalled, and the computer was restarted, however the error still persisted.

Our application runs without issues on the other macOS computers.

Is there a method to understand what causes this problem?

One more question: From the "Network" system preferences, the user can press "-" button to delete the proxy manager. If we re-create the proxy manager from our software, a pop-up to allow the VPN proxy will be shown again to the user. Is is possible to avoid this pop-up?

I attached the logs:

Attached logs
0
WilliamZhao OP
Mar ’24

have u solved this issues ? I met same issues

0
Transparent proxy connection problem
First post date Last post date
 
 
Q