Hey! Some time ago I've asked about the pipelining of network extensions, and it appears that it is possible: https://developer.apple.com/forums/thread/705292
It seems from previous thread, that Network Extensions should receive the traffic in the order they activated. There also mentioned, that the processing order should not depend on the type of the network extensions activated.
However, that is not what I see in my experiments.
I have two network extensions: one transparent proxy provider, one packet tunnel provider, configured in a per-app manner.
While the Transparent proxy is the only one active network extension, I can see the traffic from the apps going through its methods. This changes once I activate second network extension.
The transparent proxy is activated first, the packet tunnel is activated second. What I see then: the traffic from the app, configured in the profile for the second network extension (which is packet tunnel provider) is completely missed from the Transparent proxy network extension.
It seems, that packet tunnel intercepts the traffic earlier than it appears in the transparent proxy, and does not give it back to transparent proxy after processing.
What I expect, basing on a previous thread, is the traffic should appear in transparent proxy, then in packet tunnel provider. I also expect the traffic in packet tunnel provider to looks like originated from the transparent proxy, not the real origin app - which is OK for me now.
So, my questions are:
- Why the packet tunnel provider "steals" the traffic from the transparent proxy, despite transparent proxy was registered first?
- Is this an expected behaviour I described?
- Could I, by any chances, create a pipeline from these two kinds of network extensions, to point the traffic from the app firstly in transparent proxy, then in packet tunnel?
- If (3) is true, what changes should I perform to achieve that?