Does macOS/Sequoia require a new entitlement to send multicast packets?

Hmm, it seems Sequoia adds a "Local Network" category to its "Privacy & Security" settings, and if a program is not listed there, it no longer is allowed access to the local network. I think this is the problem my co-worker was running into.

I have same problem on sendto with ipv4. The code works well with iOS 18.0 simulator on Sequoia, however, sendto returns -1 on macOS Sequoia. Privacy - Local Network Usage Description is set in Info for both iOS and macOS. This privacy setting doesn't affect to this problem.

Apple is bringing some networking protections over from iOS to macOS starting with Sequoia. Please see the following links:

• "What’s new in privacy" WWDC 2024 Video, https://developer.apple.com/videos/play/wwdc2024/10123?time=1097
• "Local Network Privacy FAQ" https://developer.apple.com/forums/thread/663858. In particular, the first few FAQs therein.
• "Support local network privacy in your app" https://developer.apple.com/videos/play/wwdc2020/10110/

Think Diffident, Thanks for collecting together those links!

I really need to update the LNP FAQ to cover macOS properly, but I haven’t yet got to that. For the moment I’ve posted a minor FAQ update that just covers the basics.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

I have an application that uses bonjour server advertising as well as direct local IP URL requests (to Hue bridge).

After updating to Sequoia, the app runs in Xcode 16 and displays the network permission popup and can access the network.

When distributing a compiled build to the same machine with Developer ID (notarized or not), the network permissions popup is not displayed and the advertised services are not available on the network.

In Settings -> Privacy & Security -> Local Network, there are two toggles with the same app label. When one is toggled the other changes as well.

Any suggestions?

Have there been any applicable updates to the FAQ for Local Network Privacy specifically for macOS that I may have missed?

I have an application that uses bonjour server advertising as well as direct local IP URL requests (to Hue bridge).

Neither of these require the multicast entitlement, so we’re talking about the broader issue of local network privacy rather than the specific issue that kicked off this thread.

Given that, I’d appreciate you starting a new thread about this. Use the same subtopic and tags as this thread; that way I’ll see it go by.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

We are having trouble that is similar to what jfriesne has described. Our apps worked perfectly well up to and including Sonoma. Now we are having issues with Sequoia's new privacy and security settings for local networks.

We get a dialogue box that asks us whether to allow local network access or not on the first run of an installed program. User permission is sought when a connection is requested. However, the connection request fails even if 'Allow' has been selected in the dialogue box.

Following the question of Floating Wrench with something more general, is there any type of entitlement that may be granted to an app that will allow it to access the local network? Nothing that I've yet found in the documentation seems to explicitly provide this, e.g. com.apple.developer.networking.networkextension.

An entitlement that allows the dialogue box to be skipped, or presented at an earlier point (say, when the app is first launched) would be an improvement.