9 Replies
      Latest reply: Sep 5, 2016 1:34 AM by eskimo RSS
      nightsd01 Level 1 Level 1 (15 points)

        I am trying to get a list of all the current TCP connections in iOS. I am currently using the sysctlbyname() UNIX call but it is extraordinarily difficult to see good, working examples of this. Right now, my current implementation just returns an empty array.

         

        Does anyone have any good examples? I've spent a long time googling and I cannot find anything that works.

         

        Thanks!

        • Re: Getting a List of All TCP Connections
          NotMyName Level 4 Level 4 (775 points)

          Have you considered that the iOS application sandbox may be interfering with that code?

           

          According to the security and privacy videos from last WWDC, In iOS 9, sysctl() was modified to no longer allow sandboxed Apps to retrieve information about other running processes.

          • Re: Getting a List of All TCP Connections
            eskimo Apple Staff Apple Staff (7,960 points)

            I am trying to get a list of all the current TCP connections in iOS.

            There’s no high-level API for doing this and the low-level APIs that might work (like sysctlbyname) aren’t really APIs but are more like legacy stuff grandfathered in from OS X that the sandbox hasn’t quite yet got around to blocking.

            What’s your final goal here?

            Share and Enjoy

            Quinn "The Eskimo!"
            Apple Developer Relations, Developer Technical Support, Core OS/Hardware
            let myEmail = "eskimo" + "1" + "@apple.com"

              • Re: Getting a List of All TCP Connections
                nightsd01 Level 1 Level 1 (15 points)

                I'm so glad I've finally got it working

                 

                I don't see why Apple would block sysctl networking calls, I don't see any huge privacy concerns here.

                 

                For anyone who is curious, there is a publicly available Xcode project (google 'DHInet.h github' to find it). The project itself doesn't actually seem to work in iOS 9 but it's still a good example of what we can do, he's got all the correct source files such as netstat.h which are required to get it working. I completely removed his implementation of the protopr function in his DHInet.m file, then copied Apple's open-sourced implementation of the protopr function (link here) and made some changes so that instead of printing out the current connections it converts them to NSStrings and places them in an array. The actual function that is supposed to print out the network connection is called inetprint in that link I posted above.

                  • Re: Getting a List of All TCP Connections
                    eskimo Apple Staff Apple Staff (7,960 points)

                    OK, I’m going to be crystal here.  Do not build a product based around your ability to see the TCP connections being made by other apps.  While this may work right now, it would not surprise me if it were blocked by the sandbox in the future (r. 23554314), at which point your product will be dead in the water.

                    Share and Enjoy

                    Quinn "The Eskimo!"
                    Apple Developer Relations, Developer Technical Support, Core OS/Hardware
                    let myEmail = "eskimo" + "1" + "@apple.com"

                • Re: Getting a List of All TCP Connections
                  nightsd01 Level 1 Level 1 (15 points)

                  I would agree that making an app completely reliant on a single system call would be a pretty awful idea. However it's not really that clear why this would be a security concern for Apple. Several apps (such as the "Status" app) make great use of this system call for informational purposes.

                   

                  I can understand if Apple monitored its usage to ensure people aren't abusing it. But an outright ban wouldn't be good either. There are many completely legitimate reasons to use this system call, like my purpose (informational). It's pretty useful being able to see which connections are using your cellular connection vs. your wifi connection, for example.

                    • Re: Getting a List of All TCP Connections
                      eskimo Apple Staff Apple Staff (7,960 points)

                      However it's not really that clear why this would be a security concern for Apple.

                      I agree that this sort of functionality can be useful however it’s easy to imagine ways for it to be abused.  For example, say I’m working as a clown and thus have the Uber for Clowns app installed on my phone so I can receive new work.  However, I’m worried about the evilness of my job, so I’ve been browsing some clown horror stories on http://www.ihateclowns.com/.  If the app, running in the background, sees TCP connections to that web site, it could easily report me to the Global Clown Conspiracy, meaning I’ll never work as a clown again!

                      Share and Enjoy

                      Quinn "The Eskimo!"
                      Apple Developer Relations, Developer Technical Support, Core OS/Hardware
                      let myEmail = "eskimo" + "1" + "@apple.com"

                        • Re: Getting a List of All TCP Connections
                          nightsd01 Level 1 Level 1 (15 points)

                          I suppose you're right. Especially when Trump is elected and begins hunting down those with a past hatred of clowns to reeducate them. You wouldn't want that on your record. I know you would like everyone to think you're just joking. But I know the truth. Clown hatred is a real movement in our society. And we've been fighting quietly against the GCC for a long time now. We think of ourselves as Le Resistance (you have to say it in a French accent otherwise they'll figure it out). But don't worry, your secret is safe with me.

                      • Re: Getting a List of All TCP Connections
                        Papaductions Level 1 Level 1 (0 points)

                        Hello, i recently installed iOS 10 Public Beta 7 version and i'm optimizing/testing one of my apps for the upcoming iOS 10 release. Specifically, i have trouble getting TCP/UDP listening connections data using snippets from inet.c code. No data gets returned for the TCP connections. My code worked on iOS 9.3.5 but not on iOS 10. I've searched over the internet to find any possible fix for this or any other users that may had trouble with iOS 10 and the listening connection points but nothing found.

                          • Re: Getting a List of All TCP Connections
                            eskimo Apple Staff Apple Staff (7,960 points)

                            I’m sorry to hear that your app is having compatibility problems.  Do you have a question that hasn’t already been answered by this thread?

                            Share and Enjoy

                            Quinn “The Eskimo!”
                            Apple Developer Relations, Developer Technical Support, Core OS/Hardware
                            let myEmail = "eskimo" + "1" + "@apple.com"