5 Replies
      Latest reply: Nov 9, 2016 12:25 AM by ginopeloso2 RSS
      ginopeloso2 Level 1 Level 1 (0 points)

        Hi, for a small project I need to "intercept" all the network calls from any app on iOS (on devices of selected and consenting users). Since netstats does not work anymore on iOS 10, is there a way to do something similar with network extensions? Documentation is so poor on this relatively new topic. I have seen that, probably, something could be done by using the NEAppProxyProvider class. Am I wrong? If not, may someone provide some further explanation on how to use these NE features?

        • Re: Network Extension to intercept network calls
          eskimo Apple Staff Apple Staff (7,005 points)

          I need to "intercept" all the network calls from any app on iOS (on devices of selected and consenting users).

          Do you want to just see the traffic?  Or modify it?

          Do you need to know which app the traffic is coming from?

          Share and Enjoy

          Quinn “The Eskimo!”
          Apple Developer Relations, Developer Technical Support, Core OS/Hardware
          let myEmail = "eskimo" + "1" + "@apple.com"

          • Re: Network Extension to intercept network calls
            ginopeloso2 Level 1 Level 1 (0 points)

            Hi, do you have any (good or bad) news?

            I really need an answer to this question, also a "no, you can't use network extensions to realize a so intrusive thing".

            Thanks

              • Re: Network Extension to intercept network calls
                eskimo Apple Staff Apple Staff (7,005 points)

                Hi, do you have any (good or bad) news?

                Sorry, I didn’t see your earlier follow-up.

                I just need to know, for each request, which app has made it, I don't need to modify it nor to do other operations on the requests.

                The Network Extension infrastructure isn’t really set up for this.  The closest match is the filter provider, but that has some serious limits:

                • it only works on supervised devices

                • it does not provide information about the requesting app

                • it takes extraordinary measures to prevent data from the requests escaping the provider

                The app proxy providers (and packet tunnel providers in app proxy mode) are not really designed for this sort of monitoring; the architecture assumes that you have a server that your provider is tunnelling data through.  Also, be aware that these per-app VPN mechanisms assume your running managed apps on a managed device.

                Oh, btw, your posts so far have talked about “requests”.  Does that indicate that you’re interesting only in HTTP[S]?  Or are you looking for all network traffic (both TCP connections and UDP traffic).

                Share and Enjoy

                Quinn “The Eskimo!”
                Apple Developer Relations, Developer Technical Support, Core OS/Hardware
                let myEmail = "eskimo" + "1" + "@apple.com"