NETunnelProviderManager not invoking startTunnel for subclassed NEPacketTunnelProvider

I am currently trying to capture a packetFlow using NEPacketTunnelProvider.


I instantiate the NETunnelProviderManager, calling


try self.manager!.connection.startVPNTunnel()


where manager is


var manager:NETunnelProviderManager?


This works without throwing an error.


According to the documentation, at least from my understanding, system should then call the subclass of the NEPacketTunnelProvider, which overrides the method startTunnel.


However, startTunnel is never being called for me.


I create an NETunnelProviderProtocol for my NETunnelProviderManager as follows:

let providerProtocol = NETunnelProviderProtocol()
providerProtocol.providerBundleIdentifier = providerBundleIdentifier
providerProtocol.serverAddress = serverAddress
providerProtocol.providerConfiguration = [
    "dns": dns,
    "ip": ip,
    "mtu": mtu,
    "port": serverPort,
    "server": serverAddress,
    "subnet": subnet
]
self.manager!.protocolConfiguration = providerProtocol


where providerBundleIdentifer is the identifier for the subclass of NEPacketTunnelProvider.


Am I mistaken that startVPNTunnel tells system to call the overriden method startTunnel of my NEPacketTunnelProvider subclass, which is identified by the providerBundleIdentifier?


Thanks.

Replies

Am I mistaken that

startVPNTunnel
tells system to call the overriden method
startTunnel
of my
NEPacketTunnelProvider
subclass, which is identified by the
providerBundleIdentifier
?

No, that’s correct. Most problems like this are caused by either:

  • The packet tunnel provider app extension not being packaged correctly

  • A runtime problem within the packet tunnel provider

I generally start my investigating by adding some logging to the packet tunnel provider’s initialiser. Something like this:

class Provider : NEPacketTunnelProvider {

    override init() {
        NSLog("QNEPacketTunnel.Provider: init")
        super.init()
        …
    }

    …
}

I then look in the system log for that message. If it shows up, I know that my code at least started to run. If it doesn’t show up then it’s likely I have a packaging problem.

ps What platform are you testing this on?

Share and Enjoy

Quinn “The Eskimo!”
Apple Developer Relations, Developer Technical Support, Core OS/Hardware

let myEmail = "eskimo" + "1" + "@apple.com"

I got same issue with this.

It didn't call override function in subclass of NEPacketTunnelProvider.


Regards,

Nguyen

I have the same issue. My init is not called:

import PIATunnel

class PacketTunnelProvider: PIATunnelProvider {
}
  <key>NSExtension</key>
  <dict>
  <key>NSExtensionPointIdentifier</key>
  <string>com.apple.networkextension.packet-tunnel</string>
  <key>NSExtensionPrincipalClass</key>
  <string>$(PRODUCT_MODULE_NAME).PacketTunnelProvider</string>
  </dict>
open class PIATunnelProvider: NEPacketTunnelProvider {
    override init() {
        os_log("PIATunnelProvider: init")
        super.init()
    }
...
}
<dict>
  <key>com.apple.developer.networking.networkextension</key>
  <array>
  <string>app-proxy-provider</string>
  <string>packet-tunnel-provider</string>
  </array>
  <key>com.apple.security.app-sandbox</key>
  <true/>
  <key>com.apple.security.application-groups</key>
  <array>
  <string>group.com.xxxxx.xxxxx</string>
  </array>
  <key>com.apple.security.network.client</key>
  <true/>
  <key>com.apple.security.network.server</key>
  <true/>
  <key>keychain-access-groups</key>
  <array>
  <string>$(AppIdentifierPrefix)group.com.xxxxx.xxxxx</string>
  </array>
</dict>
</plist>

is the same on both app and its extension


what am I doing wrong?