![]() With NEFilterProvider the traffic filtering is going to work regardless of which network the device is connected to. In general, most schools have some sort of content filtering enabled on their local WiFi networks, but that doesn’t work with mobile networks. ![]() ![]() This API was designed primarily for devices owned by schools. The NEFilterProvider (iOS 9+, supervised devices) APIs give the ability to filter network traffic on iOS devices. You won’t be able to run any of these app extensions in a simulator, and to run in on a device you will need to create an entitlement. always-on VPN, the process running an extension will run indefinitely and will automatically be started even after the system restart. The app extension will be automatically started by the system when necessary. The provider subclass should be added inside a special app extension target. NEAppProxyProvider (iOS 9+, supervised devices, managed apps only) is very similar to the NEPacketTunnelProvider, but operates on a TCP/UDP level instead of IP level. In general, you would establish the connection with a VPN server, configure the tunnel, and start reading IP packets coming from the virtual network interface and sending them to the VPN server. NEPacketTunnelProvider (iOS 9+) gives its subclasses access to reading and writing to a virtual network interface. The NETunnelProvider APIs allow apps to implement the client side of a custom network tunneling protocol (e.g. The NEVPNManager (iOS 8+) API gives apps the ability to create and manage a VPN configuration (one per app). There is no need to remember everything in the this section - it’s just a high-level overview that provides a general idea of what the Network Extension framework is about. For example, there is a request by KrauseFx to make NEFilterContentProvider available on non-supervised devices. Please keep in mind that sometimes these limitations get relaxed, so be sure to always check the official documentation. For example, NEDNSProxyProvider is only available on supervised devices, but the Developer Library fails to mention that - I’ve opened a radar. Unfortunately, the official documentation fails to highlight some of these limitations. It’s better to know about these limitations beforehand so that you wouldn’t waste your time exploring an extension which you can’t use. What’s harder to notice is that some extensions only work on supervised devices, dramatically limiting where the apps that use them can be deployed. Some are only available on iOS 11, but that’s easy to figure out. I’m also going to highlight the requirements of each of the extensions. There is already a good overview available in the Developer Library, but it does miss a few things. Let’s start with an overview of the available network extensions. It’s a perfect instrument that would give you a good understanding of how internet protocols work together and what actually goes over the wire. Wireshark is one of my favorite developer tools, I would definitely recommend trying it. ![]() Regardless of whether you go through a tutorial or an RFC, I would recommend installing Wireshark and inspecting one or two sample captures. There is a lot of information available online. It should be enough to understand the basics of IP, TCP and UDP, and a bit about VPN. It’s best to read this series when you’re already familiar with the basics of network protocols. I’m going to start with a high-level overview, dive deep into some of the most interesting extensions and explore a couple of apps that already take the powerful features provided by this fantastic framework. This is the first post in a series about the Network Extension framework. recently released Charles for iOS is built using network extensions). What makes it especially exciting is that there are some surprising applications of some of the extensions which probably weren’t envisioned by Apple (e.g. It provides a set of APIs that can be used to customize core networking features of the OS. ![]() The Network Extension is an expansive framework. There’s probably no other framework on iOS (it’s also available on macOS) that gives you such low-level access to the system. If you haven’t used the Network Extension framework before, you might be surprised at how rich and powerful it is. ![]()
0 Comments
Leave a Reply. |