networkextension

package
v0.5.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 29, 2026 License: MIT Imports: 12 Imported by: 0

Documentation

Overview

Package networkextension provides Go bindings for the NetworkExtension framework.

Customize and extend core networking features.

With the NetworkExtension framework, you can customize and extend the system’s core networking features. Specifically, you can:

Wi-Fi management

  • Wi-Fi configuration: Add persistent Wi-Fi configurations, or temporarily move the device to a specific Wi-Fi network.
  • Configuring a Wi-Fi accessory to join a network: Associate an iOS device with an accessory’s network to deliver network configuration information.
  • Hotspot helper: Integrate your app with the iOS hotspot network subsystem.

Virtual private networks

Network relays

  • Relays: Create and manage a system-wide network relay configuration that uses built-in proxying for TCP and UDP traffic over HTTP/3 and HTTP/2. (NERelayManager, NERelay)

Content filters

URL filters

  • URL filters: Create a filter that analyzes full URLs, while preserving privacy. (NEURLFilter)

DNS configurations

Local networking

  • Local push connectivity: Provide functionality similar to Apple Push Notification Service when access to the wider internet is unavailable.

App extensions

  • NEAppExtensionConfiguration: A class that defines configuration options for use in NetworkExtension app extensions.

Protocols

  • NEAppProxyUDPFlowHandling

Variables

  • NERelayClientErrorDomain

Enumerations

  • NERelayManagerClientError

Key Types

Code generated from Apple documentation. DO NOT EDIT.

Index

Constants

This section is empty.

Variables

View Source 
var (
	// NEAppProxyErrorDomain is the domain used for app proxy errors.
	//
	// See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyErrorDomain
	NEAppProxyErrorDomain string
	// NEDNSProxyConfigurationDidChangeNotification is a notification that is posted when the DNS proxy configuration changes.
	//
	// See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyConfigurationDidChangeNotification
	NEDNSProxyConfigurationDidChangeNotification string
	// NEDNSProxyErrorDomain is the DNS proxy error domain.
	//
	// See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyErrorDomain
	NEDNSProxyErrorDomain string
	// See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettingsConfigurationDidChangeNotification
	NEDNSSettingsConfigurationDidChangeNotification string
	// NEDNSSettingsErrorDomain is the domain for errors resulting from calls to the DNS settings manager.
	//
	// See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettingsErrorDomain
	NEDNSSettingsErrorDomain string
	// NEFilterConfigurationDidChangeNotification is posted after the filter configuration stored in the Network Extension preferences changes.
	//
	// See: https://developer.apple.com/documentation/NetworkExtension/NEFilterConfigurationDidChangeNotification
	NEFilterConfigurationDidChangeNotification string
	// NEFilterErrorDomain is the domain for errors resulting from calls to the filter manager.
	//
	// See: https://developer.apple.com/documentation/NetworkExtension/NEFilterErrorDomain
	NEFilterErrorDomain string
	// See: https://developer.apple.com/documentation/NetworkExtension/NERelayClientErrorDomain
	NERelayClientErrorDomain string
	// See: https://developer.apple.com/documentation/NetworkExtension/NERelayConfigurationDidChangeNotification
	NERelayConfigurationDidChangeNotification string
	// NERelayErrorDomain is the domain for errors resulting from calls to the relay manager.
	//
	// See: https://developer.apple.com/documentation/NetworkExtension/NERelayErrorDomain
	NERelayErrorDomain string
	// NETunnelProviderErrorDomain is the domain used for Tunnel Provider errors.
	//
	// See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderErrorDomain
	NETunnelProviderErrorDomain string
	// NEVPNConfigurationChangeNotification is posted after the VPN configuration stored in the Network Extension preferences changes.
	//
	// See: https://developer.apple.com/documentation/NetworkExtension/NEVPNConfigurationChangeNotification
	NEVPNConfigurationChangeNotification string
	// NEVPNConnectionErrorDomain is the domain for errors resulting from VPN connection calls.
	//
	// See: https://developer.apple.com/documentation/NetworkExtension/NEVPNConnectionErrorDomain
	NEVPNConnectionErrorDomain string
	// See: https://developer.apple.com/documentation/NetworkExtension/NEVPNConnectionStartOptionPassword
	NEVPNConnectionStartOptionPassword string
	// See: https://developer.apple.com/documentation/NetworkExtension/NEVPNConnectionStartOptionUsername
	NEVPNConnectionStartOptionUsername string
	// See: https://developer.apple.com/documentation/NetworkExtension/NEVPNErrorDomain
	NEVPNErrorDomain string
	// NEVPNStatusDidChangeNotification is posted when the status of the VPN connection changes.
	//
	// See: https://developer.apple.com/documentation/NetworkExtension/NEVPNStatusDidChangeNotification
	NEVPNStatusDidChangeNotification string
)

Functions

func NewArrayBlock 

func NewArrayBlock(handler ArrayHandler) (objc.ID, func())

NewArrayBlock wraps a Go ArrayHandler as an Objective-C block. The caller must defer the returned cleanup function.

Used by:

  • [NEPacketTunnelFlow.ReadPacketObjectsWithCompletionHandler]
  • [NWTCPConnectionAuthenticationDelegate.ProvideIdentityForConnectionCompletionHandler]

func NewDataBlock 

func NewDataBlock(handler DataHandler) (objc.ID, func())

NewDataBlock wraps a Go DataHandler as an Objective-C block. The caller must defer the returned cleanup function.

Used by:

func NewDataErrorBlock 

func NewDataErrorBlock(handler DataErrorHandler) (objc.ID, func())

NewDataErrorBlock wraps a Go DataErrorHandler as an Objective-C block. The caller must defer the returned cleanup function.

Used by:

func NewErrorBlock 

func NewErrorBlock(handler ErrorHandler) (objc.ID, func())

NewErrorBlock wraps a Go ErrorHandler as an Objective-C block. The caller must defer the returned cleanup function.

Used by:

func NewSecTrustRefBlock 

func NewSecTrustRefBlock(handler SecTrustRefHandler) (objc.ID, func())

NewSecTrustRefBlock wraps a Go SecTrustRefHandler as an Objective-C block. The caller must defer the returned cleanup function.

Used by:

  • [NWTCPConnectionAuthenticationDelegate.EvaluateTrustForConnectionPeerCertificateChainCompletionHandler]

func NewVoidBlock 

func NewVoidBlock(handler VoidHandler) (objc.ID, func())

NewVoidBlock wraps a Go VoidHandler as an Objective-C block. The caller must defer the returned cleanup function.

Used by:

Types

type ArrayErrorHandler 

type ArrayErrorHandler = func(*[]NEAppProxyProviderManager, error)

ArrayErrorHandler handles A block that takes an NSArray of NEAppProxyProviderManager objects, and an NSError object.

Used by:

  • [NEAppProxyProviderManager.LoadAllFromPreferencesWithCompletionHandler]
  • [NERelayManager.LoadAllManagersFromPreferencesWithCompletionHandler]
  • [NETransparentProxyManager.LoadAllFromPreferencesWithCompletionHandler]
  • [NETunnelProviderManager.LoadAllFromPreferencesWithCompletionHandler]
  • [NWUDPSession.SetReadHandlerMaxDatagrams]

type ArrayHandler 

type ArrayHandler = func(security.SecIdentityRef)

ArrayHandler handles The completion handler for passing an identity and certificate chain to the connection.

Used by:

  • [NEPacketTunnelFlow.ReadPacketObjectsWithCompletionHandler]
  • [NWTCPConnectionAuthenticationDelegate.ProvideIdentityForConnectionCompletionHandler]

type DataErrorHandler 

type DataErrorHandler = func(*foundation.NSData, error)

DataErrorHandler handles A block that will be executed by the system on an internal system thread when some data is read from the flow. The error can be type-asserted to *foundation.NSError for Domain, Code, and UserInfo.

Used by:

type DataHandler 

type DataHandler = func(*foundation.NSData)

DataHandler handles A block to be executed by the Tunnel Provider when it is finished handling the message.

Used by:

type ErrorHandler 

type ErrorHandler = func(error)

ErrorHandler handles Called when the open operation is complete.

  • error: A `nil` value indicates the flow opened successfully. A non-`nil` value indicates the flow could not be opened. See NEAppProxyFlowError(<doc://com.apple.networkextension/documentation/NetworkExtension/NEAppProxyFlowError-swift.struct>) for a list of expected error codes.

The error can be type-asserted to *foundation.NSError for Domain, Code, and UserInfo.

Used by:

type INEAppProxyFlow 

type INEAppProxyFlow interface {
	objectivec.IObject

	// Close the flow for further read operations.
	CloseReadWithError(error_ foundation.INSError)
	// Close the flow for further write operations.
	CloseWriteWithError(error_ foundation.INSError)

	// A metadata object containing information about the source app of the flow.
	MetaData() INEFlowMetaData
	// Sets the flow’s metadata for use by proxy providers.
	SetMetadata(parameters objectivec.IObject)
	// A Boolean value that indicates whether the flow has a binding to a specific interface.
	IsBound() bool
	// The network interface, if any, used by this flow.
	NetworkInterface() objectivec.IObject
	SetNetworkInterface(value objectivec.IObject)
	// The remote host name for flows created from a hostname.
	RemoteHostname() string

	// The domain used for app proxy errors.
	NEAppProxyErrorDomain() string

	Interface() objectivec.IObject
	SetInterface(value objectivec.IObject)
}

An interface definition for the NEAppProxyFlow class.

Managing the flow life cycle

  • [INEAppProxyFlow.CloseReadWithError]: Close the flow for further read operations.
  • [INEAppProxyFlow.CloseWriteWithError]: Close the flow for further write operations.

Accessing flow information

  • [INEAppProxyFlow.MetaData]: A metadata object containing information about the source app of the flow.
  • [INEAppProxyFlow.SetMetadata]: Sets the flow’s metadata for use by proxy providers.
  • [INEAppProxyFlow.IsBound]: A Boolean value that indicates whether the flow has a binding to a specific interface.
  • [INEAppProxyFlow.NetworkInterface]: The network interface, if any, used by this flow.
  • [INEAppProxyFlow.SetNetworkInterface]
  • [INEAppProxyFlow.RemoteHostname]: The remote host name for flows created from a hostname.

Errors

  • [INEAppProxyFlow.NEAppProxyErrorDomain]: The domain used for app proxy errors.

Instance Properties

  • [INEAppProxyFlow.Interface]
  • [INEAppProxyFlow.SetInterface]

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyFlow

type INEAppProxyProvider 

type INEAppProxyProvider interface {
	INETunnelProvider

	// Start the network proxy.
	StartProxyWithOptionsCompletionHandler(options foundation.INSDictionary, completionHandler ErrorHandler)
	// Stop the network proxy.
	StopProxyWithReasonCompletionHandler(reason NEProviderStopReason, completionHandler VoidHandler)
	// Stop the network proxy from the App Proxy Provider.
	CancelProxyWithError(error_ foundation.INSError)

	// Handle a new flow of network data.
	HandleNewFlow(flow INEAppProxyFlow) bool
}

An interface definition for the NEAppProxyProvider class.

Managing the app proxy life cycle

  • [INEAppProxyProvider.StartProxyWithOptionsCompletionHandler]: Start the network proxy.
  • [INEAppProxyProvider.StopProxyWithReasonCompletionHandler]: Stop the network proxy.
  • [INEAppProxyProvider.CancelProxyWithError]: Stop the network proxy from the App Proxy Provider.

Handling proxied flows

  • [INEAppProxyProvider.HandleNewFlow]: Handle a new flow of network data.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyProvider

type INEAppProxyProviderManager 

type INEAppProxyProviderManager interface {
	INETunnelProviderManager
}

An interface definition for the NEAppProxyProviderManager class.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyProviderManager

type INEAppProxyTCPFlow 

type INEAppProxyTCPFlow interface {
	INEAppProxyFlow

	// Write data to the flow.
	WriteDataWithCompletionHandler(data foundation.INSData, completionHandler ErrorHandler)
	// Read data from the flow.
	ReadDataWithCompletionHandler(completionHandler DataErrorHandler)

	// An [NWEndpoint](<doc://com.apple.networkextension/documentation/NetworkExtension/NWEndpoint>) object containing information about the intended remote endpoint of the flow.
	RemoteEndpoint() INWEndpoint

	RemoteFlowEndpoint() INWEndpoint
	SetRemoteFlowEndpoint(value INWEndpoint)
}

An interface definition for the NEAppProxyTCPFlow class.

Handling flow data

  • [INEAppProxyTCPFlow.WriteDataWithCompletionHandler]: Write data to the flow.
  • [INEAppProxyTCPFlow.ReadDataWithCompletionHandler]: Read data from the flow.

Getting flow information

  • [INEAppProxyTCPFlow.RemoteEndpoint]: An NWEndpoint(<doc://com.apple.networkextension/documentation/NetworkExtension/NWEndpoint>) object containing information about the intended remote endpoint of the flow.

Instance Properties

  • [INEAppProxyTCPFlow.RemoteFlowEndpoint]
  • [INEAppProxyTCPFlow.SetRemoteFlowEndpoint]

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyTCPFlow

type INEAppProxyUDPFlow 

type INEAppProxyUDPFlow interface {
	INEAppProxyFlow

	// An [NWEndpoint](<doc://com.apple.networkextension/documentation/NetworkExtension/NWEndpoint>) object containing information about the local endpoint of the flow.
	LocalEndpoint() INWEndpoint

	LocalFlowEndpoint() INWEndpoint
	SetLocalFlowEndpoint(value INWEndpoint)
}

An interface definition for the NEAppProxyUDPFlow class.

Getting flow information

  • [INEAppProxyUDPFlow.LocalEndpoint]: An NWEndpoint(<doc://com.apple.networkextension/documentation/NetworkExtension/NWEndpoint>) object containing information about the local endpoint of the flow.

Instance Properties

  • [INEAppProxyUDPFlow.LocalFlowEndpoint]
  • [INEAppProxyUDPFlow.SetLocalFlowEndpoint]

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyUDPFlow

type INEAppRule 

type INEAppRule interface {
	objectivec.IObject

	// Create an app rule that matches an app with a given signing identifier and a given designated requirement.
	InitWithSigningIdentifierDesignatedRequirement(signingIdentifier string, designatedRequirement string) NEAppRule

	// The signing identifier of the app that matches the rule.
	MatchSigningIdentifier() string
	// The designated requirement of the app that matches the rule.
	MatchDesignatedRequirement() string
	// The file system path of the app that matches the rule.
	MatchPath() string
	SetMatchPath(value string)
	// The hostname domains that match the rule.
	MatchDomains() foundation.INSArray
	SetMatchDomains(value foundation.INSArray)
	// An array of app rule objects that restrict the rule so it only matches network traffic generated from helper processes.
	MatchTools() []NEAppRule
	SetMatchTools(value []NEAppRule)

	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NEAppRule class.

Initializing an app rule

  • [INEAppRule.InitWithSigningIdentifierDesignatedRequirement]: Create an app rule that matches an app with a given signing identifier and a given designated requirement.

Accessing app rule properties

  • [INEAppRule.MatchSigningIdentifier]: The signing identifier of the app that matches the rule.
  • [INEAppRule.MatchDesignatedRequirement]: The designated requirement of the app that matches the rule.
  • [INEAppRule.MatchPath]: The file system path of the app that matches the rule.
  • [INEAppRule.SetMatchPath]
  • [INEAppRule.MatchDomains]: The hostname domains that match the rule.
  • [INEAppRule.SetMatchDomains]
  • [INEAppRule.MatchTools]: An array of app rule objects that restrict the rule so it only matches network traffic generated from helper processes.
  • [INEAppRule.SetMatchTools]

See: https://developer.apple.com/documentation/NetworkExtension/NEAppRule

type INEDNSOverHTTPSSettings 

type INEDNSOverHTTPSSettings interface {
	INEDNSSettings

	// The URL of a DNS-over-HTTPS server.
	ServerURL() foundation.INSURL
	SetServerURL(value foundation.INSURL)

	// A persistent keychain reference to a keychain item containing the certificate and private key components of the DNS client credential.
	IdentityReference() foundation.INSData
	SetIdentityReference(value foundation.INSData)
}

An interface definition for the NEDNSOverHTTPSSettings class.

Configuring server properties

  • [INEDNSOverHTTPSSettings.ServerURL]: The URL of a DNS-over-HTTPS server.
  • [INEDNSOverHTTPSSettings.SetServerURL]

Configuring client properties

  • [INEDNSOverHTTPSSettings.IdentityReference]: A persistent keychain reference to a keychain item containing the certificate and private key components of the DNS client credential.
  • [INEDNSOverHTTPSSettings.SetIdentityReference]

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSOverHTTPSSettings

type INEDNSOverTLSSettings 

type INEDNSOverTLSSettings interface {
	INEDNSSettings

	// The TLS name of a DNS-over-TLS server.
	ServerName() string
	SetServerName(value string)

	// A persistent keychain reference to a keychain item containing the certificate and private key components of the DNS client credential.
	IdentityReference() foundation.INSData
	SetIdentityReference(value foundation.INSData)
}

An interface definition for the NEDNSOverTLSSettings class.

Configuring server properties

  • [INEDNSOverTLSSettings.ServerName]: The TLS name of a DNS-over-TLS server.
  • [INEDNSOverTLSSettings.SetServerName]

Configuring client properties

  • [INEDNSOverTLSSettings.IdentityReference]: A persistent keychain reference to a keychain item containing the certificate and private key components of the DNS client credential.
  • [INEDNSOverTLSSettings.SetIdentityReference]

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSOverTLSSettings

type INEDNSProxyManager 

type INEDNSProxyManager interface {
	objectivec.IObject

	// Loads the current DNS proxy configuration from the caller’s DNS proxy preferences.
	LoadFromPreferencesWithCompletionHandler(completionHandler ErrorHandler)
	// Saves the DNS proxy configuration in the caller’s DNS proxy preferences.
	SaveToPreferencesWithCompletionHandler(completionHandler ErrorHandler)
	// Removes the DNS proxy configuration from the caller’s DNS proxy preferences.
	RemoveFromPreferencesWithCompletionHandler(completionHandler ErrorHandler)

	// The status of a DNS proxy.
	Enabled() bool
	SetEnabled(value bool)
	// The provider-specific portion of the DNS proxy configuration.
	ProviderProtocol() INEDNSProxyProviderProtocol
	SetProviderProtocol(value INEDNSProxyProviderProtocol)
	// A description of the DNS proxy.
	LocalizedDescription() string
	SetLocalizedDescription(value string)

	// A notification that is posted when the DNS proxy configuration changes.
	NEDNSProxyConfigurationDidChange() foundation.NSString

	// The DNS proxy error domain.
	NEDNSProxyErrorDomain() string
}

An interface definition for the NEDNSProxyManager class.

Managing the DNS proxy configuration

  • [INEDNSProxyManager.LoadFromPreferencesWithCompletionHandler]: Loads the current DNS proxy configuration from the caller’s DNS proxy preferences.
  • [INEDNSProxyManager.SaveToPreferencesWithCompletionHandler]: Saves the DNS proxy configuration in the caller’s DNS proxy preferences.
  • [INEDNSProxyManager.RemoveFromPreferencesWithCompletionHandler]: Removes the DNS proxy configuration from the caller’s DNS proxy preferences.

Accessing DNS proxy configuration properties

  • [INEDNSProxyManager.Enabled]: The status of a DNS proxy.
  • [INEDNSProxyManager.SetEnabled]
  • [INEDNSProxyManager.ProviderProtocol]: The provider-specific portion of the DNS proxy configuration.
  • [INEDNSProxyManager.SetProviderProtocol]
  • [INEDNSProxyManager.LocalizedDescription]: A description of the DNS proxy.
  • [INEDNSProxyManager.SetLocalizedDescription]

Notifications

  • [INEDNSProxyManager.NEDNSProxyConfigurationDidChange]: A notification that is posted when the DNS proxy configuration changes.

Errors

  • [INEDNSProxyManager.NEDNSProxyErrorDomain]: The DNS proxy error domain.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyManager

type INEDNSProxyProvider 

type INEDNSProxyProvider interface {
	INEProvider

	// Starts the DNS proxy.
	StartProxyWithOptionsCompletionHandler(options foundation.INSDictionary, completionHandler ErrorHandler)
	// Stops the DNS proxy.
	StopProxyWithReasonCompletionHandler(reason NEProviderStopReason, completionHandler VoidHandler)
	// Cancels the DNS proxy.
	CancelProxyWithError(error_ foundation.INSError)

	// Handles a new flow of DNS traffic.
	HandleNewFlow(flow INEAppProxyFlow) bool

	// The current system DNS settings.
	SystemDNSSettings() foundation.INSSet
}

An interface definition for the NEDNSProxyProvider class.

Managing the DNS proxy life cycle

  • [INEDNSProxyProvider.StartProxyWithOptionsCompletionHandler]: Starts the DNS proxy.
  • [INEDNSProxyProvider.StopProxyWithReasonCompletionHandler]: Stops the DNS proxy.
  • [INEDNSProxyProvider.CancelProxyWithError]: Cancels the DNS proxy.

Handling proxied DNS flow

  • [INEDNSProxyProvider.HandleNewFlow]: Handles a new flow of DNS traffic.

Getting system DNS settings

  • [INEDNSProxyProvider.SystemDNSSettings]: The current system DNS settings.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyProvider

type INEDNSProxyProviderProtocol 

type INEDNSProxyProviderProtocol interface {
	INEVPNProtocol

	// A dictionary containing vendor-specific configuration parameters for a proxy provider.
	ProviderConfiguration() foundation.INSDictionary
	SetProviderConfiguration(value foundation.INSDictionary)
	// A string containing the bundle identifier of the proxy provider to be used by this configuration.
	ProviderBundleIdentifier() string
	SetProviderBundleIdentifier(value string)
}

An interface definition for the NEDNSProxyProviderProtocol class.

Accessing the DNS proxy configuration

  • [INEDNSProxyProviderProtocol.ProviderConfiguration]: A dictionary containing vendor-specific configuration parameters for a proxy provider.
  • [INEDNSProxyProviderProtocol.SetProviderConfiguration]
  • [INEDNSProxyProviderProtocol.ProviderBundleIdentifier]: A string containing the bundle identifier of the proxy provider to be used by this configuration.
  • [INEDNSProxyProviderProtocol.SetProviderBundleIdentifier]

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyProviderProtocol

type INEDNSSettings 

type INEDNSSettings interface {
	objectivec.IObject

	// Initialize the [NEDNSSetting] object.
	InitWithServers(servers []string) NEDNSSettings

	// The DNS server IP addresses.
	Servers() []string
	// A list of domain strings used to fully qualify single-label host names.
	SearchDomains() []string
	SetSearchDomains(value []string)
	// The primary domain of the tunnel.
	DomainName() string
	SetDomainName(value string)
	// A list of domain strings used to determine which DNS queries will use the DNS resolver settings contained in this object.
	MatchDomains() []string
	SetMatchDomains(value []string)
	// A Boolean that specifies if the domains in the `matchDomains` list should not be appended to the resolver’s list of search domains.
	MatchDomainsNoSearch() bool
	SetMatchDomainsNoSearch(value bool)
	// The DNS protocol used by the server, such as HTTPS or TLS.
	DnsProtocol() NEDNSProtocol

	AllowFailover() bool
	SetAllowFailover(value bool)

	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NEDNSSettings class.

Initializing DNS settings

  • [INEDNSSettings.InitWithServers]: Initialize the [NEDNSSetting] object.

Accessing DNS properties

  • [INEDNSSettings.Servers]: The DNS server IP addresses.
  • [INEDNSSettings.SearchDomains]: A list of domain strings used to fully qualify single-label host names.
  • [INEDNSSettings.SetSearchDomains]
  • [INEDNSSettings.DomainName]: The primary domain of the tunnel.
  • [INEDNSSettings.SetDomainName]
  • [INEDNSSettings.MatchDomains]: A list of domain strings used to determine which DNS queries will use the DNS resolver settings contained in this object.
  • [INEDNSSettings.SetMatchDomains]
  • [INEDNSSettings.MatchDomainsNoSearch]: A Boolean that specifies if the domains in the `matchDomains` list should not be appended to the resolver’s list of search domains.
  • [INEDNSSettings.SetMatchDomainsNoSearch]
  • [INEDNSSettings.DnsProtocol]: The DNS protocol used by the server, such as HTTPS or TLS.

Instance Properties

  • [INEDNSSettings.AllowFailover]
  • [INEDNSSettings.SetAllowFailover]

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettings

type INEDNSSettingsManager 

type INEDNSSettingsManager interface {
	objectivec.IObject

	// Load your DNS settings configuration from the system networking preferences.
	LoadFromPreferencesWithCompletionHandler(completionHandler ErrorHandler)
	// Save your DNS settings configuration to the system networking preferences.
	SaveToPreferencesWithCompletionHandler(completionHandler ErrorHandler)
	// Remove your DNS settings configuration from the system networking preferences.
	RemoveFromPreferencesWithCompletionHandler(completionHandler ErrorHandler)

	// A Boolean you use to query the enabled state of the DNS settings configuration.
	Enabled() bool
	// An object that contains the configuration settings for a DNS server.
	DnsSettings() INEDNSSettings
	SetDnsSettings(value INEDNSSettings)
	// A string that contains the display name of the DNS settings configuration.
	LocalizedDescription() string
	SetLocalizedDescription(value string)
	// A list of ordered rules that defines the networks on which the DNS settings will apply.
	OnDemandRules() []NEOnDemandRule
	SetOnDemandRules(value []NEOnDemandRule)

	// The domain for errors resulting from calls to the DNS settings manager.
	NEDNSSettingsErrorDomain() string
}

An interface definition for the NEDNSSettingsManager class.

Managing DNS configurations

  • [INEDNSSettingsManager.LoadFromPreferencesWithCompletionHandler]: Load your DNS settings configuration from the system networking preferences.
  • [INEDNSSettingsManager.SaveToPreferencesWithCompletionHandler]: Save your DNS settings configuration to the system networking preferences.
  • [INEDNSSettingsManager.RemoveFromPreferencesWithCompletionHandler]: Remove your DNS settings configuration from the system networking preferences.

Accessing DNS configuration properties

  • [INEDNSSettingsManager.Enabled]: A Boolean you use to query the enabled state of the DNS settings configuration.
  • [INEDNSSettingsManager.DnsSettings]: An object that contains the configuration settings for a DNS server.
  • [INEDNSSettingsManager.SetDnsSettings]
  • [INEDNSSettingsManager.LocalizedDescription]: A string that contains the display name of the DNS settings configuration.
  • [INEDNSSettingsManager.SetLocalizedDescription]
  • [INEDNSSettingsManager.OnDemandRules]: A list of ordered rules that defines the networks on which the DNS settings will apply.
  • [INEDNSSettingsManager.SetOnDemandRules]

Handling errors

  • [INEDNSSettingsManager.NEDNSSettingsErrorDomain]: The domain for errors resulting from calls to the DNS settings manager.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettingsManager

type INEEthernetTunnelNetworkSettings 

type INEEthernetTunnelNetworkSettings interface {
	INEPacketTunnelNetworkSettings

	// Creates a settings object with a given tunnel remote address and MAC address.
	InitWithTunnelRemoteAddressEthernetAddressMtu(address string, ethernetAddress string, mtu int) NEEthernetTunnelNetworkSettings

	// The ethernet address of the tunnel interface, as a string.
	EthernetAddress() string
}

An interface definition for the NEEthernetTunnelNetworkSettings class.

Creating a settings instance

  • [INEEthernetTunnelNetworkSettings.InitWithTunnelRemoteAddressEthernetAddressMtu]: Creates a settings object with a given tunnel remote address and MAC address.

Inspecting settings properties

  • [INEEthernetTunnelNetworkSettings.EthernetAddress]: The ethernet address of the tunnel interface, as a string.

See: https://developer.apple.com/documentation/NetworkExtension/NEEthernetTunnelNetworkSettings

type INEEthernetTunnelProvider 

type INEEthernetTunnelProvider interface {
	INEPacketTunnelProvider
}

An interface definition for the NEEthernetTunnelProvider class.

See: https://developer.apple.com/documentation/NetworkExtension/NEEthernetTunnelProvider

type INEEvaluateConnectionRule 

type INEEvaluateConnectionRule interface {
	objectivec.IObject

	// Initialize an [NEEvaluateConnectionRule] instance with a list of destination host domains and an action.
	InitWithMatchDomainsAndAction(domains []string, action NEEvaluateConnectionRuleAction) NEEvaluateConnectionRule

	// An array of domains used to match the destination hostname of connections. If the destination hostname of a connection matches any of the domains in the array, then the connection matches the rule. Each domain is matched against the destination hostname using suffix matching, and each label in the domain must match an entire label in the hostname. For example, the domain `example.Com()` will match the hostname `www.ExampleXCUIElementTypeCom()` but not `www.AnotherexampleXCUIElementTypeCom()`.
	MatchDomains() []string
	// If the rule matches the connection being established and the action is [NEEvaluateConnectionRuleActionConnectIfNeeded], the DNS servers specified in this array are used to resolve the destination hostname of the connection while evaluating connectivity to the destination of the connection. If the resolution fails for any reason, the VPN is started.
	UseDNSServers() []string
	SetUseDNSServers(value []string)
	// An HTTP or HTTPS URL. If the rule matches the connection being established and the action is [NEEvaluateConnectionRuleActionConnectIfNeeded] and a request sent to this URL results in a response with an HTTP response code other than 200, then the VPN is started.
	ProbeURL() foundation.INSURL
	SetProbeURL(value foundation.INSURL)

	// The action to take if the properties of the network connection being established match the rule.
	Action() NEEvaluateConnectionRuleAction

	// An array of
	ConnectionRules() INEEvaluateConnectionRule
	SetConnectionRules(value INEEvaluateConnectionRule)
	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NEEvaluateConnectionRule class.

Initializing a Rule

  • [INEEvaluateConnectionRule.InitWithMatchDomainsAndAction]: Initialize an NEEvaluateConnectionRule instance with a list of destination host domains and an action.

Accessing Rule Match Properties

  • [INEEvaluateConnectionRule.MatchDomains]: An array of domains used to match the destination hostname of connections. If the destination hostname of a connection matches any of the domains in the array, then the connection matches the rule. Each domain is matched against the destination hostname using suffix matching, and each label in the domain must match an entire label in the hostname. For example, the domain `example.Com()` will match the hostname `www.ExampleXCUIElementTypeCom()` but not `www.AnotherexampleXCUIElementTypeCom()`.
  • [INEEvaluateConnectionRule.UseDNSServers]: If the rule matches the connection being established and the action is NEEvaluateConnectionRuleActionConnectIfNeeded, the DNS servers specified in this array are used to resolve the destination hostname of the connection while evaluating connectivity to the destination of the connection. If the resolution fails for any reason, the VPN is started.
  • [INEEvaluateConnectionRule.SetUseDNSServers]
  • [INEEvaluateConnectionRule.ProbeURL]: An HTTP or HTTPS URL. If the rule matches the connection being established and the action is NEEvaluateConnectionRuleActionConnectIfNeeded and a request sent to this URL results in a response with an HTTP response code other than 200, then the VPN is started.
  • [INEEvaluateConnectionRule.SetProbeURL]

Accessing the Rule Action

  • [INEEvaluateConnectionRule.Action]: The action to take if the properties of the network connection being established match the rule.

See: https://developer.apple.com/documentation/NetworkExtension/NEEvaluateConnectionRule

type INEFilterDataProvider 

type INEFilterDataProvider interface {
	INEFilterProvider

	// Make a filtering decision for a newly-created flow of network content.
	HandleNewFlow(flow INEFilterFlow) INEFilterNewFlowVerdict
	// Make a filtering decision about a chunk of inbound data.
	HandleInboundDataFromFlowReadBytesStartOffsetReadBytes(flow INEFilterFlow, offset uint, readBytes foundation.INSData) INEFilterDataVerdict
	// Make a filtering decision about a chunk of outbound data.
	HandleOutboundDataFromFlowReadBytesStartOffsetReadBytes(flow INEFilterFlow, offset uint, readBytes foundation.INSData) INEFilterDataVerdict
	// Make a filtering decision after seeing all of the inbound data for a flow.
	HandleInboundDataCompleteForFlow(flow INEFilterFlow) INEFilterDataVerdict
	// Make a filtering decision after seeing all of the outbound data for a flow.
	HandleOutboundDataCompleteForFlow(flow INEFilterFlow) INEFilterDataVerdict

	// Applies a set of filtering rules associated with the provider and changes the default filtering action.
	ApplySettingsCompletionHandler(settings INEFilterSettings, completionHandler ErrorHandler)

	// Resumes a previously-paused flow.
	ResumeFlowWithVerdict(flow INEFilterFlow, verdict INEFilterVerdict)

	// Updates the verdict for a flow outside the context of any filter data provider callback.
	UpdateFlowUsingVerdictForDirection(flow INEFilterSocketFlow, verdict INEFilterDataVerdict, direction NETrafficDirection)
}

An interface definition for the NEFilterDataProvider class.

Filtering network content

  • [INEFilterDataProvider.HandleNewFlow]: Make a filtering decision for a newly-created flow of network content.
  • [INEFilterDataProvider.HandleInboundDataFromFlowReadBytesStartOffsetReadBytes]: Make a filtering decision about a chunk of inbound data.
  • [INEFilterDataProvider.HandleOutboundDataFromFlowReadBytesStartOffsetReadBytes]: Make a filtering decision about a chunk of outbound data.
  • [INEFilterDataProvider.HandleInboundDataCompleteForFlow]: Make a filtering decision after seeing all of the inbound data for a flow.
  • [INEFilterDataProvider.HandleOutboundDataCompleteForFlow]: Make a filtering decision after seeing all of the outbound data for a flow.

Changing filter settings

  • [INEFilterDataProvider.ApplySettingsCompletionHandler]: Applies a set of filtering rules associated with the provider and changes the default filtering action.

Resuming data flows

  • [INEFilterDataProvider.ResumeFlowWithVerdict]: Resumes a previously-paused flow.

Updating filter verdicts

  • [INEFilterDataProvider.UpdateFlowUsingVerdictForDirection]: Updates the verdict for a flow outside the context of any filter data provider callback.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterDataProvider

type INEFilterDataVerdict 

type INEFilterDataVerdict interface {
	INEFilterVerdict

	// The frequencty at which to provide flow statistics to the data provider.
	StatisticsReportFrequency() NEFilterReportFrequency
	SetStatisticsReportFrequency(value NEFilterReportFrequency)
}

An interface definition for the NEFilterDataVerdict class.

Reporting statistics

  • [INEFilterDataVerdict.StatisticsReportFrequency]: The frequencty at which to provide flow statistics to the data provider.
  • [INEFilterDataVerdict.SetStatisticsReportFrequency]

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterDataVerdict

type INEFilterFlow 

type INEFilterFlow interface {
	objectivec.IObject

	// The flow’s HTTP URL.
	URL() foundation.INSURL
	// The unique identifier of the flow.
	Identifier() foundation.NSUUID
	// The initial direction of the flow: incoming or outgoing.
	Direction() NETrafficDirection
	// The maximum number of bytes to pass or peek for a flow.
	NEFilterFlowBytesMax() uint64
	SetNEFilterFlowBytesMax(value uint64)

	// The audit token of the source application of the flow.
	SourceAppAuditToken() foundation.INSData
	// The audit token of the process that created the flow.
	SourceProcessAuditToken() foundation.INSData

	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NEFilterFlow class.

Inspecting flow properties

  • [INEFilterFlow.URL]: The flow’s HTTP URL.
  • [INEFilterFlow.Identifier]: The unique identifier of the flow.
  • [INEFilterFlow.Direction]: The initial direction of the flow: incoming or outgoing.
  • [INEFilterFlow.NEFilterFlowBytesMax]: The maximum number of bytes to pass or peek for a flow.
  • [INEFilterFlow.SetNEFilterFlowBytesMax]

Source app identification

  • [INEFilterFlow.SourceAppAuditToken]: The audit token of the source application of the flow.
  • [INEFilterFlow.SourceProcessAuditToken]: The audit token of the process that created the flow.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterFlow

type INEFilterManager 

type INEFilterManager interface {
	objectivec.IObject

	// Load the filter configuration from the Network Extension preferences.
	LoadFromPreferencesWithCompletionHandler(completionHandler ErrorHandler)
	// Save the filter configuration in the Network Extension preferences.
	SaveToPreferencesWithCompletionHandler(completionHandler ErrorHandler)
	// Remove the filter configuration from the Network Extension preferences.
	RemoveFromPreferencesWithCompletionHandler(completionHandler ErrorHandler)

	// A Boolean used to toggle the enabled state of the filter.
	Enabled() bool
	SetEnabled(value bool)
	// A [NEFilterProviderConfiguration](<doc://com.apple.networkextension/documentation/NetworkExtension/NEFilterProviderConfiguration>) object containing the filter configuration settings.
	ProviderConfiguration() INEFilterProviderConfiguration
	SetProviderConfiguration(value INEFilterProviderConfiguration)
	// A string containing a description of the filter configuration.
	LocalizedDescription() string
	SetLocalizedDescription(value string)

	// The grade of the filter, which determines when it acts relative to other filters.
	Grade() NEFilterManagerGrade
	SetGrade(value NEFilterManagerGrade)

	// The domain for errors resulting from calls to the filter manager.
	NEFilterErrorDomain() string

	// Posted after the filter configuration stored in the Network Extension preferences changes.
	NEFilterConfigurationDidChange() foundation.NSString

	DisableEncryptedDNSSettings() bool
	SetDisableEncryptedDNSSettings(value bool)
}

An interface definition for the NEFilterManager class.

Managing the filter configuration

  • [INEFilterManager.LoadFromPreferencesWithCompletionHandler]: Load the filter configuration from the Network Extension preferences.
  • [INEFilterManager.SaveToPreferencesWithCompletionHandler]: Save the filter configuration in the Network Extension preferences.
  • [INEFilterManager.RemoveFromPreferencesWithCompletionHandler]: Remove the filter configuration from the Network Extension preferences.

Accessing filter configuration properties

  • [INEFilterManager.Enabled]: A Boolean used to toggle the enabled state of the filter.
  • [INEFilterManager.SetEnabled]
  • [INEFilterManager.ProviderConfiguration]: A NEFilterProviderConfiguration(<doc://com.apple.networkextension/documentation/NetworkExtension/NEFilterProviderConfiguration>) object containing the filter configuration settings.
  • [INEFilterManager.SetProviderConfiguration]
  • [INEFilterManager.LocalizedDescription]: A string containing a description of the filter configuration.
  • [INEFilterManager.SetLocalizedDescription]

Prioritizing filters

  • [INEFilterManager.Grade]: The grade of the filter, which determines when it acts relative to other filters.
  • [INEFilterManager.SetGrade]

Errors

  • [INEFilterManager.NEFilterErrorDomain]: The domain for errors resulting from calls to the filter manager.

Notifications

  • [INEFilterManager.NEFilterConfigurationDidChange]: Posted after the filter configuration stored in the Network Extension preferences changes.

Instance Properties

  • [INEFilterManager.DisableEncryptedDNSSettings]
  • [INEFilterManager.SetDisableEncryptedDNSSettings]

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterManager

type INEFilterNewFlowVerdict 

type INEFilterNewFlowVerdict interface {
	INEFilterVerdict

	// The frequency at which the data provider receives reports.
	StatisticsReportFrequency() NEFilterReportFrequency
	SetStatisticsReportFrequency(value NEFilterReportFrequency)
}

An interface definition for the NEFilterNewFlowVerdict class.

Inspecting new flow verdict properties

  • [INEFilterNewFlowVerdict.StatisticsReportFrequency]: The frequency at which the data provider receives reports.
  • [INEFilterNewFlowVerdict.SetStatisticsReportFrequency]

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterNewFlowVerdict

type INEFilterPacketContext 

type INEFilterPacketContext interface {
	objectivec.IObject

	// A Swift closure or an ObjectiveC block that handles each packet received by the filter.
	PacketHandler() NEFilterPacketHandler
	SetPacketHandler(value NEFilterPacketHandler)
}

An interface definition for the NEFilterPacketContext class.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterPacketContext

type INEFilterPacketProvider 

type INEFilterPacketProvider interface {
	INEFilterProvider

	// A Swift closure or an ObjectiveC block that handles each packet received by the filter.
	PacketHandler() NEFilterPacketHandler
	SetPacketHandler(value NEFilterPacketHandler)

	// Delay a packet currently processed by a packet handler.
	DelayCurrentPacket(context INEFilterPacketContext) INEPacket
	// Allow delivery of a previously-delayed packet.
	AllowPacket(packet INEPacket)

	Handler() NEFilterPacketProviderVerdict
	SetHandler(value NEFilterPacketProviderVerdict)
}

An interface definition for the NEFilterPacketProvider class.

Filtering packets

  • [INEFilterPacketProvider.PacketHandler]: A Swift closure or an ObjectiveC block that handles each packet received by the filter.
  • [INEFilterPacketProvider.SetPacketHandler]

Delaying packets

  • [INEFilterPacketProvider.DelayCurrentPacket]: Delay a packet currently processed by a packet handler.
  • [INEFilterPacketProvider.AllowPacket]: Allow delivery of a previously-delayed packet.

Instance Properties

  • [INEFilterPacketProvider.Handler]
  • [INEFilterPacketProvider.SetHandler]

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterPacketProvider

type INEFilterProvider 

type INEFilterProvider interface {
	INEProvider

	// Start the filter.
	StartFilterWithCompletionHandler(completionHandler ErrorHandler)
	// Stop the filter.
	StopFilterWithReasonCompletionHandler(reason NEProviderStopReason, completionHandler VoidHandler)

	// An [NEFilterProviderConfiguration](<doc://com.apple.networkextension/documentation/NetworkExtension/NEFilterProviderConfiguration>) object containing the current filter configuration.
	FilterConfiguration() INEFilterProviderConfiguration

	// Receives a report from the framework.
	HandleReport(report INEFilterReport)

	// The domain for errors resulting from calls to the filter manager.
	NEFilterErrorDomain() string
}

An interface definition for the NEFilterProvider class.

Managing the filter life cycle

  • [INEFilterProvider.StartFilterWithCompletionHandler]: Start the filter.
  • [INEFilterProvider.StopFilterWithReasonCompletionHandler]: Stop the filter.

Getting the filter configuration

  • [INEFilterProvider.FilterConfiguration]: An NEFilterProviderConfiguration(<doc://com.apple.networkextension/documentation/NetworkExtension/NEFilterProviderConfiguration>) object containing the current filter configuration.

Receiving reports

  • [INEFilterProvider.HandleReport]: Receives a report from the framework.

Handling errors

  • [INEFilterProvider.NEFilterErrorDomain]: The domain for errors resulting from calls to the filter manager.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterProvider

type INEFilterProviderConfiguration 

type INEFilterProviderConfiguration interface {
	objectivec.IObject

	// A Boolean value that indicates that the system applies the filter to flows of network data originated from sockets.
	FilterSockets() bool
	SetFilterSockets(value bool)
	// A Boolean value that indicates that the system applies the filter to packets of network data.
	FilterPackets() bool
	SetFilterPackets(value bool)

	// A dictionary of provider-specific configuration settings.
	VendorConfiguration() foundation.INSDictionary
	SetVendorConfiguration(value foundation.INSDictionary)
	// The address of a server that the Filter Control Provider may contact for rules and other configuration information.
	ServerAddress() string
	SetServerAddress(value string)
	// A string that identifies the user.
	Username() string
	SetUsername(value string)
	// A string that identifies the organization that administers the filter.
	Organization() string
	SetOrganization(value string)
	// A persistent reference to a keychain item containing a password associated with the filter.
	PasswordReference() foundation.INSData
	SetPasswordReference(value foundation.INSData)
	// A persistent reference to a keychain item containing a certificate and private key associated with the filter.
	IdentityReference() foundation.INSData
	SetIdentityReference(value foundation.INSData)

	// The bundle identifier of the filter data provider system extension.
	FilterDataProviderBundleIdentifier() string
	SetFilterDataProviderBundleIdentifier(value string)
	// The bundle identifier of the filter packet provider system extension.
	FilterPacketProviderBundleIdentifier() string
	SetFilterPacketProviderBundleIdentifier(value string)

	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NEFilterProviderConfiguration class.

Configuring filter behavior

  • [INEFilterProviderConfiguration.FilterSockets]: A Boolean value that indicates that the system applies the filter to flows of network data originated from sockets.
  • [INEFilterProviderConfiguration.SetFilterSockets]
  • [INEFilterProviderConfiguration.FilterPackets]: A Boolean value that indicates that the system applies the filter to packets of network data.
  • [INEFilterProviderConfiguration.SetFilterPackets]

Accessing the filter configuration

  • [INEFilterProviderConfiguration.VendorConfiguration]: A dictionary of provider-specific configuration settings.
  • [INEFilterProviderConfiguration.SetVendorConfiguration]
  • [INEFilterProviderConfiguration.ServerAddress]: The address of a server that the Filter Control Provider may contact for rules and other configuration information.
  • [INEFilterProviderConfiguration.SetServerAddress]
  • [INEFilterProviderConfiguration.Username]: A string that identifies the user.
  • [INEFilterProviderConfiguration.SetUsername]
  • [INEFilterProviderConfiguration.Organization]: A string that identifies the organization that administers the filter.
  • [INEFilterProviderConfiguration.SetOrganization]
  • [INEFilterProviderConfiguration.PasswordReference]: A persistent reference to a keychain item containing a password associated with the filter.
  • [INEFilterProviderConfiguration.SetPasswordReference]
  • [INEFilterProviderConfiguration.IdentityReference]: A persistent reference to a keychain item containing a certificate and private key associated with the filter.
  • [INEFilterProviderConfiguration.SetIdentityReference]

Accessing bundle identifiers

  • [INEFilterProviderConfiguration.FilterDataProviderBundleIdentifier]: The bundle identifier of the filter data provider system extension.
  • [INEFilterProviderConfiguration.SetFilterDataProviderBundleIdentifier]
  • [INEFilterProviderConfiguration.FilterPacketProviderBundleIdentifier]: The bundle identifier of the filter packet provider system extension.
  • [INEFilterProviderConfiguration.SetFilterPacketProviderBundleIdentifier]

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterProviderConfiguration

type INEFilterReport 

type INEFilterReport interface {
	objectivec.IObject

	// The flow on which the associated action was taken.
	Flow() INEFilterFlow
	// The action taken on the reported flow.
	Action() NEFilterAction
	// The type of event indicated by this report.
	Event() NEFilterReportEvent
	// The number of inbound bytes received from the flow.
	BytesInboundCount() uint
	// The number of outbound bytes sent on the flow.
	BytesOutboundCount() uint

	// A Boolean value that indicates whether to send a report to the control provider when processing this verdict.
	ShouldReport() bool
	SetShouldReport(value bool)
	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NEFilterReport class.

Getting report properties

  • [INEFilterReport.Flow]: The flow on which the associated action was taken.
  • [INEFilterReport.Action]: The action taken on the reported flow.
  • [INEFilterReport.Event]: The type of event indicated by this report.
  • [INEFilterReport.BytesInboundCount]: The number of inbound bytes received from the flow.
  • [INEFilterReport.BytesOutboundCount]: The number of outbound bytes sent on the flow.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterReport

type INEFilterRule 

type INEFilterRule interface {
	objectivec.IObject

	// Creates a new filter rule from a network rule and an action to take when network traffic matches.
	InitWithNetworkRuleAction(networkRule INENetworkRule, action NEFilterAction) NEFilterRule

	// The network rule that defines the network traffic characteristics that this filter rule matches.
	NetworkRule() INENetworkRule
	// The action to take when this rule matches network traffic.
	Action() NEFilterAction

	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NEFilterRule class.

Creating a Filter Rule

  • [INEFilterRule.InitWithNetworkRuleAction]: Creates a new filter rule from a network rule and an action to take when network traffic matches.

Inspecting Filter Rule Properties

  • [INEFilterRule.NetworkRule]: The network rule that defines the network traffic characteristics that this filter rule matches.
  • [INEFilterRule.Action]: The action to take when this rule matches network traffic.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterRule

type INEFilterSettings 

type INEFilterSettings interface {
	objectivec.IObject

	// Creates a new settings instance from an array of rules and a default action.
	InitWithRulesDefaultAction(rules []NEFilterRule, defaultAction NEFilterAction) NEFilterSettings

	// An ordered list of rules that define the filter’s operation.
	Rules() []NEFilterRule
	// The default action to take for flows of network data that don’t match any of the specified rules.
	DefaultAction() NEFilterAction

	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NEFilterSettings class.

Creating Filter Settings

  • [INEFilterSettings.InitWithRulesDefaultAction]: Creates a new settings instance from an array of rules and a default action.

Inspecting Filter Settings

  • [INEFilterSettings.Rules]: An ordered list of rules that define the filter’s operation.
  • [INEFilterSettings.DefaultAction]: The default action to take for flows of network data that don’t match any of the specified rules.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterSettings

type INEFilterSocketFlow 

type INEFilterSocketFlow interface {
	INEFilterFlow

	// An object containing details about the socket’s remote endpoint.
	RemoteEndpoint() INWEndpoint
	// The flow’s remote hostname, if applicable.
	RemoteHostname() string
	// An object containing details about the socket’s local endpoint.
	LocalEndpoint() INWEndpoint
	// The protocol family of the socket.
	SocketFamily() int
	// The type of the socket.
	SocketType() int
	// The protocol of the socket.
	SocketProtocol() int

	LocalFlowEndpoint() INWEndpoint
	SetLocalFlowEndpoint(value INWEndpoint)
	RemoteFlowEndpoint() INWEndpoint
	SetRemoteFlowEndpoint(value INWEndpoint)
}

An interface definition for the NEFilterSocketFlow class.

Getting socket flow properties

  • [INEFilterSocketFlow.RemoteEndpoint]: An object containing details about the socket’s remote endpoint.
  • [INEFilterSocketFlow.RemoteHostname]: The flow’s remote hostname, if applicable.
  • [INEFilterSocketFlow.LocalEndpoint]: An object containing details about the socket’s local endpoint.
  • [INEFilterSocketFlow.SocketFamily]: The protocol family of the socket.
  • [INEFilterSocketFlow.SocketType]: The type of the socket.
  • [INEFilterSocketFlow.SocketProtocol]: The protocol of the socket.

Instance Properties

  • [INEFilterSocketFlow.LocalFlowEndpoint]
  • [INEFilterSocketFlow.SetLocalFlowEndpoint]
  • [INEFilterSocketFlow.RemoteFlowEndpoint]
  • [INEFilterSocketFlow.SetRemoteFlowEndpoint]

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterSocketFlow

type INEFilterVerdict 

type INEFilterVerdict interface {
	objectivec.IObject

	// A Boolean value that indicates whether to send a report to the control provider when processing this verdict.
	ShouldReport() bool
	SetShouldReport(value bool)

	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NEFilterVerdict class.

Configuring report generation

  • [INEFilterVerdict.ShouldReport]: A Boolean value that indicates whether to send a report to the control provider when processing this verdict.
  • [INEFilterVerdict.SetShouldReport]

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterVerdict

type INEFlowMetaData 

type INEFlowMetaData interface {
	objectivec.IObject

	// A data instance that contains a unique hash value for the source application.
	SourceAppUniqueIdentifier() foundation.INSData
	// A string that contains the signing identifier of the source application.
	SourceAppSigningIdentifier() string
	// The audit token of the source application of the flow.
	SourceAppAuditToken() foundation.INSData

	// The identifier of the content filter flow corresponding to this flow.
	FilterFlowIdentifier() foundation.NSUUID

	// The method by which network traffic is routed to the tunnel.
	RoutingMethod() NETunnelProviderRoutingMethod
	SetRoutingMethod(value NETunnelProviderRoutingMethod)
	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NEFlowMetaData class.

Getting source app information

  • [INEFlowMetaData.SourceAppUniqueIdentifier]: A data instance that contains a unique hash value for the source application.
  • [INEFlowMetaData.SourceAppSigningIdentifier]: A string that contains the signing identifier of the source application.
  • [INEFlowMetaData.SourceAppAuditToken]: The audit token of the source application of the flow.

Getting flow information

  • [INEFlowMetaData.FilterFlowIdentifier]: The identifier of the content filter flow corresponding to this flow.

See: https://developer.apple.com/documentation/NetworkExtension/NEFlowMetaData

type INEIPv4Route 

type INEIPv4Route interface {
	objectivec.IObject

	// Initialize the [NEIPv4Route](<doc://com.apple.networkextension/documentation/NetworkExtension/NEIPv4Route>) object.
	InitWithDestinationAddressSubnetMask(address string, subnetMask string) NEIPv4Route

	// The destination network address of the route.
	DestinationAddress() string
	// The destination network mask of the route.
	DestinationSubnetMask() string
	// The address of the next-hop gateway of the route.
	GatewayAddress() string
	SetGatewayAddress(value string)

	// The IPv4 network traffic that the system routes to the primary physical interface, not the TUN interface.
	ExcludedRoutes() INEIPv4Route
	SetExcludedRoutes(value INEIPv4Route)
	// The IPv4 network traffic that the system routes to the TUN interface.
	IncludedRoutes() INEIPv4Route
	SetIncludedRoutes(value INEIPv4Route)
	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NEIPv4Route class.

Creating an IPv4 Route

  • [INEIPv4Route.InitWithDestinationAddressSubnetMask]: Initialize the NEIPv4Route(<doc://com.apple.networkextension/documentation/NetworkExtension/NEIPv4Route>) object.

Accessing IPv4 Route Properties

  • [INEIPv4Route.DestinationAddress]: The destination network address of the route.
  • [INEIPv4Route.DestinationSubnetMask]: The destination network mask of the route.
  • [INEIPv4Route.GatewayAddress]: The address of the next-hop gateway of the route.
  • [INEIPv4Route.SetGatewayAddress]

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv4Route

type INEIPv4Settings 

type INEIPv4Settings interface {
	objectivec.IObject

	// Initializes an IPv4 settings object.
	InitWithAddressesSubnetMasks(addresses []string, subnetMasks []string) NEIPv4Settings

	// The IPv4 addresses to assign to the TUN interface.
	Addresses() []string
	// The IPv4 network masks to assign to the TUN interface.
	SubnetMasks() []string
	// The address of the next-hop gateway router represented as a dotted decimal string.
	Router() string
	SetRouter(value string)

	// The IPv4 network traffic that the system routes to the TUN interface.
	IncludedRoutes() []NEIPv4Route
	SetIncludedRoutes(value []NEIPv4Route)
	// The IPv4 network traffic that the system routes to the primary physical interface, not the TUN interface.
	ExcludedRoutes() []NEIPv4Route
	SetExcludedRoutes(value []NEIPv4Route)

	// The tunnel IP version 4 settings.
	Ipv4Settings() INEIPv4Settings
	SetIpv4Settings(value INEIPv4Settings)
	// The tunnel IP version 6 settings.
	Ipv6Settings() INEIPv6Settings
	SetIpv6Settings(value INEIPv6Settings)
	// The size of the maximum trasnmission unit, in bytes.
	Mtu() foundation.NSNumber
	SetMtu(value foundation.NSNumber)
	// The number of bytes added to each tunneled packet for storing tunneling protocol headers.
	TunnelOverheadBytes() foundation.NSNumber
	SetTunnelOverheadBytes(value foundation.NSNumber)
	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NEIPv4Settings class.

Initializing IPv4 settings

  • [INEIPv4Settings.InitWithAddressesSubnetMasks]: Initializes an IPv4 settings object.

Accessing IPv4 properties

  • [INEIPv4Settings.Addresses]: The IPv4 addresses to assign to the TUN interface.
  • [INEIPv4Settings.SubnetMasks]: The IPv4 network masks to assign to the TUN interface.
  • [INEIPv4Settings.Router]: The address of the next-hop gateway router represented as a dotted decimal string.
  • [INEIPv4Settings.SetRouter]

Routing network traffic

  • [INEIPv4Settings.IncludedRoutes]: The IPv4 network traffic that the system routes to the TUN interface.
  • [INEIPv4Settings.SetIncludedRoutes]
  • [INEIPv4Settings.ExcludedRoutes]: The IPv4 network traffic that the system routes to the primary physical interface, not the TUN interface.
  • [INEIPv4Settings.SetExcludedRoutes]

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv4Settings

type INEIPv6Route 

type INEIPv6Route interface {
	objectivec.IObject

	// Initialize the NEIPv6Route
	InitWithDestinationAddressNetworkPrefixLength(address string, networkPrefixLength foundation.NSNumber) NEIPv6Route

	// The destination network address of the route.
	DestinationAddress() string
	// The destination network prefix length of the route.
	DestinationNetworkPrefixLength() foundation.NSNumber
	// The address of the next-hop gateway of the route.
	GatewayAddress() string
	SetGatewayAddress(value string)

	// The IPv6 network traffic that the system routes to the primary physical interface, not the TUN interface.
	ExcludedRoutes() INEIPv6Route
	SetExcludedRoutes(value INEIPv6Route)
	// The IPv6 network traffic that the system routes to the TUN interface.
	IncludedRoutes() INEIPv6Route
	SetIncludedRoutes(value INEIPv6Route)
	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NEIPv6Route class.

Creating an IPv6 Route

  • [INEIPv6Route.InitWithDestinationAddressNetworkPrefixLength]: Initialize the NEIPv6Route

Accessing IPv6 Route Properties

  • [INEIPv6Route.DestinationAddress]: The destination network address of the route.
  • [INEIPv6Route.DestinationNetworkPrefixLength]: The destination network prefix length of the route.
  • [INEIPv6Route.GatewayAddress]: The address of the next-hop gateway of the route.
  • [INEIPv6Route.SetGatewayAddress]

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv6Route

type INEIPv6Settings 

type INEIPv6Settings interface {
	objectivec.IObject

	// Initializes the IPv6 settings object.
	InitWithAddressesNetworkPrefixLengths(addresses []string, networkPrefixLengths []foundation.NSNumber) NEIPv6Settings

	// The IPv6 addresses to assign to the TUN interface.
	Addresses() []string
	// The IPv6 network prefix lengths to assign to the TUN interface.
	NetworkPrefixLengths() []foundation.NSNumber

	// The IPv6 network traffic that the system routes to the TUN interface.
	IncludedRoutes() []NEIPv6Route
	SetIncludedRoutes(value []NEIPv6Route)
	// The IPv6 network traffic that the system routes to the primary physical interface, not the TUN interface.
	ExcludedRoutes() []NEIPv6Route
	SetExcludedRoutes(value []NEIPv6Route)

	// The tunnel IP version 4 settings.
	Ipv4Settings() INEIPv4Settings
	SetIpv4Settings(value INEIPv4Settings)
	// The tunnel IP version 6 settings.
	Ipv6Settings() INEIPv6Settings
	SetIpv6Settings(value INEIPv6Settings)
	// The size of the maximum trasnmission unit, in bytes.
	Mtu() foundation.NSNumber
	SetMtu(value foundation.NSNumber)
	// The number of bytes added to each tunneled packet for storing tunneling protocol headers.
	TunnelOverheadBytes() foundation.NSNumber
	SetTunnelOverheadBytes(value foundation.NSNumber)
	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NEIPv6Settings class.

Initializing IPv6 settings

  • [INEIPv6Settings.InitWithAddressesNetworkPrefixLengths]: Initializes the IPv6 settings object.

Accessing IPv6 properties

  • [INEIPv6Settings.Addresses]: The IPv6 addresses to assign to the TUN interface.
  • [INEIPv6Settings.NetworkPrefixLengths]: The IPv6 network prefix lengths to assign to the TUN interface.

Routing network traffic

  • [INEIPv6Settings.IncludedRoutes]: The IPv6 network traffic that the system routes to the TUN interface.
  • [INEIPv6Settings.SetIncludedRoutes]
  • [INEIPv6Settings.ExcludedRoutes]: The IPv6 network traffic that the system routes to the primary physical interface, not the TUN interface.
  • [INEIPv6Settings.SetExcludedRoutes]

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv6Settings

type INENetworkRule 

type INENetworkRule interface {
	objectivec.IObject

	// The remote endpoint that the rule matches.
	MatchRemoteEndpoint() INWHostEndpoint
	// A number that specifies the remote sub-network that the rule matches.
	MatchRemotePrefix() uint
	// The local network that the rule matches.
	MatchLocalNetwork() INWHostEndpoint
	// A number that specifies the local sub-network that the rule matches.
	MatchLocalPrefix() uint
	// The protocol that the rule matches.
	MatchProtocol() NENetworkRuleProtocol
	// The direction of network traffic that the rule matches.
	MatchDirection() NETrafficDirection

	MatchLocalNetworkEndpoint() INWEndpoint
	SetMatchLocalNetworkEndpoint(value INWEndpoint)
	MatchRemoteHostOrNetworkEndpoint() INWEndpoint
	SetMatchRemoteHostOrNetworkEndpoint(value INWEndpoint)

	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NENetworkRule class.

Matching network traffic characteristics

  • [INENetworkRule.MatchRemoteEndpoint]: The remote endpoint that the rule matches.
  • [INENetworkRule.MatchRemotePrefix]: A number that specifies the remote sub-network that the rule matches.
  • [INENetworkRule.MatchLocalNetwork]: The local network that the rule matches.
  • [INENetworkRule.MatchLocalPrefix]: A number that specifies the local sub-network that the rule matches.
  • [INENetworkRule.MatchProtocol]: The protocol that the rule matches.
  • [INENetworkRule.MatchDirection]: The direction of network traffic that the rule matches.

Instance Properties

  • [INENetworkRule.MatchLocalNetworkEndpoint]
  • [INENetworkRule.SetMatchLocalNetworkEndpoint]
  • [INENetworkRule.MatchRemoteHostOrNetworkEndpoint]
  • [INENetworkRule.SetMatchRemoteHostOrNetworkEndpoint]

See: https://developer.apple.com/documentation/NetworkExtension/NENetworkRule

type INEOnDemandRule 

type INEOnDemandRule interface {
	objectivec.IObject

	// DNS search domains that identify a network.
	DNSSearchDomainMatch() []string
	SetDNSSearchDomainMatch(value []string)
	// DNS server addresses that identify a network.
	DNSServerAddressMatch() []string
	SetDNSServerAddressMatch(value []string)
	// An interface type to identify a network.
	InterfaceTypeMatch() NEOnDemandRuleInterfaceType
	SetInterfaceTypeMatch(value NEOnDemandRuleInterfaceType)
	// SSIDs that identify a network.
	SSIDMatch() []string
	SetSSIDMatch(value []string)
	// A URL to probe when all other network identifiers match to validate that an expected resource is available.
	ProbeURL() foundation.INSURL
	SetProbeURL(value foundation.INSURL)

	// The action of the On Demand Rule.
	Action() NEOnDemandRuleAction

	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NEOnDemandRule class.

Accessing match parameters

  • [INEOnDemandRule.DNSSearchDomainMatch]: DNS search domains that identify a network.
  • [INEOnDemandRule.SetDNSSearchDomainMatch]
  • [INEOnDemandRule.DNSServerAddressMatch]: DNS server addresses that identify a network.
  • [INEOnDemandRule.SetDNSServerAddressMatch]
  • [INEOnDemandRule.InterfaceTypeMatch]: An interface type to identify a network.
  • [INEOnDemandRule.SetInterfaceTypeMatch]
  • [INEOnDemandRule.SSIDMatch]: SSIDs that identify a network.
  • [INEOnDemandRule.SetSSIDMatch]
  • [INEOnDemandRule.ProbeURL]: A URL to probe when all other network identifiers match to validate that an expected resource is available.
  • [INEOnDemandRule.SetProbeURL]

Accessing the rule action

  • [INEOnDemandRule.Action]: The action of the On Demand Rule.

See: https://developer.apple.com/documentation/NetworkExtension/NEOnDemandRule

type INEOnDemandRuleConnect 

type INEOnDemandRuleConnect interface {
	INEOnDemandRule
}

An interface definition for the NEOnDemandRuleConnect class.

See: https://developer.apple.com/documentation/NetworkExtension/NEOnDemandRuleConnect

type INEOnDemandRuleDisconnect 

type INEOnDemandRuleDisconnect interface {
	INEOnDemandRule
}

An interface definition for the NEOnDemandRuleDisconnect class.

See: https://developer.apple.com/documentation/NetworkExtension/NEOnDemandRuleDisconnect

type INEOnDemandRuleEvaluateConnection 

type INEOnDemandRuleEvaluateConnection interface {
	INEOnDemandRule

	// An array of [NEEvaluateConnectionRule](<doc://com.apple.networkextension/documentation/NetworkExtension/NEEvaluateConnectionRule>) objects
	ConnectionRules() []NEEvaluateConnectionRule
	SetConnectionRules(value []NEEvaluateConnectionRule)
}

An interface definition for the NEOnDemandRuleEvaluateConnection class.

Accessing connection rules

  • [INEOnDemandRuleEvaluateConnection.ConnectionRules]: An array of NEEvaluateConnectionRule(<doc://com.apple.networkextension/documentation/NetworkExtension/NEEvaluateConnectionRule>) objects
  • [INEOnDemandRuleEvaluateConnection.SetConnectionRules]

See: https://developer.apple.com/documentation/NetworkExtension/NEOnDemandRuleEvaluateConnection

type INEOnDemandRuleIgnore 

type INEOnDemandRuleIgnore interface {
	INEOnDemandRule
}

An interface definition for the NEOnDemandRuleIgnore class.

See: https://developer.apple.com/documentation/NetworkExtension/NEOnDemandRuleIgnore

type INEPacket 

type INEPacket interface {
	objectivec.IObject

	InitWithDataProtocolFamily(data foundation.INSData, protocolFamily uint8) NEPacket

	Data() foundation.INSData
	Metadata() INEFlowMetaData
	ProtocolFamily() uint8
	// The direction of the packet.
	Direction() NETrafficDirection

	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NEPacket class.

Initializing a packet

  • [INEPacket.InitWithDataProtocolFamily]

Accessing packet properties

  • [INEPacket.Data]
  • [INEPacket.Metadata]
  • [INEPacket.ProtocolFamily]
  • [INEPacket.Direction]: The direction of the packet.

See: https://developer.apple.com/documentation/NetworkExtension/NEPacket

type INEPacketTunnelFlow 

type INEPacketTunnelFlow interface {
	objectivec.IObject

	// Write multiple IP packets to the TUN interface.
	WritePacketObjects(packets []NEPacket) bool
	// Reads IP packets from the TUN interface.
	ReadPacketsWithCompletionHandler(completionHandler VoidHandler)
	// Writes IP packets to the TUN interface.
	WritePacketsWithProtocols(packets []foundation.NSData, protocols []foundation.NSNumber) bool
}

An interface definition for the NEPacketTunnelFlow class.

Handling IP packets

  • [INEPacketTunnelFlow.WritePacketObjects]: Write multiple IP packets to the TUN interface.
  • [INEPacketTunnelFlow.ReadPacketsWithCompletionHandler]: Reads IP packets from the TUN interface.
  • [INEPacketTunnelFlow.WritePacketsWithProtocols]: Writes IP packets to the TUN interface.

See: https://developer.apple.com/documentation/NetworkExtension/NEPacketTunnelFlow

type INEPacketTunnelNetworkSettings 

type INEPacketTunnelNetworkSettings interface {
	INETunnelNetworkSettings

	// The tunnel IP version 4 settings.
	IPv4Settings() INEIPv4Settings
	SetIPv4Settings(value INEIPv4Settings)
	// The tunnel IP version 6 settings.
	IPv6Settings() INEIPv6Settings
	SetIPv6Settings(value INEIPv6Settings)
	// The number of bytes added to each tunneled packet for storing tunneling protocol headers.
	TunnelOverheadBytes() foundation.NSNumber
	SetTunnelOverheadBytes(value foundation.NSNumber)
	// The size of the maximum trasnmission unit, in bytes.
	MTU() foundation.NSNumber
	SetMTU(value foundation.NSNumber)
}

An interface definition for the NEPacketTunnelNetworkSettings class.

Accessing network properties

  • [INEPacketTunnelNetworkSettings.IPv4Settings]: The tunnel IP version 4 settings.
  • [INEPacketTunnelNetworkSettings.SetIPv4Settings]
  • [INEPacketTunnelNetworkSettings.IPv6Settings]: The tunnel IP version 6 settings.
  • [INEPacketTunnelNetworkSettings.SetIPv6Settings]
  • [INEPacketTunnelNetworkSettings.TunnelOverheadBytes]: The number of bytes added to each tunneled packet for storing tunneling protocol headers.
  • [INEPacketTunnelNetworkSettings.SetTunnelOverheadBytes]
  • [INEPacketTunnelNetworkSettings.MTU]: The size of the maximum trasnmission unit, in bytes.
  • [INEPacketTunnelNetworkSettings.SetMTU]

See: https://developer.apple.com/documentation/NetworkExtension/NEPacketTunnelNetworkSettings

type INEPacketTunnelProvider 

type INEPacketTunnelProvider interface {
	INETunnelProvider

	// Start the network tunnel.
	StartTunnelWithOptionsCompletionHandler(options foundation.INSDictionary, completionHandler ErrorHandler)
	// Stop the network tunnel.
	StopTunnelWithReasonCompletionHandler(reason NEProviderStopReason, completionHandler VoidHandler)
	// Stop the network tunnel from the Packet Tunnel Provider.
	CancelTunnelWithError(error_ foundation.INSError)

	// A [NEPacketTunnelFlow](<doc://com.apple.networkextension/documentation/NetworkExtension/NEPacketTunnelFlow>) object which is used to receive IP packets routed to the tunnel’s virtual interface and inject IP packets into the networking stack via the tunnel’s virtual interface.
	PacketFlow() INEPacketTunnelFlow

	VirtualInterface() objectivec.IObject
	SetVirtualInterface(value objectivec.IObject)
}

An interface definition for the NEPacketTunnelProvider class.

Managing the tunnel life cycle

  • [INEPacketTunnelProvider.StartTunnelWithOptionsCompletionHandler]: Start the network tunnel.
  • [INEPacketTunnelProvider.StopTunnelWithReasonCompletionHandler]: Stop the network tunnel.
  • [INEPacketTunnelProvider.CancelTunnelWithError]: Stop the network tunnel from the Packet Tunnel Provider.

Handling IP packets

  • [INEPacketTunnelProvider.PacketFlow]: A NEPacketTunnelFlow(<doc://com.apple.networkextension/documentation/NetworkExtension/NEPacketTunnelFlow>) object which is used to receive IP packets routed to the tunnel’s virtual interface and inject IP packets into the networking stack via the tunnel’s virtual interface.

Instance Properties

  • [INEPacketTunnelProvider.VirtualInterface]
  • [INEPacketTunnelProvider.SetVirtualInterface]

See: https://developer.apple.com/documentation/NetworkExtension/NEPacketTunnelProvider

type INEProvider 

type INEProvider interface {
	objectivec.IObject

	// Handle a sleep event.
	SleepWithCompletionHandler(completionHandler VoidHandler)
	// Handle a wake event.
	Wake()

	// The current default network path used for connections created by the provider.
	DefaultPath() INWPath
}

An interface definition for the NEProvider class.

Handling sleep and wake

  • [INEProvider.SleepWithCompletionHandler]: Handle a sleep event.
  • [INEProvider.Wake]: Handle a wake event.

Monitoring the network state

  • [INEProvider.DefaultPath]: The current default network path used for connections created by the provider.

See: https://developer.apple.com/documentation/NetworkExtension/NEProvider

type INEProxyServer 

type INEProxyServer interface {
	objectivec.IObject

	// Initialize a newly-allocated [NEProxyServer] object
	InitWithAddressPort(address string, port int) NEProxyServer

	// The address of the proxy server.
	Address() string
	// The TCP port on which the proxy server is listening for connections.
	Port() int
	// A Boolean indicating if the server requires authentication credentials.
	AuthenticationRequired() bool
	SetAuthenticationRequired(value bool)
	// The username portion of the authentication credential to be used to authenticate with the proxy server.
	Username() string
	SetUsername(value string)
	// The password portion of the authentication credential to be used to authenticate with the proxy server.
	Password() string
	SetPassword(value string)

	// A Boolean indicating if a static HTTP proxy will be used.
	HttpEnabled() bool
	SetHttpEnabled(value bool)
	// An
	HttpServer() INEProxyServer
	SetHttpServer(value INEProxyServer)
	// A Boolean indicating if a static HTTPS proxy will be used.
	HttpsEnabled() bool
	SetHttpsEnabled(value bool)
	// An
	HttpsServer() INEProxyServer
	SetHttpsServer(value INEProxyServer)
	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NEProxyServer class.

Initializing a Proxy Server

  • [INEProxyServer.InitWithAddressPort]: Initialize a newly-allocated NEProxyServer object

Accessing Proxy Server Properties

  • [INEProxyServer.Address]: The address of the proxy server.
  • [INEProxyServer.Port]: The TCP port on which the proxy server is listening for connections.
  • [INEProxyServer.AuthenticationRequired]: A Boolean indicating if the server requires authentication credentials.
  • [INEProxyServer.SetAuthenticationRequired]
  • [INEProxyServer.Username]: The username portion of the authentication credential to be used to authenticate with the proxy server.
  • [INEProxyServer.SetUsername]
  • [INEProxyServer.Password]: The password portion of the authentication credential to be used to authenticate with the proxy server.
  • [INEProxyServer.SetPassword]

See: https://developer.apple.com/documentation/NetworkExtension/NEProxyServer

type INEProxySettings 

type INEProxySettings interface {
	objectivec.IObject

	// A Boolean indicating if proxy auto-configuration is enabled.
	AutoProxyConfigurationEnabled() bool
	SetAutoProxyConfigurationEnabled(value bool)
	// A URL specifying the location from where the Proxy Auto Configuration (PAC) script should be downloaded.
	ProxyAutoConfigurationURL() foundation.INSURL
	SetProxyAutoConfigurationURL(value foundation.INSURL)
	// A string containing the Proxy Auto Configuration (PAC) JavaScript source code.
	ProxyAutoConfigurationJavaScript() string
	SetProxyAutoConfigurationJavaScript(value string)

	// A Boolean indicating if a static HTTP proxy will be used.
	HTTPEnabled() bool
	SetHTTPEnabled(value bool)
	// An [NEProxyServer](<doc://com.apple.networkextension/documentation/NetworkExtension/NEProxyServer>) object containing the static HTTP proxy server settings.
	HTTPServer() INEProxyServer
	SetHTTPServer(value INEProxyServer)
	// A Boolean indicating if a static HTTPS proxy will be used.
	HTTPSEnabled() bool
	SetHTTPSEnabled(value bool)
	// An [NEProxyServer](<doc://com.apple.networkextension/documentation/NetworkExtension/NEProxyServer>) object containing the static HTTPS proxy server settings.
	HTTPSServer() INEProxyServer
	SetHTTPSServer(value INEProxyServer)

	// A Boolean indicating if HTTP requests using single-label host names should be excluded from using the proxy settings.
	ExcludeSimpleHostnames() bool
	SetExcludeSimpleHostnames(value bool)
	// An array of domain name patterns. If the destination host name of an HTTP connection matches one of these patterns then the proxy settings will not be used for the connection.
	ExceptionList() []string
	SetExceptionList(value []string)
	// An array of domain strings.
	MatchDomains() []string
	SetMatchDomains(value []string)

	// The tunnel DNS settings.
	DnsSettings() INEDNSSettings
	SetDnsSettings(value INEDNSSettings)
	// The tunnel HTTP proxy settings.
	ProxySettings() INEProxySettings
	SetProxySettings(value INEProxySettings)
	// The IP address of the tunnel server.
	TunnelRemoteAddress() string
	SetTunnelRemoteAddress(value string)
	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NEProxySettings class.

Accessing Automatic Proxy Properties

  • [INEProxySettings.AutoProxyConfigurationEnabled]: A Boolean indicating if proxy auto-configuration is enabled.
  • [INEProxySettings.SetAutoProxyConfigurationEnabled]
  • [INEProxySettings.ProxyAutoConfigurationURL]: A URL specifying the location from where the Proxy Auto Configuration (PAC) script should be downloaded.
  • [INEProxySettings.SetProxyAutoConfigurationURL]
  • [INEProxySettings.ProxyAutoConfigurationJavaScript]: A string containing the Proxy Auto Configuration (PAC) JavaScript source code.
  • [INEProxySettings.SetProxyAutoConfigurationJavaScript]

Accessing Manual Proxy Properties

  • [INEProxySettings.HTTPEnabled]: A Boolean indicating if a static HTTP proxy will be used.
  • [INEProxySettings.SetHTTPEnabled]
  • [INEProxySettings.HTTPServer]: An NEProxyServer(<doc://com.apple.networkextension/documentation/NetworkExtension/NEProxyServer>) object containing the static HTTP proxy server settings.
  • [INEProxySettings.SetHTTPServer]
  • [INEProxySettings.HTTPSEnabled]: A Boolean indicating if a static HTTPS proxy will be used.
  • [INEProxySettings.SetHTTPSEnabled]
  • [INEProxySettings.HTTPSServer]: An NEProxyServer(<doc://com.apple.networkextension/documentation/NetworkExtension/NEProxyServer>) object containing the static HTTPS proxy server settings.
  • [INEProxySettings.SetHTTPSServer]

Accessing General Proxy Properties

  • [INEProxySettings.ExcludeSimpleHostnames]: A Boolean indicating if HTTP requests using single-label host names should be excluded from using the proxy settings.
  • [INEProxySettings.SetExcludeSimpleHostnames]
  • [INEProxySettings.ExceptionList]: An array of domain name patterns. If the destination host name of an HTTP connection matches one of these patterns then the proxy settings will not be used for the connection.
  • [INEProxySettings.SetExceptionList]
  • [INEProxySettings.MatchDomains]: An array of domain strings.
  • [INEProxySettings.SetMatchDomains]

See: https://developer.apple.com/documentation/NetworkExtension/NEProxySettings

type INERelay 

type INERelay interface {
	objectivec.IObject

	// A URL identifying the relay server accessible using HTTP/3.
	HTTP3RelayURL() foundation.INSURL
	SetHTTP3RelayURL(value foundation.INSURL)
	// A URL identifying the relay server accessible using HTTP/2.
	HTTP2RelayURL() foundation.INSURL
	SetHTTP2RelayURL(value foundation.INSURL)
	// The URL of a DNS-over-HTTPS (DoH) resolver accessible from the relay.
	DnsOverHTTPSURL() foundation.INSURL
	SetDnsOverHTTPSURL(value foundation.INSURL)
	// An array of TLS raw public keys that the relay server can present during the TLS handshake.
	RawPublicKeys() []foundation.NSData
	SetRawPublicKeys(value []foundation.NSData)

	// A dictionary of additional HTTP headers to send as part of [CONNECT] requests to the relay.
	AdditionalHTTPHeaderFields() foundation.INSDictionary
	SetAdditionalHTTPHeaderFields(value foundation.INSDictionary)
	// The PKCS12 data for the relay client authentication.
	IdentityData() foundation.INSData
	SetIdentityData(value foundation.INSData)
	// The password the relay uses to decrypt the PKCS12 identity data.
	IdentityDataPassword() string
	SetIdentityDataPassword(value string)
	// An IPv4 address prefix the relay uses to handle address info requests.
	SyntheticDNSAnswerIPv4Prefix() string
	SetSyntheticDNSAnswerIPv4Prefix(value string)
	// An IPv6 address prefix the relay uses to handle address info requests.
	SyntheticDNSAnswerIPv6Prefix() string
	SetSyntheticDNSAnswerIPv6Prefix(value string)

	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NERelay class.

Configuring server properties

  • [INERelay.HTTP3RelayURL]: A URL identifying the relay server accessible using HTTP/3.
  • [INERelay.SetHTTP3RelayURL]
  • [INERelay.HTTP2RelayURL]: A URL identifying the relay server accessible using HTTP/2.
  • [INERelay.SetHTTP2RelayURL]
  • [INERelay.DnsOverHTTPSURL]: The URL of a DNS-over-HTTPS (DoH) resolver accessible from the relay.
  • [INERelay.SetDnsOverHTTPSURL]
  • [INERelay.RawPublicKeys]: An array of TLS raw public keys that the relay server can present during the TLS handshake.
  • [INERelay.SetRawPublicKeys]

Configuring client properties

  • [INERelay.AdditionalHTTPHeaderFields]: A dictionary of additional HTTP headers to send as part of [CONNECT] requests to the relay.
  • [INERelay.SetAdditionalHTTPHeaderFields]
  • [INERelay.IdentityData]: The PKCS12 data for the relay client authentication.
  • [INERelay.SetIdentityData]
  • [INERelay.IdentityDataPassword]: The password the relay uses to decrypt the PKCS12 identity data.
  • [INERelay.SetIdentityDataPassword]
  • [INERelay.SyntheticDNSAnswerIPv4Prefix]: An IPv4 address prefix the relay uses to handle address info requests.
  • [INERelay.SetSyntheticDNSAnswerIPv4Prefix]
  • [INERelay.SyntheticDNSAnswerIPv6Prefix]: An IPv6 address prefix the relay uses to handle address info requests.
  • [INERelay.SetSyntheticDNSAnswerIPv6Prefix]

See: https://developer.apple.com/documentation/NetworkExtension/NERelay

type INERelayManager 

type INERelayManager interface {
	objectivec.IObject

	// Load your relay configuration from the system networking preferences.
	LoadFromPreferencesWithCompletionHandler(completionHandler ErrorHandler)
	// Save your relay configuration to the system networking preferences.
	SaveToPreferencesWithCompletionHandler(completionHandler ErrorHandler)
	// Remove your relay configuration from the system networking preferences.
	RemoveFromPreferencesWithCompletionHandler(completionHandler ErrorHandler)

	// A Boolean used to toggle the enabled state of the relay configuration.
	Enabled() bool
	SetEnabled(value bool)
	// An array of one or two relay server configurations. If multiple relays are configured, application traffic routes through both of them in the order they appear in the array.
	Relays() []NERelay
	SetRelays(value []NERelay)
	// A list of domain strings used to determine which connections will use the relay configuration contained in this object.
	MatchDomains() []string
	SetMatchDomains(value []string)
	// A list of domain strings used to determine which connections won’t use the relay configuration contained in this object.
	ExcludedDomains() []string
	SetExcludedDomains(value []string)
	// A string that contains the display name of the relay configuration.
	LocalizedDescription() string
	SetLocalizedDescription(value string)
	// An array of rules you use to determine which networks the relay uses.
	OnDemandRules() []NEOnDemandRule
	SetOnDemandRules(value []NEOnDemandRule)

	// The domain for errors resulting from calls to the relay manager.
	NERelayErrorDomain() string

	ExcludedFQDNs() []string
	SetExcludedFQDNs(value []string)
	AllowDNSFailover() bool
	SetAllowDNSFailover(value bool)
	UIToggleEnabled() bool
	SetUIToggleEnabled(value bool)
	MatchFQDNs() []string
	SetMatchFQDNs(value []string)

	GetLastClientErrorsCompletionHandler(seconds float64, completionHandler ErrorHandler)
}

An interface definition for the NERelayManager class.

Managing relay configurations

  • [INERelayManager.LoadFromPreferencesWithCompletionHandler]: Load your relay configuration from the system networking preferences.
  • [INERelayManager.SaveToPreferencesWithCompletionHandler]: Save your relay configuration to the system networking preferences.
  • [INERelayManager.RemoveFromPreferencesWithCompletionHandler]: Remove your relay configuration from the system networking preferences.

Accessing relay configuration properties

  • [INERelayManager.Enabled]: A Boolean used to toggle the enabled state of the relay configuration.
  • [INERelayManager.SetEnabled]
  • [INERelayManager.Relays]: An array of one or two relay server configurations. If multiple relays are configured, application traffic routes through both of them in the order they appear in the array.
  • [INERelayManager.SetRelays]
  • [INERelayManager.MatchDomains]: A list of domain strings used to determine which connections will use the relay configuration contained in this object.
  • [INERelayManager.SetMatchDomains]
  • [INERelayManager.ExcludedDomains]: A list of domain strings used to determine which connections won’t use the relay configuration contained in this object.
  • [INERelayManager.SetExcludedDomains]
  • [INERelayManager.LocalizedDescription]: A string that contains the display name of the relay configuration.
  • [INERelayManager.SetLocalizedDescription]
  • [INERelayManager.OnDemandRules]: An array of rules you use to determine which networks the relay uses.
  • [INERelayManager.SetOnDemandRules]

Handling errors

  • [INERelayManager.NERelayErrorDomain]: The domain for errors resulting from calls to the relay manager.

Instance Properties

  • [INERelayManager.ExcludedFQDNs]
  • [INERelayManager.SetExcludedFQDNs]
  • [INERelayManager.AllowDNSFailover]
  • [INERelayManager.SetAllowDNSFailover]
  • [INERelayManager.UIToggleEnabled]
  • [INERelayManager.SetUIToggleEnabled]
  • [INERelayManager.MatchFQDNs]
  • [INERelayManager.SetMatchFQDNs]

Instance Methods

  • [INERelayManager.GetLastClientErrorsCompletionHandler]

See: https://developer.apple.com/documentation/NetworkExtension/NERelayManager

type INETransparentProxyManager 

type INETransparentProxyManager interface {
	INEVPNManager
}

An interface definition for the NETransparentProxyManager class.

See: https://developer.apple.com/documentation/NetworkExtension/NETransparentProxyManager

type INETransparentProxyNetworkSettings 

type INETransparentProxyNetworkSettings interface {
	INETunnelNetworkSettings

	// An array of rules that collectively specify what traffic to route through the transparent proxy.
	IncludedNetworkRules() []NENetworkRule
	SetIncludedNetworkRules(value []NENetworkRule)
	// An array of rules that collectively specify what traffic to not route through the transparent proxy.
	ExcludedNetworkRules() []NENetworkRule
	SetExcludedNetworkRules(value []NENetworkRule)
}

An interface definition for the NETransparentProxyNetworkSettings class.

Traffic routing rules

  • [INETransparentProxyNetworkSettings.IncludedNetworkRules]: An array of rules that collectively specify what traffic to route through the transparent proxy.
  • [INETransparentProxyNetworkSettings.SetIncludedNetworkRules]
  • [INETransparentProxyNetworkSettings.ExcludedNetworkRules]: An array of rules that collectively specify what traffic to not route through the transparent proxy.
  • [INETransparentProxyNetworkSettings.SetExcludedNetworkRules]

See: https://developer.apple.com/documentation/NetworkExtension/NETransparentProxyNetworkSettings

type INETransparentProxyProvider 

type INETransparentProxyProvider interface {
	INEAppProxyProvider

	// An array of rules that collectively specify what traffic to route through the transparent proxy.
	IncludedNetworkRules() INENetworkRule
	SetIncludedNetworkRules(value INENetworkRule)
}

An interface definition for the NETransparentProxyProvider class.

See: https://developer.apple.com/documentation/NetworkExtension/NETransparentProxyProvider

type INETunnelNetworkSettings 

type INETunnelNetworkSettings interface {
	objectivec.IObject

	// Initialize a [NETunnelNetworkSettings] object.
	InitWithTunnelRemoteAddress(address string) NETunnelNetworkSettings

	// The IP address of the tunnel server.
	TunnelRemoteAddress() string
	// The tunnel DNS settings.
	DNSSettings() INEDNSSettings
	SetDNSSettings(value INEDNSSettings)
	// The tunnel HTTP proxy settings.
	ProxySettings() INEProxySettings
	SetProxySettings(value INEProxySettings)

	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NETunnelNetworkSettings class.

Initializing tunnel network settings

Accessing tunnel network settings

  • [INETunnelNetworkSettings.TunnelRemoteAddress]: The IP address of the tunnel server.
  • [INETunnelNetworkSettings.DNSSettings]: The tunnel DNS settings.
  • [INETunnelNetworkSettings.SetDNSSettings]
  • [INETunnelNetworkSettings.ProxySettings]: The tunnel HTTP proxy settings.
  • [INETunnelNetworkSettings.SetProxySettings]

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelNetworkSettings

type INETunnelProvider 

type INETunnelProvider interface {
	INEProvider

	// The configuration of the current tunneling session.
	ProtocolConfiguration() INEVPNProtocol
	// The method by which network traffic is routed to the tunnel.
	RoutingMethod() NETunnelProviderRoutingMethod
	// The app rules dictating which apps use the current tunneling session.
	AppRules() []NEAppRule

	// Specify the network settings for the current tunneling session.
	SetTunnelNetworkSettingsCompletionHandler(tunnelNetworkSettings INETunnelNetworkSettings, completionHandler ErrorHandler)

	// Handle messages sent by the tunnel provider extension’s containing app.
	HandleAppMessageCompletionHandler(messageData foundation.INSData, completionHandler DataHandler)

	// Indicate to the system that the tunnel is being re-established.
	Reasserting() bool
	SetReasserting(value bool)

	// The domain used for Tunnel Provider errors.
	NETunnelProviderErrorDomain() string
}

An interface definition for the NETunnelProvider class.

Getting the tunnel configuration

  • [INETunnelProvider.ProtocolConfiguration]: The configuration of the current tunneling session.
  • [INETunnelProvider.RoutingMethod]: The method by which network traffic is routed to the tunnel.
  • [INETunnelProvider.AppRules]: The app rules dictating which apps use the current tunneling session.

Configuring the tunnel interface

  • [INETunnelProvider.SetTunnelNetworkSettingsCompletionHandler]: Specify the network settings for the current tunneling session.

Communicating with the containing app

  • [INETunnelProvider.HandleAppMessageCompletionHandler]: Handle messages sent by the tunnel provider extension’s containing app.

Setting tunnel status

  • [INETunnelProvider.Reasserting]: Indicate to the system that the tunnel is being re-established.
  • [INETunnelProvider.SetReasserting]

Errors

  • [INETunnelProvider.NETunnelProviderErrorDomain]: The domain used for Tunnel Provider errors.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProvider

type INETunnelProviderManager 

type INETunnelProviderManager interface {
	INEVPNManager

	// Returns a copy of the app rules currently set in the configuration.
	CopyAppRules() []NEAppRule

	// The method that the system uses to route network traffic to the tunnel.
	RoutingMethod() NETunnelProviderRoutingMethod

	// The rules for specific apps in a per-app VPN.
	AppRules() []NEAppRule
	SetAppRules(value []NEAppRule)
	// The domains that the system excludes from a per-app VPN.
	ExcludedDomains() []string
	SetExcludedDomains(value []string)
	// The domains that the system routes network traffic through for a per-app VPN.
	AssociatedDomains() []string
	SetAssociatedDomains(value []string)
	// The calendar servers that the system routes connections from the Calendar app through for a per-app VPN.
	CalendarDomains() []string
	SetCalendarDomains(value []string)
	// The contacts servers that the system routes connections from the Contacts app through for a per-app VPN.
	ContactsDomains() []string
	SetContactsDomains(value []string)
	// The mail servers that the system routes connections from the Mail app through for a per-app VPN.
	MailDomains() []string
	SetMailDomains(value []string)
	// The website domains that the system routes connections from the Safari app through a per-app VPN.
	SafariDomains() []string
	SetSafariDomains(value []string)
}

An interface definition for the NETunnelProviderManager class.

Managing tunnel configurations

  • [INETunnelProviderManager.CopyAppRules]: Returns a copy of the app rules currently set in the configuration.

Getting tunnel configuration properties

  • [INETunnelProviderManager.RoutingMethod]: The method that the system uses to route network traffic to the tunnel.

Configuring a per-app VPN

  • [INETunnelProviderManager.AppRules]: The rules for specific apps in a per-app VPN.
  • [INETunnelProviderManager.SetAppRules]
  • [INETunnelProviderManager.ExcludedDomains]: The domains that the system excludes from a per-app VPN.
  • [INETunnelProviderManager.SetExcludedDomains]
  • [INETunnelProviderManager.AssociatedDomains]: The domains that the system routes network traffic through for a per-app VPN.
  • [INETunnelProviderManager.SetAssociatedDomains]
  • [INETunnelProviderManager.CalendarDomains]: The calendar servers that the system routes connections from the Calendar app through for a per-app VPN.
  • [INETunnelProviderManager.SetCalendarDomains]
  • [INETunnelProviderManager.ContactsDomains]: The contacts servers that the system routes connections from the Contacts app through for a per-app VPN.
  • [INETunnelProviderManager.SetContactsDomains]
  • [INETunnelProviderManager.MailDomains]: The mail servers that the system routes connections from the Mail app through for a per-app VPN.
  • [INETunnelProviderManager.SetMailDomains]
  • [INETunnelProviderManager.SafariDomains]: The website domains that the system routes connections from the Safari app through a per-app VPN.
  • [INETunnelProviderManager.SetSafariDomains]

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderManager

type INETunnelProviderProtocol 

type INETunnelProviderProtocol interface {
	INEVPNProtocol

	// A dictionary containing keys and values defined by the Tunnel Provider developer.
	ProviderConfiguration() foundation.INSDictionary
	SetProviderConfiguration(value foundation.INSDictionary)
	// A string identifying the specific Tunnel Provider extension that should be used with this configuration.
	ProviderBundleIdentifier() string
	SetProviderBundleIdentifier(value string)
}

An interface definition for the NETunnelProviderProtocol class.

Accessing the tunnel configuration

  • [INETunnelProviderProtocol.ProviderConfiguration]: A dictionary containing keys and values defined by the Tunnel Provider developer.
  • [INETunnelProviderProtocol.SetProviderConfiguration]
  • [INETunnelProviderProtocol.ProviderBundleIdentifier]: A string identifying the specific Tunnel Provider extension that should be used with this configuration.
  • [INETunnelProviderProtocol.SetProviderBundleIdentifier]

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderProtocol

type INETunnelProviderSession 

type INETunnelProviderSession interface {
	INEVPNConnection

	// Start the process of connecting the tunnel.
	StartTunnelWithOptionsAndReturnError(options foundation.INSDictionary) (bool, error)
	// Start the process of disconnecting the tunnel.
	StopTunnel()

	// Send a message to the Tunnel Provider extension. If the extension is not running, it should be launched to handle the message. If this method can’t start sending the message it reports an error in the `returnError` parameter. If an error occurs while sending the message or returning the result, `nil` should be sent to the response handler as notification.
	SendProviderMessageReturnErrorResponseHandler(messageData foundation.INSData, error_ foundation.INSError, responseHandler DataHandler) bool
}

An interface definition for the NETunnelProviderSession class.

Controlling the tunnel connection

  • [INETunnelProviderSession.StartTunnelWithOptionsAndReturnError]: Start the process of connecting the tunnel.
  • [INETunnelProviderSession.StopTunnel]: Start the process of disconnecting the tunnel.

Communicating with the tunnel provider

  • [INETunnelProviderSession.SendProviderMessageReturnErrorResponseHandler]: Send a message to the Tunnel Provider extension. If the extension is not running, it should be launched to handle the message. If this method can’t start sending the message it reports an error in the `returnError` parameter. If an error occurs while sending the message or returning the result, `nil` should be sent to the response handler as notification.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderSession

type INEURLFilter 

type INEURLFilter interface {
	objectivec.IObject
}

An interface definition for the NEURLFilter class.

See: https://developer.apple.com/documentation/NetworkExtension/NEURLFilter

type INEVPNConnection 

type INEVPNConnection interface {
	objectivec.IObject

	// Start the process of connecting the VPN.
	StartVPNTunnelAndReturnError() (bool, error)
	// Start the process of connecting the VPN.
	StartVPNTunnelWithOptionsAndReturnError(options foundation.INSDictionary) (bool, error)
	NEVPNConnectionStartOptionUsername() string
	NEVPNConnectionStartOptionPassword() string
	// Start the process of disconnecting the VPN.
	StopVPNTunnel()

	Manager() INEVPNManager
	// The current status of the VPN connection.
	Status() NEVPNStatus
	// The date and time when the connection status changed to [NEVPNStatusConnected].
	ConnectedDate() foundation.INSDate

	// Posted when the status of the VPN connection changes.
	NEVPNStatusDidChange() foundation.NSString

	// Retrives the most recent error that caused the VPN to disconnect.
	FetchLastDisconnectErrorWithCompletionHandler(handler ErrorHandler)
	// The domain for errors resulting from VPN connection calls.
	NEVPNConnectionErrorDomain() string
}

An interface definition for the NEVPNConnection class.

Controlling the VPN connection

  • [INEVPNConnection.StartVPNTunnelAndReturnError]: Start the process of connecting the VPN.
  • [INEVPNConnection.StartVPNTunnelWithOptionsAndReturnError]: Start the process of connecting the VPN.
  • [INEVPNConnection.NEVPNConnectionStartOptionUsername]
  • [INEVPNConnection.NEVPNConnectionStartOptionPassword]
  • [INEVPNConnection.StopVPNTunnel]: Start the process of disconnecting the VPN.

Getting VPN connection status

  • [INEVPNConnection.Manager]
  • [INEVPNConnection.Status]: The current status of the VPN connection.
  • [INEVPNConnection.ConnectedDate]: The date and time when the connection status changed to NEVPNStatusConnected.

Notifications

  • [INEVPNConnection.NEVPNStatusDidChange]: Posted when the status of the VPN connection changes.

Handling errors

  • [INEVPNConnection.FetchLastDisconnectErrorWithCompletionHandler]: Retrives the most recent error that caused the VPN to disconnect.
  • [INEVPNConnection.NEVPNConnectionErrorDomain]: The domain for errors resulting from VPN connection calls.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNConnection

type INEVPNIKEv2PPKConfiguration 

type INEVPNIKEv2PPKConfiguration interface {
	objectivec.IObject

	// Initializes a quantum-secure pre-shared key (PPK) configuration.
	InitWithIdentifierKeychainReference(identifier string, keychainReference foundation.INSData) NEVPNIKEv2PPKConfiguration

	// The identifier for the PPK.
	Identifier() string
	// A persistent reference to the key in the keychain.
	KeychainReference() foundation.INSData
	// A Boolean value that indicates whether it’s mandatory for the VPN server to use this PPK.
	IsMandatory() bool
	SetIsMandatory(value bool)

	// A Boolean value that indicates whether servers that don’t support post-quantum key exchanges can skip them.
	AllowPostQuantumKeyExchangeFallback() bool
	SetAllowPostQuantumKeyExchangeFallback(value bool)
	// The configuration for a post-quantum pre-shared key (PPK).
	PpkConfiguration() INEVPNIKEv2PPKConfiguration
	SetPpkConfiguration(value INEVPNIKEv2PPKConfiguration)
}

An interface definition for the NEVPNIKEv2PPKConfiguration class.

Creating a PPK configuration

  • [INEVPNIKEv2PPKConfiguration.InitWithIdentifierKeychainReference]: Initializes a quantum-secure pre-shared key (PPK) configuration.

Accessing the configuration parameters

  • [INEVPNIKEv2PPKConfiguration.Identifier]: The identifier for the PPK.
  • [INEVPNIKEv2PPKConfiguration.KeychainReference]: A persistent reference to the key in the keychain.
  • [INEVPNIKEv2PPKConfiguration.IsMandatory]: A Boolean value that indicates whether it’s mandatory for the VPN server to use this PPK.
  • [INEVPNIKEv2PPKConfiguration.SetIsMandatory]

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEv2PPKConfiguration

type INEVPNIKEv2SecurityAssociationParameters 

type INEVPNIKEv2SecurityAssociationParameters interface {
	objectivec.IObject

	// The algorithm used by the Security Association to encrypt and decrypt data.
	EncryptionAlgorithm() NEVPNIKEv2EncryptionAlgorithm
	SetEncryptionAlgorithm(value NEVPNIKEv2EncryptionAlgorithm)
	// The algorithm used by the Security Association to verify the integrity of data.
	IntegrityAlgorithm() NEVPNIKEv2IntegrityAlgorithm
	SetIntegrityAlgorithm(value NEVPNIKEv2IntegrityAlgorithm)
	// The Diffie Hellman group used by the Security Association.
	DiffieHellmanGroup() NEVPNIKEv2DiffieHellmanGroup
	SetDiffieHellmanGroup(value NEVPNIKEv2DiffieHellmanGroup)
	// The duration of the lifetime of the Security Association, in minutes.
	LifetimeMinutes() int32
	SetLifetimeMinutes(value int32)
	// A list of the quantum-secure key exchange methods the Security Association uses.
	PostQuantumKeyExchangeMethods() NEVPNIKEv2PostQuantumKeyExchangeMethod
	SetPostQuantumKeyExchangeMethods(value NEVPNIKEv2PostQuantumKeyExchangeMethod)

	// An
	ChildSecurityAssociationParameters() INEVPNIKEv2SecurityAssociationParameters
	SetChildSecurityAssociationParameters(value INEVPNIKEv2SecurityAssociationParameters)
	// An
	IkeSecurityAssociationParameters() INEVPNIKEv2SecurityAssociationParameters
	SetIkeSecurityAssociationParameters(value INEVPNIKEv2SecurityAssociationParameters)
	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NEVPNIKEv2SecurityAssociationParameters class.

IKEv2 Security Association parameters

  • [INEVPNIKEv2SecurityAssociationParameters.EncryptionAlgorithm]: The algorithm used by the Security Association to encrypt and decrypt data.
  • [INEVPNIKEv2SecurityAssociationParameters.SetEncryptionAlgorithm]
  • [INEVPNIKEv2SecurityAssociationParameters.IntegrityAlgorithm]: The algorithm used by the Security Association to verify the integrity of data.
  • [INEVPNIKEv2SecurityAssociationParameters.SetIntegrityAlgorithm]
  • [INEVPNIKEv2SecurityAssociationParameters.DiffieHellmanGroup]: The Diffie Hellman group used by the Security Association.
  • [INEVPNIKEv2SecurityAssociationParameters.SetDiffieHellmanGroup]
  • [INEVPNIKEv2SecurityAssociationParameters.LifetimeMinutes]: The duration of the lifetime of the Security Association, in minutes.
  • [INEVPNIKEv2SecurityAssociationParameters.SetLifetimeMinutes]
  • [INEVPNIKEv2SecurityAssociationParameters.PostQuantumKeyExchangeMethods]: A list of the quantum-secure key exchange methods the Security Association uses.
  • [INEVPNIKEv2SecurityAssociationParameters.SetPostQuantumKeyExchangeMethods]

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEv2SecurityAssociationParameters

type INEVPNManager 

type INEVPNManager interface {
	objectivec.IObject

	// Load the VPN configuration from the Network Extension preferences.
	LoadFromPreferencesWithCompletionHandler(completionHandler ErrorHandler)
	// Save the VPN configuration in the Network Extension preferences.
	SaveToPreferencesWithCompletionHandler(completionHandler ErrorHandler)
	SetAuthorization(authorization objectivec.IObject)
	// Remove the VPN configuration from the Network Extension preferences.
	RemoveFromPreferencesWithCompletionHandler(completionHandler ErrorHandler)

	// A Boolean used to toggle the enabled state of the VPN configuration.
	Enabled() bool
	SetEnabled(value bool)
	// An [NEVPNProtocol](<doc://com.apple.networkextension/documentation/NetworkExtension/NEVPNProtocol>) object containing the configuration settings of the VPN tunneling protocol.
	ProtocolConfiguration() INEVPNProtocol
	SetProtocolConfiguration(value INEVPNProtocol)
	// A string containing the display name of the VPN configuration.
	LocalizedDescription() string
	SetLocalizedDescription(value string)
	// A Boolean used to toggle the Connect On Demand capability.
	OnDemandEnabled() bool
	SetOnDemandEnabled(value bool)
	// An ordered list of Connect On Demand rules.
	OnDemandRules() []NEOnDemandRule
	SetOnDemandRules(value []NEOnDemandRule)

	// An [NEVPNConnection](<doc://com.apple.networkextension/documentation/NetworkExtension/NEVPNConnection>) object that is used to control the VPN tunnel specified by the VPN configuration.
	Connection() INEVPNConnection

	NEVPNErrorDomain() string

	// Posted after the VPN configuration stored in the Network Extension preferences changes.
	NEVPNConfigurationChange() foundation.NSString
}

An interface definition for the NEVPNManager class.

Managing VPN configurations

  • [INEVPNManager.LoadFromPreferencesWithCompletionHandler]: Load the VPN configuration from the Network Extension preferences.
  • [INEVPNManager.SaveToPreferencesWithCompletionHandler]: Save the VPN configuration in the Network Extension preferences.
  • [INEVPNManager.SetAuthorization]
  • [INEVPNManager.RemoveFromPreferencesWithCompletionHandler]: Remove the VPN configuration from the Network Extension preferences.

Accessing VPN configuration properties

  • [INEVPNManager.Enabled]: A Boolean used to toggle the enabled state of the VPN configuration.
  • [INEVPNManager.SetEnabled]
  • [INEVPNManager.ProtocolConfiguration]: An NEVPNProtocol(<doc://com.apple.networkextension/documentation/NetworkExtension/NEVPNProtocol>) object containing the configuration settings of the VPN tunneling protocol.
  • [INEVPNManager.SetProtocolConfiguration]
  • [INEVPNManager.LocalizedDescription]: A string containing the display name of the VPN configuration.
  • [INEVPNManager.SetLocalizedDescription]
  • [INEVPNManager.OnDemandEnabled]: A Boolean used to toggle the Connect On Demand capability.
  • [INEVPNManager.SetOnDemandEnabled]
  • [INEVPNManager.OnDemandRules]: An ordered list of Connect On Demand rules.
  • [INEVPNManager.SetOnDemandRules]

Connecting and disconnecting VPN

  • [INEVPNManager.Connection]: An NEVPNConnection(<doc://com.apple.networkextension/documentation/NetworkExtension/NEVPNConnection>) object that is used to control the VPN tunnel specified by the VPN configuration.

Errors

  • [INEVPNManager.NEVPNErrorDomain]

Notifications

  • [INEVPNManager.NEVPNConfigurationChange]: Posted after the VPN configuration stored in the Network Extension preferences changes.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNManager

type INEVPNProtocol 

type INEVPNProtocol interface {
	objectivec.IObject

	// The address of the VPN server.
	ServerAddress() string
	SetServerAddress(value string)
	// A Boolean value that indicates whether the VPN disconnects when the device sleeps.
	DisconnectOnSleep() bool
	SetDisconnectOnSleep(value bool)
	// The proxy settings to use for HTTP and HTTPS connections that route through the VPN.
	ProxySettings() INEProxySettings
	SetProxySettings(value INEProxySettings)

	// The user name component of the tunneling protocol authentication credential.
	Username() string
	SetUsername(value string)
	// A persistent keychain reference to a keychain item containing the password component of the tunneling protocol authentication credential.
	PasswordReference() foundation.INSData
	SetPasswordReference(value foundation.INSData)
	// A persistent keychain reference to a keychain item containing the certificate and private key components of the tunneling protocol authentication credential.
	IdentityReference() foundation.INSData
	SetIdentityReference(value foundation.INSData)
	// The certificate and private key components of the tunneling protocol authentication credential, in PKCS12 format.
	IdentityData() foundation.INSData
	SetIdentityData(value foundation.INSData)
	// The password for the PKCS12 tunneling protocol authentication credentials.
	IdentityDataPassword() string
	SetIdentityDataPassword(value string)

	// A Boolean value that indicates whether the system sends most network traffic over the tunnel.
	IncludeAllNetworks() bool
	SetIncludeAllNetworks(value bool)
	// A Boolean value that indicates whether the system excludes all APNs network traffic from the tunnel.
	ExcludeAPNs() bool
	SetExcludeAPNs(value bool)
	// A Boolean value that indicates whether the system excludes all cellular services network traffic from the tunnel.
	ExcludeCellularServices() bool
	SetExcludeCellularServices(value bool)
	// A Boolean value that indicates whether the system excludes all traffic destined for local networks from the tunnel.
	ExcludeLocalNetworks() bool
	SetExcludeLocalNetworks(value bool)
	// A Boolean value that indicates whether route rules for the tunnel take precedence over any locally defined routes.
	EnforceRoutes() bool
	SetEnforceRoutes(value bool)

	ExcludeDeviceCommunication() bool
	SetExcludeDeviceCommunication(value bool)

	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NEVPNProtocol class.

Configuring the VPN

  • [INEVPNProtocol.ServerAddress]: The address of the VPN server.
  • [INEVPNProtocol.SetServerAddress]
  • [INEVPNProtocol.DisconnectOnSleep]: A Boolean value that indicates whether the VPN disconnects when the device sleeps.
  • [INEVPNProtocol.SetDisconnectOnSleep]
  • [INEVPNProtocol.ProxySettings]: The proxy settings to use for HTTP and HTTPS connections that route through the VPN.
  • [INEVPNProtocol.SetProxySettings]

Authenticating the user

  • [INEVPNProtocol.Username]: The user name component of the tunneling protocol authentication credential.
  • [INEVPNProtocol.SetUsername]
  • [INEVPNProtocol.PasswordReference]: A persistent keychain reference to a keychain item containing the password component of the tunneling protocol authentication credential.
  • [INEVPNProtocol.SetPasswordReference]
  • [INEVPNProtocol.IdentityReference]: A persistent keychain reference to a keychain item containing the certificate and private key components of the tunneling protocol authentication credential.
  • [INEVPNProtocol.SetIdentityReference]
  • [INEVPNProtocol.IdentityData]: The certificate and private key components of the tunneling protocol authentication credential, in PKCS12 format.
  • [INEVPNProtocol.SetIdentityData]
  • [INEVPNProtocol.IdentityDataPassword]: The password for the PKCS12 tunneling protocol authentication credentials.
  • [INEVPNProtocol.SetIdentityDataPassword]

Routing network traffic

  • [INEVPNProtocol.IncludeAllNetworks]: A Boolean value that indicates whether the system sends most network traffic over the tunnel.
  • [INEVPNProtocol.SetIncludeAllNetworks]
  • [INEVPNProtocol.ExcludeAPNs]: A Boolean value that indicates whether the system excludes all APNs network traffic from the tunnel.
  • [INEVPNProtocol.SetExcludeAPNs]
  • [INEVPNProtocol.ExcludeCellularServices]: A Boolean value that indicates whether the system excludes all cellular services network traffic from the tunnel.
  • [INEVPNProtocol.SetExcludeCellularServices]
  • [INEVPNProtocol.ExcludeLocalNetworks]: A Boolean value that indicates whether the system excludes all traffic destined for local networks from the tunnel.
  • [INEVPNProtocol.SetExcludeLocalNetworks]
  • [INEVPNProtocol.EnforceRoutes]: A Boolean value that indicates whether route rules for the tunnel take precedence over any locally defined routes.
  • [INEVPNProtocol.SetEnforceRoutes]

Instance Properties

  • [INEVPNProtocol.ExcludeDeviceCommunication]
  • [INEVPNProtocol.SetExcludeDeviceCommunication]

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocol

type INEVPNProtocolIKEv2 

type INEVPNProtocolIKEv2 interface {
	INEVPNProtocolIPSec

	// An [NEVPNIKEv2SecurityAssociationParameters](<doc://com.apple.networkextension/documentation/NetworkExtension/NEVPNIKEv2SecurityAssociationParameters>) object containing the parameters for the initial IKE security association to be negotiated with the IKEv2 server.
	IKESecurityAssociationParameters() INEVPNIKEv2SecurityAssociationParameters
	// An [NEVPNIKEv2SecurityAssociationParameters](<doc://com.apple.networkextension/documentation/NetworkExtension/NEVPNIKEv2SecurityAssociationParameters>) object containing the parameters for the child IPSec security associations to be negotiated for each IKEv2 policy.
	ChildSecurityAssociationParameters() INEVPNIKEv2SecurityAssociationParameters

	// A string containing the value of the Subject Common Name field of the Certificate Authority certificate that issued the IKEv2 server’s certificate.
	ServerCertificateIssuerCommonName() string
	SetServerCertificateIssuerCommonName(value string)
	// A string containing the value of the Subject Common Name field of the IKEv2 server’s certificate.
	ServerCertificateCommonName() string
	SetServerCertificateCommonName(value string)
	// The type of the certificate in the identity configured in `identityReference` or `identityData`.
	CertificateType() NEVPNIKEv2CertificateType
	SetCertificateType(value NEVPNIKEv2CertificateType)

	// The minimum TLS version to allow for EAP-TLS authentication.
	MinimumTLSVersion() NEVPNIKEv2TLSVersion
	SetMinimumTLSVersion(value NEVPNIKEv2TLSVersion)
	// The minimum TLS version to allow for EAP-TLS authentication.
	MaximumTLSVersion() NEVPNIKEv2TLSVersion
	SetMaximumTLSVersion(value NEVPNIKEv2TLSVersion)

	// The frequency at which the IKEv2 client will run the dead peer detection algorithm.
	DeadPeerDetectionRate() NEVPNIKEv2DeadPeerDetectionRate
	SetDeadPeerDetectionRate(value NEVPNIKEv2DeadPeerDetectionRate)
	// A Boolean indicating whether or not the IKEv2 client should use the INTERNAL_IP4_SUBNET and/or INTERNAL_IP6_SUBNET attributes sent by the IKEv2 server.
	UseConfigurationAttributeInternalIPSubnet() bool
	SetUseConfigurationAttributeInternalIPSubnet(value bool)
	// A Boolean indicating whether or not MOBIKE should be disabled for the IKEv2 sessions.
	DisableMOBIKE() bool
	SetDisableMOBIKE(value bool)
	// A Boolean indicating whether or not IKEv2 server redirects are disabled.
	DisableRedirect() bool
	SetDisableRedirect(value bool)
	// A Boolean indicating whether or not Perfect Forward Secrecy is enabled.
	EnablePFS() bool
	SetEnablePFS(value bool)
	// Enable revocation checking of the IKEv2 server certificate.
	EnableRevocationCheck() bool
	SetEnableRevocationCheck(value bool)
	// Require a “not revoked” result when checking if the certificate identifying the server is revoked.
	StrictRevocationCheck() bool
	SetStrictRevocationCheck(value bool)
	// The Maximum Transmission Unit (MTU) size in bytes to assign to the tunnel interface.
	Mtu() uint
	SetMtu(value uint)

	// A Boolean value that indicates whether servers that don’t support post-quantum key exchanges can skip them.
	AllowPostQuantumKeyExchangeFallback() bool
	SetAllowPostQuantumKeyExchangeFallback(value bool)
	// The configuration for a post-quantum pre-shared key (PPK).
	PpkConfiguration() INEVPNIKEv2PPKConfiguration
	SetPpkConfiguration(value INEVPNIKEv2PPKConfiguration)
}

An interface definition for the NEVPNProtocolIKEv2 class.

Accessing IKEv2 Security Association parameters

  • [INEVPNProtocolIKEv2.IKESecurityAssociationParameters]: An NEVPNIKEv2SecurityAssociationParameters(<doc://com.apple.networkextension/documentation/NetworkExtension/NEVPNIKEv2SecurityAssociationParameters>) object containing the parameters for the initial IKE security association to be negotiated with the IKEv2 server.
  • [INEVPNProtocolIKEv2.ChildSecurityAssociationParameters]: An NEVPNIKEv2SecurityAssociationParameters(<doc://com.apple.networkextension/documentation/NetworkExtension/NEVPNIKEv2SecurityAssociationParameters>) object containing the parameters for the child IPSec security associations to be negotiated for each IKEv2 policy.

Accessing certificate properties

  • [INEVPNProtocolIKEv2.ServerCertificateIssuerCommonName]: A string containing the value of the Subject Common Name field of the Certificate Authority certificate that issued the IKEv2 server’s certificate.
  • [INEVPNProtocolIKEv2.SetServerCertificateIssuerCommonName]
  • [INEVPNProtocolIKEv2.ServerCertificateCommonName]: A string containing the value of the Subject Common Name field of the IKEv2 server’s certificate.
  • [INEVPNProtocolIKEv2.SetServerCertificateCommonName]
  • [INEVPNProtocolIKEv2.CertificateType]: The type of the certificate in the identity configured in `identityReference` or `identityData`.
  • [INEVPNProtocolIKEv2.SetCertificateType]

Accessing TLS version properties

  • [INEVPNProtocolIKEv2.MinimumTLSVersion]: The minimum TLS version to allow for EAP-TLS authentication.
  • [INEVPNProtocolIKEv2.SetMinimumTLSVersion]
  • [INEVPNProtocolIKEv2.MaximumTLSVersion]: The minimum TLS version to allow for EAP-TLS authentication.
  • [INEVPNProtocolIKEv2.SetMaximumTLSVersion]

Accessing other IKEv2 properties

  • [INEVPNProtocolIKEv2.DeadPeerDetectionRate]: The frequency at which the IKEv2 client will run the dead peer detection algorithm.
  • [INEVPNProtocolIKEv2.SetDeadPeerDetectionRate]
  • [INEVPNProtocolIKEv2.UseConfigurationAttributeInternalIPSubnet]: A Boolean indicating whether or not the IKEv2 client should use the INTERNAL_IP4_SUBNET and/or INTERNAL_IP6_SUBNET attributes sent by the IKEv2 server.
  • [INEVPNProtocolIKEv2.SetUseConfigurationAttributeInternalIPSubnet]
  • [INEVPNProtocolIKEv2.DisableMOBIKE]: A Boolean indicating whether or not MOBIKE should be disabled for the IKEv2 sessions.
  • [INEVPNProtocolIKEv2.SetDisableMOBIKE]
  • [INEVPNProtocolIKEv2.DisableRedirect]: A Boolean indicating whether or not IKEv2 server redirects are disabled.
  • [INEVPNProtocolIKEv2.SetDisableRedirect]
  • [INEVPNProtocolIKEv2.EnablePFS]: A Boolean indicating whether or not Perfect Forward Secrecy is enabled.
  • [INEVPNProtocolIKEv2.SetEnablePFS]
  • [INEVPNProtocolIKEv2.EnableRevocationCheck]: Enable revocation checking of the IKEv2 server certificate.
  • [INEVPNProtocolIKEv2.SetEnableRevocationCheck]
  • [INEVPNProtocolIKEv2.StrictRevocationCheck]: Require a “not revoked” result when checking if the certificate identifying the server is revoked.
  • [INEVPNProtocolIKEv2.SetStrictRevocationCheck]
  • [INEVPNProtocolIKEv2.Mtu]: The Maximum Transmission Unit (MTU) size in bytes to assign to the tunnel interface.
  • [INEVPNProtocolIKEv2.SetMtu]

Supporting quantum-secure cryptography

  • [INEVPNProtocolIKEv2.AllowPostQuantumKeyExchangeFallback]: A Boolean value that indicates whether servers that don’t support post-quantum key exchanges can skip them.
  • [INEVPNProtocolIKEv2.SetAllowPostQuantumKeyExchangeFallback]
  • [INEVPNProtocolIKEv2.PpkConfiguration]: The configuration for a post-quantum pre-shared key (PPK).
  • [INEVPNProtocolIKEv2.SetPpkConfiguration]

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIKEv2

type INEVPNProtocolIPSec 

type INEVPNProtocolIPSec interface {
	INEVPNProtocol

	// The method used to authenticate the device with the IPSec server. For IKE version 2, when using extended authentication, this authentication method only affects how the client validates the authentication payload presented by the server.
	AuthenticationMethod() NEVPNIKEAuthenticationMethod
	SetAuthenticationMethod(value NEVPNIKEAuthenticationMethod)
	// A flag indicating if extended authentication will be negotiated.
	UseExtendedAuthentication() bool
	SetUseExtendedAuthentication(value bool)
	// A persistent keychain reference to a keychain item containing the IKE shared secret.
	SharedSecretReference() foundation.INSData
	SetSharedSecretReference(value foundation.INSData)
	// A string identifying the iOS or macOS device for authentication purposes
	LocalIdentifier() string
	SetLocalIdentifier(value string)
	// A string identifying the IPSec server for authentication purposes
	RemoteIdentifier() string
	SetRemoteIdentifier(value string)
}

An interface definition for the NEVPNProtocolIPSec class.

Accessing IPSec properties

  • [INEVPNProtocolIPSec.AuthenticationMethod]: The method used to authenticate the device with the IPSec server. For IKE version 2, when using extended authentication, this authentication method only affects how the client validates the authentication payload presented by the server.
  • [INEVPNProtocolIPSec.SetAuthenticationMethod]
  • [INEVPNProtocolIPSec.UseExtendedAuthentication]: A flag indicating if extended authentication will be negotiated.
  • [INEVPNProtocolIPSec.SetUseExtendedAuthentication]
  • [INEVPNProtocolIPSec.SharedSecretReference]: A persistent keychain reference to a keychain item containing the IKE shared secret.
  • [INEVPNProtocolIPSec.SetSharedSecretReference]
  • [INEVPNProtocolIPSec.LocalIdentifier]: A string identifying the iOS or macOS device for authentication purposes
  • [INEVPNProtocolIPSec.SetLocalIdentifier]
  • [INEVPNProtocolIPSec.RemoteIdentifier]: A string identifying the IPSec server for authentication purposes
  • [INEVPNProtocolIPSec.SetRemoteIdentifier]

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIPSec

type INWBonjourServiceEndpoint 

type INWBonjourServiceEndpoint interface {
	INWEndpoint

	// The endpoint’s Bonjour service name.
	Name() string
	// The endpoint’s Bonjour service type.
	Type() string
	// The endpoint’s Bonjour service domain, such as `"local"`.
	Domain() string
}

An interface definition for the NWBonjourServiceEndpoint class.

Getting endpoint properties

  • [INWBonjourServiceEndpoint.Name]: The endpoint’s Bonjour service name.
  • [INWBonjourServiceEndpoint.Type]: The endpoint’s Bonjour service type.
  • [INWBonjourServiceEndpoint.Domain]: The endpoint’s Bonjour service domain, such as `"local"`.

See: https://developer.apple.com/documentation/NetworkExtension/NWBonjourServiceEndpoint

type INWEndpoint 

type INWEndpoint interface {
	objectivec.IObject

	EncodeWithCoder(coder foundation.INSCoder)
}

An interface definition for the NWEndpoint class.

See: https://developer.apple.com/documentation/NetworkExtension/NWEndpoint

type INWHostEndpoint 

type INWHostEndpoint interface {
	INWEndpoint

	// The endpoint’s hostname.
	Hostname() string
	// The endpoint’s port, represented as a string.
	Port() string
}

An interface definition for the NWHostEndpoint class.

Getting endpoint properties

  • [INWHostEndpoint.Hostname]: The endpoint’s hostname.
  • [INWHostEndpoint.Port]: The endpoint’s port, represented as a string.

See: https://developer.apple.com/documentation/NetworkExtension/NWHostEndpoint

type INWPath 

type INWPath interface {
	objectivec.IObject

	// The evaluated status of the network path.
	Status() NWPathStatus
	// A Boolean that indicates whether or not the path uses an expensive interface.
	Expensive() bool
	// A Boolean that indicates whether or not the path uses a constrained interface, such as when using low-data mode.
	Constrained() bool
}

An interface definition for the NWPath class.

Getting network path properties

  • [INWPath.Status]: The evaluated status of the network path.
  • [INWPath.Expensive]: A Boolean that indicates whether or not the path uses an expensive interface.
  • [INWPath.Constrained]: A Boolean that indicates whether or not the path uses a constrained interface, such as when using low-data mode.

See: https://developer.apple.com/documentation/NetworkExtension/NWPath

type INWTCPConnection 

type INWTCPConnection interface {
	objectivec.IObject

	// The status of the connection.
	State() NWTCPConnectionState
	// The viability of a TCP connection indicates whether or not data can be transferred.
	Viable() bool
	// The connection-wide error property.
	Error() foundation.INSError

	// If a connection has a better path, new connections would use a different interface.
	HasBetterPath() bool

	// The destination endpoint with which this connection was created.
	Endpoint() INWEndpoint
	// The IP address endpoint from which the connection was established.
	LocalAddress() INWEndpoint
	// The IP address endpoint to which the connection was established.
	RemoteAddress() INWEndpoint
	// The network path over which the connection was established.
	ConnectedPath() INWPath
	// The TXT record associated with a connected Bonjour service endpoint.
	TxtRecord() foundation.INSData
}

An interface definition for the NWTCPConnection class.

Monitoring the connection status

  • [INWTCPConnection.State]: The status of the connection.
  • [INWTCPConnection.Viable]: The viability of a TCP connection indicates whether or not data can be transferred.
  • [INWTCPConnection.Error]: The connection-wide error property.

Responding to network changes

  • [INWTCPConnection.HasBetterPath]: If a connection has a better path, new connections would use a different interface.

Getting connection properties

  • [INWTCPConnection.Endpoint]: The destination endpoint with which this connection was created.
  • [INWTCPConnection.LocalAddress]: The IP address endpoint from which the connection was established.
  • [INWTCPConnection.RemoteAddress]: The IP address endpoint to which the connection was established.
  • [INWTCPConnection.ConnectedPath]: The network path over which the connection was established.
  • [INWTCPConnection.TxtRecord]: The TXT record associated with a connected Bonjour service endpoint.

See: https://developer.apple.com/documentation/NetworkExtension/NWTCPConnection

type INWTLSParameters 

type INWTLSParameters interface {
	objectivec.IObject

	// The Session ID to use for the associated TCP connection.
	TLSSessionID() foundation.INSData
	SetTLSSessionID(value foundation.INSData)
	// The set of allowed cipher suites when negotiating TLS.
	SSLCipherSuites() foundation.INSSet
	SetSSLCipherSuites(value foundation.INSSet)
	// The minimum allowed [SSLProtocol] value to use when negotiating TLS.
	MinimumSSLProtocolVersion() uint
	SetMinimumSSLProtocolVersion(value uint)
	// The maximum allowed [SSLProtocol] value to use when negotiating TLS.
	MaximumSSLProtocolVersion() uint
	SetMaximumSSLProtocolVersion(value uint)
}

An interface definition for the NWTLSParameters class.

Accessing TLS parameters

  • [INWTLSParameters.TLSSessionID]: The Session ID to use for the associated TCP connection.
  • [INWTLSParameters.SetTLSSessionID]
  • [INWTLSParameters.SSLCipherSuites]: The set of allowed cipher suites when negotiating TLS.
  • [INWTLSParameters.SetSSLCipherSuites]
  • [INWTLSParameters.MinimumSSLProtocolVersion]: The minimum allowed [SSLProtocol] value to use when negotiating TLS.
  • [INWTLSParameters.SetMinimumSSLProtocolVersion]
  • [INWTLSParameters.MaximumSSLProtocolVersion]: The maximum allowed [SSLProtocol] value to use when negotiating TLS.
  • [INWTLSParameters.SetMaximumSSLProtocolVersion]

See: https://developer.apple.com/documentation/NetworkExtension/NWTLSParameters

type INWUDPSession 

type INWUDPSession interface {
	objectivec.IObject

	// The current state of the UDP session.
	State() NWUDPSessionState
	// The viability of a UDP session represents whether or not data can be transferred.
	Viable() bool

	// The currently targeted remote endpoint.
	ResolvedEndpoint() INWEndpoint

	// The maximum size of a datagram to be written currently.
	MaximumDatagramLength() uint

	// If a session has a better path, new session would use a different interface.
	HasBetterPath() bool

	// The destination endpoint with which this session was created.
	Endpoint() INWEndpoint
	// The current evaluated path for the session’s [resolvedEndpoint](<doc://com.apple.networkextension/documentation/NetworkExtension/NWUDPSession/resolvedEndpoint>) property.
	CurrentPath() INWPath
}

An interface definition for the NWUDPSession class.

Monitoring the session state

  • [INWUDPSession.State]: The current state of the UDP session.
  • [INWUDPSession.Viable]: The viability of a UDP session represents whether or not data can be transferred.

Selecting remote endpoints

  • [INWUDPSession.ResolvedEndpoint]: The currently targeted remote endpoint.

Transferring data

  • [INWUDPSession.MaximumDatagramLength]: The maximum size of a datagram to be written currently.

Responding to network changes

  • [INWUDPSession.HasBetterPath]: If a session has a better path, new session would use a different interface.

Getting session properties

  • [INWUDPSession.Endpoint]: The destination endpoint with which this session was created.
  • [INWUDPSession.CurrentPath]: The current evaluated path for the session’s [resolvedEndpoint](<doc://com.apple.networkextension/documentation/NetworkExtension/NWUDPSession/resolvedEndpoint>) property.

See: https://developer.apple.com/documentation/NetworkExtension/NWUDPSession

type NEAppProxyFlow 

type NEAppProxyFlow struct {
	objectivec.Object
}

An abstract base class shared by NEAppProxyTCPFlow and NEAppProxyUDPFlow.

Overview

App Proxy Providers receive network connections to be proxied in the form of NEAppProxyFlow objects, which are passed to the App Proxy Provider via the [HandleNewFlow] method.

NEAppProxyFlow objects are initially in an unopened state. Before they can be used to transmit network data, they must be opened using the [NEAppProxyFlow.OpenWithLocalEndpointCompletionHandler] method. When you are finished with a flow, you should call NEAppProxyFlow.CloseReadWithError and NEAppProxyFlow.CloseWriteWithError, and then release the NEAppProxyFlow object.

Managing the flow life cycle

Accessing flow information

Errors

Instance Properties

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyFlow

func NEAppProxyFlowFromID 

func NEAppProxyFlowFromID(id objc.ID) NEAppProxyFlow

NEAppProxyFlowFromID constructs a NEAppProxyFlow from an objc.ID.

An abstract base class shared by NEAppProxyTCPFlow and NEAppProxyUDPFlow.

func NewNEAppProxyFlow 

func NewNEAppProxyFlow() NEAppProxyFlow

NewNEAppProxyFlow creates a new NEAppProxyFlow instance.

func (NEAppProxyFlow) Autorelease 

func (a NEAppProxyFlow) Autorelease() NEAppProxyFlow

Autorelease adds the receiver to the current autorelease pool.

func (NEAppProxyFlow) CloseReadWithError 

func (a NEAppProxyFlow) CloseReadWithError(error_ foundation.INSError)

Close the flow for further read operations.

error: An [NSError] object indicating to the system the error that led to the closure. If the flow is not being closed due to an error, this parameter should be set to nil. See NEAppProxyFlowError below for a list of acceptable error codes. // [NSError]: https://developer.apple.com/documentation/Foundation/NSError

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyFlow/closeReadWithError(_:)

func (NEAppProxyFlow) CloseWriteWithError 

func (a NEAppProxyFlow) CloseWriteWithError(error_ foundation.INSError)

Close the flow for further write operations.

error: An NSError object indicating to the system the error that led to the closure. If the flow is not being closed due to an error, this parameter should be set to nil. See NEAppProxyFlowError below for a list of acceptable error codes.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyFlow/closeWriteWithError(_:)

func (NEAppProxyFlow) Init 

func (a NEAppProxyFlow) Init() NEAppProxyFlow

Init initializes the instance.

func (NEAppProxyFlow) Interface 

func (a NEAppProxyFlow) Interface() objectivec.IObject

See: https://developer.apple.com/documentation/networkextension/neappproxyflow/interface

func (NEAppProxyFlow) IsBound 

func (a NEAppProxyFlow) IsBound() bool

A Boolean value that indicates whether the flow has a binding to a specific interface.

Discussion

When a binding exists, this value is true, and the [NetworkInterface] property indicates the bound interface. If the flow isn’t bound to an interface, this value is false.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyFlow/isBound

func (NEAppProxyFlow) MetaData 

func (a NEAppProxyFlow) MetaData() INEFlowMetaData

A metadata object containing information about the source app of the flow.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyFlow/metaData

func (NEAppProxyFlow) NEAppProxyErrorDomain 

func (a NEAppProxyFlow) NEAppProxyErrorDomain() string

The domain used for app proxy errors.

See: https://developer.apple.com/documentation/networkextension/neappproxyerrordomain

func (NEAppProxyFlow) NetworkInterface 

func (a NEAppProxyFlow) NetworkInterface() objectivec.IObject

The network interface, if any, used by this flow.

Discussion

To transport the flow’s data over a different interface, set this property to that interface.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyFlow/networkInterface

func (NEAppProxyFlow) RemoteHostname 

func (a NEAppProxyFlow) RemoteHostname() string

The remote host name for flows created from a hostname.

Discussion

The flow populates this property when you create the flow from a connect-by-name API such as URLSession or the Network framework.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyFlow/remoteHostname

func (NEAppProxyFlow) SetInterface 

func (a NEAppProxyFlow) SetInterface(value objectivec.IObject)

func (NEAppProxyFlow) SetMetadata 

func (a NEAppProxyFlow) SetMetadata(parameters objectivec.IObject)

Sets the flow’s metadata for use by proxy providers.

parameters: A nw_parameters_t object that contains the flow metadata.

parameters is a [network.nw_parameters_t].

Discussion

Use an nw_parameters_t object to create a connection that transparently proxies the flow’s data. This also provides accurate source app information to any subsequent NEAppProxyProvider instances that transparently proxy the flow.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyFlow/setMetadata(_:) parameters is a [network.nw_parameters_t].

func (NEAppProxyFlow) SetNetworkInterface 

func (a NEAppProxyFlow) SetNetworkInterface(value objectivec.IObject)

type NEAppProxyFlowClass 

type NEAppProxyFlowClass struct {
	// contains filtered or unexported fields
}

func GetNEAppProxyFlowClass 

func GetNEAppProxyFlowClass() NEAppProxyFlowClass

GetNEAppProxyFlowClass returns the class object for NEAppProxyFlow.

func (NEAppProxyFlowClass) Alloc 

func (nc NEAppProxyFlowClass) Alloc() NEAppProxyFlow

Alloc allocates memory for a new instance of the class.

func (NEAppProxyFlowClass) Class 

func (nc NEAppProxyFlowClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEAppProxyFlowError 

type NEAppProxyFlowError int

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyFlowError-swift.struct/Code 

const (
	// NEAppProxyFlowErrorAborted: The flow was aborted.
	NEAppProxyFlowErrorAborted NEAppProxyFlowError = 5
	// NEAppProxyFlowErrorDatagramTooLarge: A caller attempted to write a datagram that was larger than the socket’s receive window.
	NEAppProxyFlowErrorDatagramTooLarge NEAppProxyFlowError = 9
	// NEAppProxyFlowErrorHostUnreachable: An attempt to reach the remote endpoint of the flow failed.
	NEAppProxyFlowErrorHostUnreachable NEAppProxyFlowError = 3
	// NEAppProxyFlowErrorInternal: An internal error occurred while handling the flow.
	NEAppProxyFlowErrorInternal NEAppProxyFlowError = 8
	// NEAppProxyFlowErrorInvalidArgument: A proxy flow method received an invalid argument.
	NEAppProxyFlowErrorInvalidArgument NEAppProxyFlowError = 4
	// NEAppProxyFlowErrorNotConnected: The flow is not fully opened.
	NEAppProxyFlowErrorNotConnected NEAppProxyFlowError = 1
	// NEAppProxyFlowErrorPeerReset: The remote peer closed the flow.
	NEAppProxyFlowErrorPeerReset NEAppProxyFlowError = 2
	// NEAppProxyFlowErrorReadAlreadyPending: A read operation on the flow is already pending.
	NEAppProxyFlowErrorReadAlreadyPending NEAppProxyFlowError = 10
	// NEAppProxyFlowErrorRefused: Connecting the flow to its remote endpoint failed.
	NEAppProxyFlowErrorRefused NEAppProxyFlowError = 6
	// NEAppProxyFlowErrorTimedOut: The flow timed out.
	NEAppProxyFlowErrorTimedOut NEAppProxyFlowError = 7
)

func (NEAppProxyFlowError) String 

func (e NEAppProxyFlowError) String() string

type NEAppProxyProvider 

type NEAppProxyProvider struct {
	NETunnelProvider
}

The principal class for an app proxy provider app extension.

Overview

The NEAppProxyProvider class provides access to flows of network data in the form of NEAppProxyFlow objects. Each NEAppProxyFlow object corresponds to a socket opened by an app that matches the app rules specified in the current App Proxy configuration. Your App Proxy Provider acts as a transparent network proxy for the flows of network data that it receives.

DNS Handling

In addition to flows of raw network data from applications, the App Proxy Provider also receives flows of DNS queries in the form of NEAppProxyUDPFlow objects. DNS query flows are received only for applications that use low-level DNS resolution APIs such as DNSServiceGetAddrInfo(_:_:_:_:_:_:_:)(). The App Proxy Provider can specify the DNS resolver configuration that will be used by these applications using the [SetTunnelNetworkSettingsCompletionHandler] method.

Applications that use higher-level networking APIs such as URLSession and NSURLConnection do not generate DNS queries. Instead the destination hostname for the connection is included in the endpoint information of the NEAppProxyFlow object.

Creating an App Proxy Provider Extension

App Proxy Providers run as App Extensions for the `com.AppleXCUIElementTypeNetworkextensionXCUIElementTypeApp()-proxy` extension point.

To create a App Proxy Provider extension, first create a new App Extension target in your project.

For an example of an Xcode build target for this app extension, see the SimpleTunnel: Customized Networking Using the NetworkExtension Framework sample code project.

Once you have a App Proxy Provider extension target, create a sub-class of NEAppProxyProvider. Then, set the [NSExtensionPrincipalClass] key in the the extension’s `Info.Plist()` to the name of your sub-class.

If it is not already done, set the [NSExtensionPointIdentifier] key in the extension’s `Info.Plist()` to `com.AppleXCUIElementTypeNetworkextensionXCUIElementTypeApp()-proxy`.

Here is an example of the NSExtension dictionary in a App Proxy Provider extension’s `Info.Plist()`:

Finally, add your App Proxy Provider extension target to your app’s Embed App Extensions build phase.

Subclassing Notes

In order to create a App Proxy Provider extension, you must create a subclass of NEAppProxyProvider and override the methods listed below.

Methods to Override

- NEAppProxyProvider.StartProxyWithOptionsCompletionHandler - NEAppProxyProvider.StopProxyWithReasonCompletionHandler - NEAppProxyProvider.HandleNewFlow

Managing the app proxy life cycle

Handling proxied flows

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyProvider

func NEAppProxyProviderFromID 

func NEAppProxyProviderFromID(id objc.ID) NEAppProxyProvider

NEAppProxyProviderFromID constructs a NEAppProxyProvider from an objc.ID.

The principal class for an app proxy provider app extension.

func NewNEAppProxyProvider 

func NewNEAppProxyProvider() NEAppProxyProvider

NewNEAppProxyProvider creates a new NEAppProxyProvider instance.

func (NEAppProxyProvider) Autorelease 

func (a NEAppProxyProvider) Autorelease() NEAppProxyProvider

Autorelease adds the receiver to the current autorelease pool.

func (NEAppProxyProvider) CancelProxyWithError 

func (a NEAppProxyProvider) CancelProxyWithError(error_ foundation.INSError)

Stop the network proxy from the App Proxy Provider.

error: An [NSError] object containing the error that caused the proxy to be stopped. The domain and code of this [NSError] object is defined by the caller. // [NSError]: https://developer.apple.com/documentation/Foundation/NSError

Discussion

The App Proxy Provider should call this method when an unrecoverable error occurs that makes the proxy no longer viable.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyProvider/cancelProxyWithError(_:)

func (NEAppProxyProvider) HandleNewFlow 

func (a NEAppProxyProvider) HandleNewFlow(flow INEAppProxyFlow) bool

Handle a new flow of network data.

flow: The new NEAppProxyFlow object. If the App Proxy Provider decides to proxy the flow, it should create a reference to the flow in its data structures.

Return Value

Return true to indicate that the App Proxy Provider will handle the flow. Return false to indicate that the flow should be closed.

Discussion

This method is called by the system whenever an app which matches the current App Proxy configuration’s app rules opens a new network connection.

NEAppProxyProvider subclasses must override this method.

New flows are initially in an unopened state. The App Proxy Provider should take whatever steps are necessary to ready itself to handle the flow data and then open the flow.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyProvider/handleNewFlow(_:)

func (NEAppProxyProvider) Init 

func (a NEAppProxyProvider) Init() NEAppProxyProvider

Init initializes the instance.

func (NEAppProxyProvider) StartProxyWithOptions 

func (a NEAppProxyProvider) StartProxyWithOptions(ctx context.Context, options foundation.INSDictionary) error

StartProxyWithOptions is a synchronous wrapper around NEAppProxyProvider.StartProxyWithOptionsCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEAppProxyProvider) StartProxyWithOptionsCompletionHandler 

func (a NEAppProxyProvider) StartProxyWithOptionsCompletionHandler(options foundation.INSDictionary, completionHandler ErrorHandler)

Start the network proxy.

options: A dictionary passed by the app that requested that the proxy be started. If the starting app did not specify a dictionary of options then this parameter will be nil. If the proxy was started via Connect On Demand, then this parameter will be nil.

completionHandler: A block that must be executed when the proxy is fully established, or when the proxy cannot be started due to an error. If the proxy was successfully established, then the error parameter must be set to nil. If an error occurred, the error parameter passed to this block must be set to a non-nil [NSError] object. // [NSError]: https://developer.apple.com/documentation/Foundation/NSError

Discussion

This method is called by the system to start the network proxy.

NEAppProxyProvider subclasses must override this method.

When the App Proxy Provider executes the `completionHandler` block with a nil error parameter, it signals to the system that it is ready to begin handling network data.

The domain and code of the [NSError] object passed to the `completionHandler` block are defined by the App Proxy Provider.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyProvider/startProxy(options:completionHandler:)

func (NEAppProxyProvider) StopProxyWithReason 

func (a NEAppProxyProvider) StopProxyWithReason(ctx context.Context, reason NEProviderStopReason) error

StopProxyWithReason is a synchronous wrapper around NEAppProxyProvider.StopProxyWithReasonCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEAppProxyProvider) StopProxyWithReasonCompletionHandler 

func (a NEAppProxyProvider) StopProxyWithReasonCompletionHandler(reason NEProviderStopReason, completionHandler VoidHandler)

Stop the network proxy.

reason: A NEProviderStopReason code indicating why the proxy is being stopped. For a list of possible codes, see NEProvider.

completionHandler: A block that must be executed when the proxy is fully stopped.

Discussion

This method is called by the system to stop the network proxy.

NEAppProxyProvider subclasses must override this method.

Do not use this method to stop the proxy from the App Proxy Provider. Use “ instead.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyProvider/stopProxy(with:completionHandler:)

type NEAppProxyProviderClass 

type NEAppProxyProviderClass struct {
	// contains filtered or unexported fields
}

func GetNEAppProxyProviderClass 

func GetNEAppProxyProviderClass() NEAppProxyProviderClass

GetNEAppProxyProviderClass returns the class object for NEAppProxyProvider.

func (NEAppProxyProviderClass) Alloc 

func (nc NEAppProxyProviderClass) Alloc() NEAppProxyProvider

Alloc allocates memory for a new instance of the class.

func (NEAppProxyProviderClass) Class 

func (nc NEAppProxyProviderClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEAppProxyProviderManager 

type NEAppProxyProviderManager struct {
	NETunnelProviderManager
}

An object to create and manage the app proxy provider’s VPN configuration.

Overview

Objects cannot be directly instantiated. Instead, App Proxy configurations are created exclusively from `com.AppleXCUIElementTypeVpnXCUIElementTypeManagedXCUIElementTypeApplayer()` payloads in configuration profiles.

App Proxy configurations can only be used with Per-App VPN routing rules. For more details about how to create App Proxy configurations and configure Per-App VPN, see NETunnelProviderManager.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyProviderManager

func NEAppProxyProviderManagerFromID 

func NEAppProxyProviderManagerFromID(id objc.ID) NEAppProxyProviderManager

NEAppProxyProviderManagerFromID constructs a NEAppProxyProviderManager from an objc.ID.

An object to create and manage the app proxy provider’s VPN configuration.

func NewNEAppProxyProviderManager 

func NewNEAppProxyProviderManager() NEAppProxyProviderManager

NewNEAppProxyProviderManager creates a new NEAppProxyProviderManager instance.

func (NEAppProxyProviderManager) Autorelease 

func (a NEAppProxyProviderManager) Autorelease() NEAppProxyProviderManager

Autorelease adds the receiver to the current autorelease pool.

func (NEAppProxyProviderManager) Init 

func (a NEAppProxyProviderManager) Init() NEAppProxyProviderManager

Init initializes the instance.

type NEAppProxyProviderManagerClass 

type NEAppProxyProviderManagerClass struct {
	// contains filtered or unexported fields
}

func GetNEAppProxyProviderManagerClass 

func GetNEAppProxyProviderManagerClass() NEAppProxyProviderManagerClass

GetNEAppProxyProviderManagerClass returns the class object for NEAppProxyProviderManager.

func (NEAppProxyProviderManagerClass) Alloc 

func (nc NEAppProxyProviderManagerClass) Alloc() NEAppProxyProviderManager

Alloc allocates memory for a new instance of the class.

func (NEAppProxyProviderManagerClass) Class 

func (nc NEAppProxyProviderManagerClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEAppProxyTCPFlow 

type NEAppProxyTCPFlow struct {
	NEAppProxyFlow
}

An object for reading and writing data to and from a TCP connection being proxied by the provider.

Overview

App Proxy Providers receive TCP connections to be proxied in the form of NEAppProxyTCPFlow objects.

Handling flow data

Getting flow information

Instance Properties

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyTCPFlow

func NEAppProxyTCPFlowFromID 

func NEAppProxyTCPFlowFromID(id objc.ID) NEAppProxyTCPFlow

NEAppProxyTCPFlowFromID constructs a NEAppProxyTCPFlow from an objc.ID.

An object for reading and writing data to and from a TCP connection being proxied by the provider.

func NewNEAppProxyTCPFlow 

func NewNEAppProxyTCPFlow() NEAppProxyTCPFlow

NewNEAppProxyTCPFlow creates a new NEAppProxyTCPFlow instance.

func (NEAppProxyTCPFlow) Autorelease 

func (a NEAppProxyTCPFlow) Autorelease() NEAppProxyTCPFlow

Autorelease adds the receiver to the current autorelease pool.

func (NEAppProxyTCPFlow) Init 

func (a NEAppProxyTCPFlow) Init() NEAppProxyTCPFlow

Init initializes the instance.

func (NEAppProxyTCPFlow) ReadData 

func (a NEAppProxyTCPFlow) ReadData(ctx context.Context) (*foundation.NSData, error)

ReadData is a synchronous wrapper around NEAppProxyTCPFlow.ReadDataWithCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEAppProxyTCPFlow) ReadDataWithCompletionHandler 

func (a NEAppProxyTCPFlow) ReadDataWithCompletionHandler(completionHandler DataErrorHandler)

Read data from the flow.

completionHandler: A block that will be executed by the system on an internal system thread when some data is read from the flow. The block is passed either the data that was read or a non-nil error if an error occurred. See NEAppProxyFlowError in NEAppProxyFlow for a list of possible errors. If the data parameter has a length of 0 then no data can be subsequently read from the flow.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyTCPFlow/readData(completionHandler:)

func (NEAppProxyTCPFlow) RemoteEndpoint 

func (a NEAppProxyTCPFlow) RemoteEndpoint() INWEndpoint

An NWEndpoint object containing information about the intended remote endpoint of the flow.

Discussion

If the flow’s corresponding socket was created using one of the high-level networking APIs such as URLSession or NSURLConnection, then the hostname property of the `remoteEndpoint` object contains the DNS name of the remote host. If the flow’s corresponding socket was created using the sockets API directly, then the hostname property of the `remoteEndpoint` object contains the IP address of the remote host.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyTCPFlow/remoteEndpoint

func (NEAppProxyTCPFlow) RemoteFlowEndpoint 

func (a NEAppProxyTCPFlow) RemoteFlowEndpoint() INWEndpoint

See: https://developer.apple.com/documentation/networkextension/neappproxytcpflow/remoteflowendpoint-4r7v1

func (NEAppProxyTCPFlow) SetRemoteFlowEndpoint 

func (a NEAppProxyTCPFlow) SetRemoteFlowEndpoint(value INWEndpoint)

func (NEAppProxyTCPFlow) WriteData 

func (a NEAppProxyTCPFlow) WriteData(ctx context.Context, data foundation.INSData) error

WriteData is a synchronous wrapper around NEAppProxyTCPFlow.WriteDataWithCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEAppProxyTCPFlow) WriteDataWithCompletionHandler 

func (a NEAppProxyTCPFlow) WriteDataWithCompletionHandler(data foundation.INSData, completionHandler ErrorHandler)

Write data to the flow.

data: An [NSData] object containing the data to write. // [NSData]: https://developer.apple.com/documentation/Foundation/NSData

completionHandler: A block that will be executed by the system on an internal system thread when the data is written into the receive buffer of the socket associated with the flow. The caller should use this callback as an indication that it is possible to write more data to the flow without using up excessive buffer memory. If an error occurs while writing the data then a non-nil [NSError] object is passed to the block. See NEAppProxyFlowError in NEAppProxyFlow for a list of possible errors. // [NSError]: https://developer.apple.com/documentation/Foundation/NSError

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyTCPFlow/write(_:withCompletionHandler:)

type NEAppProxyTCPFlowClass 

type NEAppProxyTCPFlowClass struct {
	// contains filtered or unexported fields
}

func GetNEAppProxyTCPFlowClass 

func GetNEAppProxyTCPFlowClass() NEAppProxyTCPFlowClass

GetNEAppProxyTCPFlowClass returns the class object for NEAppProxyTCPFlow.

func (NEAppProxyTCPFlowClass) Alloc 

func (nc NEAppProxyTCPFlowClass) Alloc() NEAppProxyTCPFlow

Alloc allocates memory for a new instance of the class.

func (NEAppProxyTCPFlowClass) Class 

func (nc NEAppProxyTCPFlowClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEAppProxyUDPFlow 

type NEAppProxyUDPFlow struct {
	NEAppProxyFlow
}

An object for reading and writing data to and from a UDP conversation being proxied by the provider.

Overview

App Proxy Providers receive UDP connections to be proxied in the form of NEAppProxyUDPFlow objects.

Getting flow information

Instance Properties

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyUDPFlow

func NEAppProxyUDPFlowFromID 

func NEAppProxyUDPFlowFromID(id objc.ID) NEAppProxyUDPFlow

NEAppProxyUDPFlowFromID constructs a NEAppProxyUDPFlow from an objc.ID.

An object for reading and writing data to and from a UDP conversation being proxied by the provider.

func NewNEAppProxyUDPFlow 

func NewNEAppProxyUDPFlow() NEAppProxyUDPFlow

NewNEAppProxyUDPFlow creates a new NEAppProxyUDPFlow instance.

func (NEAppProxyUDPFlow) Autorelease 

func (a NEAppProxyUDPFlow) Autorelease() NEAppProxyUDPFlow

Autorelease adds the receiver to the current autorelease pool.

func (NEAppProxyUDPFlow) Init 

func (a NEAppProxyUDPFlow) Init() NEAppProxyUDPFlow

Init initializes the instance.

func (NEAppProxyUDPFlow) LocalEndpoint 

func (a NEAppProxyUDPFlow) LocalEndpoint() INWEndpoint

An NWEndpoint object containing information about the local endpoint of the flow.

Discussion

This property may be nil if the corresponding UDP socket was not bound to a port by the application and the App Proxy Provider did not set a local endpoint in [OpenWithLocalEndpointCompletionHandler].

See: https://developer.apple.com/documentation/NetworkExtension/NEAppProxyUDPFlow/localEndpoint

func (NEAppProxyUDPFlow) LocalFlowEndpoint 

func (a NEAppProxyUDPFlow) LocalFlowEndpoint() INWEndpoint

See: https://developer.apple.com/documentation/networkextension/neappproxyudpflow/localflowendpoint-7ukb6

func (NEAppProxyUDPFlow) SetLocalFlowEndpoint 

func (a NEAppProxyUDPFlow) SetLocalFlowEndpoint(value INWEndpoint)

type NEAppProxyUDPFlowClass 

type NEAppProxyUDPFlowClass struct {
	// contains filtered or unexported fields
}

func GetNEAppProxyUDPFlowClass 

func GetNEAppProxyUDPFlowClass() NEAppProxyUDPFlowClass

GetNEAppProxyUDPFlowClass returns the class object for NEAppProxyUDPFlow.

func (NEAppProxyUDPFlowClass) Alloc 

func (nc NEAppProxyUDPFlowClass) Alloc() NEAppProxyUDPFlow

Alloc allocates memory for a new instance of the class.

func (NEAppProxyUDPFlowClass) Class 

func (nc NEAppProxyUDPFlowClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEAppPushManagerError 

type NEAppPushManagerError int

See: https://developer.apple.com/documentation/NetworkExtension/NEAppPushManagerError-swift.struct/Code 

const (
	// NEAppPushManagerErrorConfigurationInvalid: An error code that indicates the app push configuration is invalid.
	NEAppPushManagerErrorConfigurationInvalid NEAppPushManagerError = 1
	// NEAppPushManagerErrorConfigurationNotLoaded: An error code that indicates the manager hasn’t loaded the app push configuration.
	NEAppPushManagerErrorConfigurationNotLoaded NEAppPushManagerError = 2
	// NEAppPushManagerErrorInactiveSession: An error code that indicates an invalid attempt to perform an operation on an inactive session.
	NEAppPushManagerErrorInactiveSession NEAppPushManagerError = 4
	// NEAppPushManagerErrorInternalError: An error code that indicates an internal error in the local push connectivity framework.
	NEAppPushManagerErrorInternalError NEAppPushManagerError = 3
)

func (NEAppPushManagerError) String 

func (e NEAppPushManagerError) String() string

type NEAppRule 

type NEAppRule struct {
	objectivec.Object
}

The identity of an app whose traffic is to be routed through the tunnel.

Initializing an app rule

Accessing app rule properties

See: https://developer.apple.com/documentation/NetworkExtension/NEAppRule

func NEAppRuleFromID 

func NEAppRuleFromID(id objc.ID) NEAppRule

NEAppRuleFromID constructs a NEAppRule from an objc.ID.

The identity of an app whose traffic is to be routed through the tunnel.

func NewAppRuleWithSigningIdentifier 

func NewAppRuleWithSigningIdentifier(signingIdentifier string) NEAppRule

Create an app rule that matches an app with a given signing identifier.

signingIdentifier: The signing identifier of the app that matches the rule. For apps that are signed using Xcode, the app’s signing identifier is equivalent to the app’s bundle identifier.

Return Value

A newly-initialized NEAppRule object.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppRule/init(signingIdentifier:)

func NewAppRuleWithSigningIdentifierDesignatedRequirement 

func NewAppRuleWithSigningIdentifierDesignatedRequirement(signingIdentifier string, designatedRequirement string) NEAppRule

Create an app rule that matches an app with a given signing identifier and a given designated requirement.

signingIdentifier: The signing identifier of the app that matches the rule. For apps that are signed using Xcode, the app’s signing identifier is equivalent to the app’s bundle identifier.

designatedRequirement: The designated requirement of the app that matches the rule. The designated requirement for an app can be obtained using the `codesign` command-line developer tool.

Return Value

A newly-initialized NEAppRule object.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppRule/init(signingIdentifier:designatedRequirement:)

func NewNEAppRule 

func NewNEAppRule() NEAppRule

NewNEAppRule creates a new NEAppRule instance.

func (NEAppRule) Autorelease 

func (a NEAppRule) Autorelease() NEAppRule

Autorelease adds the receiver to the current autorelease pool.

func (NEAppRule) EncodeWithCoder 

func (a NEAppRule) EncodeWithCoder(coder foundation.INSCoder)

func (NEAppRule) Init 

func (a NEAppRule) Init() NEAppRule

Init initializes the instance.

func (NEAppRule) InitWithSigningIdentifierDesignatedRequirement 

func (a NEAppRule) InitWithSigningIdentifierDesignatedRequirement(signingIdentifier string, designatedRequirement string) NEAppRule

Create an app rule that matches an app with a given signing identifier and a given designated requirement.

signingIdentifier: The signing identifier of the app that matches the rule. For apps that are signed using Xcode, the app’s signing identifier is equivalent to the app’s bundle identifier.

designatedRequirement: The designated requirement of the app that matches the rule. The designated requirement for an app can be obtained using the `codesign` command-line developer tool.

Return Value

A newly-initialized NEAppRule object.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppRule/init(signingIdentifier:designatedRequirement:)

func (NEAppRule) MatchDesignatedRequirement 

func (a NEAppRule) MatchDesignatedRequirement() string

The designated requirement of the app that matches the rule.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppRule/matchDesignatedRequirement

func (NEAppRule) MatchDomains 

func (a NEAppRule) MatchDomains() foundation.INSArray

The hostname domains that match the rule.

Discussion

If this property is set to a nonempty array, then only connections to destinations in the domains specified in the array will use the VPN.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppRule/matchDomains

func (NEAppRule) MatchPath 

func (a NEAppRule) MatchPath() string

The file system path of the app that matches the rule.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppRule/matchPath

func (NEAppRule) MatchSigningIdentifier 

func (a NEAppRule) MatchSigningIdentifier() string

The signing identifier of the app that matches the rule.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppRule/matchSigningIdentifier

func (NEAppRule) MatchTools 

func (a NEAppRule) MatchTools() []NEAppRule

An array of app rule objects that restrict the rule so it only matches network traffic generated from helper processes.

Discussion

Use this property to restrict this rule so it only matches network traffic that the matching app generates and all helper tool processes that the matching app spawns.

For example, to match network traffic generated by the `curl` command line tool run from `Terminal.App()`, do the following:

- Create an NEAppRule for `Terminal.App()`. - Set the app rule’s [MatchTools] property to an array that contains an NEAppRule for the `curl` command line tool.

Set this property to `nil` (the default) to match all network traffic generated by the matching app and all helper tool processes spawned by the matching app.

See: https://developer.apple.com/documentation/NetworkExtension/NEAppRule/matchTools

func (NEAppRule) SetMatchDomains 

func (a NEAppRule) SetMatchDomains(value foundation.INSArray)

func (NEAppRule) SetMatchPath 

func (a NEAppRule) SetMatchPath(value string)

func (NEAppRule) SetMatchTools 

func (a NEAppRule) SetMatchTools(value []NEAppRule)

type NEAppRuleClass 

type NEAppRuleClass struct {
	// contains filtered or unexported fields
}

func GetNEAppRuleClass 

func GetNEAppRuleClass() NEAppRuleClass

GetNEAppRuleClass returns the class object for NEAppRule.

func (NEAppRuleClass) Alloc 

func (nc NEAppRuleClass) Alloc() NEAppRule

Alloc allocates memory for a new instance of the class.

func (NEAppRuleClass) Class 

func (nc NEAppRuleClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEDNSOverHTTPSSettings 

type NEDNSOverHTTPSSettings struct {
	NEDNSSettings
}

The DNS resolver settings for a DNS-over-HTTPS server.

Configuring server properties

Configuring client properties

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSOverHTTPSSettings

func NEDNSOverHTTPSSettingsFromID 

func NEDNSOverHTTPSSettingsFromID(id objc.ID) NEDNSOverHTTPSSettings

NEDNSOverHTTPSSettingsFromID constructs a NEDNSOverHTTPSSettings from an objc.ID.

The DNS resolver settings for a DNS-over-HTTPS server.

func NewDNSOverHTTPSSettingsWithServers 

func NewDNSOverHTTPSSettingsWithServers(servers []string) NEDNSOverHTTPSSettings

Initialize the [NEDNSSetting] object.

servers: An array of DNS server IP address strings. These IP addresses can be a mixture of IPv4 and IPv6 addresses.

Return Value

The initialized NEDNSSettings object.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettings/init(servers:)

func NewNEDNSOverHTTPSSettings 

func NewNEDNSOverHTTPSSettings() NEDNSOverHTTPSSettings

NewNEDNSOverHTTPSSettings creates a new NEDNSOverHTTPSSettings instance.

func (NEDNSOverHTTPSSettings) Autorelease 

func (d NEDNSOverHTTPSSettings) Autorelease() NEDNSOverHTTPSSettings

Autorelease adds the receiver to the current autorelease pool.

func (NEDNSOverHTTPSSettings) IdentityReference 

func (d NEDNSOverHTTPSSettings) IdentityReference() foundation.INSData

A persistent keychain reference to a keychain item containing the certificate and private key components of the DNS client credential.

Discussion

The keychain item must have the kSecClassIdentity class.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSOverHTTPSSettings/identityReference

func (NEDNSOverHTTPSSettings) Init 

func (d NEDNSOverHTTPSSettings) Init() NEDNSOverHTTPSSettings

Init initializes the instance.

func (NEDNSOverHTTPSSettings) ServerURL 

func (d NEDNSOverHTTPSSettings) ServerURL() foundation.INSURL

The URL of a DNS-over-HTTPS server.

Discussion

The URL should use the URI template format defined by RFC 8484, for example `//dnsserver.ExampleXCUIElementTypeNet()/dns-query`.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSOverHTTPSSettings/serverURL

func (NEDNSOverHTTPSSettings) SetIdentityReference 

func (d NEDNSOverHTTPSSettings) SetIdentityReference(value foundation.INSData)

func (NEDNSOverHTTPSSettings) SetServerURL 

func (d NEDNSOverHTTPSSettings) SetServerURL(value foundation.INSURL)

type NEDNSOverHTTPSSettingsClass 

type NEDNSOverHTTPSSettingsClass struct {
	// contains filtered or unexported fields
}

func GetNEDNSOverHTTPSSettingsClass 

func GetNEDNSOverHTTPSSettingsClass() NEDNSOverHTTPSSettingsClass

GetNEDNSOverHTTPSSettingsClass returns the class object for NEDNSOverHTTPSSettings.

func (NEDNSOverHTTPSSettingsClass) Alloc 

func (nc NEDNSOverHTTPSSettingsClass) Alloc() NEDNSOverHTTPSSettings

Alloc allocates memory for a new instance of the class.

func (NEDNSOverHTTPSSettingsClass) Class 

func (nc NEDNSOverHTTPSSettingsClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEDNSOverTLSSettings 

type NEDNSOverTLSSettings struct {
	NEDNSSettings
}

The DNS resolver settings for a DNS-over-TLS server.

Configuring server properties

Configuring client properties

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSOverTLSSettings

func NEDNSOverTLSSettingsFromID 

func NEDNSOverTLSSettingsFromID(id objc.ID) NEDNSOverTLSSettings

NEDNSOverTLSSettingsFromID constructs a NEDNSOverTLSSettings from an objc.ID.

The DNS resolver settings for a DNS-over-TLS server.

func NewDNSOverTLSSettingsWithServers 

func NewDNSOverTLSSettingsWithServers(servers []string) NEDNSOverTLSSettings

Initialize the [NEDNSSetting] object.

servers: An array of DNS server IP address strings. These IP addresses can be a mixture of IPv4 and IPv6 addresses.

Return Value

The initialized NEDNSSettings object.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettings/init(servers:)

func NewNEDNSOverTLSSettings 

func NewNEDNSOverTLSSettings() NEDNSOverTLSSettings

NewNEDNSOverTLSSettings creates a new NEDNSOverTLSSettings instance.

func (NEDNSOverTLSSettings) Autorelease 

func (d NEDNSOverTLSSettings) Autorelease() NEDNSOverTLSSettings

Autorelease adds the receiver to the current autorelease pool.

func (NEDNSOverTLSSettings) IdentityReference 

func (d NEDNSOverTLSSettings) IdentityReference() foundation.INSData

A persistent keychain reference to a keychain item containing the certificate and private key components of the DNS client credential.

Discussion

The keychain item must have the kSecClassIdentity class.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSOverTLSSettings/identityReference

func (NEDNSOverTLSSettings) Init 

func (d NEDNSOverTLSSettings) Init() NEDNSOverTLSSettings

Init initializes the instance.

func (NEDNSOverTLSSettings) ServerName 

func (d NEDNSOverTLSSettings) ServerName() string

The TLS name of a DNS-over-TLS server.

Discussion

The server will be accessed over TCP port 853, as defined in RFC 7858. The server name is used for TLS validation.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSOverTLSSettings/serverName

func (NEDNSOverTLSSettings) SetIdentityReference 

func (d NEDNSOverTLSSettings) SetIdentityReference(value foundation.INSData)

func (NEDNSOverTLSSettings) SetServerName 

func (d NEDNSOverTLSSettings) SetServerName(value string)

type NEDNSOverTLSSettingsClass 

type NEDNSOverTLSSettingsClass struct {
	// contains filtered or unexported fields
}

func GetNEDNSOverTLSSettingsClass 

func GetNEDNSOverTLSSettingsClass() NEDNSOverTLSSettingsClass

GetNEDNSOverTLSSettingsClass returns the class object for NEDNSOverTLSSettings.

func (NEDNSOverTLSSettingsClass) Alloc 

func (nc NEDNSOverTLSSettingsClass) Alloc() NEDNSOverTLSSettings

Alloc allocates memory for a new instance of the class.

func (NEDNSOverTLSSettingsClass) Class 

func (nc NEDNSOverTLSSettingsClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEDNSProtocol 

type NEDNSProtocol int

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProtocol 

const (
	// NEDNSProtocolCleartext: The DNS server uses cleartext UDP or TCP over port 53.
	NEDNSProtocolCleartext NEDNSProtocol = 1
	// NEDNSProtocolHTTPS: The DNS server uses DNS-over-HTTPS.
	NEDNSProtocolHTTPS NEDNSProtocol = 3
	// NEDNSProtocolTLS: The DNS server uses DNS-over-TLS.
	NEDNSProtocolTLS NEDNSProtocol = 2
)

func (NEDNSProtocol) String 

func (e NEDNSProtocol) String() string

type NEDNSProxyManager 

type NEDNSProxyManager struct {
	objectivec.Object
}

An object to create and manage an DNS proxy provider’s configuration.

Overview

A DNS proxy allows your app to intercept all DNS traffic generated on a device. You can use this capability to provide services like DNS traffic encryption, typically by redirecting DNS traffic to your own server. You usually do this in the context of managed devices, such as those owned by a school or an enterprise.

You create a DNS proxy as an app extension based on a custom subclass of the NEDNSProxyProvider class. You enable and configure this proxy from within your app using the singleton proxy manager instance provided by the [NEDNSProxyManager.SharedManager] type method of the NEDNSProxyManager class. For example, for a proxy that performs a simple redirect, you can use the proxy manager to define and dynamically configure the destination IP address of the redirected traffic.

Instances of the proxy manager are thread safe.

Managing the DNS proxy configuration

Accessing DNS proxy configuration properties

Notifications

Errors

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyManager

func NEDNSProxyManagerFromID 

func NEDNSProxyManagerFromID(id objc.ID) NEDNSProxyManager

NEDNSProxyManagerFromID constructs a NEDNSProxyManager from an objc.ID.

An object to create and manage an DNS proxy provider’s configuration.

func NewNEDNSProxyManager 

func NewNEDNSProxyManager() NEDNSProxyManager

NewNEDNSProxyManager creates a new NEDNSProxyManager instance.

func (NEDNSProxyManager) Autorelease 

func (d NEDNSProxyManager) Autorelease() NEDNSProxyManager

Autorelease adds the receiver to the current autorelease pool.

func (NEDNSProxyManager) Enabled 

func (d NEDNSProxyManager) Enabled() bool

The status of a DNS proxy.

Discussion

Only one DNS proxy can be active in the system at a time. Therefore, setting this property to true disables any DNS proxy configurations of other apps. Similarly, the system sets this property to false when any other DNS proxy configuration is enabled.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyManager/isEnabled

func (NEDNSProxyManager) Init 

func (d NEDNSProxyManager) Init() NEDNSProxyManager

Init initializes the instance.

func (NEDNSProxyManager) LoadFromPreferences 

func (d NEDNSProxyManager) LoadFromPreferences(ctx context.Context) error

LoadFromPreferences is a synchronous wrapper around NEDNSProxyManager.LoadFromPreferencesWithCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEDNSProxyManager) LoadFromPreferencesWithCompletionHandler 

func (d NEDNSProxyManager) LoadFromPreferencesWithCompletionHandler(completionHandler ErrorHandler)

Loads the current DNS proxy configuration from the caller’s DNS proxy preferences.

completionHandler: A block called when the load operation completes. If the operation fails, an error instance passed to this block describes the problem. Otherwise, the error is `nil`. See NEDNSProxyManagerError for the list of possible errors. // NEDNSProxyManagerError: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyManagerError

Discussion

Initially, the DNS proxy configuration comes from a configuration profile stored on the device in a managed environment, as described in Configuration Profile Reference.

When you want to inspect or make changes to the configuration, you call the proxy manager’s [LoadFromPreferencesWithCompletionHandler] method. This causes the system to load the configuration into the manager’s [ProviderProtocol] and [Enabled] properties.

If you modify the configuration stored in these properties, you must then call the [SaveToPreferencesWithCompletionHandler] method to make the changes take effect. Saving the preferences also stores the modified configuration on disk for use the next time the proxy is started or the configuration is loaded.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyManager/loadFromPreferences(completionHandler:)

func (NEDNSProxyManager) LocalizedDescription 

func (d NEDNSProxyManager) LocalizedDescription() string

A description of the DNS proxy.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyManager/localizedDescription

func (NEDNSProxyManager) NEDNSProxyConfigurationDidChange 

func (d NEDNSProxyManager) NEDNSProxyConfigurationDidChange() foundation.NSString

A notification that is posted when the DNS proxy configuration changes.

See: https://developer.apple.com/documentation/Foundation/NSNotification/Name-swift.struct/NEDNSProxyConfigurationDidChange

func (NEDNSProxyManager) NEDNSProxyErrorDomain 

func (d NEDNSProxyManager) NEDNSProxyErrorDomain() string

The DNS proxy error domain.

See: https://developer.apple.com/documentation/networkextension/nednsproxyerrordomain

func (NEDNSProxyManager) ProviderProtocol 

func (d NEDNSProxyManager) ProviderProtocol() INEDNSProxyProviderProtocol

The provider-specific portion of the DNS proxy configuration.

Discussion

As the author of the DNS proxy, you decide what configuration the proxy needs. For example, if your proxy requires the IP addresses of servers to which DNS traffic can be redirected, you can use an array of strings to hold these values.

Initially, you store this array in the configuration profile, as described in Configuration Profile Reference. When you want to inspect or modify this data, you call [LoadFromPreferencesWithCompletionHandler] to pull the configuration into memory. You access this memory through the proxy manager’s [ProviderProtocol] property.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyManager/providerProtocol

func (NEDNSProxyManager) RemoveFromPreferences 

func (d NEDNSProxyManager) RemoveFromPreferences(ctx context.Context) error

RemoveFromPreferences is a synchronous wrapper around NEDNSProxyManager.RemoveFromPreferencesWithCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEDNSProxyManager) RemoveFromPreferencesWithCompletionHandler 

func (d NEDNSProxyManager) RemoveFromPreferencesWithCompletionHandler(completionHandler ErrorHandler)

Removes the DNS proxy configuration from the caller’s DNS proxy preferences.

completionHandler: A block called when the remove operation completes. If the operation fails, an error instance passed to this block describes the problem. Otherwise, the error is `nil`. See NEDNSProxyManagerError for the list of possible errors. // NEDNSProxyManagerError: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyManagerError

Discussion

If you use a device without an installed configuration profile during development, your app can create the DNS proxy configuration from scratch. You first call the [LoadFromPreferencesWithCompletionHandler] method to retrieve the empty configuration. You then make updates and call the [SaveToPreferencesWithCompletionHandler] method to store them. To remove the configuration, call the [RemoveFromPreferencesWithCompletionHandler] method. This allows you to restore the device to a clean, unconfigured state.

In a production environment, however, a configuration profile placed in the system by an external process typically provides the baseline DNS proxy configuration. Your app can modify this configuration at runtime using the same load-modify-save steps, but cannot remove the configuration entirely. An attempt to remove the configuration when a configuration profile is present on the device results in a NEDNSProxyManagerError.configurationCannotBeRemoved error.

If the DNS proxy is enabled, it becomes disabled as a result of this call.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyManager/removeFromPreferences(completionHandler:)

func (NEDNSProxyManager) SaveToPreferences 

func (d NEDNSProxyManager) SaveToPreferences(ctx context.Context) error

SaveToPreferences is a synchronous wrapper around NEDNSProxyManager.SaveToPreferencesWithCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEDNSProxyManager) SaveToPreferencesWithCompletionHandler 

func (d NEDNSProxyManager) SaveToPreferencesWithCompletionHandler(completionHandler ErrorHandler)

Saves the DNS proxy configuration in the caller’s DNS proxy preferences.

completionHandler: A block called when the save operation completes. If the operation fails, an error instance passed to this block describes the problem. Otherwise, the error is `nil`. See NEDNSProxyManagerError for the list of possible errors. // NEDNSProxyManagerError: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyManagerError

Discussion

If you alter the DNS proxy configuration that you load into the proxy manager’s properties using a call to the [LoadFromPreferencesWithCompletionHandler] method, you must then call the [SaveToPreferencesWithCompletionHandler] method to make the changes take effect. Saving also stores the modified configuration for the next time the proxy is started or the configuration loaded.

Trying to save preferences before loading them produces an error.

If the DNS proxy is enabled, it becomes active as a result of this call.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyManager/saveToPreferences(completionHandler:)

func (NEDNSProxyManager) SetEnabled 

func (d NEDNSProxyManager) SetEnabled(value bool)

func (NEDNSProxyManager) SetLocalizedDescription 

func (d NEDNSProxyManager) SetLocalizedDescription(value string)

func (NEDNSProxyManager) SetProviderProtocol 

func (d NEDNSProxyManager) SetProviderProtocol(value INEDNSProxyProviderProtocol)

type NEDNSProxyManagerClass 

type NEDNSProxyManagerClass struct {
	// contains filtered or unexported fields
}

func GetNEDNSProxyManagerClass 

func GetNEDNSProxyManagerClass() NEDNSProxyManagerClass

GetNEDNSProxyManagerClass returns the class object for NEDNSProxyManager.

func (NEDNSProxyManagerClass) Alloc 

func (nc NEDNSProxyManagerClass) Alloc() NEDNSProxyManager

Alloc allocates memory for a new instance of the class.

func (NEDNSProxyManagerClass) Class 

func (nc NEDNSProxyManagerClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

func (NEDNSProxyManagerClass) SharedManager 

func (_NEDNSProxyManagerClass NEDNSProxyManagerClass) SharedManager() NEDNSProxyManager

Returns a singleton DNS proxy manager instance.

Return Value

The NEDNSProxyManager instance for the app.

Discussion

Each app is allowed to create a single DNS proxy manager. The [SharedManager] type method returns a singleton NEDNSProxyManager instance that your app can use to manage any DNS proxy instances that it creates.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyManager/shared()

type NEDNSProxyManagerError 

type NEDNSProxyManagerError int

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyManagerError 

const (
	// NEDNSProxyManagerErrorConfigurationCannotBeRemoved: Unremovable DNS proxy configuration.
	NEDNSProxyManagerErrorConfigurationCannotBeRemoved NEDNSProxyManagerError = 4
	// NEDNSProxyManagerErrorConfigurationDisabled: Disabled DNS proxy configuration.
	NEDNSProxyManagerErrorConfigurationDisabled NEDNSProxyManagerError = 2
	// NEDNSProxyManagerErrorConfigurationInvalid: Invalid DNS proxy configuration that cannot be stored.
	NEDNSProxyManagerErrorConfigurationInvalid NEDNSProxyManagerError = 1
	// NEDNSProxyManagerErrorConfigurationStale: Outdated DNS proxy configuration that needs to be loaded.
	NEDNSProxyManagerErrorConfigurationStale NEDNSProxyManagerError = 3
)

func (NEDNSProxyManagerError) String 

func (e NEDNSProxyManagerError) String() string

type NEDNSProxyProvider 

type NEDNSProxyProvider struct {
	NEProvider
}

The principal class for a DNS proxy provider app extension.

Overview

A DNS proxy allows your app to intercept all DNS traffic generated on a device. You can use this capability to provide services like DNS traffic encryption, typically by redirecting DNS traffic to your own server. You usually do this in the context of managed devices, such as those owned by a school or an enterprise.

You create a DNS proxy as an app extension based on a custom subclass of the NEDNSProxyProvider class. Once active, the proxy receives access to flows of DNS traffic in the form of NEAppProxyFlow instances. Each flow corresponds to a socket opened by an app to UDP port 53 or TCP port 53. Your DNS proxy provider acts as a transparent DNS proxy for the flows of network data that it receives.

When you subclass NEDNSProxyProvider, you must provide implementations for the following methods:

- NEDNSProxyProvider.StartProxyWithOptionsCompletionHandler - NEDNSProxyProvider.StopProxyWithReasonCompletionHandler - NEDNSProxyProvider.HandleNewFlow

Managing the DNS proxy life cycle

Handling proxied DNS flow

Getting system DNS settings

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyProvider

func NEDNSProxyProviderFromID 

func NEDNSProxyProviderFromID(id objc.ID) NEDNSProxyProvider

NEDNSProxyProviderFromID constructs a NEDNSProxyProvider from an objc.ID.

The principal class for a DNS proxy provider app extension.

func NewNEDNSProxyProvider 

func NewNEDNSProxyProvider() NEDNSProxyProvider

NewNEDNSProxyProvider creates a new NEDNSProxyProvider instance.

func (NEDNSProxyProvider) Autorelease 

func (d NEDNSProxyProvider) Autorelease() NEDNSProxyProvider

Autorelease adds the receiver to the current autorelease pool.

func (NEDNSProxyProvider) CancelProxyWithError 

func (d NEDNSProxyProvider) CancelProxyWithError(error_ foundation.INSError)

Cancels the DNS proxy.

error: An error instance containing details about the problem that the proxy provider implementation encountered.

Discussion

Call this method from within the proxy provider when you need to stop the proxy due to a network error that renders the proxy no longer viable.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyProvider/cancelProxyWithError(_:)

func (NEDNSProxyProvider) HandleNewFlow 

func (d NEDNSProxyProvider) HandleNewFlow(flow INEAppProxyFlow) bool

Handles a new flow of DNS traffic.

flow: The flow representing the DNS traffic that the proxy should handle.

Return Value

A Boolean value set to true if the proxy implementation decides to handle the flow, or false if it instead decides to terminate the flow.

Discussion

The system calls this method to deliver a new network data flow to the proxy provider implementation. Subclasses must override this method to perform whatever steps are necessary to ready the proxy to receive data from the flow.

The proxy provider indicates that the proxy is ready to handle flow data by calling the flow’s [OpenWithLocalEndpointCompletionHandler] method.

If the proxy implementation decides to handle the flow, it’s responsible for retaining a reference to the flow instance.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyProvider/handleNewFlow(_:)

func (NEDNSProxyProvider) Init 

func (d NEDNSProxyProvider) Init() NEDNSProxyProvider

Init initializes the instance.

func (NEDNSProxyProvider) StartProxyWithOptions 

func (d NEDNSProxyProvider) StartProxyWithOptions(ctx context.Context, options foundation.INSDictionary) error

StartProxyWithOptions is a synchronous wrapper around NEDNSProxyProvider.StartProxyWithOptionsCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEDNSProxyProvider) StartProxyWithOptionsCompletionHandler 

func (d NEDNSProxyProvider) StartProxyWithOptionsCompletionHandler(options foundation.INSDictionary, completionHandler ErrorHandler)

Starts the DNS proxy.

options: A dictionary that you define as part of a device configuration profile. You can also modify the contents of this dictionary from your app using the shared instance of NEDNSProxyManager. The dictionary appears as the [ProviderConfiguration] component of the manager’s [ProviderProtocol] property.

completionHandler: A block that you must execute when the proxy is fully established, or when the proxy cannot be started due to an error. If the proxy is successfully established, the error parameter should be set to `nil`. Otherwise, the error parameter passed to this block indicates the reason for failure.

Discussion

Subclasses of NEDNSProxyProvider must override this method to perform any necessary steps to ready the proxy for handling flows of network data.

The framework calls this method when a new proxy instance is created. You indicate that setup is complete by calling the completion handler with a `nil` error parameter, or that setup failed by calling the completion handler with an error instance. You define the error domain and code.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyProvider/startProxy(options:completionHandler:)

func (NEDNSProxyProvider) StopProxyWithReason 

func (d NEDNSProxyProvider) StopProxyWithReason(ctx context.Context, reason NEProviderStopReason) error

StopProxyWithReason is a synchronous wrapper around NEDNSProxyProvider.StopProxyWithReasonCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEDNSProxyProvider) StopProxyWithReasonCompletionHandler 

func (d NEDNSProxyProvider) StopProxyWithReasonCompletionHandler(reason NEProviderStopReason, completionHandler VoidHandler)

Stops the DNS proxy.

reason: A code indicating why the proxy is being stopped.

completionHandler: A block that must be called when the proxy is completely stopped.

Discussion

Subclasses of NEDNSProxyProvider must override this method to perform whatever steps are necessary to stop the proxy.

The system calls this method to stop the proxy. You indicate that the proxy is fully stopped by calling the completion handler.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyProvider/stopProxy(with:completionHandler:)

func (NEDNSProxyProvider) SystemDNSSettings 

func (d NEDNSProxyProvider) SystemDNSSettings() foundation.INSSet

The current system DNS settings.

Discussion

You can use key-value observing to watch for changes on this parameter.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyProvider/systemDNSSettings

type NEDNSProxyProviderClass 

type NEDNSProxyProviderClass struct {
	// contains filtered or unexported fields
}

func GetNEDNSProxyProviderClass 

func GetNEDNSProxyProviderClass() NEDNSProxyProviderClass

GetNEDNSProxyProviderClass returns the class object for NEDNSProxyProvider.

func (NEDNSProxyProviderClass) Alloc 

func (nc NEDNSProxyProviderClass) Alloc() NEDNSProxyProvider

Alloc allocates memory for a new instance of the class.

func (NEDNSProxyProviderClass) Class 

func (nc NEDNSProxyProviderClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEDNSProxyProviderProtocol 

type NEDNSProxyProviderProtocol struct {
	NEVPNProtocol
}

Configuration parameters for a DNS proxy.

Accessing the DNS proxy configuration

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyProviderProtocol

func NEDNSProxyProviderProtocolFromID 

func NEDNSProxyProviderProtocolFromID(id objc.ID) NEDNSProxyProviderProtocol

NEDNSProxyProviderProtocolFromID constructs a NEDNSProxyProviderProtocol from an objc.ID.

Configuration parameters for a DNS proxy.

func NewNEDNSProxyProviderProtocol 

func NewNEDNSProxyProviderProtocol() NEDNSProxyProviderProtocol

NewNEDNSProxyProviderProtocol creates a new NEDNSProxyProviderProtocol instance.

func (NEDNSProxyProviderProtocol) Autorelease 

func (d NEDNSProxyProviderProtocol) Autorelease() NEDNSProxyProviderProtocol

Autorelease adds the receiver to the current autorelease pool.

func (NEDNSProxyProviderProtocol) Init 

func (d NEDNSProxyProviderProtocol) Init() NEDNSProxyProviderProtocol

Init initializes the instance.

func (NEDNSProxyProviderProtocol) ProviderBundleIdentifier 

func (d NEDNSProxyProviderProtocol) ProviderBundleIdentifier() string

A string containing the bundle identifier of the proxy provider to be used by this configuration.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyProviderProtocol/providerBundleIdentifier

func (NEDNSProxyProviderProtocol) ProviderConfiguration 

func (d NEDNSProxyProviderProtocol) ProviderConfiguration() foundation.INSDictionary

A dictionary containing vendor-specific configuration parameters for a proxy provider.

Discussion

This dictionary is passed as-is through the `options` parameter when the framework starts a DNS proxy by calling the proxy’s [StartProxyWithOptionsCompletionHandler] function.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSProxyProviderProtocol/providerConfiguration

func (NEDNSProxyProviderProtocol) SetProviderBundleIdentifier 

func (d NEDNSProxyProviderProtocol) SetProviderBundleIdentifier(value string)

func (NEDNSProxyProviderProtocol) SetProviderConfiguration 

func (d NEDNSProxyProviderProtocol) SetProviderConfiguration(value foundation.INSDictionary)

type NEDNSProxyProviderProtocolClass 

type NEDNSProxyProviderProtocolClass struct {
	// contains filtered or unexported fields
}

func GetNEDNSProxyProviderProtocolClass 

func GetNEDNSProxyProviderProtocolClass() NEDNSProxyProviderProtocolClass

GetNEDNSProxyProviderProtocolClass returns the class object for NEDNSProxyProviderProtocol.

func (NEDNSProxyProviderProtocolClass) Alloc 

func (nc NEDNSProxyProviderProtocolClass) Alloc() NEDNSProxyProviderProtocol

Alloc allocates memory for a new instance of the class.

func (NEDNSProxyProviderProtocolClass) Class 

func (nc NEDNSProxyProviderProtocolClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEDNSSettings 

type NEDNSSettings struct {
	objectivec.Object
}

The DNS resolver settings of a network tunnel or a system-wide configuration.

Initializing DNS settings

Accessing DNS properties

Instance Properties

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettings

func NEDNSSettingsFromID 

func NEDNSSettingsFromID(id objc.ID) NEDNSSettings

NEDNSSettingsFromID constructs a NEDNSSettings from an objc.ID.

The DNS resolver settings of a network tunnel or a system-wide configuration.

func NewDNSSettingsWithServers 

func NewDNSSettingsWithServers(servers []string) NEDNSSettings

Initialize the [NEDNSSetting] object.

servers: An array of DNS server IP address strings. These IP addresses can be a mixture of IPv4 and IPv6 addresses.

Return Value

The initialized NEDNSSettings object.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettings/init(servers:)

func NewNEDNSSettings 

func NewNEDNSSettings() NEDNSSettings

NewNEDNSSettings creates a new NEDNSSettings instance.

func (NEDNSSettings) AllowFailover 

func (d NEDNSSettings) AllowFailover() bool

Discussion

A boolean indicating if failover to the default system resolver is permitted on resolution failure.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettings/allowFailover

func (NEDNSSettings) Autorelease 

func (d NEDNSSettings) Autorelease() NEDNSSettings

Autorelease adds the receiver to the current autorelease pool.

func (NEDNSSettings) DnsProtocol 

func (d NEDNSSettings) DnsProtocol() NEDNSProtocol

The DNS protocol used by the server, such as HTTPS or TLS.

Discussion

By default, an NEDNSSettings object will use NEDNSProtocol.cleartext. In order to use encryption, create an NEDNSOverHTTPSSettings or NEDNSOverTLSSettings object.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettings/dnsProtocol

func (NEDNSSettings) DomainName 

func (d NEDNSSettings) DomainName() string

The primary domain of the tunnel.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettings/domainName

func (NEDNSSettings) EncodeWithCoder 

func (d NEDNSSettings) EncodeWithCoder(coder foundation.INSCoder)

func (NEDNSSettings) Init 

func (d NEDNSSettings) Init() NEDNSSettings

Init initializes the instance.

func (NEDNSSettings) InitWithServers 

func (d NEDNSSettings) InitWithServers(servers []string) NEDNSSettings

Initialize the [NEDNSSetting] object.

servers: An array of DNS server IP address strings. These IP addresses can be a mixture of IPv4 and IPv6 addresses.

Return Value

The initialized NEDNSSettings object.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettings/init(servers:)

func (NEDNSSettings) MatchDomains 

func (d NEDNSSettings) MatchDomains() []string

A list of domain strings used to determine which DNS queries will use the DNS resolver settings contained in this object.

Discussion

This property is used to create a “split DNS” configuration, where only hosts in certain domains are resolved using the tunnel’s DNS resolver settings. Hosts not in one of the domains in this list are resolved using the system’s default resolver.

If `matchDomains` contains the empty string it becomes the default domain. This is how a split-tunnel configuration can direct all DNS queries first to the VPN DNS servers before the primary DNS servers.

If the VPN tunnel becomes the network’s default route, the servers listed earlier by NEDNSSettings become the default resolver and the `matchDomains` list is ignored.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettings/matchDomains

func (NEDNSSettings) MatchDomainsNoSearch 

func (d NEDNSSettings) MatchDomainsNoSearch() bool

A Boolean that specifies if the domains in the `matchDomains` list should not be appended to the resolver’s list of search domains.

Discussion

The default value is false.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettings/matchDomainsNoSearch

func (NEDNSSettings) SearchDomains 

func (d NEDNSSettings) SearchDomains() []string

A list of domain strings used to fully qualify single-label host names.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettings/searchDomains

func (NEDNSSettings) Servers 

func (d NEDNSSettings) Servers() []string

The DNS server IP addresses.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettings/servers

func (NEDNSSettings) SetAllowFailover 

func (d NEDNSSettings) SetAllowFailover(value bool)

func (NEDNSSettings) SetDomainName 

func (d NEDNSSettings) SetDomainName(value string)

func (NEDNSSettings) SetMatchDomains 

func (d NEDNSSettings) SetMatchDomains(value []string)

func (NEDNSSettings) SetMatchDomainsNoSearch 

func (d NEDNSSettings) SetMatchDomainsNoSearch(value bool)

func (NEDNSSettings) SetSearchDomains 

func (d NEDNSSettings) SetSearchDomains(value []string)

type NEDNSSettingsClass 

type NEDNSSettingsClass struct {
	// contains filtered or unexported fields
}

func GetNEDNSSettingsClass 

func GetNEDNSSettingsClass() NEDNSSettingsClass

GetNEDNSSettingsClass returns the class object for NEDNSSettings.

func (NEDNSSettingsClass) Alloc 

func (nc NEDNSSettingsClass) Alloc() NEDNSSettings

Alloc allocates memory for a new instance of the class.

func (NEDNSSettingsClass) Class 

func (nc NEDNSSettingsClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEDNSSettingsManager 

type NEDNSSettingsManager struct {
	objectivec.Object
}

An object you use to create and manage a DNS settings configuration.

Overview

When your app starts up, access the shared instance of the DNS settings manager, and load existing settings from the preferences using NEDNSSettingsManager.LoadFromPreferencesWithCompletionHandler. You can define your DNS server configuration, and persist it by calling NEDNSSettingsManager.SaveToPreferencesWithCompletionHandler.

In order to use your DNS settings, the user needs to enable it in the Settings app on iOS or in System Preferences on macOS.

Managing DNS configurations

Accessing DNS configuration properties

Handling errors

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettingsManager

func NEDNSSettingsManagerFromID 

func NEDNSSettingsManagerFromID(id objc.ID) NEDNSSettingsManager

NEDNSSettingsManagerFromID constructs a NEDNSSettingsManager from an objc.ID.

An object you use to create and manage a DNS settings configuration.

func NewNEDNSSettingsManager 

func NewNEDNSSettingsManager() NEDNSSettingsManager

NewNEDNSSettingsManager creates a new NEDNSSettingsManager instance.

func (NEDNSSettingsManager) Autorelease 

func (d NEDNSSettingsManager) Autorelease() NEDNSSettingsManager

Autorelease adds the receiver to the current autorelease pool.

func (NEDNSSettingsManager) DnsSettings 

func (d NEDNSSettingsManager) DnsSettings() INEDNSSettings

An object that contains the configuration settings for a DNS server.

Discussion

This property can be set to either an NEDNSOverHTTPSSettings object or an NEDNSOverTLSSettings object.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettingsManager/dnsSettings

func (NEDNSSettingsManager) Enabled 

func (d NEDNSSettingsManager) Enabled() bool

A Boolean you use to query the enabled state of the DNS settings configuration.

Discussion

A user must enable your DNS settings configuration in order to apply it to the system. By default, configurations are disabled until the user enables the configuration in the Settings app on iOS or in System Preferences on macOS.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettingsManager/isEnabled

func (NEDNSSettingsManager) Init 

func (d NEDNSSettingsManager) Init() NEDNSSettingsManager

Init initializes the instance.

func (NEDNSSettingsManager) LoadFromPreferences 

func (d NEDNSSettingsManager) LoadFromPreferences(ctx context.Context) error

LoadFromPreferences is a synchronous wrapper around NEDNSSettingsManager.LoadFromPreferencesWithCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEDNSSettingsManager) LoadFromPreferencesWithCompletionHandler 

func (d NEDNSSettingsManager) LoadFromPreferencesWithCompletionHandler(completionHandler ErrorHandler)

Load your DNS settings configuration from the system networking preferences.

completionHandler: A block that takes an [NSError] object. This block runs on your application’s main thread after the load operation is complete. If an error occurs while loading the configuration, the block returns an [NSError] object. // [NSError]: https://developer.apple.com/documentation/Foundation/NSError

Discussion

You must call this method at least once before calling [SaveToPreferencesWithCompletionHandler] for the first time after your app launches.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettingsManager/loadFromPreferences(completionHandler:)

func (NEDNSSettingsManager) LocalizedDescription 

func (d NEDNSSettingsManager) LocalizedDescription() string

A string that contains the display name of the DNS settings configuration.

Discussion

This string is used as the display name of the DNS settings configuration in the system’s settings UI. If this property is set to `nil` at the time that the configuration is created, it is automatically set to the display name of the calling app.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettingsManager/localizedDescription

func (NEDNSSettingsManager) NEDNSSettingsErrorDomain 

func (d NEDNSSettingsManager) NEDNSSettingsErrorDomain() string

The domain for errors resulting from calls to the DNS settings manager.

See: https://developer.apple.com/documentation/networkextension/nednssettingserrordomain

func (NEDNSSettingsManager) OnDemandRules 

func (d NEDNSSettingsManager) OnDemandRules() []NEOnDemandRule

A list of ordered rules that defines the networks on which the DNS settings will apply.

Discussion

An On Demand rule with the action NEOnDemandRuleAction.connect defines a network on which the DNS settings apply. An On Demand rule with the action NEOnDemandRuleAction.disconnect causes DNS settings to not apply. An On Demand rule with the action of NEOnDemandRuleAction.evaluateConnection can be used to enable the DNS settings on a network with excluded domains, as specified using a NEEvaluateConnectionRuleAction.neverConnect rule.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettingsManager/onDemandRules

func (NEDNSSettingsManager) RemoveFromPreferences 

func (d NEDNSSettingsManager) RemoveFromPreferences(ctx context.Context) error

RemoveFromPreferences is a synchronous wrapper around NEDNSSettingsManager.RemoveFromPreferencesWithCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEDNSSettingsManager) RemoveFromPreferencesWithCompletionHandler 

func (d NEDNSSettingsManager) RemoveFromPreferencesWithCompletionHandler(completionHandler ErrorHandler)

Remove your DNS settings configuration from the system networking preferences.

completionHandler: An optional block that takes an [NSError] object. If specified, this block runs on your application’s main thread after your configuration is removed. If an error occurs while removing the configuration, the block returns an [NSError] object. // [NSError]: https://developer.apple.com/documentation/Foundation/NSError

Discussion

After you remove your configuration, the NEDNSSettingsManager object still contains the configuration parameters. Calling [LoadFromPreferencesWithCompletionHandler] clears out the configuration parameters from the NEDNSSettingsManager object.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettingsManager/removeFromPreferences(completionHandler:)

func (NEDNSSettingsManager) SaveToPreferences 

func (d NEDNSSettingsManager) SaveToPreferences(ctx context.Context) error

SaveToPreferences is a synchronous wrapper around NEDNSSettingsManager.SaveToPreferencesWithCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEDNSSettingsManager) SaveToPreferencesWithCompletionHandler 

func (d NEDNSSettingsManager) SaveToPreferencesWithCompletionHandler(completionHandler ErrorHandler)

Save your DNS settings configuration to the system networking preferences.

completionHandler: An optional block that takes an [NSError] object. If specified, this block runs on your application’s main thread after the save operation completes. If an error occurs while saving the configuration, the block returns an [NSError] object. // [NSError]: https://developer.apple.com/documentation/Foundation/NSError

Discussion

You must call [LoadFromPreferencesWithCompletionHandler] at least once before calling this method the first time after your app launches.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettingsManager/saveToPreferences(completionHandler:)

func (NEDNSSettingsManager) SetDnsSettings 

func (d NEDNSSettingsManager) SetDnsSettings(value INEDNSSettings)

func (NEDNSSettingsManager) SetLocalizedDescription 

func (d NEDNSSettingsManager) SetLocalizedDescription(value string)

func (NEDNSSettingsManager) SetOnDemandRules 

func (d NEDNSSettingsManager) SetOnDemandRules(value []NEOnDemandRule)

type NEDNSSettingsManagerClass 

type NEDNSSettingsManagerClass struct {
	// contains filtered or unexported fields
}

func GetNEDNSSettingsManagerClass 

func GetNEDNSSettingsManagerClass() NEDNSSettingsManagerClass

GetNEDNSSettingsManagerClass returns the class object for NEDNSSettingsManager.

func (NEDNSSettingsManagerClass) Alloc 

func (nc NEDNSSettingsManagerClass) Alloc() NEDNSSettingsManager

Alloc allocates memory for a new instance of the class.

func (NEDNSSettingsManagerClass) Class 

func (nc NEDNSSettingsManagerClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

func (NEDNSSettingsManagerClass) SharedManager 

func (_NEDNSSettingsManagerClass NEDNSSettingsManagerClass) SharedManager() NEDNSSettingsManager

Access the single instance of a DNS settings manager.

Return Value

The DNS settings manager instance for the calling application.

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettingsManager/shared()

type NEDNSSettingsManagerError 

type NEDNSSettingsManagerError int

See: https://developer.apple.com/documentation/NetworkExtension/NEDNSSettingsManagerError 

const (
	// NEDNSSettingsManagerErrorConfigurationCannotBeRemoved: An error code that indicates removing the DNS settings manager failed.
	NEDNSSettingsManagerErrorConfigurationCannotBeRemoved NEDNSSettingsManagerError = 4
	// NEDNSSettingsManagerErrorConfigurationDisabled: An error code that indicates the DNS settings manager isn’t enabled.
	NEDNSSettingsManagerErrorConfigurationDisabled NEDNSSettingsManagerError = 2
	// NEDNSSettingsManagerErrorConfigurationInvalid: An error code that indicates the DNS settings manager is invalid.
	NEDNSSettingsManagerErrorConfigurationInvalid NEDNSSettingsManagerError = 1
	// NEDNSSettingsManagerErrorConfigurationStale: An error code that indicates the DNS settings manager isn’t loaded.
	NEDNSSettingsManagerErrorConfigurationStale NEDNSSettingsManagerError = 3
)

func (NEDNSSettingsManagerError) String 

func (e NEDNSSettingsManagerError) String() string

type NEEthernetTunnelNetworkSettings 

type NEEthernetTunnelNetworkSettings struct {
	NEPacketTunnelNetworkSettings
}

The network settings for an ethernet-based VPN tunnel.

Overview

You use this type with NEEthernetTunnelProvider instances to communicate the desired network settings for the packet tunnel to the framework. The framework takes care of applying the contained settings to the system.

Instances of this class are thread-safe.

Creating a settings instance

Inspecting settings properties

See: https://developer.apple.com/documentation/NetworkExtension/NEEthernetTunnelNetworkSettings

func NEEthernetTunnelNetworkSettingsFromID 

func NEEthernetTunnelNetworkSettingsFromID(id objc.ID) NEEthernetTunnelNetworkSettings

NEEthernetTunnelNetworkSettingsFromID constructs a NEEthernetTunnelNetworkSettings from an objc.ID.

The network settings for an ethernet-based VPN tunnel.

func NewEthernetTunnelNetworkSettingsWithTunnelRemoteAddress 

func NewEthernetTunnelNetworkSettingsWithTunnelRemoteAddress(address string) NEEthernetTunnelNetworkSettings

Initialize a NETunnelNetworkSettings object.

address: The IP address of the tunnel server.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelNetworkSettings/init(tunnelRemoteAddress:)

func NewEthernetTunnelNetworkSettingsWithTunnelRemoteAddressEthernetAddressMtu 

func NewEthernetTunnelNetworkSettingsWithTunnelRemoteAddressEthernetAddressMtu(address string, ethernetAddress string, mtu int) NEEthernetTunnelNetworkSettings

Creates a settings object with a given tunnel remote address and MAC address.

See: https://developer.apple.com/documentation/NetworkExtension/NEEthernetTunnelNetworkSettings/init(tunnelRemoteAddress:ethernetAddress:mtu:)

func NewNEEthernetTunnelNetworkSettings 

func NewNEEthernetTunnelNetworkSettings() NEEthernetTunnelNetworkSettings

NewNEEthernetTunnelNetworkSettings creates a new NEEthernetTunnelNetworkSettings instance.

func (NEEthernetTunnelNetworkSettings) Autorelease 

func (e NEEthernetTunnelNetworkSettings) Autorelease() NEEthernetTunnelNetworkSettings

Autorelease adds the receiver to the current autorelease pool.

func (NEEthernetTunnelNetworkSettings) EthernetAddress 

func (e NEEthernetTunnelNetworkSettings) EthernetAddress() string

The ethernet address of the tunnel interface, as a string.

See: https://developer.apple.com/documentation/NetworkExtension/NEEthernetTunnelNetworkSettings/ethernetAddress

func (NEEthernetTunnelNetworkSettings) Init 

func (e NEEthernetTunnelNetworkSettings) Init() NEEthernetTunnelNetworkSettings

Init initializes the instance.

func (NEEthernetTunnelNetworkSettings) InitWithTunnelRemoteAddressEthernetAddressMtu 

func (e NEEthernetTunnelNetworkSettings) InitWithTunnelRemoteAddressEthernetAddressMtu(address string, ethernetAddress string, mtu int) NEEthernetTunnelNetworkSettings

Creates a settings object with a given tunnel remote address and MAC address.

See: https://developer.apple.com/documentation/NetworkExtension/NEEthernetTunnelNetworkSettings/init(tunnelRemoteAddress:ethernetAddress:mtu:)

type NEEthernetTunnelNetworkSettingsClass 

type NEEthernetTunnelNetworkSettingsClass struct {
	// contains filtered or unexported fields
}

func GetNEEthernetTunnelNetworkSettingsClass 

func GetNEEthernetTunnelNetworkSettingsClass() NEEthernetTunnelNetworkSettingsClass

GetNEEthernetTunnelNetworkSettingsClass returns the class object for NEEthernetTunnelNetworkSettings.

func (NEEthernetTunnelNetworkSettingsClass) Alloc 

func (nc NEEthernetTunnelNetworkSettingsClass) Alloc() NEEthernetTunnelNetworkSettings

Alloc allocates memory for a new instance of the class.

func (NEEthernetTunnelNetworkSettingsClass) Class 

func (nc NEEthernetTunnelNetworkSettingsClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEEthernetTunnelProvider 

type NEEthernetTunnelProvider struct {
	NEPacketTunnelProvider
}

A type that implements the client side of a custom link-layer packet tunneling protocol.

See: https://developer.apple.com/documentation/NetworkExtension/NEEthernetTunnelProvider

func NEEthernetTunnelProviderFromID 

func NEEthernetTunnelProviderFromID(id objc.ID) NEEthernetTunnelProvider

NEEthernetTunnelProviderFromID constructs a NEEthernetTunnelProvider from an objc.ID.

A type that implements the client side of a custom link-layer packet tunneling protocol.

func NewNEEthernetTunnelProvider 

func NewNEEthernetTunnelProvider() NEEthernetTunnelProvider

NewNEEthernetTunnelProvider creates a new NEEthernetTunnelProvider instance.

func (NEEthernetTunnelProvider) Autorelease 

func (e NEEthernetTunnelProvider) Autorelease() NEEthernetTunnelProvider

Autorelease adds the receiver to the current autorelease pool.

func (NEEthernetTunnelProvider) Init 

func (e NEEthernetTunnelProvider) Init() NEEthernetTunnelProvider

Init initializes the instance.

type NEEthernetTunnelProviderClass 

type NEEthernetTunnelProviderClass struct {
	// contains filtered or unexported fields
}

func GetNEEthernetTunnelProviderClass 

func GetNEEthernetTunnelProviderClass() NEEthernetTunnelProviderClass

GetNEEthernetTunnelProviderClass returns the class object for NEEthernetTunnelProvider.

func (NEEthernetTunnelProviderClass) Alloc 

func (nc NEEthernetTunnelProviderClass) Alloc() NEEthernetTunnelProvider

Alloc allocates memory for a new instance of the class.

func (NEEthernetTunnelProviderClass) Class 

func (nc NEEthernetTunnelProviderClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEEvaluateConnectionRule 

type NEEvaluateConnectionRule struct {
	objectivec.Object
}

NEEvaluateConnectionRule associates properties of network connections with an action.

Initializing a Rule

Accessing Rule Match Properties

Accessing the Rule Action

See: https://developer.apple.com/documentation/NetworkExtension/NEEvaluateConnectionRule

func NEEvaluateConnectionRuleFromID 

func NEEvaluateConnectionRuleFromID(id objc.ID) NEEvaluateConnectionRule

NEEvaluateConnectionRuleFromID constructs a NEEvaluateConnectionRule from an objc.ID.

NEEvaluateConnectionRule associates properties of network connections with an action.

func NewEvaluateConnectionRuleWithMatchDomainsAndAction 

func NewEvaluateConnectionRuleWithMatchDomainsAndAction(domains []string, action NEEvaluateConnectionRuleAction) NEEvaluateConnectionRule

Initialize an NEEvaluateConnectionRule instance with a list of destination host domains and an action.

domains: An array of domains used to match the destination hostname of connections. If the destination hostname of a connection matches any of the domains in the array, then the connection matches the rule. Each domain is matched against the destination hostname using suffix matching, and each label in the domain must match an entire label in the hostname. For example, the domain `example.Com()` will match the hostname `www.ExampleXCUIElementTypeCom()` but not `www.AnotherexampleXCUIElementTypeCom()`.

action: The action to apply for connections matching the rule.

See: https://developer.apple.com/documentation/NetworkExtension/NEEvaluateConnectionRule/init(matchDomains:andAction:)

func NewNEEvaluateConnectionRule 

func NewNEEvaluateConnectionRule() NEEvaluateConnectionRule

NewNEEvaluateConnectionRule creates a new NEEvaluateConnectionRule instance.

func (NEEvaluateConnectionRule) Action 

func (e NEEvaluateConnectionRule) Action() NEEvaluateConnectionRuleAction

The action to take if the properties of the network connection being established match the rule.

See: https://developer.apple.com/documentation/NetworkExtension/NEEvaluateConnectionRule/action

func (NEEvaluateConnectionRule) Autorelease 

func (e NEEvaluateConnectionRule) Autorelease() NEEvaluateConnectionRule

Autorelease adds the receiver to the current autorelease pool.

func (NEEvaluateConnectionRule) ConnectionRules 

func (e NEEvaluateConnectionRule) ConnectionRules() INEEvaluateConnectionRule

An array of

See: https://developer.apple.com/documentation/networkextension/neondemandruleevaluateconnection/connectionrules

func (NEEvaluateConnectionRule) EncodeWithCoder 

func (e NEEvaluateConnectionRule) EncodeWithCoder(coder foundation.INSCoder)

func (NEEvaluateConnectionRule) Init 

func (e NEEvaluateConnectionRule) Init() NEEvaluateConnectionRule

Init initializes the instance.

func (NEEvaluateConnectionRule) InitWithMatchDomainsAndAction 

func (e NEEvaluateConnectionRule) InitWithMatchDomainsAndAction(domains []string, action NEEvaluateConnectionRuleAction) NEEvaluateConnectionRule

Initialize an NEEvaluateConnectionRule instance with a list of destination host domains and an action.

domains: An array of domains used to match the destination hostname of connections. If the destination hostname of a connection matches any of the domains in the array, then the connection matches the rule. Each domain is matched against the destination hostname using suffix matching, and each label in the domain must match an entire label in the hostname. For example, the domain `example.Com()` will match the hostname `www.ExampleXCUIElementTypeCom()` but not `www.AnotherexampleXCUIElementTypeCom()`.

action: The action to apply for connections matching the rule.

See: https://developer.apple.com/documentation/NetworkExtension/NEEvaluateConnectionRule/init(matchDomains:andAction:)

func (NEEvaluateConnectionRule) MatchDomains 

func (e NEEvaluateConnectionRule) MatchDomains() []string

An array of domains used to match the destination hostname of connections. If the destination hostname of a connection matches any of the domains in the array, then the connection matches the rule. Each domain is matched against the destination hostname using suffix matching, and each label in the domain must match an entire label in the hostname. For example, the domain `example.Com()` will match the hostname `www.ExampleXCUIElementTypeCom()` but not `www.AnotherexampleXCUIElementTypeCom()`.

See: https://developer.apple.com/documentation/NetworkExtension/NEEvaluateConnectionRule/matchDomains

func (NEEvaluateConnectionRule) ProbeURL 

func (e NEEvaluateConnectionRule) ProbeURL() foundation.INSURL

An HTTP or HTTPS URL. If the rule matches the connection being established and the action is NEEvaluateConnectionRuleActionConnectIfNeeded and a request sent to this URL results in a response with an HTTP response code other than 200, then the VPN is started.

See: https://developer.apple.com/documentation/NetworkExtension/NEEvaluateConnectionRule/probeURL

func (NEEvaluateConnectionRule) SetConnectionRules 

func (e NEEvaluateConnectionRule) SetConnectionRules(value INEEvaluateConnectionRule)

func (NEEvaluateConnectionRule) SetProbeURL 

func (e NEEvaluateConnectionRule) SetProbeURL(value foundation.INSURL)

func (NEEvaluateConnectionRule) SetUseDNSServers 

func (e NEEvaluateConnectionRule) SetUseDNSServers(value []string)

func (NEEvaluateConnectionRule) UseDNSServers 

func (e NEEvaluateConnectionRule) UseDNSServers() []string

If the rule matches the connection being established and the action is NEEvaluateConnectionRuleActionConnectIfNeeded, the DNS servers specified in this array are used to resolve the destination hostname of the connection while evaluating connectivity to the destination of the connection. If the resolution fails for any reason, the VPN is started.

See: https://developer.apple.com/documentation/NetworkExtension/NEEvaluateConnectionRule/useDNSServers

type NEEvaluateConnectionRuleAction 

type NEEvaluateConnectionRuleAction int

See: https://developer.apple.com/documentation/NetworkExtension/NEEvaluateConnectionRuleAction 

const (
	// NEEvaluateConnectionRuleActionConnectIfNeeded: Start the VPN if connections to the matching hostname cannot be resolved.
	NEEvaluateConnectionRuleActionConnectIfNeeded NEEvaluateConnectionRuleAction = 1
	// NEEvaluateConnectionRuleActionNeverConnect: Do not start the VPN.
	NEEvaluateConnectionRuleActionNeverConnect NEEvaluateConnectionRuleAction = 2
)

func (NEEvaluateConnectionRuleAction) String 

func (e NEEvaluateConnectionRuleAction) String() string

type NEEvaluateConnectionRuleClass 

type NEEvaluateConnectionRuleClass struct {
	// contains filtered or unexported fields
}

func GetNEEvaluateConnectionRuleClass 

func GetNEEvaluateConnectionRuleClass() NEEvaluateConnectionRuleClass

GetNEEvaluateConnectionRuleClass returns the class object for NEEvaluateConnectionRule.

func (NEEvaluateConnectionRuleClass) Alloc 

func (nc NEEvaluateConnectionRuleClass) Alloc() NEEvaluateConnectionRule

Alloc allocates memory for a new instance of the class.

func (NEEvaluateConnectionRuleClass) Class 

func (nc NEEvaluateConnectionRuleClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEFilterAction 

type NEFilterAction int

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterAction 

const (
	// NEFilterActionAllow: Allow the flow.
	NEFilterActionAllow NEFilterAction = 1
	// NEFilterActionDrop: Drop the flow.
	NEFilterActionDrop NEFilterAction = 2
	// NEFilterActionFilterData: Filter data on the flow.
	NEFilterActionFilterData NEFilterAction = 4
	// NEFilterActionInvalid: Invalid action used to represent an error.
	NEFilterActionInvalid NEFilterAction = 0
	// NEFilterActionRemediate: Remediate the flow.
	NEFilterActionRemediate NEFilterAction = 3
)

func (NEFilterAction) String 

func (e NEFilterAction) String() string

type NEFilterDataAttribute 

type NEFilterDataAttribute int

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterDataAttribute 

const (
	// NEFilterDataAttributeHasIPHeader: An attribute that indicates the data includes an IP header.
	NEFilterDataAttributeHasIPHeader NEFilterDataAttribute = 1
)

func (NEFilterDataAttribute) String 

func (e NEFilterDataAttribute) String() string

type NEFilterDataProvider 

type NEFilterDataProvider struct {
	NEFilterProvider
}

The principal class for a filter data provider extension.

Overview

Network content is delivered to the Filter Data Provider in the form of NEFilterFlow objects. Each NEFilterFlow object corresponds to a network connection opened by an application running on the device. The Filter Data Provider can choose to pass or block the data when it receives a new flow, or it can ask the system to see more of the flow’s data in either the outbound or inbound direction before making a pass or block decision.

In addition to passing or blocking network data, the Filter Data Provider can tell the system that it needs more information before it can make a decision about a particular flow of data. The system will then ask the Filter Control Provider to update the current set of rules and place them in a location on disk that is readable from the Filter Data Provider extension.

When a NEFilterFlow object is originated from a WebKit browser object, the Filter Data Provider can affect the user experience in the following ways:

- If the Filter Data Provider chooses to block the web page, then a special “block” page is displayed in the WebKit browser object informing the user that their attempt to access the content was blocked. The Filter Data Provider can choose to add a link to this block page, giving the user the option of requesting access to the content. - If the Filter Data Provider chooses to allow the web page, then it can also specify that a string be appended to the web page URL. This allows the Filter Data Provider to direct the WebKit browser object to a “safe” version of the web page.

To protect the user’s privacy, the Filter Data Provider extension sandbox prevents the extension from moving network content outside of its address space.

Creating a Filter Data Provider Extension

Filter Data Providers run as App Extensions for the `com.AppleXCUIElementTypeNetworkextensionXCUIElementTypeFilter()-data` extension point.

To create a Filter Data Provider extension, first create a new App Extension target in your project.

For an example of an Xcode build target for this app extension, see the SimpleTunnel: Customized Networking Using the NetworkExtension Framework sample code project.

Once you have a Filter Data Provider extension target, create a subclass of NEFilterDataProvider. Then set the [NSExtensionPrincipalClass] key in the the extension’s `Info.Plist()` to the name of your subclass.

If it is not done already, set the [NSExtensionPointIdentifier] key in the extension’s `Info.Plist()` to `com.AppleXCUIElementTypeNetworkextensionXCUIElementTypeFilter()-data`.

Here is an example of the [NSExtension] dictionary in a Filter Data Provider extension’s `Info.Plist()`:

Finally, add your Filter Data Provider extension target to your app’s Embed App Extensions build phase.

Subclassing Notes

To create a Filter Data Provider extension, you must first create a subclass of NEFilterDataProvider and override the methods listed below.

Methods to Override

- NEFilterDataProvider.HandleNewFlow - NEFilterDataProvider.HandleInboundDataFromFlowReadBytesStartOffsetReadBytes - NEFilterDataProvider.HandleOutboundDataFromFlowReadBytesStartOffsetReadBytes - NEFilterDataProvider.HandleInboundDataCompleteForFlow - NEFilterDataProvider.HandleOutboundDataCompleteForFlow - [NEFilterDataProvider.HandleRemediationForFlow] - [NEFilterDataProvider.HandleRulesChanged]

Filtering network content

Changing filter settings

Resuming data flows

Updating filter verdicts

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterDataProvider

func NEFilterDataProviderFromID 

func NEFilterDataProviderFromID(id objc.ID) NEFilterDataProvider

NEFilterDataProviderFromID constructs a NEFilterDataProvider from an objc.ID.

The principal class for a filter data provider extension.

func NewNEFilterDataProvider 

func NewNEFilterDataProvider() NEFilterDataProvider

NewNEFilterDataProvider creates a new NEFilterDataProvider instance.

func (NEFilterDataProvider) ApplySettings 

func (f NEFilterDataProvider) ApplySettings(ctx context.Context, settings INEFilterSettings) error

ApplySettings is a synchronous wrapper around NEFilterDataProvider.ApplySettingsCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEFilterDataProvider) ApplySettingsCompletionHandler 

func (f NEFilterDataProvider) ApplySettingsCompletionHandler(settings INEFilterSettings, completionHandler ErrorHandler)

Applies a set of filtering rules associated with the provider and changes the default filtering action.

settings: A NEFilterSettings object containing the filter settings to apply to the system. Pass `nil` to revert to the default settings, which are an empty list of rules and a default action of [NEFilterAction.filterData]. // [NEFilterAction.filterData]: https://developer.apple.com/documentation/NetworkExtension/NEFilterAction/filterData

completionHandler: A Swift closure or ObjectiveC block that executes when the system finishes applying the settings. It receives an [NSError] parameter; a non-`nil` value that indicates there’s an error contidition. // [NSError]: https://developer.apple.com/documentation/Foundation/NSError

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterDataProvider/apply(_:completionHandler:)

func (NEFilterDataProvider) Autorelease 

func (f NEFilterDataProvider) Autorelease() NEFilterDataProvider

Autorelease adds the receiver to the current autorelease pool.

func (NEFilterDataProvider) HandleInboundDataCompleteForFlow 

func (f NEFilterDataProvider) HandleInboundDataCompleteForFlow(flow INEFilterFlow) INEFilterDataVerdict

Make a filtering decision after seeing all of the inbound data for a flow.

flow: An NEFilterFlow object containing information about the flow.

Return Value

An NEFilterDataVerdict object indicating how the system should handle the flow of network content.

Discussion

The system calls this method after all of the inbound data for a flow of network content has been given to the Filter Data Provider.

NEFilterDataProvider subclasses must override this method.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterDataProvider/handleInboundDataComplete(for:)

func (NEFilterDataProvider) HandleInboundDataFromFlowReadBytesStartOffsetReadBytes 

func (f NEFilterDataProvider) HandleInboundDataFromFlowReadBytesStartOffsetReadBytes(flow INEFilterFlow, offset uint, readBytes foundation.INSData) INEFilterDataVerdict

Make a filtering decision about a chunk of inbound data.

flow: An NEFilterFlow object containing information about the flow.

offset: An unsigned integer containing the offset of the data stored in `readBytes`. This offset is measured from the beginning of the flow’s inbound data.

readBytes: An [NSData] object containing the data to filter. For non-UDP/TCP flows, since the data may optionally include the IP header, `readBytes` includes a 4-byte NEFilterDataAttribute field preceding the user data. Your handler must examine the NEFilterDataAttribute field and handle the data accordingly. // NEFilterDataAttribute: https://developer.apple.com/documentation/NetworkExtension/NEFilterDataAttribute [NSData]: https://developer.apple.com/documentation/Foundation/NSData

Return Value

A NEFilterDataVerdict object indicating how the system should handle the chunk of data and all subsequent inbound data for the flow.

Discussion

NEFilterDataProvider subclasses must override this method.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterDataProvider/handleInboundData(from:readBytesStartOffset:readBytes:)

func (NEFilterDataProvider) HandleNewFlow 

func (f NEFilterDataProvider) HandleNewFlow(flow INEFilterFlow) INEFilterNewFlowVerdict

Make a filtering decision for a newly-created flow of network content.

flow: An NEFilterFlow object containing information about the new flow.

Return Value

An NEFilterNewFlowVerdict object indicating how the system should handle the flow.

Discussion

This function is called by the system when a filtering decision needs to be made about a new flow of network content.

NEFilterDataProvider subclasses must override this method.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterDataProvider/handleNewFlow(_:)

func (NEFilterDataProvider) HandleOutboundDataCompleteForFlow 

func (f NEFilterDataProvider) HandleOutboundDataCompleteForFlow(flow INEFilterFlow) INEFilterDataVerdict

Make a filtering decision after seeing all of the outbound data for a flow.

flow: An NEFilterFlow object containing information about the flow.

Return Value

An NEFilterDataVerdict object indicating how the system should handle the flow of network content.

Discussion

The system calls this method after all of the outbound data for a flow of network content has been given to the Filter Data Provider.

NEFilterDataProvider subclasses must override this method.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterDataProvider/handleOutboundDataComplete(for:)

func (NEFilterDataProvider) HandleOutboundDataFromFlowReadBytesStartOffsetReadBytes 

func (f NEFilterDataProvider) HandleOutboundDataFromFlowReadBytesStartOffsetReadBytes(flow INEFilterFlow, offset uint, readBytes foundation.INSData) INEFilterDataVerdict

Make a filtering decision about a chunk of outbound data.

flow: An NEFilterFlow object containing information about the flow.

offset: An unsigned integer containing the offset of the data stored in `readBytes`. This offset is measured from the beginning of the flow’s outbound data.

readBytes: An [NSData] object containing the data to be filtered. // [NSData]: https://developer.apple.com/documentation/Foundation/NSData

Return Value

An NEFilterDataVerdict indicating how the system should handle the chunk of data and all subsequent outbound data for the flow.

Discussion

NEFilterDataProvider subclasses must override this method.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterDataProvider/handleOutboundData(from:readBytesStartOffset:readBytes:)

func (NEFilterDataProvider) Init 

func (f NEFilterDataProvider) Init() NEFilterDataProvider

Init initializes the instance.

func (NEFilterDataProvider) ResumeFlowWithVerdict 

func (f NEFilterDataProvider) ResumeFlowWithVerdict(flow INEFilterFlow, verdict INEFilterVerdict)

Resumes a previously-paused flow.

Discussion

The provider calls this method to resume a flow that the provider previously paused by returning a pause verdict.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterDataProvider/resumeFlow(_:with:)

func (NEFilterDataProvider) UpdateFlowUsingVerdictForDirection 

func (f NEFilterDataProvider) UpdateFlowUsingVerdictForDirection(flow INEFilterSocketFlow, verdict INEFilterDataVerdict, direction NETrafficDirection)

Updates the verdict for a flow outside the context of any filter data provider callback.

flow: The NEFilterSocketFlow to update the verdict for.

verdict: An NEFilterDataVerdict instance. This must be an [AllowVerdict] or [DropVerdict] verdict, or a data verdict created with the Swift initializer or ObjectiveC type method, [DataVerdictWithPassBytesPeekBytes].

direction: The direction to which the verdict applies. Pass [NETrafficDirection.any] to update the verdict for both the inbound and outbound directions. This parameter has no effect if the verdict is [DropVerdict]. // [NETrafficDirection.any]: https://developer.apple.com/documentation/NetworkExtension/NETrafficDirection/any

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterDataProvider/update(_:using:for:)

type NEFilterDataProviderClass 

type NEFilterDataProviderClass struct {
	// contains filtered or unexported fields
}

func GetNEFilterDataProviderClass 

func GetNEFilterDataProviderClass() NEFilterDataProviderClass

GetNEFilterDataProviderClass returns the class object for NEFilterDataProvider.

func (NEFilterDataProviderClass) Alloc 

func (nc NEFilterDataProviderClass) Alloc() NEFilterDataProvider

Alloc allocates memory for a new instance of the class.

func (NEFilterDataProviderClass) Class 

func (nc NEFilterDataProviderClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEFilterDataVerdict 

type NEFilterDataVerdict struct {
	NEFilterVerdict
}

The result from a filter data provder for subsequent chunks of data on a flow.

Overview

Return this verdict type from the various methods of NEFilterDataProvider.

Reporting statistics

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterDataVerdict

func NEFilterDataVerdictFromID 

func NEFilterDataVerdictFromID(id objc.ID) NEFilterDataVerdict

NEFilterDataVerdictFromID constructs a NEFilterDataVerdict from an objc.ID.

The result from a filter data provder for subsequent chunks of data on a flow.

func NewFilterDataVerdictWithPassBytesPeekBytes 

func NewFilterDataVerdictWithPassBytesPeekBytes(passBytes uint, peekBytes uint) NEFilterDataVerdict

Creates a verdict that tells the system to pass a chunk of network data to its final destination, and specifies the next chunk of data to provide.

passBytes: The number of bytes to pass to its final destination.

peekBytes: The number of bytes after the end of the `passBytes` that the Filter Data Provider expects in the next call to [HandleOutboundDataFromFlowReadBytesStartOffsetReadBytes] or [HandleInboundDataFromFlowReadBytesStartOffsetReadBytes]. The Filter Data Provider uses this chunk of data to make its next filtering decision.

To see all subsequent bytes, set this parameter to [NEFilterFlowBytesMax]. // [NEFilterFlowBytesMax]: https://developer.apple.com/documentation/NetworkExtension/NEFilterFlowBytesMax

Return Value

A NEFilterDataVerdict object.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterDataVerdict/init(passBytes:peekBytes:)

func NewNEFilterDataVerdict 

func NewNEFilterDataVerdict() NEFilterDataVerdict

NewNEFilterDataVerdict creates a new NEFilterDataVerdict instance.

func (NEFilterDataVerdict) Autorelease 

func (f NEFilterDataVerdict) Autorelease() NEFilterDataVerdict

Autorelease adds the receiver to the current autorelease pool.

func (NEFilterDataVerdict) Init 

func (f NEFilterDataVerdict) Init() NEFilterDataVerdict

Init initializes the instance.

func (NEFilterDataVerdict) SetStatisticsReportFrequency 

func (f NEFilterDataVerdict) SetStatisticsReportFrequency(value NEFilterReportFrequency)

func (NEFilterDataVerdict) StatisticsReportFrequency 

func (f NEFilterDataVerdict) StatisticsReportFrequency() NEFilterReportFrequency

The frequencty at which to provide flow statistics to the data provider.

Discussion

This property determines the frequency at which the provider receives a call to its [HandleReport] method with an NEFilterReport.Event.statistics event.

The default value of this property NEFilterReport.Frequency.none, meaning that the provider receives no statistics by default.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterDataVerdict/statisticsReportFrequency

type NEFilterDataVerdictClass 

type NEFilterDataVerdictClass struct {
	// contains filtered or unexported fields
}

func GetNEFilterDataVerdictClass 

func GetNEFilterDataVerdictClass() NEFilterDataVerdictClass

GetNEFilterDataVerdictClass returns the class object for NEFilterDataVerdict.

func (NEFilterDataVerdictClass) Alloc 

func (nc NEFilterDataVerdictClass) Alloc() NEFilterDataVerdict

Alloc allocates memory for a new instance of the class.

func (NEFilterDataVerdictClass) AllowVerdict 

func (_NEFilterDataVerdictClass NEFilterDataVerdictClass) AllowVerdict() NEFilterDataVerdict

Creates a verdict that tells the system to pass the current chunk of network data and all subsequent data for the current flow to its final destination.

Return Value

A NEFilterDataVerdict object.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterDataVerdict/allow()

func (NEFilterDataVerdictClass) Class 

func (nc NEFilterDataVerdictClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

func (NEFilterDataVerdictClass) DropVerdict 

func (_NEFilterDataVerdictClass NEFilterDataVerdictClass) DropVerdict() NEFilterDataVerdict

Creates a verdict that tells the system to drop the current chunk of network data and all subsequent data for the current flow.

Return Value

A NEFilterDataVerdict object.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterDataVerdict/drop()

func (NEFilterDataVerdictClass) PauseVerdict 

func (_NEFilterDataVerdictClass NEFilterDataVerdictClass) PauseVerdict() NEFilterDataVerdict

Creates a verdict that tells the system to pause the flow.

Return Value

A NEFilterDataVerdict object.

Discussion

After pausing the flow, the system doesn’t call any of the data provider’s handler callbacks until you resume the flow by calling [ResumeFlowWithVerdict].

You can pause TCP flows indefinitely. You can pause UDP flows for up to 10 seconds, after which the system drops the flow. Pausing a flow that’s already paused is an invalid operation.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterDataVerdict/pause()

type NEFilterFlow 

type NEFilterFlow struct {
	objectivec.Object
}

The abstract base class for types that represent flows of network data.

Inspecting flow properties

Source app identification

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterFlow

func NEFilterFlowFromID 

func NEFilterFlowFromID(id objc.ID) NEFilterFlow

NEFilterFlowFromID constructs a NEFilterFlow from an objc.ID.

The abstract base class for types that represent flows of network data.

func NewNEFilterFlow 

func NewNEFilterFlow() NEFilterFlow

NewNEFilterFlow creates a new NEFilterFlow instance.

func (NEFilterFlow) Autorelease 

func (f NEFilterFlow) Autorelease() NEFilterFlow

Autorelease adds the receiver to the current autorelease pool.

func (NEFilterFlow) Direction 

func (f NEFilterFlow) Direction() NETrafficDirection

The initial direction of the flow: incoming or outgoing.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterFlow/direction

func (NEFilterFlow) EncodeWithCoder 

func (f NEFilterFlow) EncodeWithCoder(coder foundation.INSCoder)

func (NEFilterFlow) Identifier 

func (f NEFilterFlow) Identifier() foundation.NSUUID

The unique identifier of the flow.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterFlow/identifier

func (NEFilterFlow) Init 

func (f NEFilterFlow) Init() NEFilterFlow

Init initializes the instance.

func (NEFilterFlow) NEFilterFlowBytesMax 

func (f NEFilterFlow) NEFilterFlowBytesMax() uint64

The maximum number of bytes to pass or peek for a flow.

See: https://developer.apple.com/documentation/networkextension/nefilterflowbytesmax

func (NEFilterFlow) SetNEFilterFlowBytesMax 

func (f NEFilterFlow) SetNEFilterFlowBytesMax(value uint64)

func (NEFilterFlow) SourceAppAuditToken 

func (f NEFilterFlow) SourceAppAuditToken() foundation.INSData

The audit token of the source application of the flow.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterFlow/sourceAppAuditToken

func (NEFilterFlow) SourceProcessAuditToken 

func (f NEFilterFlow) SourceProcessAuditToken() foundation.INSData

The audit token of the process that created the flow.

Discussion

In cases where a system process creates the connection on behalf of a source app, this value is different from [SourceAppAuditToken]. In cases where the source app directly creates the connection, these values are identical.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterFlow/sourceProcessAuditToken

func (NEFilterFlow) URL 

func (f NEFilterFlow) URL() foundation.INSURL

The flow’s HTTP URL.

Discussion

This parameter is only non-`nil` for flows that originate from WebKit browser objects.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterFlow/url

type NEFilterFlowClass 

type NEFilterFlowClass struct {
	// contains filtered or unexported fields
}

func GetNEFilterFlowClass 

func GetNEFilterFlowClass() NEFilterFlowClass

GetNEFilterFlowClass returns the class object for NEFilterFlow.

func (NEFilterFlowClass) Alloc 

func (nc NEFilterFlowClass) Alloc() NEFilterFlow

Alloc allocates memory for a new instance of the class.

func (NEFilterFlowClass) Class 

func (nc NEFilterFlowClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEFilterManager 

type NEFilterManager struct {
	objectivec.Object
}

An object to create and manage a content filter’s configuration.

Overview

Each app is allowed to create a single filter configuration. The NEFilterManager class has a class method ([NEFilterManager.SharedManager]) that provides access to a single NEFilterManager instance. This single instance corresponds to a single filter configuration.

The filter configuration is stored in the Network Extension preferences which are managed by the Network Extension framework. The filter configuration must be explicitly loaded into memory from the Network Extension preferences before it can be used, and any changes must be explicitly saved to the Network Extension preferences before taking effect on the system.

Profile Configuration

Filter configurations are created using configuration profiles. See WebContentFilter for more information. To specify that a filter configuration created via a profile payload is associated with a particular app (and therefore allow the app to use NEFilterManager to manage the configuration), the app’s bundle identifier must be set as the value of the [PluginBundleID] field in the profile payload.

Filter Provider Extensions

Apps that use NEFilterManager are required to contain two Filter Provider extensions that together perform the task of examining network content and making pass and block decisions. See the NEFilterControlProvider and NEFilterDataProvider classes for more details about these extensions.

Managing the filter configuration

Accessing filter configuration properties

Prioritizing filters

Errors

Notifications

Instance Properties

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterManager

func NEFilterManagerFromID 

func NEFilterManagerFromID(id objc.ID) NEFilterManager

NEFilterManagerFromID constructs a NEFilterManager from an objc.ID.

An object to create and manage a content filter’s configuration.

func NewNEFilterManager 

func NewNEFilterManager() NEFilterManager

NewNEFilterManager creates a new NEFilterManager instance.

func (NEFilterManager) Autorelease 

func (f NEFilterManager) Autorelease() NEFilterManager

Autorelease adds the receiver to the current autorelease pool.

func (NEFilterManager) DisableEncryptedDNSSettings 

func (f NEFilterManager) DisableEncryptedDNSSettings() bool

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterManager/disableEncryptedDNSSettings

func (NEFilterManager) Enabled 

func (f NEFilterManager) Enabled() bool

A Boolean used to toggle the enabled state of the filter.

Discussion

Setting this property to true and saving the configuration will disable all other network content filters on the system, and will start the filter’s Filter Provider extensions. Setting this property to false and saving the configuration will disable the filter and stop the filter’s Filter Provider extensions.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterManager/isEnabled

func (NEFilterManager) Grade 

func (f NEFilterManager) Grade() NEFilterManagerGrade

The grade of the filter, which determines when it acts relative to other filters.

Discussion

The default grade is NEFilterManager.Grade.firewall.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterManager/grade-swift.property

func (NEFilterManager) Init 

func (f NEFilterManager) Init() NEFilterManager

Init initializes the instance.

func (NEFilterManager) LoadFromPreferences 

func (f NEFilterManager) LoadFromPreferences(ctx context.Context) error

LoadFromPreferences is a synchronous wrapper around NEFilterManager.LoadFromPreferencesWithCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEFilterManager) LoadFromPreferencesWithCompletionHandler 

func (f NEFilterManager) LoadFromPreferencesWithCompletionHandler(completionHandler ErrorHandler)

Load the filter configuration from the Network Extension preferences.

completionHandler: A block that takes an [NSError] object. This block will be executed on the caller’s main thread after the load operation is complete. If the configuration does not exist in the Network Extension preferences or is loaded successfully, the error parameter will be nil. If an error occurred while loading the configuration, the error parameter will be set to an [NSError] object containing details about the error. See NEFilterManagerError for a list of possible errors. // [NSError]: https://developer.apple.com/documentation/Foundation/NSError

Discussion

You must call this method at least once before calling `saveToPreferencesWithCompletionHandler`: for the first time after your app launches.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterManager/loadFromPreferences(completionHandler:)

func (NEFilterManager) LocalizedDescription 

func (f NEFilterManager) LocalizedDescription() string

A string containing a description of the filter configuration.

Discussion

If this property is set to nil at the time that the configuration is created, it will be automatically set to the display name of the calling app.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterManager/localizedDescription

func (NEFilterManager) NEFilterConfigurationDidChange 

func (f NEFilterManager) NEFilterConfigurationDidChange() foundation.NSString

Posted after the filter configuration stored in the Network Extension preferences changes.

See: https://developer.apple.com/documentation/Foundation/NSNotification/Name-swift.struct/NEFilterConfigurationDidChange

func (NEFilterManager) NEFilterErrorDomain 

func (f NEFilterManager) NEFilterErrorDomain() string

The domain for errors resulting from calls to the filter manager.

See: https://developer.apple.com/documentation/networkextension/nefiltererrordomain

func (NEFilterManager) ProviderConfiguration 

func (f NEFilterManager) ProviderConfiguration() INEFilterProviderConfiguration

A NEFilterProviderConfiguration object containing the filter configuration settings.

Discussion

If this property is nil after calling “, then the filter configuration does not exist in the Network Extension preferences.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterManager/providerConfiguration

func (NEFilterManager) RemoveFromPreferences 

func (f NEFilterManager) RemoveFromPreferences(ctx context.Context) error

RemoveFromPreferences is a synchronous wrapper around NEFilterManager.RemoveFromPreferencesWithCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEFilterManager) RemoveFromPreferencesWithCompletionHandler 

func (f NEFilterManager) RemoveFromPreferencesWithCompletionHandler(completionHandler ErrorHandler)

Remove the filter configuration from the Network Extension preferences.

completionHandler: A block that takes an [NSError] object. This block will be executed on the caller’s main thread after the removal operation is complete. If the configuration does not exist in the Network Extension preferences or an error occurs while removing it, the error parameter will be set to an [NSError] object containing details about the error. See NEFilterManagerError for a list of possible errors. If the configuration is removed successfully the error parameter will be set to nil. // [NSError]: https://developer.apple.com/documentation/Foundation/NSError

Discussion

After the configuration is removed from the preferences the NEFilterManager object will still contain the configuration parameters. Calling “ will clear out the configuration parameters from the NEFilterManager object.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterManager/removeFromPreferences(completionHandler:)

func (NEFilterManager) SaveToPreferences 

func (f NEFilterManager) SaveToPreferences(ctx context.Context) error

SaveToPreferences is a synchronous wrapper around NEFilterManager.SaveToPreferencesWithCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEFilterManager) SaveToPreferencesWithCompletionHandler 

func (f NEFilterManager) SaveToPreferencesWithCompletionHandler(completionHandler ErrorHandler)

Save the filter configuration in the Network Extension preferences.

completionHandler: A block that takes an [NSError] object. This block will be executed on the caller’s main thread after the save operation is complete. If the configuration could not be saved to the preferences, the error parameter will be set to an [NSError] object containing details about the error. See NEFilterManagerError for a list of possible errors. If the configuration is saved successfully then the error parameter will be set to nil. // [NSError]: https://developer.apple.com/documentation/Foundation/NSError

Discussion

You must call “ at least once before calling this method the first time after your app launches.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterManager/saveToPreferences(completionHandler:)

func (NEFilterManager) SetDisableEncryptedDNSSettings 

func (f NEFilterManager) SetDisableEncryptedDNSSettings(value bool)

func (NEFilterManager) SetEnabled 

func (f NEFilterManager) SetEnabled(value bool)

func (NEFilterManager) SetGrade 

func (f NEFilterManager) SetGrade(value NEFilterManagerGrade)

func (NEFilterManager) SetLocalizedDescription 

func (f NEFilterManager) SetLocalizedDescription(value string)

func (NEFilterManager) SetProviderConfiguration 

func (f NEFilterManager) SetProviderConfiguration(value INEFilterProviderConfiguration)

type NEFilterManagerClass 

type NEFilterManagerClass struct {
	// contains filtered or unexported fields
}

func GetNEFilterManagerClass 

func GetNEFilterManagerClass() NEFilterManagerClass

GetNEFilterManagerClass returns the class object for NEFilterManager.

func (NEFilterManagerClass) Alloc 

func (nc NEFilterManagerClass) Alloc() NEFilterManager

Alloc allocates memory for a new instance of the class.

func (NEFilterManagerClass) Class 

func (nc NEFilterManagerClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

func (NEFilterManagerClass) SharedManager 

func (_NEFilterManagerClass NEFilterManagerClass) SharedManager() NEFilterManager

Access the single instance of NEFilterManager.

Return Value

The NEFilterManager instance for the calling application.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterManager/shared()

type NEFilterManagerError 

type NEFilterManagerError int

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterManagerError 

const (
	// NEFilterManagerErrorConfigurationCannotBeRemoved: An error code that indicates removing the configuration isn’t allowed.
	NEFilterManagerErrorConfigurationCannotBeRemoved NEFilterManagerError = 4
	// NEFilterManagerErrorConfigurationDisabled: An error code that indicates the filter configuration isn’t enabled.
	NEFilterManagerErrorConfigurationDisabled NEFilterManagerError = 2
	// NEFilterManagerErrorConfigurationInternalError: An error code that indicates an internal configuration error occurred.
	NEFilterManagerErrorConfigurationInternalError NEFilterManagerError = 6
	// NEFilterManagerErrorConfigurationInvalid: An error code that indicates the filter configuration is invalid.
	NEFilterManagerErrorConfigurationInvalid NEFilterManagerError = 1
	// NEFilterManagerErrorConfigurationPermissionDenied: An error code that indicates the configuration lacks permission.
	NEFilterManagerErrorConfigurationPermissionDenied NEFilterManagerError = 5
	// NEFilterManagerErrorConfigurationStale: An error code that indicates another process modfied the filter configuration since the last time the app loaded the configuration.
	NEFilterManagerErrorConfigurationStale NEFilterManagerError = 3
)

func (NEFilterManagerError) String 

func (e NEFilterManagerError) String() string

type NEFilterManagerGrade 

type NEFilterManagerGrade int

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterManager/Grade-swift.enum 

const (
	// NEFilterManagerGradeFirewall: A grade for filters that act as firewalls, blocking some network traffic.
	NEFilterManagerGradeFirewall NEFilterManagerGrade = 1
	// NEFilterManagerGradeInspector: A grade for filters that act as inspectors of network traffic.
	NEFilterManagerGradeInspector NEFilterManagerGrade = 2
)

func (NEFilterManagerGrade) String 

func (e NEFilterManagerGrade) String() string

type NEFilterNewFlowVerdict 

type NEFilterNewFlowVerdict struct {
	NEFilterVerdict
}

The result from a filter data provder after the initial examination of a flow.

Inspecting new flow verdict properties

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterNewFlowVerdict

func NEFilterNewFlowVerdictFromID 

func NEFilterNewFlowVerdictFromID(id objc.ID) NEFilterNewFlowVerdict

NEFilterNewFlowVerdictFromID constructs a NEFilterNewFlowVerdict from an objc.ID.

The result from a filter data provder after the initial examination of a flow.

func NewNEFilterNewFlowVerdict 

func NewNEFilterNewFlowVerdict() NEFilterNewFlowVerdict

NewNEFilterNewFlowVerdict creates a new NEFilterNewFlowVerdict instance.

func (NEFilterNewFlowVerdict) Autorelease 

func (f NEFilterNewFlowVerdict) Autorelease() NEFilterNewFlowVerdict

Autorelease adds the receiver to the current autorelease pool.

func (NEFilterNewFlowVerdict) Init 

func (f NEFilterNewFlowVerdict) Init() NEFilterNewFlowVerdict

Init initializes the instance.

func (NEFilterNewFlowVerdict) SetStatisticsReportFrequency 

func (f NEFilterNewFlowVerdict) SetStatisticsReportFrequency(value NEFilterReportFrequency)

func (NEFilterNewFlowVerdict) StatisticsReportFrequency 

func (f NEFilterNewFlowVerdict) StatisticsReportFrequency() NEFilterReportFrequency

The frequency at which the data provider receives reports.

Discussion

This property determines the frequency at which the system calls the data provider’s [HandleReport] method with an NEFilterReport instance that contains an NEFilterReport.Event.statistics [Event].

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterNewFlowVerdict/statisticsReportFrequency

type NEFilterNewFlowVerdictClass 

type NEFilterNewFlowVerdictClass struct {
	// contains filtered or unexported fields
}

func GetNEFilterNewFlowVerdictClass 

func GetNEFilterNewFlowVerdictClass() NEFilterNewFlowVerdictClass

GetNEFilterNewFlowVerdictClass returns the class object for NEFilterNewFlowVerdict.

func (NEFilterNewFlowVerdictClass) Alloc 

func (nc NEFilterNewFlowVerdictClass) Alloc() NEFilterNewFlowVerdict

Alloc allocates memory for a new instance of the class.

func (NEFilterNewFlowVerdictClass) AllowVerdict 

func (_NEFilterNewFlowVerdictClass NEFilterNewFlowVerdictClass) AllowVerdict() NEFilterNewFlowVerdict

Create a verdict that indicates to the system that the all of the new flow’s data should be allowed to pass to its final destination.

Return Value

A NEFilterNewFlowVerdict object.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterNewFlowVerdict/allow()

func (NEFilterNewFlowVerdictClass) Class 

func (nc NEFilterNewFlowVerdictClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

func (NEFilterNewFlowVerdictClass) DropVerdict 

func (_NEFilterNewFlowVerdictClass NEFilterNewFlowVerdictClass) DropVerdict() NEFilterNewFlowVerdict

Create a verdict that indicates to the system that all of the new flow’s data should dropped, and the user should not be given the opportunity to request access.

Return Value

A NEFilterNewFlowVerdict object.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterNewFlowVerdict/drop()

func (NEFilterNewFlowVerdictClass) FilterDataVerdictWithFilterInboundPeekInboundBytesFilterOutboundPeekOutboundBytes 

func (_NEFilterNewFlowVerdictClass NEFilterNewFlowVerdictClass) FilterDataVerdictWithFilterInboundPeekInboundBytesFilterOutboundPeekOutboundBytes(filterInbound bool, peekInboundBytes uint, filterOutbound bool, peekOutboundBytes uint) NEFilterNewFlowVerdict

Create a verdict that indicates to the system that the filter needs to make a decision about a new flow after seeing a portion of the flow’s data.

filterInbound: A Boolean indicating whether or not the filter needs to see inbound data for the flow.

peekInboundBytes: The number of inbound bytes that the filter needs to see in the subsequent call to -NEFilterDataProvider “].

filterOutbound: A Boolean indicating whether or not the filter needs to see outbound data for the flow.

peekOutboundBytes: The number of outbound bytes that the filter needs to see in the subsequent call to -NEFilterDataProvider `readBytes`:].

Return Value

A NEFilterNewFlowVerdict object.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterNewFlowVerdict/filterDataVerdict(withFilterInbound:peekInboundBytes:filterOutbound:peekOutboundBytes:)

func (NEFilterNewFlowVerdictClass) PauseVerdict 

func (_NEFilterNewFlowVerdictClass NEFilterNewFlowVerdictClass) PauseVerdict() NEFilterNewFlowVerdict

Creates a verdict that tells the system to pause the flow.

Discussion

Once paused, the system doesn’t call any of the data provider’s handler callbacks until you resume the flow by calling [ResumeFlowWithVerdict].

You can pause TCP flows indefinitely. You can pause UDP flows for up to 10 seconds, after which the system drops the flow. Pausing a flow that’s already paused is an invalid operation.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterNewFlowVerdict/pause()

type NEFilterPacketContext 

type NEFilterPacketContext struct {
	objectivec.Object
}

The context object provided to the filter packet handler.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterPacketContext

func NEFilterPacketContextFromID 

func NEFilterPacketContextFromID(id objc.ID) NEFilterPacketContext

NEFilterPacketContextFromID constructs a NEFilterPacketContext from an objc.ID.

The context object provided to the filter packet handler.

func NewNEFilterPacketContext 

func NewNEFilterPacketContext() NEFilterPacketContext

NewNEFilterPacketContext creates a new NEFilterPacketContext instance.

func (NEFilterPacketContext) Autorelease 

func (f NEFilterPacketContext) Autorelease() NEFilterPacketContext

Autorelease adds the receiver to the current autorelease pool.

func (NEFilterPacketContext) Init 

func (f NEFilterPacketContext) Init() NEFilterPacketContext

Init initializes the instance.

func (NEFilterPacketContext) PacketHandler 

func (f NEFilterPacketContext) PacketHandler() NEFilterPacketHandler

A Swift closure or an ObjectiveC block that handles each packet received by the filter.

See: https://developer.apple.com/documentation/networkextension/nefilterpacketprovider/packethandler

func (NEFilterPacketContext) SetPacketHandler 

func (f NEFilterPacketContext) SetPacketHandler(value NEFilterPacketHandler)

type NEFilterPacketContextClass 

type NEFilterPacketContextClass struct {
	// contains filtered or unexported fields
}

func GetNEFilterPacketContextClass 

func GetNEFilterPacketContextClass() NEFilterPacketContextClass

GetNEFilterPacketContextClass returns the class object for NEFilterPacketContext.

func (NEFilterPacketContextClass) Alloc 

func (nc NEFilterPacketContextClass) Alloc() NEFilterPacketContext

Alloc allocates memory for a new instance of the class.

func (NEFilterPacketContextClass) Class 

func (nc NEFilterPacketContextClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEFilterPacketHandler 

type NEFilterPacketHandler = func(NEFilterPacketContext, objectivec.Object, NETrafficDirection, unsafe.Pointer, uint32) NEFilterPacketProviderVerdict

NEFilterPacketHandler is a type for Swift closures or ObjectiveC blocks that make filtering decisions about network packets.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterPacketHandler

type NEFilterPacketProvider 

type NEFilterPacketProvider struct {
	NEFilterProvider
}

A filter provider that evaluates network packets and decides whether to block, allow, or delay the packets.

Filtering packets

Delaying packets

Instance Properties

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterPacketProvider

func NEFilterPacketProviderFromID 

func NEFilterPacketProviderFromID(id objc.ID) NEFilterPacketProvider

NEFilterPacketProviderFromID constructs a NEFilterPacketProvider from an objc.ID.

A filter provider that evaluates network packets and decides whether to block, allow, or delay the packets.

func NewNEFilterPacketProvider 

func NewNEFilterPacketProvider() NEFilterPacketProvider

NewNEFilterPacketProvider creates a new NEFilterPacketProvider instance.

func (NEFilterPacketProvider) AllowPacket 

func (f NEFilterPacketProvider) AllowPacket(packet INEPacket)

Allow delivery of a previously-delayed packet.

packet: The packet previously delayed by the packet handler.

Discussion

Use this method to allow a previously-delayed packet to continue its journey into or out of the networking stack.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterPacketProvider/allow(_:)

func (NEFilterPacketProvider) Autorelease 

func (f NEFilterPacketProvider) Autorelease() NEFilterPacketProvider

Autorelease adds the receiver to the current autorelease pool.

func (NEFilterPacketProvider) DelayCurrentPacket 

func (f NEFilterPacketProvider) DelayCurrentPacket(context INEFilterPacketContext) INEPacket

Delay a packet currently processed by a packet handler.

context: A context for the packet handler.

Discussion

This function is only valid within the [PacketHandler] Swift closure or ObjectiveC block, which must return NEFilterPacketProvider.Verdict.delay after delaying the packet. The framework prevents further delivery of the packet through the network stack until it’s allowed or dropped. Allow the packet by calling [AllowPacket], or drop it by releasing it.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterPacketProvider/delayCurrentPacket(_:)

func (NEFilterPacketProvider) Handler 

func (f NEFilterPacketProvider) Handler() NEFilterPacketProviderVerdict

See: https://developer.apple.com/documentation/networkextension/nefilterpacketprovider/handler

func (NEFilterPacketProvider) Init 

func (f NEFilterPacketProvider) Init() NEFilterPacketProvider

Init initializes the instance.

func (NEFilterPacketProvider) PacketHandler 

func (f NEFilterPacketProvider) PacketHandler() NEFilterPacketHandler

A Swift closure or an ObjectiveC block that handles each packet received by the filter.

Discussion

Set this property to a handler that returns a NEFilterPacketProvider.Verdict for each packet it receives.

Since there may be multiple filtering sources presenting frames to the provider, multiple simultaneous threads may execute this packet handler. Therefore, the packet handler must be able to handle execution in a multi-threaded environment.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterPacketProvider/packetHandler

func (NEFilterPacketProvider) SetHandler 

func (f NEFilterPacketProvider) SetHandler(value NEFilterPacketProviderVerdict)

func (NEFilterPacketProvider) SetPacketHandler 

func (f NEFilterPacketProvider) SetPacketHandler(value NEFilterPacketHandler)

type NEFilterPacketProviderClass 

type NEFilterPacketProviderClass struct {
	// contains filtered or unexported fields
}

func GetNEFilterPacketProviderClass 

func GetNEFilterPacketProviderClass() NEFilterPacketProviderClass

GetNEFilterPacketProviderClass returns the class object for NEFilterPacketProvider.

func (NEFilterPacketProviderClass) Alloc 

func (nc NEFilterPacketProviderClass) Alloc() NEFilterPacketProvider

Alloc allocates memory for a new instance of the class.

func (NEFilterPacketProviderClass) Class 

func (nc NEFilterPacketProviderClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEFilterPacketProviderVerdict 

type NEFilterPacketProviderVerdict int

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterPacketProvider/Verdict 

const (
	// NEFilterPacketProviderVerdictAllow: A verdict to allow a packet.
	NEFilterPacketProviderVerdictAllow NEFilterPacketProviderVerdict = 0
	// NEFilterPacketProviderVerdictDelay: A verdict to delay a packet until a future verdict.
	NEFilterPacketProviderVerdictDelay NEFilterPacketProviderVerdict = 2
	// NEFilterPacketProviderVerdictDrop: A verdict to drop a packet.
	NEFilterPacketProviderVerdictDrop NEFilterPacketProviderVerdict = 1
)

func (NEFilterPacketProviderVerdict) String 

func (e NEFilterPacketProviderVerdict) String() string

type NEFilterProvider 

type NEFilterProvider struct {
	NEProvider
}

An abstract base class shared by content filters.

Overview

A Network Content Filter is made up of two Filter Provider extensions:

The examines network content as it passes through the network stack on the device and decides if the network content should be blocked or allowed to pass on to its final destination.

Because the Filter Data Provider extension has access to all of the network content flowing through the device, it runs in a very restrictive sandbox. The sandbox prevents the Filter Data Provider extension from moving network content outside of its address space by blocking all network access, IPC, and disk write operations.

The Filter Data Provider extension is implemented by creating a custom subclass of the NEFilterDataProvider class.

The is responsible for feeding information to the Filter Data Provider extension so that the Filter Data Provider extension can do its job.

For example, the Filter Control Provider extension can be notified by the Filter Data Provider extension that it does not have enough information to make a decision about a particular flow of network content. The Filter Control Provider extension can then download more filtering rules from a server and write the rules to a location where the Filter Data Provider can access them.

The Filter Control Provider extension is implemented by creating a custom subclass of the NEFilterControlProvider class.

Subclassing Notes

NEFilterProvider should not be subclassed directly. Instead, you should create subclasses of `NEFilterProvider’s` subclasses and override the following methods:

Methods to Override

- NEFilterProvider.StartFilterWithCompletionHandler - NEFilterProvider.StopFilterWithReasonCompletionHandler

Managing the filter life cycle

Getting the filter configuration

Receiving reports

Handling errors

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterProvider

func NEFilterProviderFromID 

func NEFilterProviderFromID(id objc.ID) NEFilterProvider

NEFilterProviderFromID constructs a NEFilterProvider from an objc.ID.

An abstract base class shared by content filters.

func NewNEFilterProvider 

func NewNEFilterProvider() NEFilterProvider

NewNEFilterProvider creates a new NEFilterProvider instance.

func (NEFilterProvider) Autorelease 

func (f NEFilterProvider) Autorelease() NEFilterProvider

Autorelease adds the receiver to the current autorelease pool.

func (NEFilterProvider) FilterConfiguration 

func (f NEFilterProvider) FilterConfiguration() INEFilterProviderConfiguration

An NEFilterProviderConfiguration object containing the current filter configuration.

Discussion

The Filter Provider can observe this property to be notified when the configuration changes, using KVO. See Key-Value Observing Programming Guide.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterProvider/filterConfiguration

func (NEFilterProvider) HandleReport 

func (f NEFilterProvider) HandleReport(report INEFilterReport)

Receives a report from the framework.

report: The report delivered from the framework.

Discussion

The framework calls this method when the data provider extension returns a verdict with the [ShouldReport] property set to true. Override this method in a subclass if you want to handle the flow report.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterProvider/handle(_:)

func (NEFilterProvider) Init 

func (f NEFilterProvider) Init() NEFilterProvider

Init initializes the instance.

func (NEFilterProvider) NEFilterErrorDomain 

func (f NEFilterProvider) NEFilterErrorDomain() string

The domain for errors resulting from calls to the filter manager.

See: https://developer.apple.com/documentation/networkextension/nefiltererrordomain

func (NEFilterProvider) StartFilter 

func (f NEFilterProvider) StartFilter(ctx context.Context) error

StartFilter is a synchronous wrapper around NEFilterProvider.StartFilterWithCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEFilterProvider) StartFilterWithCompletionHandler 

func (f NEFilterProvider) StartFilterWithCompletionHandler(completionHandler ErrorHandler)

Start the filter.

completionHandler: A block that must be executed when the filter is running and is ready to filter network content.

Discussion

This method is called by the system to start the filter.

NEFilterProvider subclasses must override this method.

When this method is called, the Filter Provider should perform any steps necessary to initialize the filter and then execute the `completionHandler` block.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterProvider/startFilter(completionHandler:)

func (NEFilterProvider) StopFilterWithReason 

func (f NEFilterProvider) StopFilterWithReason(ctx context.Context, reason NEProviderStopReason) error

StopFilterWithReason is a synchronous wrapper around NEFilterProvider.StopFilterWithReasonCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEFilterProvider) StopFilterWithReasonCompletionHandler 

func (f NEFilterProvider) StopFilterWithReasonCompletionHandler(reason NEProviderStopReason, completionHandler VoidHandler)

Stop the filter.

reason: An NEProviderStopReason code indicating why the filter is being stopped. For a list of possible codes, see NEProvider.

completionHandler: A block that must be executed when the filter is fully stopped.

Discussion

This method is called by the system to stop the filter.

NEFilterProvider subclasses must override this method.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterProvider/stopFilter(with:completionHandler:)

type NEFilterProviderClass 

type NEFilterProviderClass struct {
	// contains filtered or unexported fields
}

func GetNEFilterProviderClass 

func GetNEFilterProviderClass() NEFilterProviderClass

GetNEFilterProviderClass returns the class object for NEFilterProvider.

func (NEFilterProviderClass) Alloc 

func (nc NEFilterProviderClass) Alloc() NEFilterProvider

Alloc allocates memory for a new instance of the class.

func (NEFilterProviderClass) Class 

func (nc NEFilterProviderClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEFilterProviderConfiguration 

type NEFilterProviderConfiguration struct {
	objectivec.Object
}

Configuration parameters for a content filter.

Configuring filter behavior

Accessing the filter configuration

Accessing bundle identifiers

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterProviderConfiguration

func NEFilterProviderConfigurationFromID 

func NEFilterProviderConfigurationFromID(id objc.ID) NEFilterProviderConfiguration

NEFilterProviderConfigurationFromID constructs a NEFilterProviderConfiguration from an objc.ID.

Configuration parameters for a content filter.

func NewNEFilterProviderConfiguration 

func NewNEFilterProviderConfiguration() NEFilterProviderConfiguration

NewNEFilterProviderConfiguration creates a new NEFilterProviderConfiguration instance.

func (NEFilterProviderConfiguration) Autorelease 

func (f NEFilterProviderConfiguration) Autorelease() NEFilterProviderConfiguration

Autorelease adds the receiver to the current autorelease pool.

func (NEFilterProviderConfiguration) EncodeWithCoder 

func (f NEFilterProviderConfiguration) EncodeWithCoder(coder foundation.INSCoder)

func (NEFilterProviderConfiguration) FilterDataProviderBundleIdentifier 

func (f NEFilterProviderConfiguration) FilterDataProviderBundleIdentifier() string

The bundle identifier of the filter data provider system extension.

Discussion

If this property is `nil`, then the framework uses the bundle identifier of the NEFilterDataProvider extension in the calling app’s bundle. In this case, make sure the calling app’s bundle contains only one NEFilterDataProvider, so there’s no ambiguity about which one to use.

This property only applies to system extensions, since macOS doesn’t support implementing a filter data provider as an app extension.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterProviderConfiguration/filterDataProviderBundleIdentifier

func (NEFilterProviderConfiguration) FilterPacketProviderBundleIdentifier 

func (f NEFilterProviderConfiguration) FilterPacketProviderBundleIdentifier() string

The bundle identifier of the filter packet provider system extension.

Discussion

If this property is `nil`, then the framework uses the bundle identifier of the NEFilterPacketProvider extension in the calling app’s bundle. In this case, make sure the calling app’s bundle contains only one NEFilterPacketProvider, so there’s no ambiguity about which one to use.

This property only applies to system extensions, since macOS doesn’t support implementing a filter packet provider as an app extension.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterProviderConfiguration/filterPacketProviderBundleIdentifier

func (NEFilterProviderConfiguration) FilterPackets 

func (f NEFilterProviderConfiguration) FilterPackets() bool

A Boolean value that indicates that the system applies the filter to packets of network data.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterProviderConfiguration/filterPackets

func (NEFilterProviderConfiguration) FilterSockets 

func (f NEFilterProviderConfiguration) FilterSockets() bool

A Boolean value that indicates that the system applies the filter to flows of network data originated from sockets.

Discussion

The default value of this property is false.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterProviderConfiguration/filterSockets

func (NEFilterProviderConfiguration) IdentityReference 

func (f NEFilterProviderConfiguration) IdentityReference() foundation.INSData

A persistent reference to a keychain item containing a certificate and private key associated with the filter.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterProviderConfiguration/identityReference

func (NEFilterProviderConfiguration) Init 

func (f NEFilterProviderConfiguration) Init() NEFilterProviderConfiguration

Init initializes the instance.

func (NEFilterProviderConfiguration) Organization 

func (f NEFilterProviderConfiguration) Organization() string

A string that identifies the organization that administers the filter.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterProviderConfiguration/organization

func (NEFilterProviderConfiguration) PasswordReference 

func (f NEFilterProviderConfiguration) PasswordReference() foundation.INSData

A persistent reference to a keychain item containing a password associated with the filter.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterProviderConfiguration/passwordReference

func (NEFilterProviderConfiguration) ServerAddress 

func (f NEFilterProviderConfiguration) ServerAddress() string

The address of a server that the Filter Control Provider may contact for rules and other configuration information.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterProviderConfiguration/serverAddress

func (NEFilterProviderConfiguration) SetFilterDataProviderBundleIdentifier 

func (f NEFilterProviderConfiguration) SetFilterDataProviderBundleIdentifier(value string)

func (NEFilterProviderConfiguration) SetFilterPacketProviderBundleIdentifier 

func (f NEFilterProviderConfiguration) SetFilterPacketProviderBundleIdentifier(value string)

func (NEFilterProviderConfiguration) SetFilterPackets 

func (f NEFilterProviderConfiguration) SetFilterPackets(value bool)

func (NEFilterProviderConfiguration) SetFilterSockets 

func (f NEFilterProviderConfiguration) SetFilterSockets(value bool)

func (NEFilterProviderConfiguration) SetIdentityReference 

func (f NEFilterProviderConfiguration) SetIdentityReference(value foundation.INSData)

func (NEFilterProviderConfiguration) SetOrganization 

func (f NEFilterProviderConfiguration) SetOrganization(value string)

func (NEFilterProviderConfiguration) SetPasswordReference 

func (f NEFilterProviderConfiguration) SetPasswordReference(value foundation.INSData)

func (NEFilterProviderConfiguration) SetServerAddress 

func (f NEFilterProviderConfiguration) SetServerAddress(value string)

func (NEFilterProviderConfiguration) SetUsername 

func (f NEFilterProviderConfiguration) SetUsername(value string)

func (NEFilterProviderConfiguration) SetVendorConfiguration 

func (f NEFilterProviderConfiguration) SetVendorConfiguration(value foundation.INSDictionary)

func (NEFilterProviderConfiguration) Username 

func (f NEFilterProviderConfiguration) Username() string

A string that identifies the user.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterProviderConfiguration/username

func (NEFilterProviderConfiguration) VendorConfiguration 

func (f NEFilterProviderConfiguration) VendorConfiguration() foundation.INSDictionary

A dictionary of provider-specific configuration settings.

Discussion

All of the values in this dictionary must be NSSecureCoding-compliant.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterProviderConfiguration/vendorConfiguration

type NEFilterProviderConfigurationClass 

type NEFilterProviderConfigurationClass struct {
	// contains filtered or unexported fields
}

func GetNEFilterProviderConfigurationClass 

func GetNEFilterProviderConfigurationClass() NEFilterProviderConfigurationClass

GetNEFilterProviderConfigurationClass returns the class object for NEFilterProviderConfiguration.

func (NEFilterProviderConfigurationClass) Alloc 

func (nc NEFilterProviderConfigurationClass) Alloc() NEFilterProviderConfiguration

Alloc allocates memory for a new instance of the class.

func (NEFilterProviderConfigurationClass) Class 

func (nc NEFilterProviderConfigurationClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEFilterReport 

type NEFilterReport struct {
	objectivec.Object
}

The report of the data provider’s action on a flow.

Overview

The system issues a report by calling your control provider’s [HandleReport] method with a report instance when the data provider issues a verdict whose NEFilterReport.ShouldReport property is set to true.

Getting report properties

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterReport

func NEFilterReportFromID 

func NEFilterReportFromID(id objc.ID) NEFilterReport

NEFilterReportFromID constructs a NEFilterReport from an objc.ID.

The report of the data provider’s action on a flow.

func NewNEFilterReport 

func NewNEFilterReport() NEFilterReport

NewNEFilterReport creates a new NEFilterReport instance.

func (NEFilterReport) Action 

func (f NEFilterReport) Action() NEFilterAction

The action taken on the reported flow.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterReport/action

func (NEFilterReport) Autorelease 

func (f NEFilterReport) Autorelease() NEFilterReport

Autorelease adds the receiver to the current autorelease pool.

func (NEFilterReport) BytesInboundCount 

func (f NEFilterReport) BytesInboundCount() uint

The number of inbound bytes received from the flow.

Discussion

This property is only non-zero when the report [Event] is NEFilterReport.Event.flowClosed.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterReport/bytesInboundCount

func (NEFilterReport) BytesOutboundCount 

func (f NEFilterReport) BytesOutboundCount() uint

The number of outbound bytes sent on the flow.

Discussion

This property is only non-zero when the report [Event] is NEFilterReport.Event.flowClosed.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterReport/bytesOutboundCount

func (NEFilterReport) EncodeWithCoder 

func (f NEFilterReport) EncodeWithCoder(coder foundation.INSCoder)

func (NEFilterReport) Event 

func (f NEFilterReport) Event() NEFilterReportEvent

The type of event indicated by this report.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterReport/event-swift.property

func (NEFilterReport) Flow 

func (f NEFilterReport) Flow() INEFilterFlow

The flow on which the associated action was taken.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterReport/flow

func (NEFilterReport) Init 

func (f NEFilterReport) Init() NEFilterReport

Init initializes the instance.

func (NEFilterReport) SetShouldReport 

func (f NEFilterReport) SetShouldReport(value bool)

func (NEFilterReport) ShouldReport 

func (f NEFilterReport) ShouldReport() bool

A Boolean value that indicates whether to send a report to the control provider when processing this verdict.

See: https://developer.apple.com/documentation/networkextension/nefilterverdict/shouldreport

type NEFilterReportClass 

type NEFilterReportClass struct {
	// contains filtered or unexported fields
}

func GetNEFilterReportClass 

func GetNEFilterReportClass() NEFilterReportClass

GetNEFilterReportClass returns the class object for NEFilterReport.

func (NEFilterReportClass) Alloc 

func (nc NEFilterReportClass) Alloc() NEFilterReport

Alloc allocates memory for a new instance of the class.

func (NEFilterReportClass) Class 

func (nc NEFilterReportClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEFilterReportEvent 

type NEFilterReportEvent int

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterReport/Event-swift.enum 

const (
	// NEFilterReportEventDataDecision: A type of event indicating the report is about a pass/block decision made after analyzing some amount of a flow’s data.
	NEFilterReportEventDataDecision NEFilterReportEvent = 2
	// NEFilterReportEventFlowClosed: A type of event indicating the report is for a flow’s closing.
	NEFilterReportEventFlowClosed NEFilterReportEvent = 3
	// NEFilterReportEventNewFlow: A type of event indicating the report is for a new flow.
	NEFilterReportEventNewFlow NEFilterReportEvent = 1
	// NEFilterReportEventStatistics: A type of event indicating the report is for the latest statistics of the flow.
	NEFilterReportEventStatistics NEFilterReportEvent = 4
)

func (NEFilterReportEvent) String 

func (e NEFilterReportEvent) String() string

type NEFilterReportFrequency 

type NEFilterReportFrequency int

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterReport/Frequency 

const (
	// NEFilterReportFrequencyHigh: A low frequency of reports, about once every half-second.
	NEFilterReportFrequencyHigh NEFilterReportFrequency = 3
	// NEFilterReportFrequencyLow: A low frequency of reports, about once every five seconds.
	NEFilterReportFrequencyLow NEFilterReportFrequency = 1
	// NEFilterReportFrequencyMedium: A low frequency of reports, about once every second.
	NEFilterReportFrequencyMedium NEFilterReportFrequency = 2
	// NEFilterReportFrequencyNone: A frequency value that indicates no report delivery.
	NEFilterReportFrequencyNone NEFilterReportFrequency = 0
)

func (NEFilterReportFrequency) String 

func (e NEFilterReportFrequency) String() string

type NEFilterRule 

type NEFilterRule struct {
	objectivec.Object
}

A rule for filters that combines a rule to match network traffic and an action to take when the rule matches.

Creating a Filter Rule

Inspecting Filter Rule Properties

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterRule

func NEFilterRuleFromID 

func NEFilterRuleFromID(id objc.ID) NEFilterRule

NEFilterRuleFromID constructs a NEFilterRule from an objc.ID.

A rule for filters that combines a rule to match network traffic and an action to take when the rule matches.

func NewFilterRuleWithNetworkRuleAction 

func NewFilterRuleWithNetworkRuleAction(networkRule INENetworkRule, action NEFilterAction) NEFilterRule

Creates a new filter rule from a network rule and an action to take when network traffic matches.

networkRule: An NENetworkRule object that defines the network traffic characteristics that this rule matches.

action: The action to take when the network rule matches.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterRule/init(networkRule:action:)

func NewNEFilterRule 

func NewNEFilterRule() NEFilterRule

NewNEFilterRule creates a new NEFilterRule instance.

func (NEFilterRule) Action 

func (f NEFilterRule) Action() NEFilterAction

The action to take when this rule matches network traffic.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterRule/action

func (NEFilterRule) Autorelease 

func (f NEFilterRule) Autorelease() NEFilterRule

Autorelease adds the receiver to the current autorelease pool.

func (NEFilterRule) EncodeWithCoder 

func (f NEFilterRule) EncodeWithCoder(coder foundation.INSCoder)

func (NEFilterRule) Init 

func (f NEFilterRule) Init() NEFilterRule

Init initializes the instance.

func (NEFilterRule) InitWithNetworkRuleAction 

func (f NEFilterRule) InitWithNetworkRuleAction(networkRule INENetworkRule, action NEFilterAction) NEFilterRule

Creates a new filter rule from a network rule and an action to take when network traffic matches.

networkRule: An NENetworkRule object that defines the network traffic characteristics that this rule matches.

action: The action to take when the network rule matches.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterRule/init(networkRule:action:)

func (NEFilterRule) NetworkRule 

func (f NEFilterRule) NetworkRule() INENetworkRule

The network rule that defines the network traffic characteristics that this filter rule matches.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterRule/networkRule

type NEFilterRuleClass 

type NEFilterRuleClass struct {
	// contains filtered or unexported fields
}

func GetNEFilterRuleClass 

func GetNEFilterRuleClass() NEFilterRuleClass

GetNEFilterRuleClass returns the class object for NEFilterRule.

func (NEFilterRuleClass) Alloc 

func (nc NEFilterRuleClass) Alloc() NEFilterRule

Alloc allocates memory for a new instance of the class.

func (NEFilterRuleClass) Class 

func (nc NEFilterRuleClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEFilterSettings 

type NEFilterSettings struct {
	objectivec.Object
}

The rules and other settings that define the operation of a filter.

Overview

NEFilterDataProvider instances use NEFilterSettings to communicate the desired settings for the filter to the framework. The framework takes care of applying the contained settings to the system.

Creating Filter Settings

Inspecting Filter Settings

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterSettings

func NEFilterSettingsFromID 

func NEFilterSettingsFromID(id objc.ID) NEFilterSettings

NEFilterSettingsFromID constructs a NEFilterSettings from an objc.ID.

The rules and other settings that define the operation of a filter.

func NewFilterSettingsWithRulesDefaultAction 

func NewFilterSettingsWithRulesDefaultAction(rules []NEFilterRule, defaultAction NEFilterAction) NEFilterSettings

Creates a new settings instance from an array of rules and a default action.

rules: An array containing an ordered list of NEFilterRule objects. The maximum number of rules that this array can contain is 1000.

defaultAction: The NEFilterAction to take for flows of network data that don’t match any of the specified rules. The default `defaultAction` is [NEFilterAction.filterData]. If `defaultAction` is [NEFilterAction.allow] or [NEFilterAction.drop], then the `rules` array must contain at least one NEFilterRule. // [NEFilterAction.allow]: https://developer.apple.com/documentation/NetworkExtension/NEFilterAction/allow [NEFilterAction.drop]: https://developer.apple.com/documentation/NetworkExtension/NEFilterAction/drop [NEFilterAction.filterData]: https://developer.apple.com/documentation/NetworkExtension/NEFilterAction/filterData NEFilterAction: https://developer.apple.com/documentation/NetworkExtension/NEFilterAction

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterSettings/init(rules:defaultAction:)

func NewNEFilterSettings 

func NewNEFilterSettings() NEFilterSettings

NewNEFilterSettings creates a new NEFilterSettings instance.

func (NEFilterSettings) Autorelease 

func (f NEFilterSettings) Autorelease() NEFilterSettings

Autorelease adds the receiver to the current autorelease pool.

func (NEFilterSettings) DefaultAction 

func (f NEFilterSettings) DefaultAction() NEFilterAction

The default action to take for flows of network data that don’t match any of the specified rules.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterSettings/defaultAction

func (NEFilterSettings) EncodeWithCoder 

func (f NEFilterSettings) EncodeWithCoder(coder foundation.INSCoder)

func (NEFilterSettings) Init 

func (f NEFilterSettings) Init() NEFilterSettings

Init initializes the instance.

func (NEFilterSettings) InitWithRulesDefaultAction 

func (f NEFilterSettings) InitWithRulesDefaultAction(rules []NEFilterRule, defaultAction NEFilterAction) NEFilterSettings

Creates a new settings instance from an array of rules and a default action.

rules: An array containing an ordered list of NEFilterRule objects. The maximum number of rules that this array can contain is 1000.

defaultAction: The NEFilterAction to take for flows of network data that don’t match any of the specified rules. The default `defaultAction` is [NEFilterAction.filterData]. If `defaultAction` is [NEFilterAction.allow] or [NEFilterAction.drop], then the `rules` array must contain at least one NEFilterRule. // [NEFilterAction.allow]: https://developer.apple.com/documentation/NetworkExtension/NEFilterAction/allow [NEFilterAction.drop]: https://developer.apple.com/documentation/NetworkExtension/NEFilterAction/drop [NEFilterAction.filterData]: https://developer.apple.com/documentation/NetworkExtension/NEFilterAction/filterData NEFilterAction: https://developer.apple.com/documentation/NetworkExtension/NEFilterAction

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterSettings/init(rules:defaultAction:)

func (NEFilterSettings) Rules 

func (f NEFilterSettings) Rules() []NEFilterRule

An ordered list of rules that define the filter’s operation.

Discussion

After applying the NEFilterSettings, the system compares each network flow against these rules in order, and acts on the rule of the first NEFilterAction that matches.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterSettings/rules

type NEFilterSettingsClass 

type NEFilterSettingsClass struct {
	// contains filtered or unexported fields
}

func GetNEFilterSettingsClass 

func GetNEFilterSettingsClass() NEFilterSettingsClass

GetNEFilterSettingsClass returns the class object for NEFilterSettings.

func (NEFilterSettingsClass) Alloc 

func (nc NEFilterSettingsClass) Alloc() NEFilterSettings

Alloc allocates memory for a new instance of the class.

func (NEFilterSettingsClass) Class 

func (nc NEFilterSettingsClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEFilterSocketFlow 

type NEFilterSocketFlow struct {
	NEFilterFlow
}

A flow of network data that the filter examines.

Getting socket flow properties

Instance Properties

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterSocketFlow

func NEFilterSocketFlowFromID 

func NEFilterSocketFlowFromID(id objc.ID) NEFilterSocketFlow

NEFilterSocketFlowFromID constructs a NEFilterSocketFlow from an objc.ID.

A flow of network data that the filter examines.

func NewNEFilterSocketFlow 

func NewNEFilterSocketFlow() NEFilterSocketFlow

NewNEFilterSocketFlow creates a new NEFilterSocketFlow instance.

func (NEFilterSocketFlow) Autorelease 

func (f NEFilterSocketFlow) Autorelease() NEFilterSocketFlow

Autorelease adds the receiver to the current autorelease pool.

func (NEFilterSocketFlow) Init 

func (f NEFilterSocketFlow) Init() NEFilterSocketFlow

Init initializes the instance.

func (NEFilterSocketFlow) LocalEndpoint 

func (f NEFilterSocketFlow) LocalEndpoint() INWEndpoint

An object containing details about the socket’s local endpoint.

Discussion

This endpoint object may be `nil` when the system calls your [HandleNewFlow] method; if so, receiving network data populates the object. In such a case, the filter may still perform filtering, based on its socket type, socket family, or socket protocol.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterSocketFlow/localEndpoint

func (NEFilterSocketFlow) LocalFlowEndpoint 

func (f NEFilterSocketFlow) LocalFlowEndpoint() INWEndpoint

See: https://developer.apple.com/documentation/networkextension/nefiltersocketflow/localflowendpoint-89z3l

func (NEFilterSocketFlow) RemoteEndpoint 

func (f NEFilterSocketFlow) RemoteEndpoint() INWEndpoint

An object containing details about the socket’s remote endpoint.

Discussion

This endpoint object may be `nil` when the system calls your [HandleNewFlow] method; if so, receiving network data populates the object. In such a case, the filter may still perform filtering, based on its socket type, socket family, or socket protocol.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterSocketFlow/remoteEndpoint

func (NEFilterSocketFlow) RemoteFlowEndpoint 

func (f NEFilterSocketFlow) RemoteFlowEndpoint() INWEndpoint

See: https://developer.apple.com/documentation/networkextension/nefiltersocketflow/remoteflowendpoint-6bnas

func (NEFilterSocketFlow) RemoteHostname 

func (f NEFilterSocketFlow) RemoteHostname() string

The flow’s remote hostname, if applicable.

Discussion

This property is only populated for flows originating from create-by-name APIs like URLSession or Network.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterSocketFlow/remoteHostname

func (NEFilterSocketFlow) SetLocalFlowEndpoint 

func (f NEFilterSocketFlow) SetLocalFlowEndpoint(value INWEndpoint)

func (NEFilterSocketFlow) SetRemoteFlowEndpoint 

func (f NEFilterSocketFlow) SetRemoteFlowEndpoint(value INWEndpoint)

func (NEFilterSocketFlow) SocketFamily 

func (f NEFilterSocketFlow) SocketFamily() int

The protocol family of the socket.

Discussion

Examples of protocol families include symbols like `PF_INET` and `PF_INET6`.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterSocketFlow/socketFamily

func (NEFilterSocketFlow) SocketProtocol 

func (f NEFilterSocketFlow) SocketProtocol() int

The protocol of the socket.

Discussion

Examples of protocols include `IPPROTO_TCP` and `IPPROTO_IP`.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterSocketFlow/socketProtocol

func (NEFilterSocketFlow) SocketType 

func (f NEFilterSocketFlow) SocketType() int

The type of the socket.

Discussion

Examples of socket types include `SOCK_STREAM` and `SOCK_DGRAM`.

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterSocketFlow/socketType

type NEFilterSocketFlowClass 

type NEFilterSocketFlowClass struct {
	// contains filtered or unexported fields
}

func GetNEFilterSocketFlowClass 

func GetNEFilterSocketFlowClass() NEFilterSocketFlowClass

GetNEFilterSocketFlowClass returns the class object for NEFilterSocketFlow.

func (NEFilterSocketFlowClass) Alloc 

func (nc NEFilterSocketFlowClass) Alloc() NEFilterSocketFlow

Alloc allocates memory for a new instance of the class.

func (NEFilterSocketFlowClass) Class 

func (nc NEFilterSocketFlowClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEFilterVerdict 

type NEFilterVerdict struct {
	objectivec.Object
}

The abstract base class for filter verdict classes.

Overview

Filter providers use instances this class to inform the system about how to handle flows of network data.

Configuring report generation

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterVerdict

func NEFilterVerdictFromID 

func NEFilterVerdictFromID(id objc.ID) NEFilterVerdict

NEFilterVerdictFromID constructs a NEFilterVerdict from an objc.ID.

The abstract base class for filter verdict classes.

func NewNEFilterVerdict 

func NewNEFilterVerdict() NEFilterVerdict

NewNEFilterVerdict creates a new NEFilterVerdict instance.

func (NEFilterVerdict) Autorelease 

func (f NEFilterVerdict) Autorelease() NEFilterVerdict

Autorelease adds the receiver to the current autorelease pool.

func (NEFilterVerdict) EncodeWithCoder 

func (f NEFilterVerdict) EncodeWithCoder(coder foundation.INSCoder)

func (NEFilterVerdict) Init 

func (f NEFilterVerdict) Init() NEFilterVerdict

Init initializes the instance.

func (NEFilterVerdict) SetShouldReport 

func (f NEFilterVerdict) SetShouldReport(value bool)

func (NEFilterVerdict) ShouldReport 

func (f NEFilterVerdict) ShouldReport() bool

A Boolean value that indicates whether to send a report to the control provider when processing this verdict.

Discussion

If the property is equal to true, the system sends a report to the control provider’s [HandleReport] method when processing this verdict in the data provider. This property has no effect if the verdict originates in the control provider.

The data provider doesn’t need to wait for a response from the control provider before continuing to process the flow. Therefore, calling the [HandleReport] method is a more efficient way to report a flow to the control provider than returning a [NeedRulesVerdict] verdict.

This property applies when the action taken on a flow is NEFilterAction.allow, NEFilterAction.drop, NEFilterAction.remediate, or NEFilterAction.filterData (the last of which is only for new flows).

See: https://developer.apple.com/documentation/NetworkExtension/NEFilterVerdict/shouldReport

type NEFilterVerdictClass 

type NEFilterVerdictClass struct {
	// contains filtered or unexported fields
}

func GetNEFilterVerdictClass 

func GetNEFilterVerdictClass() NEFilterVerdictClass

GetNEFilterVerdictClass returns the class object for NEFilterVerdict.

func (NEFilterVerdictClass) Alloc 

func (nc NEFilterVerdictClass) Alloc() NEFilterVerdict

Alloc allocates memory for a new instance of the class.

func (NEFilterVerdictClass) Class 

func (nc NEFilterVerdictClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEFlowMetaData 

type NEFlowMetaData struct {
	objectivec.Object
}

Additional information about data flowing through a per-app VPN provider.

Overview

This metadata is only present for data flowing through per-app VPN providers, that is, app proxy providers and packet tunnel providers in per-app VPN mode, as indicated by the NEFlowMetaData.RoutingMethod property.

Getting source app information

Getting flow information

See: https://developer.apple.com/documentation/NetworkExtension/NEFlowMetaData

func NEFlowMetaDataFromID 

func NEFlowMetaDataFromID(id objc.ID) NEFlowMetaData

NEFlowMetaDataFromID constructs a NEFlowMetaData from an objc.ID.

Additional information about data flowing through a per-app VPN provider.

func NewNEFlowMetaData 

func NewNEFlowMetaData() NEFlowMetaData

NewNEFlowMetaData creates a new NEFlowMetaData instance.

func (NEFlowMetaData) Autorelease 

func (f NEFlowMetaData) Autorelease() NEFlowMetaData

Autorelease adds the receiver to the current autorelease pool.

func (NEFlowMetaData) EncodeWithCoder 

func (f NEFlowMetaData) EncodeWithCoder(coder foundation.INSCoder)

func (NEFlowMetaData) FilterFlowIdentifier 

func (f NEFlowMetaData) FilterFlowIdentifier() foundation.NSUUID

The identifier of the content filter flow corresponding to this flow.

See: https://developer.apple.com/documentation/NetworkExtension/NEFlowMetaData/filterFlowIdentifier

func (NEFlowMetaData) Init 

func (f NEFlowMetaData) Init() NEFlowMetaData

Init initializes the instance.

func (NEFlowMetaData) RoutingMethod 

func (f NEFlowMetaData) RoutingMethod() NETunnelProviderRoutingMethod

The method by which network traffic is routed to the tunnel.

See: https://developer.apple.com/documentation/networkextension/netunnelprovider/routingmethod

func (NEFlowMetaData) SetRoutingMethod 

func (f NEFlowMetaData) SetRoutingMethod(value NETunnelProviderRoutingMethod)

func (NEFlowMetaData) SourceAppAuditToken 

func (f NEFlowMetaData) SourceAppAuditToken() foundation.INSData

The audit token of the source application of the flow.

See: https://developer.apple.com/documentation/NetworkExtension/NEFlowMetaData/sourceAppAuditToken

func (NEFlowMetaData) SourceAppSigningIdentifier 

func (f NEFlowMetaData) SourceAppSigningIdentifier() string

A string that contains the signing identifier of the source application.

Discussion

For all apps that are signed in the standard way using Xcode, this value is identical to the app’s bundle identifier.

See: https://developer.apple.com/documentation/NetworkExtension/NEFlowMetaData/sourceAppSigningIdentifier

func (NEFlowMetaData) SourceAppUniqueIdentifier 

func (f NEFlowMetaData) SourceAppUniqueIdentifier() foundation.INSData

A data instance that contains a unique hash value for the source application.

Discussion

The property contains the Code Directory Hash for the application.

See: https://developer.apple.com/documentation/NetworkExtension/NEFlowMetaData/sourceAppUniqueIdentifier

type NEFlowMetaDataClass 

type NEFlowMetaDataClass struct {
	// contains filtered or unexported fields
}

func GetNEFlowMetaDataClass 

func GetNEFlowMetaDataClass() NEFlowMetaDataClass

GetNEFlowMetaDataClass returns the class object for NEFlowMetaData.

func (NEFlowMetaDataClass) Alloc 

func (nc NEFlowMetaDataClass) Alloc() NEFlowMetaData

Alloc allocates memory for a new instance of the class.

func (NEFlowMetaDataClass) Class 

func (nc NEFlowMetaDataClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEHotspotConfigurationEAPTLSVersion 

type NEHotspotConfigurationEAPTLSVersion int

See: https://developer.apple.com/documentation/NetworkExtension/NEHotspotEAPSettings/TLSVersion 

const (
	NEHotspotConfigurationEAPTLSVersion_1_0 NEHotspotConfigurationEAPTLSVersion = 0
	NEHotspotConfigurationEAPTLSVersion_1_1 NEHotspotConfigurationEAPTLSVersion = 1
	NEHotspotConfigurationEAPTLSVersion_1_2 NEHotspotConfigurationEAPTLSVersion = 2
)

func (NEHotspotConfigurationEAPTLSVersion) String 

func (e NEHotspotConfigurationEAPTLSVersion) String() string

type NEHotspotConfigurationEAPType 

type NEHotspotConfigurationEAPType int

See: https://developer.apple.com/documentation/NetworkExtension/NEHotspotEAPSettings/EAPType 

const (
	// NEHotspotConfigurationEAPTypeEAPFAST: Network EAP type is .
	NEHotspotConfigurationEAPTypeEAPFAST NEHotspotConfigurationEAPType = 43
	// NEHotspotConfigurationEAPTypeEAPPEAP: Network EAP type is .
	NEHotspotConfigurationEAPTypeEAPPEAP NEHotspotConfigurationEAPType = 25
	// NEHotspotConfigurationEAPTypeEAPTLS: Network EAP type is .
	NEHotspotConfigurationEAPTypeEAPTLS NEHotspotConfigurationEAPType = 13
	// NEHotspotConfigurationEAPTypeEAPTTLS: Network EAP type is .
	NEHotspotConfigurationEAPTypeEAPTTLS NEHotspotConfigurationEAPType = 21
)

func (NEHotspotConfigurationEAPType) String 

func (e NEHotspotConfigurationEAPType) String() string

type NEHotspotConfigurationError 

type NEHotspotConfigurationError int

See: https://developer.apple.com/documentation/NetworkExtension/NEHotspotConfigurationError 

const (
	// NEHotspotConfigurationErrorAlreadyAssociated: The configuration is already associated with the hotspot.
	NEHotspotConfigurationErrorAlreadyAssociated NEHotspotConfigurationError = 13
	// NEHotspotConfigurationErrorApplicationIsNotInForeground: The application is not running in the foreground.
	NEHotspotConfigurationErrorApplicationIsNotInForeground NEHotspotConfigurationError = 14
	// NEHotspotConfigurationErrorInternal: Internal error, otherwise undefined.
	NEHotspotConfigurationErrorInternal NEHotspotConfigurationError = 8
	// NEHotspotConfigurationErrorInvalid: The configuration is not valid.
	NEHotspotConfigurationErrorInvalid NEHotspotConfigurationError = 0
	// NEHotspotConfigurationErrorInvalidEAPSettings: EAP settings are not valid.
	NEHotspotConfigurationErrorInvalidEAPSettings NEHotspotConfigurationError = 4
	// NEHotspotConfigurationErrorInvalidHS20DomainName: The HS 2.0 domain name is not valid.
	NEHotspotConfigurationErrorInvalidHS20DomainName NEHotspotConfigurationError = 6
	// NEHotspotConfigurationErrorInvalidHS20Settings: The HS 2.0 settings are not valid.
	NEHotspotConfigurationErrorInvalidHS20Settings NEHotspotConfigurationError = 5
	// NEHotspotConfigurationErrorInvalidSSID: The SSID value is not valid.
	NEHotspotConfigurationErrorInvalidSSID NEHotspotConfigurationError = 1
	// NEHotspotConfigurationErrorInvalidSSIDPrefix: The SSID prefix used to create the hotspot configuration is invalid.
	NEHotspotConfigurationErrorInvalidSSIDPrefix NEHotspotConfigurationError = 15
	// NEHotspotConfigurationErrorInvalidWEPPassphrase: The WEP passphrase is not valid.
	NEHotspotConfigurationErrorInvalidWEPPassphrase NEHotspotConfigurationError = 3
	// NEHotspotConfigurationErrorInvalidWPAPassphrase: The WPA passphrase is not valid.
	NEHotspotConfigurationErrorInvalidWPAPassphrase NEHotspotConfigurationError = 2
	// NEHotspotConfigurationErrorJoinOnceNotSupported: The join-once option isn’t support for EAP configuration.
	NEHotspotConfigurationErrorJoinOnceNotSupported NEHotspotConfigurationError = 12
	// NEHotspotConfigurationErrorPending: The network configuration action has not completed.
	NEHotspotConfigurationErrorPending NEHotspotConfigurationError = 9
	// NEHotspotConfigurationErrorSystemConfiguration: The system configuration is not valid.
	NEHotspotConfigurationErrorSystemConfiguration NEHotspotConfigurationError = 10
	// NEHotspotConfigurationErrorUnknown: An unknown error has occurred.
	NEHotspotConfigurationErrorUnknown NEHotspotConfigurationError = 11
	// NEHotspotConfigurationErrorUserDenied: The user has refused the network configuration.
	NEHotspotConfigurationErrorUserDenied NEHotspotConfigurationError = 7
)

func (NEHotspotConfigurationError) String 

func (e NEHotspotConfigurationError) String() string

type NEHotspotConfigurationTTLSInnerAuthenticationType 

type NEHotspotConfigurationTTLSInnerAuthenticationType int

See: https://developer.apple.com/documentation/NetworkExtension/NEHotspotEAPSettings/TTLSInnerAuthenticationType-swift.enum 

const (
	// NEHotspotConfigurationEAPTTLSInnerAuthenticationCHAP: Network EAPTTLS inner authentication type is CHAP.
	NEHotspotConfigurationEAPTTLSInnerAuthenticationCHAP NEHotspotConfigurationTTLSInnerAuthenticationType = 1
	// NEHotspotConfigurationEAPTTLSInnerAuthenticationEAP: Network EAPTTLS inner authentication type is EAP.
	NEHotspotConfigurationEAPTTLSInnerAuthenticationEAP NEHotspotConfigurationTTLSInnerAuthenticationType = 4
	// NEHotspotConfigurationEAPTTLSInnerAuthenticationMSCHAP: Network EAPTTLS inner authentication type is MSCHAP.
	NEHotspotConfigurationEAPTTLSInnerAuthenticationMSCHAP NEHotspotConfigurationTTLSInnerAuthenticationType = 2
	// NEHotspotConfigurationEAPTTLSInnerAuthenticationMSCHAPv2: Network EAPTTLS inner authentication type is MSCHAP, version 2.
	NEHotspotConfigurationEAPTTLSInnerAuthenticationMSCHAPv2 NEHotspotConfigurationTTLSInnerAuthenticationType = 3
	// NEHotspotConfigurationEAPTTLSInnerAuthenticationPAP: Network EAPTTLS inner authentication type is PAP.
	NEHotspotConfigurationEAPTTLSInnerAuthenticationPAP NEHotspotConfigurationTTLSInnerAuthenticationType = 0
)

func (NEHotspotConfigurationTTLSInnerAuthenticationType) String 

func (e NEHotspotConfigurationTTLSInnerAuthenticationType) String() string

type NEHotspotHelperCommandType 

type NEHotspotHelperCommandType int

See: https://developer.apple.com/documentation/NetworkExtension/NEHotspotHelperCommandType 

const (
	// KNEHotspotHelperCommandTypeAuthenticate: Authenticate to the network.
	KNEHotspotHelperCommandTypeAuthenticate NEHotspotHelperCommandType = 3
	// KNEHotspotHelperCommandTypeEvaluate: Evaluate the network.
	KNEHotspotHelperCommandTypeEvaluate NEHotspotHelperCommandType = 2
	// KNEHotspotHelperCommandTypeFilterScanList: Filter the Wi-Fi scan list.
	KNEHotspotHelperCommandTypeFilterScanList NEHotspotHelperCommandType = 1
	// KNEHotspotHelperCommandTypeLogoff: Logoff the network.
	KNEHotspotHelperCommandTypeLogoff NEHotspotHelperCommandType = 6
	// KNEHotspotHelperCommandTypeMaintain: Maintain the connection to the network.
	KNEHotspotHelperCommandTypeMaintain NEHotspotHelperCommandType = 5
	// KNEHotspotHelperCommandTypeNone: Placeholder for the null command.
	KNEHotspotHelperCommandTypeNone NEHotspotHelperCommandType = 0
	// KNEHotspotHelperCommandTypePresentUI: Present user interface.
	KNEHotspotHelperCommandTypePresentUI NEHotspotHelperCommandType = 4
)

func (NEHotspotHelperCommandType) String 

func (e NEHotspotHelperCommandType) String() string

type NEHotspotHelperConfidence 

type NEHotspotHelperConfidence int

See: https://developer.apple.com/documentation/NetworkExtension/NEHotspotHelperConfidence 

const (
	// KNEHotspotHelperConfidenceHigh: The helper has high confidence in being able to handle the network.
	KNEHotspotHelperConfidenceHigh NEHotspotHelperConfidence = 2
	// KNEHotspotHelperConfidenceLow: The helper has some confidence in being able to handle the network.
	KNEHotspotHelperConfidenceLow NEHotspotHelperConfidence = 1
	// KNEHotspotHelperConfidenceNone: The helper is unable to handle the network.
	KNEHotspotHelperConfidenceNone NEHotspotHelperConfidence = 0
)

func (NEHotspotHelperConfidence) String 

func (e NEHotspotHelperConfidence) String() string

type NEHotspotHelperResult 

type NEHotspotHelperResult int

See: https://developer.apple.com/documentation/NetworkExtension/NEHotspotHelperResult 

const (
	// KNEHotspotHelperResultAuthenticationRequired: The network requires authentication again.
	KNEHotspotHelperResultAuthenticationRequired NEHotspotHelperResult = 4
	// KNEHotspotHelperResultCommandNotRecognized: The helper did not recognize the command type.
	KNEHotspotHelperResultCommandNotRecognized NEHotspotHelperResult = 3
	// KNEHotspotHelperResultFailure: The command failed to be handled.
	KNEHotspotHelperResultFailure NEHotspotHelperResult = 1
	// KNEHotspotHelperResultSuccess: The command was handled successfully.
	KNEHotspotHelperResultSuccess NEHotspotHelperResult = 0
	// KNEHotspotHelperResultTemporaryFailure: The Hotspot Helper app determined that it is temporarily unable to perform the authentication.
	KNEHotspotHelperResultTemporaryFailure NEHotspotHelperResult = 6
	// KNEHotspotHelperResultUIRequired: The operation requires user interaction.
	KNEHotspotHelperResultUIRequired NEHotspotHelperResult = 2
	// KNEHotspotHelperResultUnsupportedNetwork: After attempting to authenticate, the Hotspot Helper app determined that it can’t perform the authentication.
	KNEHotspotHelperResultUnsupportedNetwork NEHotspotHelperResult = 5
)

func (NEHotspotHelperResult) String 

func (e NEHotspotHelperResult) String() string

type NEHotspotNetworkSecurityType 

type NEHotspotNetworkSecurityType int

See: https://developer.apple.com/documentation/NetworkExtension/NEHotspotNetworkSecurityType 

const (
	// NEHotspotNetworkSecurityTypeEnterprise: A security type to represent use of Wi-Fi protected access (WPA), WPA2, and WPA3 standards using enterprise-level seciurity.
	NEHotspotNetworkSecurityTypeEnterprise NEHotspotNetworkSecurityType = 3
	// NEHotspotNetworkSecurityTypeOpen: A security type to represent an open network with no security protocol.
	NEHotspotNetworkSecurityTypeOpen NEHotspotNetworkSecurityType = 0
	// NEHotspotNetworkSecurityTypePersonal: A security type to represent use of Wi-Fi protected access (WPA), WPA2, and WPA3 standards using a pre-shared secret.
	NEHotspotNetworkSecurityTypePersonal NEHotspotNetworkSecurityType = 2
	// NEHotspotNetworkSecurityTypeUnknown: A value that represents an unknown security type.
	NEHotspotNetworkSecurityTypeUnknown NEHotspotNetworkSecurityType = 4
	// NEHotspotNetworkSecurityTypeWEP: A security type to represent use of Wired Equivalent Privacy (WEP).
	NEHotspotNetworkSecurityTypeWEP NEHotspotNetworkSecurityType = 1
)

func (NEHotspotNetworkSecurityType) String 

func (e NEHotspotNetworkSecurityType) String() string

type NEIPv4Route 

type NEIPv4Route struct {
	objectivec.Object
}

The settings for an IPv4 route.

Creating an IPv4 Route

Accessing IPv4 Route Properties

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv4Route

func NEIPv4RouteFromID 

func NEIPv4RouteFromID(id objc.ID) NEIPv4Route

NEIPv4RouteFromID constructs a NEIPv4Route from an objc.ID.

The settings for an IPv4 route.

func NewIPv4RouteWithDestinationAddressSubnetMask 

func NewIPv4RouteWithDestinationAddressSubnetMask(address string, subnetMask string) NEIPv4Route

Initialize the NEIPv4Route object.

address: An IPv4 address string. This string is combined with `subnetMask` to specify the destination network of the route.

subnetMask: An IPv4 network mask string. This string is combined with `address` to specify the destination network of the route.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv4Route/init(destinationAddress:subnetMask:)

func NewNEIPv4Route 

func NewNEIPv4Route() NEIPv4Route

NewNEIPv4Route creates a new NEIPv4Route instance.

func (NEIPv4Route) Autorelease 

func (i NEIPv4Route) Autorelease() NEIPv4Route

Autorelease adds the receiver to the current autorelease pool.

func (NEIPv4Route) DestinationAddress 

func (i NEIPv4Route) DestinationAddress() string

The destination network address of the route.

Discussion

This string is combined with `destinationSubnetMask` to specify the destination network of the route.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv4Route/destinationAddress

func (NEIPv4Route) DestinationSubnetMask 

func (i NEIPv4Route) DestinationSubnetMask() string

The destination network mask of the route.

Discussion

This string is combined with `destinationAddress` to specify the destination network of the route.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv4Route/destinationSubnetMask

func (NEIPv4Route) EncodeWithCoder 

func (i NEIPv4Route) EncodeWithCoder(coder foundation.INSCoder)

func (NEIPv4Route) ExcludedRoutes 

func (i NEIPv4Route) ExcludedRoutes() INEIPv4Route

The IPv4 network traffic that the system routes to the primary physical interface, not the TUN interface.

See: https://developer.apple.com/documentation/networkextension/neipv4settings/excludedroutes

func (NEIPv4Route) GatewayAddress 

func (i NEIPv4Route) GatewayAddress() string

The address of the next-hop gateway of the route.

Discussion

The default value of this property is nil. When this property is nil, the route’s next-hop gateway will be set to the TUN interface unless it is a Split Exclude route.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv4Route/gatewayAddress

func (NEIPv4Route) IncludedRoutes 

func (i NEIPv4Route) IncludedRoutes() INEIPv4Route

The IPv4 network traffic that the system routes to the TUN interface.

See: https://developer.apple.com/documentation/networkextension/neipv4settings/includedroutes

func (NEIPv4Route) Init 

func (i NEIPv4Route) Init() NEIPv4Route

Init initializes the instance.

func (NEIPv4Route) InitWithDestinationAddressSubnetMask 

func (i NEIPv4Route) InitWithDestinationAddressSubnetMask(address string, subnetMask string) NEIPv4Route

Initialize the NEIPv4Route object.

address: An IPv4 address string. This string is combined with `subnetMask` to specify the destination network of the route.

subnetMask: An IPv4 network mask string. This string is combined with `address` to specify the destination network of the route.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv4Route/init(destinationAddress:subnetMask:)

func (NEIPv4Route) SetExcludedRoutes 

func (i NEIPv4Route) SetExcludedRoutes(value INEIPv4Route)

func (NEIPv4Route) SetGatewayAddress 

func (i NEIPv4Route) SetGatewayAddress(value string)

func (NEIPv4Route) SetIncludedRoutes 

func (i NEIPv4Route) SetIncludedRoutes(value INEIPv4Route)

type NEIPv4RouteClass 

type NEIPv4RouteClass struct {
	// contains filtered or unexported fields
}

func GetNEIPv4RouteClass 

func GetNEIPv4RouteClass() NEIPv4RouteClass

GetNEIPv4RouteClass returns the class object for NEIPv4Route.

func (NEIPv4RouteClass) Alloc 

func (nc NEIPv4RouteClass) Alloc() NEIPv4Route

Alloc allocates memory for a new instance of the class.

func (NEIPv4RouteClass) Class 

func (nc NEIPv4RouteClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

func (NEIPv4RouteClass) DefaultRoute 

func (_NEIPv4RouteClass NEIPv4RouteClass) DefaultRoute() NEIPv4Route

A convenience method for creating the default IPv4 route.

Return Value

An NEIPv4Route object containing the default IPv4 route.

Discussion

Set this route in the `includedRoutes` array in the NEIPv4Settings object to specify that all IPv4 network traffic be routed to the TUN interface by default.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv4Route/default()

type NEIPv4Settings 

type NEIPv4Settings struct {
	objectivec.Object
}

The IPv4 settings of an IP layer network tunnel.

Overview

To specify the IPv4 settings of a packet tunnel, set its NEPacketTunnelNetworkSettings.[IPv4Settings] property to an instance of this class.

Initializing IPv4 settings

Accessing IPv4 properties

Routing network traffic

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv4Settings

func NEIPv4SettingsFromID 

func NEIPv4SettingsFromID(id objc.ID) NEIPv4Settings

NEIPv4SettingsFromID constructs a NEIPv4Settings from an objc.ID.

The IPv4 settings of an IP layer network tunnel.

func NewIPv4SettingsWithAddressesSubnetMasks 

func NewIPv4SettingsWithAddressesSubnetMasks(addresses []string, subnetMasks []string) NEIPv4Settings

Initializes an IPv4 settings object.

addresses: An array of IPv4 address strings. These IPv4 addresses will be assigned to the tunnel’s TUN interface.

subnetMasks: An array of IPv4 network mask strings. Each mask in this array is combined with the IP address in the corresponding index in `addresses` to specify an IPv4 network that the TUN interface is (virtually) connected to.

Return Value

The initialized NEIPv4Settings object.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv4Settings/init(addresses:subnetMasks:)

func NewNEIPv4Settings 

func NewNEIPv4Settings() NEIPv4Settings

NewNEIPv4Settings creates a new NEIPv4Settings instance.

func (NEIPv4Settings) Addresses 

func (i NEIPv4Settings) Addresses() []string

The IPv4 addresses to assign to the TUN interface.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv4Settings/addresses

func (NEIPv4Settings) Autorelease 

func (i NEIPv4Settings) Autorelease() NEIPv4Settings

Autorelease adds the receiver to the current autorelease pool.

func (NEIPv4Settings) EncodeWithCoder 

func (i NEIPv4Settings) EncodeWithCoder(coder foundation.INSCoder)

func (NEIPv4Settings) ExcludedRoutes 

func (i NEIPv4Settings) ExcludedRoutes() []NEIPv4Route

The IPv4 network traffic that the system routes to the primary physical interface, not the TUN interface.

Discussion

This property excludes routes that the system might otherwise include from the [IncludedRoutes] property. The system automatically excludes the IP address of the tunnel server.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv4Settings/excludedRoutes

func (NEIPv4Settings) IncludedRoutes 

func (i NEIPv4Settings) IncludedRoutes() []NEIPv4Route

The IPv4 network traffic that the system routes to the TUN interface.

Discussion

If you include the default route (`0.0.0.0/0` or `::/0`) in this property, the system routes traffic that doesn’t match a specific rule in the system routing table through the VPN.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv4Settings/includedRoutes

func (NEIPv4Settings) Init 

func (i NEIPv4Settings) Init() NEIPv4Settings

Init initializes the instance.

func (NEIPv4Settings) InitWithAddressesSubnetMasks 

func (i NEIPv4Settings) InitWithAddressesSubnetMasks(addresses []string, subnetMasks []string) NEIPv4Settings

Initializes an IPv4 settings object.

addresses: An array of IPv4 address strings. These IPv4 addresses will be assigned to the tunnel’s TUN interface.

subnetMasks: An array of IPv4 network mask strings. Each mask in this array is combined with the IP address in the corresponding index in `addresses` to specify an IPv4 network that the TUN interface is (virtually) connected to.

Return Value

The initialized NEIPv4Settings object.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv4Settings/init(addresses:subnetMasks:)

func (NEIPv4Settings) Ipv4Settings 

func (i NEIPv4Settings) Ipv4Settings() INEIPv4Settings

The tunnel IP version 4 settings.

See: https://developer.apple.com/documentation/networkextension/nepackettunnelnetworksettings/ipv4settings

func (NEIPv4Settings) Ipv6Settings 

func (i NEIPv4Settings) Ipv6Settings() INEIPv6Settings

The tunnel IP version 6 settings.

See: https://developer.apple.com/documentation/networkextension/nepackettunnelnetworksettings/ipv6settings

func (NEIPv4Settings) Mtu 

func (i NEIPv4Settings) Mtu() foundation.NSNumber

The size of the maximum trasnmission unit, in bytes.

See: https://developer.apple.com/documentation/networkextension/nepackettunnelnetworksettings/mtu

func (NEIPv4Settings) Router 

func (i NEIPv4Settings) Router() string

The address of the next-hop gateway router represented as a dotted decimal string.

Discussion

The system ignores this property for TUN interfaces.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv4Settings/router

func (NEIPv4Settings) SetExcludedRoutes 

func (i NEIPv4Settings) SetExcludedRoutes(value []NEIPv4Route)

func (NEIPv4Settings) SetIncludedRoutes 

func (i NEIPv4Settings) SetIncludedRoutes(value []NEIPv4Route)

func (NEIPv4Settings) SetIpv4Settings 

func (i NEIPv4Settings) SetIpv4Settings(value INEIPv4Settings)

func (NEIPv4Settings) SetIpv6Settings 

func (i NEIPv4Settings) SetIpv6Settings(value INEIPv6Settings)

func (NEIPv4Settings) SetMtu 

func (i NEIPv4Settings) SetMtu(value foundation.NSNumber)

func (NEIPv4Settings) SetRouter 

func (i NEIPv4Settings) SetRouter(value string)

func (NEIPv4Settings) SetTunnelOverheadBytes 

func (i NEIPv4Settings) SetTunnelOverheadBytes(value foundation.NSNumber)

func (NEIPv4Settings) SubnetMasks 

func (i NEIPv4Settings) SubnetMasks() []string

The IPv4 network masks to assign to the TUN interface.

Discussion

Each mask in this array is combined with the IP address in the corresponding index in `addresses` to specify an IPv4 network that the TUN interface is (virtually) connected to.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv4Settings/subnetMasks

func (NEIPv4Settings) TunnelOverheadBytes 

func (i NEIPv4Settings) TunnelOverheadBytes() foundation.NSNumber

The number of bytes added to each tunneled packet for storing tunneling protocol headers.

See: https://developer.apple.com/documentation/networkextension/nepackettunnelnetworksettings/tunneloverheadbytes

type NEIPv4SettingsClass 

type NEIPv4SettingsClass struct {
	// contains filtered or unexported fields
}

func GetNEIPv4SettingsClass 

func GetNEIPv4SettingsClass() NEIPv4SettingsClass

GetNEIPv4SettingsClass returns the class object for NEIPv4Settings.

func (NEIPv4SettingsClass) Alloc 

func (nc NEIPv4SettingsClass) Alloc() NEIPv4Settings

Alloc allocates memory for a new instance of the class.

func (NEIPv4SettingsClass) Class 

func (nc NEIPv4SettingsClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEIPv6Route 

type NEIPv6Route struct {
	objectivec.Object
}

The settings for an IPv6 route.

Creating an IPv6 Route

Accessing IPv6 Route Properties

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv6Route

func NEIPv6RouteFromID 

func NEIPv6RouteFromID(id objc.ID) NEIPv6Route

NEIPv6RouteFromID constructs a NEIPv6Route from an objc.ID.

The settings for an IPv6 route.

func NewIPv6RouteWithDestinationAddressNetworkPrefixLength 

func NewIPv6RouteWithDestinationAddressNetworkPrefixLength(address string, networkPrefixLength foundation.NSNumber) NEIPv6Route

Initialize the NEIPv6Route

address: An IPv6 address string. This string is combined with `networkPrefixLength` to specify the destination network of the route.

networkPrefixLength: An IPv6 network prefix length. This number is combined with `address` to specify the destination network of the route. The network prefix length must be an integer between 0 and 128.

Return Value

The initialized NEIPv6Route object.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv6Route/init(destinationAddress:networkPrefixLength:)

func NewNEIPv6Route 

func NewNEIPv6Route() NEIPv6Route

NewNEIPv6Route creates a new NEIPv6Route instance.

func (NEIPv6Route) Autorelease 

func (i NEIPv6Route) Autorelease() NEIPv6Route

Autorelease adds the receiver to the current autorelease pool.

func (NEIPv6Route) DestinationAddress 

func (i NEIPv6Route) DestinationAddress() string

The destination network address of the route.

Discussion

This string is combined with `destinationNetworkPrefixLength` to specify the destination network of the route.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv6Route/destinationAddress

func (NEIPv6Route) DestinationNetworkPrefixLength 

func (i NEIPv6Route) DestinationNetworkPrefixLength() foundation.NSNumber

The destination network prefix length of the route.

Discussion

This string is combined with `destinationAddress` to specify the destination network of the route.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv6Route/destinationNetworkPrefixLength

func (NEIPv6Route) EncodeWithCoder 

func (i NEIPv6Route) EncodeWithCoder(coder foundation.INSCoder)

func (NEIPv6Route) ExcludedRoutes 

func (i NEIPv6Route) ExcludedRoutes() INEIPv6Route

The IPv6 network traffic that the system routes to the primary physical interface, not the TUN interface.

See: https://developer.apple.com/documentation/networkextension/neipv6settings/excludedroutes

func (NEIPv6Route) GatewayAddress 

func (i NEIPv6Route) GatewayAddress() string

The address of the next-hop gateway of the route.

Discussion

The default value of this property is nil. When this property is nil, the route’s next-hop gateway will be set to the TUN interface.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv6Route/gatewayAddress

func (NEIPv6Route) IncludedRoutes 

func (i NEIPv6Route) IncludedRoutes() INEIPv6Route

The IPv6 network traffic that the system routes to the TUN interface.

See: https://developer.apple.com/documentation/networkextension/neipv6settings/includedroutes

func (NEIPv6Route) Init 

func (i NEIPv6Route) Init() NEIPv6Route

Init initializes the instance.

func (NEIPv6Route) InitWithDestinationAddressNetworkPrefixLength 

func (i NEIPv6Route) InitWithDestinationAddressNetworkPrefixLength(address string, networkPrefixLength foundation.NSNumber) NEIPv6Route

Initialize the NEIPv6Route

address: An IPv6 address string. This string is combined with `networkPrefixLength` to specify the destination network of the route.

networkPrefixLength: An IPv6 network prefix length. This number is combined with `address` to specify the destination network of the route. The network prefix length must be an integer between 0 and 128.

Return Value

The initialized NEIPv6Route object.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv6Route/init(destinationAddress:networkPrefixLength:)

func (NEIPv6Route) SetExcludedRoutes 

func (i NEIPv6Route) SetExcludedRoutes(value INEIPv6Route)

func (NEIPv6Route) SetGatewayAddress 

func (i NEIPv6Route) SetGatewayAddress(value string)

func (NEIPv6Route) SetIncludedRoutes 

func (i NEIPv6Route) SetIncludedRoutes(value INEIPv6Route)

type NEIPv6RouteClass 

type NEIPv6RouteClass struct {
	// contains filtered or unexported fields
}

func GetNEIPv6RouteClass 

func GetNEIPv6RouteClass() NEIPv6RouteClass

GetNEIPv6RouteClass returns the class object for NEIPv6Route.

func (NEIPv6RouteClass) Alloc 

func (nc NEIPv6RouteClass) Alloc() NEIPv6Route

Alloc allocates memory for a new instance of the class.

func (NEIPv6RouteClass) Class 

func (nc NEIPv6RouteClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

func (NEIPv6RouteClass) DefaultRoute 

func (_NEIPv6RouteClass NEIPv6RouteClass) DefaultRoute() NEIPv6Route

A convenience method for creating the default IPv4 route.

Return Value

A NEIPv6Route object containing the default IPv6 route.

Discussion

Set this route in the `includedRoutes` array in NEIPv6Settings to specify that all IPv6 network traffic be routed to the TUN interface by default.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv6Route/default()

type NEIPv6Settings 

type NEIPv6Settings struct {
	objectivec.Object
}

The IPv6 settings of an IP layer network tunnel.

Overview

To specify the IPv6 settings of a packet tunnel, set its NEPacketTunnelNetworkSettings.[IPv6Settings] property to an instance of this class.

Initializing IPv6 settings

Accessing IPv6 properties

Routing network traffic

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv6Settings

func NEIPv6SettingsFromID 

func NEIPv6SettingsFromID(id objc.ID) NEIPv6Settings

NEIPv6SettingsFromID constructs a NEIPv6Settings from an objc.ID.

The IPv6 settings of an IP layer network tunnel.

func NewIPv6SettingsWithAddressesNetworkPrefixLengths 

func NewIPv6SettingsWithAddressesNetworkPrefixLengths(addresses []string, networkPrefixLengths []foundation.NSNumber) NEIPv6Settings

Initializes the IPv6 settings object.

addresses: An array of IPv6 address strings. These IPv6 addresses will be assigned to the tunnel’s TUN interface.

networkPrefixLengths: An array of IPv6 network prefix lengths. Each prefix length in this array is combined with the IP address in the corresponding index in `addresses` to specify an IPv6 network that the TUN interface is (virtually) connected to. Each prefix length must be set to an integer between 0 and 128.

Return Value

The initialized NEIPv6Settings object.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv6Settings/init(addresses:networkPrefixLengths:)

func NewNEIPv6Settings 

func NewNEIPv6Settings() NEIPv6Settings

NewNEIPv6Settings creates a new NEIPv6Settings instance.

func (NEIPv6Settings) Addresses 

func (i NEIPv6Settings) Addresses() []string

The IPv6 addresses to assign to the TUN interface.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv6Settings/addresses

func (NEIPv6Settings) Autorelease 

func (i NEIPv6Settings) Autorelease() NEIPv6Settings

Autorelease adds the receiver to the current autorelease pool.

func (NEIPv6Settings) EncodeWithCoder 

func (i NEIPv6Settings) EncodeWithCoder(coder foundation.INSCoder)

func (NEIPv6Settings) ExcludedRoutes 

func (i NEIPv6Settings) ExcludedRoutes() []NEIPv6Route

The IPv6 network traffic that the system routes to the primary physical interface, not the TUN interface.

Discussion

This property excludes routes that the system might otherwise include from the [IncludedRoutes] property. The system automatically excludes the IP address of the tunnel server.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv6Settings/excludedRoutes

func (NEIPv6Settings) IncludedRoutes 

func (i NEIPv6Settings) IncludedRoutes() []NEIPv6Route

The IPv6 network traffic that the system routes to the TUN interface.

Discussion

If you include the default route (`0.0.0.0/0` or `::/0`) in this property, the system routes traffic that doesn’t match a specific rule in the system routing table through the VPN.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv6Settings/includedRoutes

func (NEIPv6Settings) Init 

func (i NEIPv6Settings) Init() NEIPv6Settings

Init initializes the instance.

func (NEIPv6Settings) InitWithAddressesNetworkPrefixLengths 

func (i NEIPv6Settings) InitWithAddressesNetworkPrefixLengths(addresses []string, networkPrefixLengths []foundation.NSNumber) NEIPv6Settings

Initializes the IPv6 settings object.

addresses: An array of IPv6 address strings. These IPv6 addresses will be assigned to the tunnel’s TUN interface.

networkPrefixLengths: An array of IPv6 network prefix lengths. Each prefix length in this array is combined with the IP address in the corresponding index in `addresses` to specify an IPv6 network that the TUN interface is (virtually) connected to. Each prefix length must be set to an integer between 0 and 128.

Return Value

The initialized NEIPv6Settings object.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv6Settings/init(addresses:networkPrefixLengths:)

func (NEIPv6Settings) Ipv4Settings 

func (i NEIPv6Settings) Ipv4Settings() INEIPv4Settings

The tunnel IP version 4 settings.

See: https://developer.apple.com/documentation/networkextension/nepackettunnelnetworksettings/ipv4settings

func (NEIPv6Settings) Ipv6Settings 

func (i NEIPv6Settings) Ipv6Settings() INEIPv6Settings

The tunnel IP version 6 settings.

See: https://developer.apple.com/documentation/networkextension/nepackettunnelnetworksettings/ipv6settings

func (NEIPv6Settings) Mtu 

func (i NEIPv6Settings) Mtu() foundation.NSNumber

The size of the maximum trasnmission unit, in bytes.

See: https://developer.apple.com/documentation/networkextension/nepackettunnelnetworksettings/mtu

func (NEIPv6Settings) NetworkPrefixLengths 

func (i NEIPv6Settings) NetworkPrefixLengths() []foundation.NSNumber

The IPv6 network prefix lengths to assign to the TUN interface.

Discussion

Each network prefix length in this array is combined with the IP address in the corresponding index in `addresses` to specify an IPv6 network that the TUN interface is (virtually) connected to.

See: https://developer.apple.com/documentation/NetworkExtension/NEIPv6Settings/networkPrefixLengths

func (NEIPv6Settings) SetExcludedRoutes 

func (i NEIPv6Settings) SetExcludedRoutes(value []NEIPv6Route)

func (NEIPv6Settings) SetIncludedRoutes 

func (i NEIPv6Settings) SetIncludedRoutes(value []NEIPv6Route)

func (NEIPv6Settings) SetIpv4Settings 

func (i NEIPv6Settings) SetIpv4Settings(value INEIPv4Settings)

func (NEIPv6Settings) SetIpv6Settings 

func (i NEIPv6Settings) SetIpv6Settings(value INEIPv6Settings)

func (NEIPv6Settings) SetMtu 

func (i NEIPv6Settings) SetMtu(value foundation.NSNumber)

func (NEIPv6Settings) SetTunnelOverheadBytes 

func (i NEIPv6Settings) SetTunnelOverheadBytes(value foundation.NSNumber)

func (NEIPv6Settings) TunnelOverheadBytes 

func (i NEIPv6Settings) TunnelOverheadBytes() foundation.NSNumber

The number of bytes added to each tunneled packet for storing tunneling protocol headers.

See: https://developer.apple.com/documentation/networkextension/nepackettunnelnetworksettings/tunneloverheadbytes

type NEIPv6SettingsClass 

type NEIPv6SettingsClass struct {
	// contains filtered or unexported fields
}

func GetNEIPv6SettingsClass 

func GetNEIPv6SettingsClass() NEIPv6SettingsClass

GetNEIPv6SettingsClass returns the class object for NEIPv6Settings.

func (NEIPv6SettingsClass) Alloc 

func (nc NEIPv6SettingsClass) Alloc() NEIPv6Settings

Alloc allocates memory for a new instance of the class.

func (NEIPv6SettingsClass) Class 

func (nc NEIPv6SettingsClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NENetworkRule 

type NENetworkRule struct {
	objectivec.Object
}

A rule to match attributes of network traffic.

Matching network traffic characteristics

Instance Properties

See: https://developer.apple.com/documentation/NetworkExtension/NENetworkRule

func NENetworkRuleFromID 

func NENetworkRuleFromID(id objc.ID) NENetworkRule

NENetworkRuleFromID constructs a NENetworkRule from an objc.ID.

A rule to match attributes of network traffic.

func NewNENetworkRule 

func NewNENetworkRule() NENetworkRule

NewNENetworkRule creates a new NENetworkRule instance.

func NewNetworkRuleWithDestinationHostProtocol 

func NewNetworkRuleWithDestinationHostProtocol(hostEndpoint INWHostEndpoint, protocol_ NENetworkRuleProtocol) NENetworkRule

Creates a rule that matches network traffic destined for a host within a specific DNS domain.

hostEndpoint: An endpoint instance that contains the port and hostname or domain that the rule matches. This endpoint must contain a hostname, not an address.

protocol: The protocol that the rule matches.

Discussion

If the port string of `destinationHost` is `0` or is the empty string, then the rule matches traffic on any port destined for the given hostname or domain.

If the hostname string of `destinationHost` consists of a single label, then the rule matches traffic destined to the specific host with that single label as its name.

If the hostname string of `destinationHost` consists of two or more labels, then the rule matches traffic destined to hosts within the domain specified by the hostname string.

Examples

The following example makes a rule that matches all TCP and UDP traffic to a host named `com` in Swift.

Here’s the same example in ObjectiveC.

The next example matches all TCP and UDP traffic to hosts in the `example.Com()` DNS domain, including all DNS queries for names in the `example.Com()` DNS domain.

Here’s the same example in ObjectiveC.

The next example makes a rule that matches all DNS queries and responses for hosts in the `example.Com()` domain.

Here’s the same example in ObjectiveC.

The last example makes a rule that matches all TCP port 443 traffic to hosts in the `example.Com()` domain.

Here’s the same example in ObjectiveC.

See: https://developer.apple.com/documentation/NetworkExtension/NENetworkRule/init(destinationHost:protocol:)

func NewNetworkRuleWithDestinationNetworkPrefixProtocol 

func NewNetworkRuleWithDestinationNetworkPrefixProtocol(networkEndpoint INWHostEndpoint, destinationPrefix uint, protocol_ NENetworkRuleProtocol) NENetworkRule

Creates a rule that matches network traffic destined for a host within a specific network.

networkEndpoint: An endpoint instance that matches the port and address or network that the rule matches. This endpoint must contain an address, not a hostname.

destinationPrefix: An integer that in combination with the address in the endpoint specifies the destination network that the rule matches.

protocol: The protocol that the rule matches.

Discussion

If the port string of `networkEndpoint` is `0` or the empty string, the rule matches traffic on any port destined for the given address or network.

See: https://developer.apple.com/documentation/NetworkExtension/NENetworkRule/init(destinationNetwork:prefix:protocol:)

func NewNetworkRuleWithRemoteNetworkRemotePrefixLocalNetworkLocalPrefixProtocolDirection 

func NewNetworkRuleWithRemoteNetworkRemotePrefixLocalNetworkLocalPrefixProtocolDirection(remoteNetwork INWHostEndpoint, remotePrefix uint, localNetwork INWHostEndpoint, localPrefix uint, protocol_ NENetworkRuleProtocol, direction NETrafficDirection) NENetworkRule

Creates a rule that matches traffic by remote network, local network, protocol, and direction.

remoteNetwork: An endpoint instance that contains the remote port and the remote address or network that the rule matches. This endpoint must contain an address, not a hostname.

remotePrefix: An integer that in combination with the address in `remoteNetwork` specifies the remote network that the rule matches.

localNetwork: An endpoint instance that contains the local port and the local address or network that the rule matches. This endpoint must contain an address, not a hostname.

localPrefix: An integer that in combination with the address in localNetwork specifies the local network that the rule matches. The rule ignores this parameter if `localNetwork` is `nil`.

protocol: The protocol that the rule matches.

direction: The direction of network traffic that the rule matches.

Discussion

If the port string of `remoteNetwork` is `0` or the empty string, then the rule matches traffic on any port coming from the remote network. If `remoteNetwork` is `nil`, the rule matches any remote network.

If the port string of `localNetwork` is `0` or the empty string, then the rule matches traffic on any port coming from the local network. If `localNetwork` is `nil`, the rule matches any local network.

See: https://developer.apple.com/documentation/NetworkExtension/NENetworkRule/init(remoteNetwork:remotePrefix:localNetwork:localPrefix:protocol:direction:)

func (NENetworkRule) Autorelease 

func (n NENetworkRule) Autorelease() NENetworkRule

Autorelease adds the receiver to the current autorelease pool.

func (NENetworkRule) EncodeWithCoder 

func (n NENetworkRule) EncodeWithCoder(coder foundation.INSCoder)

func (NENetworkRule) Init 

func (n NENetworkRule) Init() NENetworkRule

Init initializes the instance.

func (NENetworkRule) MatchDirection 

func (n NENetworkRule) MatchDirection() NETrafficDirection

The direction of network traffic that the rule matches.

See: https://developer.apple.com/documentation/NetworkExtension/NENetworkRule/matchDirection

func (NENetworkRule) MatchLocalNetwork 

func (n NENetworkRule) MatchLocalNetwork() INWHostEndpoint

The local network that the rule matches.

See: https://developer.apple.com/documentation/NetworkExtension/NENetworkRule/matchLocalNetwork

func (NENetworkRule) MatchLocalNetworkEndpoint 

func (n NENetworkRule) MatchLocalNetworkEndpoint() INWEndpoint

See: https://developer.apple.com/documentation/networkextension/nenetworkrule/matchlocalnetworkendpoint-62ttv

func (NENetworkRule) MatchLocalPrefix 

func (n NENetworkRule) MatchLocalPrefix() uint

A number that specifies the local sub-network that the rule matches.

Discussion

This property is NSNotFound for rules whose [MatchLocalNetwork] property is `nil.`

See: https://developer.apple.com/documentation/NetworkExtension/NENetworkRule/matchLocalPrefix

func (NENetworkRule) MatchProtocol 

func (n NENetworkRule) MatchProtocol() NENetworkRuleProtocol

The protocol that the rule matches.

See: https://developer.apple.com/documentation/NetworkExtension/NENetworkRule/matchProtocol

func (NENetworkRule) MatchRemoteEndpoint 

func (n NENetworkRule) MatchRemoteEndpoint() INWHostEndpoint

The remote endpoint that the rule matches.

See: https://developer.apple.com/documentation/NetworkExtension/NENetworkRule/matchRemoteEndpoint

func (NENetworkRule) MatchRemoteHostOrNetworkEndpoint 

func (n NENetworkRule) MatchRemoteHostOrNetworkEndpoint() INWEndpoint

See: https://developer.apple.com/documentation/networkextension/nenetworkrule/matchremotehostornetworkendpoint-4a5ht

func (NENetworkRule) MatchRemotePrefix 

func (n NENetworkRule) MatchRemotePrefix() uint

A number that specifies the remote sub-network that the rule matches.

Discussion

This property is NSNotFound for rules where [MatchRemoteEndpoint] doesn’t contain an IP address.

See: https://developer.apple.com/documentation/NetworkExtension/NENetworkRule/matchRemotePrefix

func (NENetworkRule) SetMatchLocalNetworkEndpoint 

func (n NENetworkRule) SetMatchLocalNetworkEndpoint(value INWEndpoint)

func (NENetworkRule) SetMatchRemoteHostOrNetworkEndpoint 

func (n NENetworkRule) SetMatchRemoteHostOrNetworkEndpoint(value INWEndpoint)

type NENetworkRuleClass 

type NENetworkRuleClass struct {
	// contains filtered or unexported fields
}

func GetNENetworkRuleClass 

func GetNENetworkRuleClass() NENetworkRuleClass

GetNENetworkRuleClass returns the class object for NENetworkRule.

func (NENetworkRuleClass) Alloc 

func (nc NENetworkRuleClass) Alloc() NENetworkRule

Alloc allocates memory for a new instance of the class.

func (NENetworkRuleClass) Class 

func (nc NENetworkRuleClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NENetworkRuleProtocol 

type NENetworkRuleProtocol int

See: https://developer.apple.com/documentation/NetworkExtension/NENetworkRule/Protocol 

const (
	// NENetworkRuleProtocolAny: A rule protocol to match TCP and UDP traffic.
	NENetworkRuleProtocolAny NENetworkRuleProtocol = 0
	// NENetworkRuleProtocolTCP: A rule protocol to match TCP traffic.
	NENetworkRuleProtocolTCP NENetworkRuleProtocol = 1
	// NENetworkRuleProtocolUDP: A rule protocol to match UDP traffic.
	NENetworkRuleProtocolUDP NENetworkRuleProtocol = 2
)

func (NENetworkRuleProtocol) String 

func (e NENetworkRuleProtocol) String() string

type NEOnDemandRule 

type NEOnDemandRule struct {
	objectivec.Object
}

A base class shared by all VPN On Demand rules.

Overview

Each rule is defined by a single action and a set of optional matching conditions. The action defines how the system should trigger the VPN when the conditions are met, such as connecting automatically for all connections, connecting conditionally, or disconnecting. The optional conditions describe parameters of a network. Some common rules include disconnecting the VPN on a trusted, internal network, and triggering on all other networks. When rules are defined in an array, they are evaluated in order and the action of the first rule to match all conditions is chosen.

Instances of the NEOnDemandRule class should be created through one of its subclasses: NEOnDemandRuleConnect, NEOnDemandRuleDisconnect, NEOnDemandRuleEvaluateConnection, or NEOnDemandRuleIgnore.

Accessing match parameters

Accessing the rule action

See: https://developer.apple.com/documentation/NetworkExtension/NEOnDemandRule

func NEOnDemandRuleFromID 

func NEOnDemandRuleFromID(id objc.ID) NEOnDemandRule

NEOnDemandRuleFromID constructs a NEOnDemandRule from an objc.ID.

A base class shared by all VPN On Demand rules.

func NewNEOnDemandRule 

func NewNEOnDemandRule() NEOnDemandRule

NewNEOnDemandRule creates a new NEOnDemandRule instance.

func (NEOnDemandRule) Action 

func (o NEOnDemandRule) Action() NEOnDemandRuleAction

The action of the On Demand Rule.

Discussion

The action of the On Demand Rule represents the behavior for triggering the corresponding VPN when the rule conditions are matched.

See: https://developer.apple.com/documentation/NetworkExtension/NEOnDemandRule/action

func (NEOnDemandRule) Autorelease 

func (o NEOnDemandRule) Autorelease() NEOnDemandRule

Autorelease adds the receiver to the current autorelease pool.

func (NEOnDemandRule) DNSSearchDomainMatch 

func (o NEOnDemandRule) DNSSearchDomainMatch() []string

DNS search domains that identify a network.

Discussion

An array of NSString objects. If the current default search domain is equal to one of the strings in this array and all of the other conditions in the rule match, then the rule matches. If this property is nil (the default), then the current default search domain does not factor into the rule match.

See: https://developer.apple.com/documentation/NetworkExtension/NEOnDemandRule/dnsSearchDomainMatch

func (NEOnDemandRule) DNSServerAddressMatch 

func (o NEOnDemandRule) DNSServerAddressMatch() []string

DNS server addresses that identify a network.

Discussion

An array of DNS server IP addresses represented as [NSString] objects. If each of the current default DNS servers is equal to one of the strings in this array and all of the other conditions in the rule match, then the rule matches. If this property is nil (the default), then the default DNS servers do not factor into the rule match.

See: https://developer.apple.com/documentation/NetworkExtension/NEOnDemandRule/dnsServerAddressMatch

func (NEOnDemandRule) EncodeWithCoder 

func (o NEOnDemandRule) EncodeWithCoder(coder foundation.INSCoder)

func (NEOnDemandRule) Init 

func (o NEOnDemandRule) Init() NEOnDemandRule

Init initializes the instance.

func (NEOnDemandRule) InterfaceTypeMatch 

func (o NEOnDemandRule) InterfaceTypeMatch() NEOnDemandRuleInterfaceType

An interface type to identify a network.

Discussion

The type of interface that this rule matches. If the current primary network interface is of this type and all of the other conditions in the rule match, then the rule matches. If this property is NEOnDemandRuleInterfaceTypeAny (the default), then the current primary interface type does not factor into the rule match.

See: https://developer.apple.com/documentation/NetworkExtension/NEOnDemandRule/interfaceTypeMatch

func (NEOnDemandRule) ProbeURL 

func (o NEOnDemandRule) ProbeURL() foundation.INSURL

A URL to probe when all other network identifiers match to validate that an expected resource is available.

Discussion

An HTTP or HTTPS URL. If a request sent to this URL results in a HTTP 200 OK response and all of the other conditions in the rule match, then then rule matches. If this property is nil (the default), then an HTTP request does not factor into the rule match.

See: https://developer.apple.com/documentation/NetworkExtension/NEOnDemandRule/probeURL

func (NEOnDemandRule) SSIDMatch 

func (o NEOnDemandRule) SSIDMatch() []string

SSIDs that identify a network.

Discussion

An array of NSString objects. If the Service Set Identifier (SSID) of the current primary connected network matches one of the strings in this array and all of the other conditions in the rule match, then the rule matches. If this property is nil (the default), then the current primary connected network SSID does not factor into the rule match.

See: https://developer.apple.com/documentation/NetworkExtension/NEOnDemandRule/ssidMatch

func (NEOnDemandRule) SetDNSSearchDomainMatch 

func (o NEOnDemandRule) SetDNSSearchDomainMatch(value []string)

func (NEOnDemandRule) SetDNSServerAddressMatch 

func (o NEOnDemandRule) SetDNSServerAddressMatch(value []string)

func (NEOnDemandRule) SetInterfaceTypeMatch 

func (o NEOnDemandRule) SetInterfaceTypeMatch(value NEOnDemandRuleInterfaceType)

func (NEOnDemandRule) SetProbeURL 

func (o NEOnDemandRule) SetProbeURL(value foundation.INSURL)

func (NEOnDemandRule) SetSSIDMatch 

func (o NEOnDemandRule) SetSSIDMatch(value []string)

type NEOnDemandRuleAction 

type NEOnDemandRuleAction int

See: https://developer.apple.com/documentation/NetworkExtension/NEOnDemandRuleAction 

const (
	// NEOnDemandRuleActionConnect: Start the VPN connection for every connection attempt.
	NEOnDemandRuleActionConnect NEOnDemandRuleAction = 1
	// NEOnDemandRuleActionDisconnect: Do not start the VPN connection, and disconnect the VPN connection if it is not currently disconnected.
	NEOnDemandRuleActionDisconnect NEOnDemandRuleAction = 2
	// NEOnDemandRuleActionEvaluateConnection: Start the VPN after evaluating the destination host being accessed against the rule’s parameters.
	NEOnDemandRuleActionEvaluateConnection NEOnDemandRuleAction = 3
	// NEOnDemandRuleActionIgnore: Do not start the VPN connection, but do not disconnect it if it is currently connected.
	NEOnDemandRuleActionIgnore NEOnDemandRuleAction = 4
)

func (NEOnDemandRuleAction) String 

func (e NEOnDemandRuleAction) String() string

type NEOnDemandRuleClass 

type NEOnDemandRuleClass struct {
	// contains filtered or unexported fields
}

func GetNEOnDemandRuleClass 

func GetNEOnDemandRuleClass() NEOnDemandRuleClass

GetNEOnDemandRuleClass returns the class object for NEOnDemandRule.

func (NEOnDemandRuleClass) Alloc 

func (nc NEOnDemandRuleClass) Alloc() NEOnDemandRule

Alloc allocates memory for a new instance of the class.

func (NEOnDemandRuleClass) Class 

func (nc NEOnDemandRuleClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEOnDemandRuleConnect 

type NEOnDemandRuleConnect struct {
	NEOnDemandRule
}

A VPN On Demand rule that connects the VPN.

Overview

When rules of this class match, the system starts the VPN connection whenever an application running on the system opens a network connection.

See: https://developer.apple.com/documentation/NetworkExtension/NEOnDemandRuleConnect

func NEOnDemandRuleConnectFromID 

func NEOnDemandRuleConnectFromID(id objc.ID) NEOnDemandRuleConnect

NEOnDemandRuleConnectFromID constructs a NEOnDemandRuleConnect from an objc.ID.

A VPN On Demand rule that connects the VPN.

func NewNEOnDemandRuleConnect 

func NewNEOnDemandRuleConnect() NEOnDemandRuleConnect

NewNEOnDemandRuleConnect creates a new NEOnDemandRuleConnect instance.

func (NEOnDemandRuleConnect) Autorelease 

func (o NEOnDemandRuleConnect) Autorelease() NEOnDemandRuleConnect

Autorelease adds the receiver to the current autorelease pool.

func (NEOnDemandRuleConnect) Init 

func (o NEOnDemandRuleConnect) Init() NEOnDemandRuleConnect

Init initializes the instance.

type NEOnDemandRuleConnectClass 

type NEOnDemandRuleConnectClass struct {
	// contains filtered or unexported fields
}

func GetNEOnDemandRuleConnectClass 

func GetNEOnDemandRuleConnectClass() NEOnDemandRuleConnectClass

GetNEOnDemandRuleConnectClass returns the class object for NEOnDemandRuleConnect.

func (NEOnDemandRuleConnectClass) Alloc 

func (nc NEOnDemandRuleConnectClass) Alloc() NEOnDemandRuleConnect

Alloc allocates memory for a new instance of the class.

func (NEOnDemandRuleConnectClass) Class 

func (nc NEOnDemandRuleConnectClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEOnDemandRuleDisconnect 

type NEOnDemandRuleDisconnect struct {
	NEOnDemandRule
}

A VPN On Demand rule that disconnects the VPN.

Overview

When rules of this class match, the VPN connection is not started, and the VPN connection is disconnected if it is not already disconnected.

See: https://developer.apple.com/documentation/NetworkExtension/NEOnDemandRuleDisconnect

func NEOnDemandRuleDisconnectFromID 

func NEOnDemandRuleDisconnectFromID(id objc.ID) NEOnDemandRuleDisconnect

NEOnDemandRuleDisconnectFromID constructs a NEOnDemandRuleDisconnect from an objc.ID.

A VPN On Demand rule that disconnects the VPN.

func NewNEOnDemandRuleDisconnect 

func NewNEOnDemandRuleDisconnect() NEOnDemandRuleDisconnect

NewNEOnDemandRuleDisconnect creates a new NEOnDemandRuleDisconnect instance.

func (NEOnDemandRuleDisconnect) Autorelease 

func (o NEOnDemandRuleDisconnect) Autorelease() NEOnDemandRuleDisconnect

Autorelease adds the receiver to the current autorelease pool.

func (NEOnDemandRuleDisconnect) Init 

func (o NEOnDemandRuleDisconnect) Init() NEOnDemandRuleDisconnect

Init initializes the instance.

type NEOnDemandRuleDisconnectClass 

type NEOnDemandRuleDisconnectClass struct {
	// contains filtered or unexported fields
}

func GetNEOnDemandRuleDisconnectClass 

func GetNEOnDemandRuleDisconnectClass() NEOnDemandRuleDisconnectClass

GetNEOnDemandRuleDisconnectClass returns the class object for NEOnDemandRuleDisconnect.

func (NEOnDemandRuleDisconnectClass) Alloc 

func (nc NEOnDemandRuleDisconnectClass) Alloc() NEOnDemandRuleDisconnect

Alloc allocates memory for a new instance of the class.

func (NEOnDemandRuleDisconnectClass) Class 

func (nc NEOnDemandRuleDisconnectClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEOnDemandRuleEvaluateConnection 

type NEOnDemandRuleEvaluateConnection struct {
	NEOnDemandRule
}

A VPN On Demand rule that evaluate the app’s connection to determine whether to run its action.

Overview

When rules of this class match, the properties of the network connection being established are matched against a set of connection rules. The action of the matched rule (if any) is used to determine whether or not the VPN will be started.

Accessing connection rules

See: https://developer.apple.com/documentation/NetworkExtension/NEOnDemandRuleEvaluateConnection

func NEOnDemandRuleEvaluateConnectionFromID 

func NEOnDemandRuleEvaluateConnectionFromID(id objc.ID) NEOnDemandRuleEvaluateConnection

NEOnDemandRuleEvaluateConnectionFromID constructs a NEOnDemandRuleEvaluateConnection from an objc.ID.

A VPN On Demand rule that evaluate the app’s connection to determine whether to run its action.

func NewNEOnDemandRuleEvaluateConnection 

func NewNEOnDemandRuleEvaluateConnection() NEOnDemandRuleEvaluateConnection

NewNEOnDemandRuleEvaluateConnection creates a new NEOnDemandRuleEvaluateConnection instance.

func (NEOnDemandRuleEvaluateConnection) Autorelease 

func (o NEOnDemandRuleEvaluateConnection) Autorelease() NEOnDemandRuleEvaluateConnection

Autorelease adds the receiver to the current autorelease pool.

func (NEOnDemandRuleEvaluateConnection) ConnectionRules 

func (o NEOnDemandRuleEvaluateConnection) ConnectionRules() []NEEvaluateConnectionRule

An array of NEEvaluateConnectionRule objects

Discussion

Each NEEvaluateConnectionRule object defines a behavior to take for connections that match the domain of the rule. Each rule is evaluated in order against the properties of a network connection being established. An example configuration has two connection rules: a rule matching `myserver.ExampleXCUIElementTypeCom()` with the domain action NEEvaluateConnectionRuleAction.neverConnect, followed by a rule matching `example.Com()` with the domain action NEEvaluateConnectionRuleAction.connectIfNeeded. This configuration would cause all connections to hostnames in `example.Com()` that do not resolve on the current network to trigger the VPN, except for `myserver.ExampleXCUIElementTypeCom()`.

See: https://developer.apple.com/documentation/NetworkExtension/NEOnDemandRuleEvaluateConnection/connectionRules

func (NEOnDemandRuleEvaluateConnection) Init 

func (o NEOnDemandRuleEvaluateConnection) Init() NEOnDemandRuleEvaluateConnection

Init initializes the instance.

func (NEOnDemandRuleEvaluateConnection) SetConnectionRules 

func (o NEOnDemandRuleEvaluateConnection) SetConnectionRules(value []NEEvaluateConnectionRule)

type NEOnDemandRuleEvaluateConnectionClass 

type NEOnDemandRuleEvaluateConnectionClass struct {
	// contains filtered or unexported fields
}

func GetNEOnDemandRuleEvaluateConnectionClass 

func GetNEOnDemandRuleEvaluateConnectionClass() NEOnDemandRuleEvaluateConnectionClass

GetNEOnDemandRuleEvaluateConnectionClass returns the class object for NEOnDemandRuleEvaluateConnection.

func (NEOnDemandRuleEvaluateConnectionClass) Alloc 

func (nc NEOnDemandRuleEvaluateConnectionClass) Alloc() NEOnDemandRuleEvaluateConnection

Alloc allocates memory for a new instance of the class.

func (NEOnDemandRuleEvaluateConnectionClass) Class 

func (nc NEOnDemandRuleEvaluateConnectionClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEOnDemandRuleIgnore 

type NEOnDemandRuleIgnore struct {
	NEOnDemandRule
}

A VPN On Demand rule that doesn’t change the status of the VPN.

Overview

When rules of this class match, the VPN connection is not started, and the current status of the VPN connection is left unchanged.

See: https://developer.apple.com/documentation/NetworkExtension/NEOnDemandRuleIgnore

func NEOnDemandRuleIgnoreFromID 

func NEOnDemandRuleIgnoreFromID(id objc.ID) NEOnDemandRuleIgnore

NEOnDemandRuleIgnoreFromID constructs a NEOnDemandRuleIgnore from an objc.ID.

A VPN On Demand rule that doesn’t change the status of the VPN.

func NewNEOnDemandRuleIgnore 

func NewNEOnDemandRuleIgnore() NEOnDemandRuleIgnore

NewNEOnDemandRuleIgnore creates a new NEOnDemandRuleIgnore instance.

func (NEOnDemandRuleIgnore) Autorelease 

func (o NEOnDemandRuleIgnore) Autorelease() NEOnDemandRuleIgnore

Autorelease adds the receiver to the current autorelease pool.

func (NEOnDemandRuleIgnore) Init 

func (o NEOnDemandRuleIgnore) Init() NEOnDemandRuleIgnore

Init initializes the instance.

type NEOnDemandRuleIgnoreClass 

type NEOnDemandRuleIgnoreClass struct {
	// contains filtered or unexported fields
}

func GetNEOnDemandRuleIgnoreClass 

func GetNEOnDemandRuleIgnoreClass() NEOnDemandRuleIgnoreClass

GetNEOnDemandRuleIgnoreClass returns the class object for NEOnDemandRuleIgnore.

func (NEOnDemandRuleIgnoreClass) Alloc 

func (nc NEOnDemandRuleIgnoreClass) Alloc() NEOnDemandRuleIgnore

Alloc allocates memory for a new instance of the class.

func (NEOnDemandRuleIgnoreClass) Class 

func (nc NEOnDemandRuleIgnoreClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEOnDemandRuleInterfaceType 

type NEOnDemandRuleInterfaceType int

See: https://developer.apple.com/documentation/NetworkExtension/NEOnDemandRuleInterfaceType 

const (
	// NEOnDemandRuleInterfaceTypeAny: Match any interface type
	NEOnDemandRuleInterfaceTypeAny NEOnDemandRuleInterfaceType = 0
	// NEOnDemandRuleInterfaceTypeCellular: Match cellular data interfaces
	NEOnDemandRuleInterfaceTypeCellular NEOnDemandRuleInterfaceType = 3
	// NEOnDemandRuleInterfaceTypeEthernet: Match wired ethernet interfaces
	NEOnDemandRuleInterfaceTypeEthernet NEOnDemandRuleInterfaceType = 1
	// NEOnDemandRuleInterfaceTypeWiFi: Match Wi-Fi interfaces
	NEOnDemandRuleInterfaceTypeWiFi NEOnDemandRuleInterfaceType = 2
)

func (NEOnDemandRuleInterfaceType) String 

func (e NEOnDemandRuleInterfaceType) String() string

type NEPacket 

type NEPacket struct {
	objectivec.Object
}

A network packet and its associated properties.

Initializing a packet

Accessing packet properties

See: https://developer.apple.com/documentation/NetworkExtension/NEPacket

func NEPacketFromID 

func NEPacketFromID(id objc.ID) NEPacket

NEPacketFromID constructs a NEPacket from an objc.ID.

A network packet and its associated properties.

func NewNEPacket 

func NewNEPacket() NEPacket

NewNEPacket creates a new NEPacket instance.

func NewPacketWithDataProtocolFamily 

func NewPacketWithDataProtocolFamily(data foundation.INSData, protocolFamily uint8) NEPacket

See: https://developer.apple.com/documentation/NetworkExtension/NEPacket/init(data:protocolFamily:)

func (NEPacket) Autorelease 

func (p NEPacket) Autorelease() NEPacket

Autorelease adds the receiver to the current autorelease pool.

func (NEPacket) Data 

func (p NEPacket) Data() foundation.INSData

See: https://developer.apple.com/documentation/NetworkExtension/NEPacket/data

func (NEPacket) Direction 

func (p NEPacket) Direction() NETrafficDirection

The direction of the packet.

See: https://developer.apple.com/documentation/NetworkExtension/NEPacket/direction

func (NEPacket) EncodeWithCoder 

func (p NEPacket) EncodeWithCoder(coder foundation.INSCoder)

func (NEPacket) Init 

func (p NEPacket) Init() NEPacket

Init initializes the instance.

func (NEPacket) InitWithDataProtocolFamily 

func (p NEPacket) InitWithDataProtocolFamily(data foundation.INSData, protocolFamily uint8) NEPacket

See: https://developer.apple.com/documentation/NetworkExtension/NEPacket/init(data:protocolFamily:)

func (NEPacket) Metadata 

func (p NEPacket) Metadata() INEFlowMetaData

See: https://developer.apple.com/documentation/NetworkExtension/NEPacket/metadata

func (NEPacket) ProtocolFamily 

func (p NEPacket) ProtocolFamily() uint8

See: https://developer.apple.com/documentation/NetworkExtension/NEPacket/protocolFamily

type NEPacketClass 

type NEPacketClass struct {
	// contains filtered or unexported fields
}

func GetNEPacketClass 

func GetNEPacketClass() NEPacketClass

GetNEPacketClass returns the class object for NEPacket.

func (NEPacketClass) Alloc 

func (nc NEPacketClass) Alloc() NEPacket

Alloc allocates memory for a new instance of the class.

func (NEPacketClass) Class 

func (nc NEPacketClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEPacketTunnelFlow 

type NEPacketTunnelFlow struct {
	objectivec.Object
}

An object you use to read and write packets to and from the tunnel’s virtual interface.

Overview

Use the NEPacketTunnelFlow class to implement a custom-IP tunneling protocol for your packet tunnel. For example, use the APIs in this class to read packets from the virtual interface, so you can then encapsulate these packets and send them to a packet-tunnel server. Likewise, read packets from your packet-tunnel server and use these APIs to write the packets back to the tunnel’s virtual interface.

Handling IP packets

See: https://developer.apple.com/documentation/NetworkExtension/NEPacketTunnelFlow

func NEPacketTunnelFlowFromID 

func NEPacketTunnelFlowFromID(id objc.ID) NEPacketTunnelFlow

NEPacketTunnelFlowFromID constructs a NEPacketTunnelFlow from an objc.ID.

An object you use to read and write packets to and from the tunnel’s virtual interface.

func NewNEPacketTunnelFlow 

func NewNEPacketTunnelFlow() NEPacketTunnelFlow

NewNEPacketTunnelFlow creates a new NEPacketTunnelFlow instance.

func (NEPacketTunnelFlow) Autorelease 

func (p NEPacketTunnelFlow) Autorelease() NEPacketTunnelFlow

Autorelease adds the receiver to the current autorelease pool.

func (NEPacketTunnelFlow) Init 

func (p NEPacketTunnelFlow) Init() NEPacketTunnelFlow

Init initializes the instance.

func (NEPacketTunnelFlow) ReadPacketsWithCompletionHandler 

func (p NEPacketTunnelFlow) ReadPacketsWithCompletionHandler(completionHandler VoidHandler)

Reads IP packets from the TUN interface.

completionHandler: A Swift closure or an ObjectiveC block that runs when some packets are read from the TUN interface. The packets that were read are passed to this block in the `packets` array. The protocol numbers of the packets that were read are passed to this block in the `protocols` array. Each packet has a protocol number in the corresponding index in the `protocols` array. The protocol numbers are given in host byte order. Valid protocol numbers include `AF_INET` and `AF_INET6`. See `/usr/include/sys/socket.H()`.

Discussion

Each call to this method results in a single execution of the completion handler. The caller should call this method after each `completionHandler` execution in order to continue to receive packets from the TUN interface.

See: https://developer.apple.com/documentation/NetworkExtension/NEPacketTunnelFlow/readPackets(completionHandler:)

func (NEPacketTunnelFlow) WritePacketObjects 

func (p NEPacketTunnelFlow) WritePacketObjects(packets []NEPacket) bool

Write multiple IP packets to the TUN interface.

See: https://developer.apple.com/documentation/NetworkExtension/NEPacketTunnelFlow/writePacketObjects(_:)

func (NEPacketTunnelFlow) WritePacketsWithProtocols 

func (p NEPacketTunnelFlow) WritePacketsWithProtocols(packets []foundation.NSData, protocols []foundation.NSNumber) bool

Writes IP packets to the TUN interface.

packets: An array of NSData objects containing the IP packets to the written.

protocols: An array of NSNumber objects containing the protocol numbers (e.g. AF_INET or AF_INET6) of the IP packets in `packets` in host byte order.

Discussion

The number of NSData objects in `packets` must be exactly equal to the number of NSNumber objects in `protocols`.

See: https://developer.apple.com/documentation/NetworkExtension/NEPacketTunnelFlow/writePackets(_:withProtocols:)

type NEPacketTunnelFlowClass 

type NEPacketTunnelFlowClass struct {
	// contains filtered or unexported fields
}

func GetNEPacketTunnelFlowClass 

func GetNEPacketTunnelFlowClass() NEPacketTunnelFlowClass

GetNEPacketTunnelFlowClass returns the class object for NEPacketTunnelFlow.

func (NEPacketTunnelFlowClass) Alloc 

func (nc NEPacketTunnelFlowClass) Alloc() NEPacketTunnelFlow

Alloc allocates memory for a new instance of the class.

func (NEPacketTunnelFlowClass) Class 

func (nc NEPacketTunnelFlowClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEPacketTunnelNetworkSettings 

type NEPacketTunnelNetworkSettings struct {
	NETunnelNetworkSettings
}

The configuration for a packet tunnel provider’s virtual interface.

Accessing network properties

See: https://developer.apple.com/documentation/NetworkExtension/NEPacketTunnelNetworkSettings

func NEPacketTunnelNetworkSettingsFromID 

func NEPacketTunnelNetworkSettingsFromID(id objc.ID) NEPacketTunnelNetworkSettings

NEPacketTunnelNetworkSettingsFromID constructs a NEPacketTunnelNetworkSettings from an objc.ID.

The configuration for a packet tunnel provider’s virtual interface.

func NewNEPacketTunnelNetworkSettings 

func NewNEPacketTunnelNetworkSettings() NEPacketTunnelNetworkSettings

NewNEPacketTunnelNetworkSettings creates a new NEPacketTunnelNetworkSettings instance.

func NewPacketTunnelNetworkSettingsWithTunnelRemoteAddress 

func NewPacketTunnelNetworkSettingsWithTunnelRemoteAddress(address string) NEPacketTunnelNetworkSettings

Initialize a NETunnelNetworkSettings object.

address: The IP address of the tunnel server.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelNetworkSettings/init(tunnelRemoteAddress:)

func (NEPacketTunnelNetworkSettings) Autorelease 

func (p NEPacketTunnelNetworkSettings) Autorelease() NEPacketTunnelNetworkSettings

Autorelease adds the receiver to the current autorelease pool.

func (NEPacketTunnelNetworkSettings) IPv4Settings 

func (p NEPacketTunnelNetworkSettings) IPv4Settings() INEIPv4Settings

The tunnel IP version 4 settings.

Discussion

This property contains the IPv4 routes specifying what IPv4 traffic to route to the tunnel, as well as the IPv4 address and netmask to assign to the TUN interface.

See: https://developer.apple.com/documentation/NetworkExtension/NEPacketTunnelNetworkSettings/ipv4Settings

func (NEPacketTunnelNetworkSettings) IPv6Settings 

func (p NEPacketTunnelNetworkSettings) IPv6Settings() INEIPv6Settings

The tunnel IP version 6 settings.

Discussion

This property contains the IPv6 routes specifying what IPv6 traffic to route to the tunnel, as well as the IPv6 address and network prefix to assign to the TUN interface.

See: https://developer.apple.com/documentation/NetworkExtension/NEPacketTunnelNetworkSettings/ipv6Settings

func (NEPacketTunnelNetworkSettings) Init 

func (p NEPacketTunnelNetworkSettings) Init() NEPacketTunnelNetworkSettings

Init initializes the instance.

func (NEPacketTunnelNetworkSettings) MTU 

func (p NEPacketTunnelNetworkSettings) MTU() foundation.NSNumber

The size of the maximum trasnmission unit, in bytes.

Discussion

The maximum transmission unit (MTU) size represents the largest number of bytes that anything can assign to the TUN interface.

See: https://developer.apple.com/documentation/NetworkExtension/NEPacketTunnelNetworkSettings/mtu

func (NEPacketTunnelNetworkSettings) SetIPv4Settings 

func (p NEPacketTunnelNetworkSettings) SetIPv4Settings(value INEIPv4Settings)

func (NEPacketTunnelNetworkSettings) SetIPv6Settings 

func (p NEPacketTunnelNetworkSettings) SetIPv6Settings(value INEIPv6Settings)

func (NEPacketTunnelNetworkSettings) SetMTU 

func (p NEPacketTunnelNetworkSettings) SetMTU(value foundation.NSNumber)

func (NEPacketTunnelNetworkSettings) SetTunnelOverheadBytes 

func (p NEPacketTunnelNetworkSettings) SetTunnelOverheadBytes(value foundation.NSNumber)

func (NEPacketTunnelNetworkSettings) TunnelOverheadBytes 

func (p NEPacketTunnelNetworkSettings) TunnelOverheadBytes() foundation.NSNumber

The number of bytes added to each tunneled packet for storing tunneling protocol headers.

Discussion

The value of this property is subtracted from the Maximum Transmission Unit (MTU) of the tunnel’s underlying physical network interface to compute the MTU of the TUN interface.

See: https://developer.apple.com/documentation/NetworkExtension/NEPacketTunnelNetworkSettings/tunnelOverheadBytes

type NEPacketTunnelNetworkSettingsClass 

type NEPacketTunnelNetworkSettingsClass struct {
	// contains filtered or unexported fields
}

func GetNEPacketTunnelNetworkSettingsClass 

func GetNEPacketTunnelNetworkSettingsClass() NEPacketTunnelNetworkSettingsClass

GetNEPacketTunnelNetworkSettingsClass returns the class object for NEPacketTunnelNetworkSettings.

func (NEPacketTunnelNetworkSettingsClass) Alloc 

func (nc NEPacketTunnelNetworkSettingsClass) Alloc() NEPacketTunnelNetworkSettings

Alloc allocates memory for a new instance of the class.

func (NEPacketTunnelNetworkSettingsClass) Class 

func (nc NEPacketTunnelNetworkSettingsClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEPacketTunnelProvider 

type NEPacketTunnelProvider struct {
	NETunnelProvider
}

The principal class for a packet tunnel provider app extension.

Overview

The NEPacketTunnelProvider class gives its subclasses access to a virtual network interface via the NEPacketTunnelProvider.PacketFlow property. Use the [SetTunnelNetworkSettingsCompletionHandler] method in the Packet Tunnel Provider to specify that the following network settings be associated with the virtual interface:

- Virtual IP address - DNS resolver configuration - HTTP proxy configuration - IP destination networks to be routed through the tunnel - IP destination networks to be routed outside the tunnel - Interface MTU

By specifying IP destination networks, the Packet Tunnel Provider can dictate what IP destinations will be routed to the virtual interface. IP packets with matching destination addresses will then be diverted to Packet Tunnel Provider and can be read using the NEPacketTunnelProvider.PacketFlow property. The Packet Tunnel Provider can then encapsulate the IP packets per a custom tunneling protocol and send them to a tunnel server. When the Packet Tunnel Provider decapsulates IP packets received from the tunnel server, it can use the NEPacketTunnelProvider.PacketFlow property to inject the packets into the networking stack.

Creating a Packet Tunnel Provider Extension

Packet Tunnel Providers run as App Extensions for the `com.AppleXCUIElementTypeNetworkextensionXCUIElementTypePacket()-tunnel` extension point.

To create a Packet Tunnel Provider extension, first create a new App Extension target in your project.

For an example of an Xcode build target for this app extension, see the SimpleTunnel: Customized Networking Using the NetworkExtension Framework sample code project.

Once you have a Packet Tunnel Provider extension target, create a subclass of NEPacketTunnelProvider. Then, set the [NSExtensionPrincipalClass] key in the the extension’s `Info.Plist()` to the name of your subclass.

If it is not already, set the [NSExtensionPointIdentifier] key in the extension’s `Info.Plist()` to `com.AppleXCUIElementTypeNetworkextensionXCUIElementTypePacket()-tunnel`.

Here is an example of the NSExtension dictionary in a Packet Tunnel Provider extension’s `Info.Plist()`:

Finally, add the Packet Tunnel Provider extension target to your app’s Embed App Extensions build phase.

Subclassing Notes

In order to create a Packet Tunnel Provider extension, you must create a subclass of NEPacketTunnelProvider and override the methods listed below.

Methods to Override

- NEPacketTunnelProvider.StartTunnelWithOptionsCompletionHandler - NEPacketTunnelProvider.StopTunnelWithReasonCompletionHandler

Managing the tunnel life cycle

Handling IP packets

  • NEPacketTunnelProvider.PacketFlow: A NEPacketTunnelFlow(<doc://com.apple.networkextension/documentation/NetworkExtension/NEPacketTunnelFlow>) object which is used to receive IP packets routed to the tunnel’s virtual interface and inject IP packets into the networking stack via the tunnel’s virtual interface.

Instance Properties

See: https://developer.apple.com/documentation/NetworkExtension/NEPacketTunnelProvider

func NEPacketTunnelProviderFromID 

func NEPacketTunnelProviderFromID(id objc.ID) NEPacketTunnelProvider

NEPacketTunnelProviderFromID constructs a NEPacketTunnelProvider from an objc.ID.

The principal class for a packet tunnel provider app extension.

func NewNEPacketTunnelProvider 

func NewNEPacketTunnelProvider() NEPacketTunnelProvider

NewNEPacketTunnelProvider creates a new NEPacketTunnelProvider instance.

func (NEPacketTunnelProvider) Autorelease 

func (p NEPacketTunnelProvider) Autorelease() NEPacketTunnelProvider

Autorelease adds the receiver to the current autorelease pool.

func (NEPacketTunnelProvider) CancelTunnelWithError 

func (p NEPacketTunnelProvider) CancelTunnelWithError(error_ foundation.INSError)

Stop the network tunnel from the Packet Tunnel Provider.

error: An [NSError] object containing the error that caused the tunnel to be stopped. The domain and code of this NSError object is defined by the caller. // [NSError]: https://developer.apple.com/documentation/Foundation/NSError

Discussion

The Packet Tunnel Provider should call this method when an unrecoverable error occurs, such as the tunnel server going down or the VPN authentication session expiring.

See: https://developer.apple.com/documentation/NetworkExtension/NEPacketTunnelProvider/cancelTunnelWithError(_:)

func (NEPacketTunnelProvider) Init 

func (p NEPacketTunnelProvider) Init() NEPacketTunnelProvider

Init initializes the instance.

func (NEPacketTunnelProvider) PacketFlow 

func (p NEPacketTunnelProvider) PacketFlow() INEPacketTunnelFlow

A NEPacketTunnelFlow object which is used to receive IP packets routed to the tunnel’s virtual interface and inject IP packets into the networking stack via the tunnel’s virtual interface.

See: https://developer.apple.com/documentation/NetworkExtension/NEPacketTunnelProvider/packetFlow

func (NEPacketTunnelProvider) SetVirtualInterface 

func (p NEPacketTunnelProvider) SetVirtualInterface(value objectivec.IObject)

func (NEPacketTunnelProvider) StartTunnelWithOptions 

func (p NEPacketTunnelProvider) StartTunnelWithOptions(ctx context.Context, options foundation.INSDictionary) error

StartTunnelWithOptions is a synchronous wrapper around NEPacketTunnelProvider.StartTunnelWithOptionsCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEPacketTunnelProvider) StartTunnelWithOptionsCompletionHandler 

func (p NEPacketTunnelProvider) StartTunnelWithOptionsCompletionHandler(options foundation.INSDictionary, completionHandler ErrorHandler)

Start the network tunnel.

options: A dictionary passed by the app that requested that the tunnel be started. If the starting app did not specify a dictionary of options then this parameter will be nil. If the tunnel was started via Connect On Demand, then this parameter will be nil.

completionHandler: A block that must be executed when the tunnel is fully established, or when the tunnel cannot be started due to an error. If the tunnel was successfully established, then the error parameter must be set to nil. If an error occurred, the error parameter passed to this block must be set to a non-nil NSError object. // NSError: https://developer.apple.com/documentation/Foundation/NSError

Discussion

This method is called by the system to start the network tunnel.

NEPacketTunnelProvider subclasses must override this method.

When the Packet Tunnel Provider executes the completionHandler block with a nil error parameter, it signals to the system that it is ready to begin handling network data. Therefore, the Packet Tunnel Provider should call [SetTunnelNetworkSettingsCompletionHandler] and wait for it to complete before executing the completionHandler block.

The domain and code of the NSError object passed to the `completionHandler` block are defined by the Packet Tunnel Provider.

See: https://developer.apple.com/documentation/NetworkExtension/NEPacketTunnelProvider/startTunnel(options:completionHandler:)

func (NEPacketTunnelProvider) StopTunnelWithReason 

func (p NEPacketTunnelProvider) StopTunnelWithReason(ctx context.Context, reason NEProviderStopReason) error

StopTunnelWithReason is a synchronous wrapper around NEPacketTunnelProvider.StopTunnelWithReasonCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEPacketTunnelProvider) StopTunnelWithReasonCompletionHandler 

func (p NEPacketTunnelProvider) StopTunnelWithReasonCompletionHandler(reason NEProviderStopReason, completionHandler VoidHandler)

Stop the network tunnel.

reason: An NEProviderStopReason code indicating why the tunnel is being stopped. Possible codes are listed in NEProvider.

completionHandler: A block that must be executed when the tunnel is fully stopped.

Discussion

This method is called by the system to stop the network tunnel.

NEPacketTunnelProvider subclasses must override this method.

Do not use this method to stop the tunnel from the Packet Tunnel Provider. Use `cancelTunnelWithError`: instead.

See: https://developer.apple.com/documentation/NetworkExtension/NEPacketTunnelProvider/stopTunnel(with:completionHandler:)

func (NEPacketTunnelProvider) VirtualInterface 

func (p NEPacketTunnelProvider) VirtualInterface() objectivec.IObject

See: https://developer.apple.com/documentation/networkextension/nepackettunnelprovider/virtualinterface-7l3ol

type NEPacketTunnelProviderClass 

type NEPacketTunnelProviderClass struct {
	// contains filtered or unexported fields
}

func GetNEPacketTunnelProviderClass 

func GetNEPacketTunnelProviderClass() NEPacketTunnelProviderClass

GetNEPacketTunnelProviderClass returns the class object for NEPacketTunnelProvider.

func (NEPacketTunnelProviderClass) Alloc 

func (nc NEPacketTunnelProviderClass) Alloc() NEPacketTunnelProvider

Alloc allocates memory for a new instance of the class.

func (NEPacketTunnelProviderClass) Class 

func (nc NEPacketTunnelProviderClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEProvider 

type NEProvider struct {
	objectivec.Object
}

An abstract base class for all NetworkExtension providers.

Overview

See the documentation for the NEProvider subclasses for details about how to create Network Extension Provider extensions.

The NEProvider class and its subclasses expose methods and properties that allow Network Extension Provider extensions to participate in and affect the network data path on iOS and macOS. For example, the “ method in NEFilterDataProvider allows Filter Data Provider extensions to make pass/block decisions on TCP connections as the connections are established on the system.

Subclassing Notes

The NEProvider class should not be subclassed directly. Instead, you should create subclasses of NEProvider subclasses (and in some cases subsubclasses).

Methods to Override

- NEProvider.SleepWithCompletionHandler - NEProvider.Wake

Handling sleep and wake

Monitoring the network state

See: https://developer.apple.com/documentation/NetworkExtension/NEProvider

func NEProviderFromID 

func NEProviderFromID(id objc.ID) NEProvider

NEProviderFromID constructs a NEProvider from an objc.ID.

An abstract base class for all NetworkExtension providers.

func NewNEProvider 

func NewNEProvider() NEProvider

NewNEProvider creates a new NEProvider instance.

func (NEProvider) Autorelease 

func (p NEProvider) Autorelease() NEProvider

Autorelease adds the receiver to the current autorelease pool.

func (NEProvider) DefaultPath 

func (p NEProvider) DefaultPath() INWPath

The current default network path used for connections created by the provider.

Discussion

This NWPath object contains information about which physical network interface will be used by connections opened by the Network Extension provider. You can determine when this physical interface changes by observing this property using KVO.

See: https://developer.apple.com/documentation/NetworkExtension/NEProvider/defaultPath

func (NEProvider) Init 

func (p NEProvider) Init() NEProvider

Init initializes the instance.

func (NEProvider) Sleep 

func (p NEProvider) Sleep(ctx context.Context) error

Sleep is a synchronous wrapper around NEProvider.SleepWithCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEProvider) SleepWithCompletionHandler 

func (p NEProvider) SleepWithCompletionHandler(completionHandler VoidHandler)

Handle a sleep event.

completionHandler: Implementations of this method must execute this block when the provider is finished handling the sleep event.

Discussion

This method is called by the system when the device is about to go to sleep.

NEProvider subclasses should override this method if the provider needs to perform any tasks before the device sleeps, such as disconnecting a tunnel connection.

See: https://developer.apple.com/documentation/NetworkExtension/NEProvider/sleep(completionHandler:)

func (NEProvider) Wake 

func (p NEProvider) Wake()

Handle a wake event.

Discussion

This method is called by the system when the device wakes up from sleep mode.

NEProvider subclasses should override this method if the provider needs to perform any tasks when the device wakes up, such as reconnecting a tunnel connection.

See: https://developer.apple.com/documentation/NetworkExtension/NEProvider/wake()

type NEProviderClass 

type NEProviderClass struct {
	// contains filtered or unexported fields
}

func GetNEProviderClass 

func GetNEProviderClass() NEProviderClass

GetNEProviderClass returns the class object for NEProvider.

func (NEProviderClass) Alloc 

func (nc NEProviderClass) Alloc() NEProvider

Alloc allocates memory for a new instance of the class.

func (NEProviderClass) Class 

func (nc NEProviderClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

func (NEProviderClass) StartSystemExtensionMode 

func (_NEProviderClass NEProviderClass) StartSystemExtensionMode()

Starts the Network Extension machinery from inside a System Extension.

Discussion

Call this method as early as possible after your system extension starts.

Once called, this class method causes your system extension to start handling requests from the Network Extension session manager daemon to instantiate appropriate NEProvider subclass instances. The system extension must declare a mapping of Network Extension extension points to NEProvider subclass instances in its `Info.Plist()`. The following example shows this mapping:

See: https://developer.apple.com/documentation/NetworkExtension/NEProvider/startSystemExtensionMode()

type NEProviderStopReason 

type NEProviderStopReason int

See: https://developer.apple.com/documentation/NetworkExtension/NEProviderStopReason 

const (
	// NEProviderStopReasonAuthenticationCanceled: The authentication process was canceled.
	NEProviderStopReasonAuthenticationCanceled NEProviderStopReason = 6
	// NEProviderStopReasonConfigurationDisabled: The configuration was disabled.
	NEProviderStopReasonConfigurationDisabled NEProviderStopReason = 9
	// NEProviderStopReasonConfigurationFailed: The configuration is invalid.
	NEProviderStopReasonConfigurationFailed NEProviderStopReason = 7
	// NEProviderStopReasonConfigurationRemoved: The configuration was removed.
	NEProviderStopReasonConfigurationRemoved NEProviderStopReason = 10
	// NEProviderStopReasonConnectionFailed: The connection failed.
	NEProviderStopReasonConnectionFailed NEProviderStopReason = 14
	// NEProviderStopReasonIdleTimeout: The session timed out.
	NEProviderStopReasonIdleTimeout NEProviderStopReason = 8
	// NEProviderStopReasonInternalError: The provider encountered an internal error.
	NEProviderStopReasonInternalError NEProviderStopReason = 17
	// NEProviderStopReasonNoNetworkAvailable: No network connectivity is currently available.
	NEProviderStopReasonNoNetworkAvailable NEProviderStopReason = 3
	// NEProviderStopReasonNone: No specific reason.
	NEProviderStopReasonNone NEProviderStopReason = 0
	// NEProviderStopReasonProviderDisabled: The provider was disabled.
	NEProviderStopReasonProviderDisabled NEProviderStopReason = 5
	// NEProviderStopReasonProviderFailed: The provider failed to function correctly.
	NEProviderStopReasonProviderFailed NEProviderStopReason = 2
	// NEProviderStopReasonSleep: A stop reason indicating the configuration enabled disconnect on sleep and the device went to sleep.
	NEProviderStopReasonSleep NEProviderStopReason = 15
	// NEProviderStopReasonSuperceded: The configuration was superceded by a higher-priority configuration.
	NEProviderStopReasonSuperceded NEProviderStopReason = 11
	// NEProviderStopReasonUnrecoverableNetworkChange: The device’s network connectivity changed.
	NEProviderStopReasonUnrecoverableNetworkChange NEProviderStopReason = 4
	// NEProviderStopReasonUserInitiated: The user stopped the provider extension.
	NEProviderStopReasonUserInitiated NEProviderStopReason = 1
	// NEProviderStopReasonUserLogout: The user logged out.
	NEProviderStopReasonUserLogout NEProviderStopReason = 12
	// NEProviderStopReasonUserSwitch: The current console user changed.
	NEProviderStopReasonUserSwitch NEProviderStopReason = 13
)

func (NEProviderStopReason) String 

func (e NEProviderStopReason) String() string

type NEProxyServer 

type NEProxyServer struct {
	objectivec.Object
}

NEProxyServer contains settings for a proxy server.

Overview

NEProxyServer instances are used inside of NEProxySettings instances to configure proxy settings for VPN connections.

Initializing a Proxy Server

Accessing Proxy Server Properties

See: https://developer.apple.com/documentation/NetworkExtension/NEProxyServer

func NEProxyServerFromID 

func NEProxyServerFromID(id objc.ID) NEProxyServer

NEProxyServerFromID constructs a NEProxyServer from an objc.ID.

NEProxyServer contains settings for a proxy server.

func NewNEProxyServer 

func NewNEProxyServer() NEProxyServer

NewNEProxyServer creates a new NEProxyServer instance.

func NewProxyServerWithAddressPort 

func NewProxyServerWithAddressPort(address string, port int) NEProxyServer

Initialize a newly-allocated NEProxyServer object

address: The address of the proxy server.

port: The TCP port on which the proxy server is listening for connections.

See: https://developer.apple.com/documentation/NetworkExtension/NEProxyServer/init(address:port:)

func (NEProxyServer) Address 

func (p NEProxyServer) Address() string

The address of the proxy server.

See: https://developer.apple.com/documentation/NetworkExtension/NEProxyServer/address

func (NEProxyServer) AuthenticationRequired 

func (p NEProxyServer) AuthenticationRequired() bool

A Boolean indicating if the server requires authentication credentials.

See: https://developer.apple.com/documentation/NetworkExtension/NEProxyServer/authenticationRequired

func (NEProxyServer) Autorelease 

func (p NEProxyServer) Autorelease() NEProxyServer

Autorelease adds the receiver to the current autorelease pool.

func (NEProxyServer) EncodeWithCoder 

func (p NEProxyServer) EncodeWithCoder(coder foundation.INSCoder)

func (NEProxyServer) HttpEnabled 

func (p NEProxyServer) HttpEnabled() bool

A Boolean indicating if a static HTTP proxy will be used.

See: https://developer.apple.com/documentation/networkextension/neproxysettings/httpenabled

func (NEProxyServer) HttpServer 

func (p NEProxyServer) HttpServer() INEProxyServer

An

See: https://developer.apple.com/documentation/networkextension/neproxysettings/httpserver

func (NEProxyServer) HttpsEnabled 

func (p NEProxyServer) HttpsEnabled() bool

A Boolean indicating if a static HTTPS proxy will be used.

See: https://developer.apple.com/documentation/networkextension/neproxysettings/httpsenabled

func (NEProxyServer) HttpsServer 

func (p NEProxyServer) HttpsServer() INEProxyServer

An

See: https://developer.apple.com/documentation/networkextension/neproxysettings/httpsserver

func (NEProxyServer) Init 

func (p NEProxyServer) Init() NEProxyServer

Init initializes the instance.

func (NEProxyServer) InitWithAddressPort 

func (p NEProxyServer) InitWithAddressPort(address string, port int) NEProxyServer

Initialize a newly-allocated NEProxyServer object

address: The address of the proxy server.

port: The TCP port on which the proxy server is listening for connections.

See: https://developer.apple.com/documentation/NetworkExtension/NEProxyServer/init(address:port:)

func (NEProxyServer) Password 

func (p NEProxyServer) Password() string

The password portion of the authentication credential to be used to authenticate with the proxy server.

See: https://developer.apple.com/documentation/NetworkExtension/NEProxyServer/password

func (NEProxyServer) Port 

func (p NEProxyServer) Port() int

The TCP port on which the proxy server is listening for connections.

See: https://developer.apple.com/documentation/NetworkExtension/NEProxyServer/port

func (NEProxyServer) SetAuthenticationRequired 

func (p NEProxyServer) SetAuthenticationRequired(value bool)

func (NEProxyServer) SetHttpEnabled 

func (p NEProxyServer) SetHttpEnabled(value bool)

func (NEProxyServer) SetHttpServer 

func (p NEProxyServer) SetHttpServer(value INEProxyServer)

func (NEProxyServer) SetHttpsEnabled 

func (p NEProxyServer) SetHttpsEnabled(value bool)

func (NEProxyServer) SetHttpsServer 

func (p NEProxyServer) SetHttpsServer(value INEProxyServer)

func (NEProxyServer) SetPassword 

func (p NEProxyServer) SetPassword(value string)

func (NEProxyServer) SetUsername 

func (p NEProxyServer) SetUsername(value string)

func (NEProxyServer) Username 

func (p NEProxyServer) Username() string

The username portion of the authentication credential to be used to authenticate with the proxy server.

See: https://developer.apple.com/documentation/NetworkExtension/NEProxyServer/username

type NEProxyServerClass 

type NEProxyServerClass struct {
	// contains filtered or unexported fields
}

func GetNEProxyServerClass 

func GetNEProxyServerClass() NEProxyServerClass

GetNEProxyServerClass returns the class object for NEProxyServer.

func (NEProxyServerClass) Alloc 

func (nc NEProxyServerClass) Alloc() NEProxyServer

Alloc allocates memory for a new instance of the class.

func (NEProxyServerClass) Class 

func (nc NEProxyServerClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEProxySettings 

type NEProxySettings struct {
	objectivec.Object
}

NEProxySettings contains HTTP proxy settings.

Overview

NEProxySettings is used in the context of a VPN configuration to specify the proxy that should be used for network traffic when the VPN is active.

Instances of this class are thread safe.

Accessing Automatic Proxy Properties

Accessing Manual Proxy Properties

Accessing General Proxy Properties

See: https://developer.apple.com/documentation/NetworkExtension/NEProxySettings

func NEProxySettingsFromID 

func NEProxySettingsFromID(id objc.ID) NEProxySettings

NEProxySettingsFromID constructs a NEProxySettings from an objc.ID.

NEProxySettings contains HTTP proxy settings.

func NewNEProxySettings 

func NewNEProxySettings() NEProxySettings

NewNEProxySettings creates a new NEProxySettings instance.

func (NEProxySettings) AutoProxyConfigurationEnabled 

func (p NEProxySettings) AutoProxyConfigurationEnabled() bool

A Boolean indicating if proxy auto-configuration is enabled.

See: https://developer.apple.com/documentation/NetworkExtension/NEProxySettings/autoProxyConfigurationEnabled

func (NEProxySettings) Autorelease 

func (p NEProxySettings) Autorelease() NEProxySettings

Autorelease adds the receiver to the current autorelease pool.

func (NEProxySettings) DnsSettings 

func (p NEProxySettings) DnsSettings() INEDNSSettings

The tunnel DNS settings.

See: https://developer.apple.com/documentation/networkextension/netunnelnetworksettings/dnssettings

func (NEProxySettings) EncodeWithCoder 

func (p NEProxySettings) EncodeWithCoder(coder foundation.INSCoder)

func (NEProxySettings) ExceptionList 

func (p NEProxySettings) ExceptionList() []string

An array of domain name patterns. If the destination host name of an HTTP connection matches one of these patterns then the proxy settings will not be used for the connection.

Discussion

The pattern strings may contain ‘*’ characters as wildcards.

See: https://developer.apple.com/documentation/NetworkExtension/NEProxySettings/exceptionList

func (NEProxySettings) ExcludeSimpleHostnames 

func (p NEProxySettings) ExcludeSimpleHostnames() bool

A Boolean indicating if HTTP requests using single-label host names should be excluded from using the proxy settings.

See: https://developer.apple.com/documentation/NetworkExtension/NEProxySettings/excludeSimpleHostnames

func (NEProxySettings) HTTPEnabled 

func (p NEProxySettings) HTTPEnabled() bool

A Boolean indicating if a static HTTP proxy will be used.

See: https://developer.apple.com/documentation/NetworkExtension/NEProxySettings/httpEnabled

func (NEProxySettings) HTTPSEnabled 

func (p NEProxySettings) HTTPSEnabled() bool

A Boolean indicating if a static HTTPS proxy will be used.

See: https://developer.apple.com/documentation/NetworkExtension/NEProxySettings/httpsEnabled

func (NEProxySettings) HTTPSServer 

func (p NEProxySettings) HTTPSServer() INEProxyServer

An NEProxyServer object containing the static HTTPS proxy server settings.

Discussion

If [AutoProxyConfigurationEnabled] is false and [HTTPSEnabled] is true, then the proxy server specified in this property will be used for HTTPS connections.

See: https://developer.apple.com/documentation/NetworkExtension/NEProxySettings/httpsServer

func (NEProxySettings) HTTPServer 

func (p NEProxySettings) HTTPServer() INEProxyServer

An NEProxyServer object containing the static HTTP proxy server settings.

Discussion

If [AutoProxyConfigurationEnabled] is false and [HTTPEnabled] is true, then the proxy server specified in this property will be used for HTTP connections.

See: https://developer.apple.com/documentation/NetworkExtension/NEProxySettings/httpServer

func (NEProxySettings) Init 

func (p NEProxySettings) Init() NEProxySettings

Init initializes the instance.

func (NEProxySettings) MatchDomains 

func (p NEProxySettings) MatchDomains() []string

An array of domain strings.

Discussion

If the destination host name of a HTTP connection shares a suffix with one of these strings then the proxy settings will be used for the HTTP connection. Otherwise the proxy settings will not be used.

This property should be used in conjunction with a split tunnel VPN, where only certain networks are tunneled by the VPN. The domains of those split tunneling networks should be specified in this property.

See: https://developer.apple.com/documentation/NetworkExtension/NEProxySettings/matchDomains

func (NEProxySettings) ProxyAutoConfigurationJavaScript 

func (p NEProxySettings) ProxyAutoConfigurationJavaScript() string

A string containing the Proxy Auto Configuration (PAC) JavaScript source code.

Discussion

If [AutoProxyConfigurationEnabled] is set to true then the system will execute the PAC script to determine what proxies to use (if any) for HTTP and HTTPS connections.

See: https://developer.apple.com/documentation/NetworkExtension/NEProxySettings/proxyAutoConfigurationJavaScript

func (NEProxySettings) ProxyAutoConfigurationURL 

func (p NEProxySettings) ProxyAutoConfigurationURL() foundation.INSURL

A URL specifying the location from where the Proxy Auto Configuration (PAC) script should be downloaded.

Discussion

If [AutoProxyConfigurationEnabled] is set to true and [ProxyAutoConfigurationJavaScript] is set to nil then the system will download the PAC script from this location and execute the script to determine what proxies to use (if any) for HTTP and HTTPS connections.

See: https://developer.apple.com/documentation/NetworkExtension/NEProxySettings/proxyAutoConfigurationURL

func (NEProxySettings) ProxySettings 

func (p NEProxySettings) ProxySettings() INEProxySettings

The tunnel HTTP proxy settings.

See: https://developer.apple.com/documentation/networkextension/netunnelnetworksettings/proxysettings

func (NEProxySettings) SetAutoProxyConfigurationEnabled 

func (p NEProxySettings) SetAutoProxyConfigurationEnabled(value bool)

func (NEProxySettings) SetDnsSettings 

func (p NEProxySettings) SetDnsSettings(value INEDNSSettings)

func (NEProxySettings) SetExceptionList 

func (p NEProxySettings) SetExceptionList(value []string)

func (NEProxySettings) SetExcludeSimpleHostnames 

func (p NEProxySettings) SetExcludeSimpleHostnames(value bool)

func (NEProxySettings) SetHTTPEnabled 

func (p NEProxySettings) SetHTTPEnabled(value bool)

func (NEProxySettings) SetHTTPSEnabled 

func (p NEProxySettings) SetHTTPSEnabled(value bool)

func (NEProxySettings) SetHTTPSServer 

func (p NEProxySettings) SetHTTPSServer(value INEProxyServer)

func (NEProxySettings) SetHTTPServer 

func (p NEProxySettings) SetHTTPServer(value INEProxyServer)

func (NEProxySettings) SetMatchDomains 

func (p NEProxySettings) SetMatchDomains(value []string)

func (NEProxySettings) SetProxyAutoConfigurationJavaScript 

func (p NEProxySettings) SetProxyAutoConfigurationJavaScript(value string)

func (NEProxySettings) SetProxyAutoConfigurationURL 

func (p NEProxySettings) SetProxyAutoConfigurationURL(value foundation.INSURL)

func (NEProxySettings) SetProxySettings 

func (p NEProxySettings) SetProxySettings(value INEProxySettings)

func (NEProxySettings) SetTunnelRemoteAddress 

func (p NEProxySettings) SetTunnelRemoteAddress(value string)

func (NEProxySettings) TunnelRemoteAddress 

func (p NEProxySettings) TunnelRemoteAddress() string

The IP address of the tunnel server.

See: https://developer.apple.com/documentation/networkextension/netunnelnetworksettings/tunnelremoteaddress

type NEProxySettingsClass 

type NEProxySettingsClass struct {
	// contains filtered or unexported fields
}

func GetNEProxySettingsClass 

func GetNEProxySettingsClass() NEProxySettingsClass

GetNEProxySettingsClass returns the class object for NEProxySettings.

func (NEProxySettingsClass) Alloc 

func (nc NEProxySettingsClass) Alloc() NEProxySettings

Alloc allocates memory for a new instance of the class.

func (NEProxySettingsClass) Class 

func (nc NEProxySettingsClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NERelay 

type NERelay struct {
	objectivec.Object
}

A single relay server configuration that you can chain together with other relays.

Overview

Relay servers are secure HTTP proxies that allow proxying TCP traffic using the [CONNECT] method and UDP traffic using the `connect-udp` protocol defined in RFC 9298.

Configuring server properties

Configuring client properties

See: https://developer.apple.com/documentation/NetworkExtension/NERelay

func NERelayFromID 

func NERelayFromID(id objc.ID) NERelay

NERelayFromID constructs a NERelay from an objc.ID.

A single relay server configuration that you can chain together with other relays.

func NewNERelay 

func NewNERelay() NERelay

NewNERelay creates a new NERelay instance.

func (NERelay) AdditionalHTTPHeaderFields 

func (r NERelay) AdditionalHTTPHeaderFields() foundation.INSDictionary

A dictionary of additional HTTP headers to send as part of [CONNECT] requests to the relay.

See: https://developer.apple.com/documentation/NetworkExtension/NERelay/additionalHTTPHeaderFields

func (NERelay) Autorelease 

func (r NERelay) Autorelease() NERelay

Autorelease adds the receiver to the current autorelease pool.

func (NERelay) DnsOverHTTPSURL 

func (r NERelay) DnsOverHTTPSURL() foundation.INSURL

The URL of a DNS-over-HTTPS (DoH) resolver accessible from the relay.

See: https://developer.apple.com/documentation/NetworkExtension/NERelay/dnsOverHTTPSURL

func (NERelay) EncodeWithCoder 

func (r NERelay) EncodeWithCoder(coder foundation.INSCoder)

func (NERelay) HTTP2RelayURL 

func (r NERelay) HTTP2RelayURL() foundation.INSURL

A URL identifying the relay server accessible using HTTP/2.

See: https://developer.apple.com/documentation/NetworkExtension/NERelay/http2RelayURL

func (NERelay) HTTP3RelayURL 

func (r NERelay) HTTP3RelayURL() foundation.INSURL

A URL identifying the relay server accessible using HTTP/3.

See: https://developer.apple.com/documentation/NetworkExtension/NERelay/http3RelayURL

func (NERelay) IdentityData 

func (r NERelay) IdentityData() foundation.INSData

The PKCS12 data for the relay client authentication.

Discussion

The value is a NSData object in PKCS12 format.

See: https://developer.apple.com/documentation/NetworkExtension/NERelay/identityData

func (NERelay) IdentityDataPassword 

func (r NERelay) IdentityDataPassword() string

The password the relay uses to decrypt the PKCS12 identity data.

See: https://developer.apple.com/documentation/NetworkExtension/NERelay/identityDataPassword

func (NERelay) Init 

func (r NERelay) Init() NERelay

Init initializes the instance.

func (NERelay) RawPublicKeys 

func (r NERelay) RawPublicKeys() []foundation.NSData

An array of TLS raw public keys that the relay server can present during the TLS handshake.

Discussion

If you set one or more keys, the raw public keys are used to authenticate the relay server. If no keys are set, or if the array is `nil`, default TLS server certificate evaluation is used.

See: https://developer.apple.com/documentation/NetworkExtension/NERelay/rawPublicKeys

func (NERelay) SetAdditionalHTTPHeaderFields 

func (r NERelay) SetAdditionalHTTPHeaderFields(value foundation.INSDictionary)

func (NERelay) SetDnsOverHTTPSURL 

func (r NERelay) SetDnsOverHTTPSURL(value foundation.INSURL)

func (NERelay) SetHTTP2RelayURL 

func (r NERelay) SetHTTP2RelayURL(value foundation.INSURL)

func (NERelay) SetHTTP3RelayURL 

func (r NERelay) SetHTTP3RelayURL(value foundation.INSURL)

func (NERelay) SetIdentityData 

func (r NERelay) SetIdentityData(value foundation.INSData)

func (NERelay) SetIdentityDataPassword 

func (r NERelay) SetIdentityDataPassword(value string)

func (NERelay) SetRawPublicKeys 

func (r NERelay) SetRawPublicKeys(value []foundation.NSData)

func (NERelay) SetSyntheticDNSAnswerIPv4Prefix 

func (r NERelay) SetSyntheticDNSAnswerIPv4Prefix(value string)

func (NERelay) SetSyntheticDNSAnswerIPv6Prefix 

func (r NERelay) SetSyntheticDNSAnswerIPv6Prefix(value string)

func (NERelay) SyntheticDNSAnswerIPv4Prefix 

func (r NERelay) SyntheticDNSAnswerIPv4Prefix() string

An IPv4 address prefix the relay uses to handle address info requests.

Discussion

The value of this property is an address prefix, such as `192.0.2.0/24`. The relay manager uses this prefix to synthesize DNS answers for apps that use `getaddrinfo()` to resolve domains included in [MatchDomains].

See: https://developer.apple.com/documentation/NetworkExtension/NERelay/syntheticDNSAnswerIPv4Prefix

func (NERelay) SyntheticDNSAnswerIPv6Prefix 

func (r NERelay) SyntheticDNSAnswerIPv6Prefix() string

An IPv6 address prefix the relay uses to handle address info requests.

Discussion

The value of this property is an address prefix, such as `2001:DB8::/32`. The relay manager uses this prefix to synthesize DNS answers for apps that use `getaddrinfo()` to resolve domains included in [MatchDomains].

See: https://developer.apple.com/documentation/NetworkExtension/NERelay/syntheticDNSAnswerIPv6Prefix

type NERelayClass 

type NERelayClass struct {
	// contains filtered or unexported fields
}

func GetNERelayClass 

func GetNERelayClass() NERelayClass

GetNERelayClass returns the class object for NERelay.

func (NERelayClass) Alloc 

func (nc NERelayClass) Alloc() NERelay

Alloc allocates memory for a new instance of the class.

func (NERelayClass) Class 

func (nc NERelayClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NERelayManager 

type NERelayManager struct {
	objectivec.Object
}

An object you use to create and manage a network relay configuration.

Overview

When your app starts up, access the shared instance of the relay manager, and load existing settings from the preferences using NERelayManager.LoadFromPreferencesWithCompletionHandler. You can define your relay server configuration, and persist it by calling NERelayManager.SaveToPreferencesWithCompletionHandler.

Managing relay configurations

Accessing relay configuration properties

Handling errors

Instance Properties

Instance Methods

See: https://developer.apple.com/documentation/NetworkExtension/NERelayManager

func NERelayManagerFromID 

func NERelayManagerFromID(id objc.ID) NERelayManager

NERelayManagerFromID constructs a NERelayManager from an objc.ID.

An object you use to create and manage a network relay configuration.

func NewNERelayManager 

func NewNERelayManager() NERelayManager

NewNERelayManager creates a new NERelayManager instance.

func (NERelayManager) AllowDNSFailover 

func (r NERelayManager) AllowDNSFailover() bool

Discussion

Determines if DNS queries that fail over relay can fallback to default DNS

See: https://developer.apple.com/documentation/NetworkExtension/NERelayManager/isDNSFailoverAllowed

func (NERelayManager) Autorelease 

func (r NERelayManager) Autorelease() NERelayManager

Autorelease adds the receiver to the current autorelease pool.

func (NERelayManager) Enabled 

func (r NERelayManager) Enabled() bool

A Boolean used to toggle the enabled state of the relay configuration.

Discussion

A relay configuration must be enabled before it can be used to proxy application traffic.

See: https://developer.apple.com/documentation/NetworkExtension/NERelayManager/isEnabled

func (NERelayManager) ExcludedDomains 

func (r NERelayManager) ExcludedDomains() []string

A list of domain strings used to determine which connections won’t use the relay configuration contained in this object.

Discussion

Excluded domains take precedence over domains listed in [MatchDomains].

See: https://developer.apple.com/documentation/NetworkExtension/NERelayManager/excludedDomains

func (NERelayManager) ExcludedFQDNs 

func (r NERelayManager) ExcludedFQDNs() []string

Discussion

An array of strings containing Fully Qualified Domain Names (FQDNs). If the destination host matches one of these strings then the relay will not be used. An excluded FQDN takes priority over the matchDomain property. This means the relay will not be used if the hostname matches an FQDN in this array even if the matchDomains contains a domain that would have been considered a match.

See: https://developer.apple.com/documentation/NetworkExtension/NERelayManager/excludedFQDNs

func (NERelayManager) GetLastClientErrors 

func (r NERelayManager) GetLastClientErrors(ctx context.Context, seconds float64) error

GetLastClientErrors is a synchronous wrapper around NERelayManager.GetLastClientErrorsCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NERelayManager) GetLastClientErrorsCompletionHandler 

func (r NERelayManager) GetLastClientErrorsCompletionHandler(seconds float64, completionHandler ErrorHandler)

See: https://developer.apple.com/documentation/NetworkExtension/NERelayManager/getLastClientErrors(_:completionHandler:)

func (NERelayManager) Init 

func (r NERelayManager) Init() NERelayManager

Init initializes the instance.

func (NERelayManager) LoadFromPreferences 

func (r NERelayManager) LoadFromPreferences(ctx context.Context) error

LoadFromPreferences is a synchronous wrapper around NERelayManager.LoadFromPreferencesWithCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NERelayManager) LoadFromPreferencesWithCompletionHandler 

func (r NERelayManager) LoadFromPreferencesWithCompletionHandler(completionHandler ErrorHandler)

Load your relay configuration from the system networking preferences.

completionHandler: A block that takes an [NSError] object. This block runs on your application’s main thread after the load operation is complete. If an error occurs while loading the configuration, the block returns an [NSError] object. // [NSError]: https://developer.apple.com/documentation/Foundation/NSError

Discussion

You must call this method at least once before calling [SaveToPreferencesWithCompletionHandler] for the first time after your app launches.

See: https://developer.apple.com/documentation/NetworkExtension/NERelayManager/loadFromPreferences(completionHandler:)

func (NERelayManager) LocalizedDescription 

func (r NERelayManager) LocalizedDescription() string

A string that contains the display name of the relay configuration.

Discussion

This string is used as the display name of the relay configuration in the system’s settings UI. If this property is set to `nil` at the time that the configuration is created, it is automatically set to the display name of the calling app.

See: https://developer.apple.com/documentation/NetworkExtension/NERelayManager/localizedDescription

func (NERelayManager) MatchDomains 

func (r NERelayManager) MatchDomains() []string

A list of domain strings used to determine which connections will use the relay configuration contained in this object.

Discussion

This property is used to create a “split DNS” configuration, where only hosts in certain domains route through the relays.

See: https://developer.apple.com/documentation/NetworkExtension/NERelayManager/matchDomains

func (NERelayManager) MatchFQDNs 

func (r NERelayManager) MatchFQDNs() []string

Discussion

An array of strings containing Fully Qualified Domain Names (FQDNs). If this property is non-nil, the relay will be used to access the specified hosts. If this and the matchDomains property is nil, the relay will be used for all domains.

See: https://developer.apple.com/documentation/NetworkExtension/NERelayManager/matchFQDNs

func (NERelayManager) NERelayErrorDomain 

func (r NERelayManager) NERelayErrorDomain() string

The domain for errors resulting from calls to the relay manager.

See: https://developer.apple.com/documentation/networkextension/nerelayerrordomain

func (NERelayManager) OnDemandRules 

func (r NERelayManager) OnDemandRules() []NEOnDemandRule

An array of rules you use to determine which networks the relay uses.

Discussion

If this value is `nil`, the associated relay always applies. If non-`nil`, the array describes the networks to which the relay applies.

See: https://developer.apple.com/documentation/NetworkExtension/NERelayManager/onDemandRules

func (NERelayManager) Relays 

func (r NERelayManager) Relays() []NERelay

An array of one or two relay server configurations. If multiple relays are configured, application traffic routes through both of them in the order they appear in the array.

See: https://developer.apple.com/documentation/NetworkExtension/NERelayManager/relays

func (NERelayManager) RemoveFromPreferences 

func (r NERelayManager) RemoveFromPreferences(ctx context.Context) error

RemoveFromPreferences is a synchronous wrapper around NERelayManager.RemoveFromPreferencesWithCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NERelayManager) RemoveFromPreferencesWithCompletionHandler 

func (r NERelayManager) RemoveFromPreferencesWithCompletionHandler(completionHandler ErrorHandler)

Remove your relay configuration from the system networking preferences.

completionHandler: An optional block that takes an [NSError] object. If specified, this block runs on your application’s main thread after your configuration is removed. If an error occurs while removing the configuration, the block returns an [NSError] object. // [NSError]: https://developer.apple.com/documentation/Foundation/NSError

Discussion

After you remove your configuration, the NERelayManager object still contains the configuration parameters. Calling [LoadFromPreferencesWithCompletionHandler] clears out the configuration parameters from the NERelayManager object.

See: https://developer.apple.com/documentation/NetworkExtension/NERelayManager/removeFromPreferences(completionHandler:)

func (NERelayManager) SaveToPreferences 

func (r NERelayManager) SaveToPreferences(ctx context.Context) error

SaveToPreferences is a synchronous wrapper around NERelayManager.SaveToPreferencesWithCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NERelayManager) SaveToPreferencesWithCompletionHandler 

func (r NERelayManager) SaveToPreferencesWithCompletionHandler(completionHandler ErrorHandler)

Save your relay configuration to the system networking preferences.

completionHandler: An optional block that takes an [NSError] object. If specified, this block runs on your application’s main thread after the save operation completes. If an error occurs while saving the configuration, the block returns an [NSError] object. // [NSError]: https://developer.apple.com/documentation/Foundation/NSError

Discussion

You must call [LoadFromPreferencesWithCompletionHandler] at least once before calling this method the first time after your app launches.

See: https://developer.apple.com/documentation/NetworkExtension/NERelayManager/saveToPreferences(completionHandler:)

func (NERelayManager) SetAllowDNSFailover 

func (r NERelayManager) SetAllowDNSFailover(value bool)

func (NERelayManager) SetEnabled 

func (r NERelayManager) SetEnabled(value bool)

func (NERelayManager) SetExcludedDomains 

func (r NERelayManager) SetExcludedDomains(value []string)

func (NERelayManager) SetExcludedFQDNs 

func (r NERelayManager) SetExcludedFQDNs(value []string)

func (NERelayManager) SetLocalizedDescription 

func (r NERelayManager) SetLocalizedDescription(value string)

func (NERelayManager) SetMatchDomains 

func (r NERelayManager) SetMatchDomains(value []string)

func (NERelayManager) SetMatchFQDNs 

func (r NERelayManager) SetMatchFQDNs(value []string)

func (NERelayManager) SetOnDemandRules 

func (r NERelayManager) SetOnDemandRules(value []NEOnDemandRule)

func (NERelayManager) SetRelays 

func (r NERelayManager) SetRelays(value []NERelay)

func (NERelayManager) SetUIToggleEnabled 

func (r NERelayManager) SetUIToggleEnabled(value bool)

func (NERelayManager) UIToggleEnabled 

func (r NERelayManager) UIToggleEnabled() bool

Discussion

Determines if the user will have the ability to enable and disable the relay

See: https://developer.apple.com/documentation/NetworkExtension/NERelayManager/isUIToggleEnabled

type NERelayManagerClass 

type NERelayManagerClass struct {
	// contains filtered or unexported fields
}

func GetNERelayManagerClass 

func GetNERelayManagerClass() NERelayManagerClass

GetNERelayManagerClass returns the class object for NERelayManager.

func (NERelayManagerClass) Alloc 

func (nc NERelayManagerClass) Alloc() NERelayManager

Alloc allocates memory for a new instance of the class.

func (NERelayManagerClass) Class 

func (nc NERelayManagerClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

func (NERelayManagerClass) SharedManager 

func (_NERelayManagerClass NERelayManagerClass) SharedManager() NERelayManager

Access the single instance of a network relay manager.

Return Value

The network relay manager instance for the calling application.

See: https://developer.apple.com/documentation/NetworkExtension/NERelayManager/shared()

type NERelayManagerClientError 

type NERelayManagerClientError int

See: https://developer.apple.com/documentation/NetworkExtension/NERelayManagerClientError 

const (
	NERelayManagerClientErrorCertificateExpired       NERelayManagerClientError = 7
	NERelayManagerClientErrorCertificateInvalid       NERelayManagerClientError = 6
	NERelayManagerClientErrorCertificateMissing       NERelayManagerClientError = 5
	NERelayManagerClientErrorDNSFailed                NERelayManagerClientError = 2
	NERelayManagerClientErrorNone                     NERelayManagerClientError = 1
	NERelayManagerClientErrorOther                    NERelayManagerClientError = 10
	NERelayManagerClientErrorServerCertificateExpired NERelayManagerClientError = 9
	NERelayManagerClientErrorServerCertificateInvalid NERelayManagerClientError = 8
	NERelayManagerClientErrorServerDisconnected       NERelayManagerClientError = 4
	NERelayManagerClientErrorServerUnreachable        NERelayManagerClientError = 3
)

func (NERelayManagerClientError) String 

func (e NERelayManagerClientError) String() string

type NERelayManagerError 

type NERelayManagerError int

See: https://developer.apple.com/documentation/NetworkExtension/NERelayManagerError 

const (
	// NERelayManagerErrorConfigurationCannotBeRemoved: An error code that indicates removing the relay manager failed.
	NERelayManagerErrorConfigurationCannotBeRemoved NERelayManagerError = 4
	// NERelayManagerErrorConfigurationDisabled: An error code that indicates the relay manager isn’t enabled.
	NERelayManagerErrorConfigurationDisabled NERelayManagerError = 2
	// NERelayManagerErrorConfigurationInvalid: An error code that indicates the relay manager is invalid.
	NERelayManagerErrorConfigurationInvalid NERelayManagerError = 1
	// NERelayManagerErrorConfigurationStale: An error code that indicates the relay manager isn’t loaded.
	NERelayManagerErrorConfigurationStale NERelayManagerError = 3
)

func (NERelayManagerError) String 

func (e NERelayManagerError) String() string

type NETrafficDirection 

type NETrafficDirection int

See: https://developer.apple.com/documentation/NetworkExtension/NETrafficDirection 

const (
	// NETrafficDirectionAny: A direction that matches either inbound or outbound traffic.
	NETrafficDirectionAny NETrafficDirection = 0
	// NETrafficDirectionInbound: The inbound traffic direction.
	NETrafficDirectionInbound NETrafficDirection = 1
	// NETrafficDirectionOutbound: The outbound traffic direction.
	NETrafficDirectionOutbound NETrafficDirection = 2
)

func (NETrafficDirection) String 

func (e NETrafficDirection) String() string

type NETransparentProxyManager 

type NETransparentProxyManager struct {
	NEVPNManager
}

An object that configures and controls transparent proxies.

See: https://developer.apple.com/documentation/NetworkExtension/NETransparentProxyManager

func NETransparentProxyManagerFromID 

func NETransparentProxyManagerFromID(id objc.ID) NETransparentProxyManager

NETransparentProxyManagerFromID constructs a NETransparentProxyManager from an objc.ID.

An object that configures and controls transparent proxies.

func NewNETransparentProxyManager 

func NewNETransparentProxyManager() NETransparentProxyManager

NewNETransparentProxyManager creates a new NETransparentProxyManager instance.

func (NETransparentProxyManager) Autorelease 

func (t NETransparentProxyManager) Autorelease() NETransparentProxyManager

Autorelease adds the receiver to the current autorelease pool.

func (NETransparentProxyManager) Init 

func (t NETransparentProxyManager) Init() NETransparentProxyManager

Init initializes the instance.

type NETransparentProxyManagerClass 

type NETransparentProxyManagerClass struct {
	// contains filtered or unexported fields
}

func GetNETransparentProxyManagerClass 

func GetNETransparentProxyManagerClass() NETransparentProxyManagerClass

GetNETransparentProxyManagerClass returns the class object for NETransparentProxyManager.

func (NETransparentProxyManagerClass) Alloc 

func (nc NETransparentProxyManagerClass) Alloc() NETransparentProxyManager

Alloc allocates memory for a new instance of the class.

func (NETransparentProxyManagerClass) Class 

func (nc NETransparentProxyManagerClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NETransparentProxyNetworkSettings 

type NETransparentProxyNetworkSettings struct {
	NETunnelNetworkSettings
}

A specification of what traffic to route through a transparent proxy.

Overview

A proxy network settings object contains two properties: an array of rules to include traffic (NETransparentProxyNetworkSettings.IncludedNetworkRules) and an array of rules to exclude traffic (NETransparentProxyNetworkSettings.ExcludedNetworkRules). The exclusion rules take prirority. Therefore, if a given flow matches any of the NETransparentProxyNetworkSettings.ExcludedNetworkRules, evaluation ends and the flow doesn’t route to the proxy. If there’s no match, then evaluation continues and attempts to match the flow against the NETransparentProxyNetworkSettings.IncludedNetworkRules.

Traffic routing rules

See: https://developer.apple.com/documentation/NetworkExtension/NETransparentProxyNetworkSettings

func NETransparentProxyNetworkSettingsFromID 

func NETransparentProxyNetworkSettingsFromID(id objc.ID) NETransparentProxyNetworkSettings

NETransparentProxyNetworkSettingsFromID constructs a NETransparentProxyNetworkSettings from an objc.ID.

A specification of what traffic to route through a transparent proxy.

func NewNETransparentProxyNetworkSettings 

func NewNETransparentProxyNetworkSettings() NETransparentProxyNetworkSettings

NewNETransparentProxyNetworkSettings creates a new NETransparentProxyNetworkSettings instance.

func NewTransparentProxyNetworkSettingsWithTunnelRemoteAddress 

func NewTransparentProxyNetworkSettingsWithTunnelRemoteAddress(address string) NETransparentProxyNetworkSettings

Initialize a NETunnelNetworkSettings object.

address: The IP address of the tunnel server.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelNetworkSettings/init(tunnelRemoteAddress:)

func (NETransparentProxyNetworkSettings) Autorelease 

func (t NETransparentProxyNetworkSettings) Autorelease() NETransparentProxyNetworkSettings

Autorelease adds the receiver to the current autorelease pool.

func (NETransparentProxyNetworkSettings) ExcludedNetworkRules 

func (t NETransparentProxyNetworkSettings) ExcludedNetworkRules() []NENetworkRule

An array of rules that collectively specify what traffic to not route through the transparent proxy.

Discussion

The following restrictions apply to each rule in the array:

- If the port string of the endpoint is `0` or is the empty string, then the address of the endpoint must be a non-wildcard address, such as `0.0.0.0` or `::`. - If the address is a wildcard address (such as `0.0.0.0` or `::)`, then the port string of the endpoint must be non-empty and must not be `0`. - A port string of `53` is not allowed. Use Destination Domain-based rules to match DNS traffic. - The [MatchLocalNetwork] property must be `nil`. - The [MatchDirection] property must be NETrafficDirection.outbound.

See: https://developer.apple.com/documentation/NetworkExtension/NETransparentProxyNetworkSettings/excludedNetworkRules

func (NETransparentProxyNetworkSettings) IncludedNetworkRules 

func (t NETransparentProxyNetworkSettings) IncludedNetworkRules() []NENetworkRule

An array of rules that collectively specify what traffic to route through the transparent proxy.

Discussion

The following restrictions apply to each rule in the array:

- If the port string of the endpoint is `0` or is the empty string, then the address of the endpoint must be a non-wildcard address, such as `0.0.0.0` or `::`. - If the address is a wildcard address (such as `0.0.0.0` or `::)`, then the port string of the endpoint must be non-empty and must not be `0`. - A port string of `53` is not allowed. Use Destination Domain-based rules to match DNS traffic. - The [MatchLocalNetwork] property must be `nil`. - The [MatchDirection] property must be NETrafficDirection.outbound.

See: https://developer.apple.com/documentation/NetworkExtension/NETransparentProxyNetworkSettings/includedNetworkRules

func (NETransparentProxyNetworkSettings) Init 

func (t NETransparentProxyNetworkSettings) Init() NETransparentProxyNetworkSettings

Init initializes the instance.

func (NETransparentProxyNetworkSettings) SetExcludedNetworkRules 

func (t NETransparentProxyNetworkSettings) SetExcludedNetworkRules(value []NENetworkRule)

func (NETransparentProxyNetworkSettings) SetIncludedNetworkRules 

func (t NETransparentProxyNetworkSettings) SetIncludedNetworkRules(value []NENetworkRule)

type NETransparentProxyNetworkSettingsClass 

type NETransparentProxyNetworkSettingsClass struct {
	// contains filtered or unexported fields
}

func GetNETransparentProxyNetworkSettingsClass 

func GetNETransparentProxyNetworkSettingsClass() NETransparentProxyNetworkSettingsClass

GetNETransparentProxyNetworkSettingsClass returns the class object for NETransparentProxyNetworkSettings.

func (NETransparentProxyNetworkSettingsClass) Alloc 

func (nc NETransparentProxyNetworkSettingsClass) Alloc() NETransparentProxyNetworkSettings

Alloc allocates memory for a new instance of the class.

func (NETransparentProxyNetworkSettingsClass) Class 

func (nc NETransparentProxyNetworkSettingsClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NETransparentProxyProvider 

type NETransparentProxyProvider struct {
	NEAppProxyProvider
}

An object that implements the client side of a custom transparent network proxy solution.

Overview

The NETransparentProxyProvider class has the following behavior differences from its superclass NEAppProxyProvider:

- Returning [NO] from [HandleNewFlow] and [HandleNewUDPFlowInitialRemoteEndpoint] causes the flow to proceed to communicate directly with the flow’s ultimate destination, instead of closing the flow with a “Connection Refused” error. - This provider ignores NEDNSSettings and NEProxySettings specified within NETransparentProxyNetworkSettings. Flows that match the NETransparentProxyProvider.IncludedNetworkRules within NETransparentProxyNetworkSettings use the same DNS and proxy settings that other flows on the system currently use. - Flows that are created using a “connect by name” API (such as Network framework or URLSession) that match the NETransparentProxyProvider.IncludedNetworkRules don’t bypass DNS resolution.

See: https://developer.apple.com/documentation/NetworkExtension/NETransparentProxyProvider

func NETransparentProxyProviderFromID 

func NETransparentProxyProviderFromID(id objc.ID) NETransparentProxyProvider

NETransparentProxyProviderFromID constructs a NETransparentProxyProvider from an objc.ID.

An object that implements the client side of a custom transparent network proxy solution.

func NewNETransparentProxyProvider 

func NewNETransparentProxyProvider() NETransparentProxyProvider

NewNETransparentProxyProvider creates a new NETransparentProxyProvider instance.

func (NETransparentProxyProvider) Autorelease 

func (t NETransparentProxyProvider) Autorelease() NETransparentProxyProvider

Autorelease adds the receiver to the current autorelease pool.

func (NETransparentProxyProvider) IncludedNetworkRules 

func (t NETransparentProxyProvider) IncludedNetworkRules() INENetworkRule

An array of rules that collectively specify what traffic to route through the transparent proxy.

See: https://developer.apple.com/documentation/networkextension/netransparentproxynetworksettings/includednetworkrules

func (NETransparentProxyProvider) Init 

func (t NETransparentProxyProvider) Init() NETransparentProxyProvider

Init initializes the instance.

func (NETransparentProxyProvider) SetIncludedNetworkRules 

func (t NETransparentProxyProvider) SetIncludedNetworkRules(value INENetworkRule)

type NETransparentProxyProviderClass 

type NETransparentProxyProviderClass struct {
	// contains filtered or unexported fields
}

func GetNETransparentProxyProviderClass 

func GetNETransparentProxyProviderClass() NETransparentProxyProviderClass

GetNETransparentProxyProviderClass returns the class object for NETransparentProxyProvider.

func (NETransparentProxyProviderClass) Alloc 

func (nc NETransparentProxyProviderClass) Alloc() NETransparentProxyProvider

Alloc allocates memory for a new instance of the class.

func (NETransparentProxyProviderClass) Class 

func (nc NETransparentProxyProviderClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NETunnelNetworkSettings 

type NETunnelNetworkSettings struct {
	objectivec.Object
}

The configuration for a tunnel provider’s virtual interface.

Initializing tunnel network settings

Accessing tunnel network settings

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelNetworkSettings

func NETunnelNetworkSettingsFromID 

func NETunnelNetworkSettingsFromID(id objc.ID) NETunnelNetworkSettings

NETunnelNetworkSettingsFromID constructs a NETunnelNetworkSettings from an objc.ID.

The configuration for a tunnel provider’s virtual interface.

func NewNETunnelNetworkSettings 

func NewNETunnelNetworkSettings() NETunnelNetworkSettings

NewNETunnelNetworkSettings creates a new NETunnelNetworkSettings instance.

func NewTunnelNetworkSettingsWithTunnelRemoteAddress 

func NewTunnelNetworkSettingsWithTunnelRemoteAddress(address string) NETunnelNetworkSettings

Initialize a NETunnelNetworkSettings object.

address: The IP address of the tunnel server.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelNetworkSettings/init(tunnelRemoteAddress:)

func (NETunnelNetworkSettings) Autorelease 

func (t NETunnelNetworkSettings) Autorelease() NETunnelNetworkSettings

Autorelease adds the receiver to the current autorelease pool.

func (NETunnelNetworkSettings) DNSSettings 

func (t NETunnelNetworkSettings) DNSSettings() INEDNSSettings

The tunnel DNS settings.

Discussion

Network connections to hosts in the tunnel’s internal network will use these DNS settings when resolving host names.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelNetworkSettings/dnsSettings

func (NETunnelNetworkSettings) EncodeWithCoder 

func (t NETunnelNetworkSettings) EncodeWithCoder(coder foundation.INSCoder)

func (NETunnelNetworkSettings) Init 

func (t NETunnelNetworkSettings) Init() NETunnelNetworkSettings

Init initializes the instance.

func (NETunnelNetworkSettings) InitWithTunnelRemoteAddress 

func (t NETunnelNetworkSettings) InitWithTunnelRemoteAddress(address string) NETunnelNetworkSettings

Initialize a NETunnelNetworkSettings object.

address: The IP address of the tunnel server.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelNetworkSettings/init(tunnelRemoteAddress:)

func (NETunnelNetworkSettings) ProxySettings 

func (t NETunnelNetworkSettings) ProxySettings() INEProxySettings

The tunnel HTTP proxy settings.

Discussion

HTTP connections to hosts in the tunnel’s internal network will use these proxy settings.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelNetworkSettings/proxySettings

func (NETunnelNetworkSettings) SetDNSSettings 

func (t NETunnelNetworkSettings) SetDNSSettings(value INEDNSSettings)

func (NETunnelNetworkSettings) SetProxySettings 

func (t NETunnelNetworkSettings) SetProxySettings(value INEProxySettings)

func (NETunnelNetworkSettings) TunnelRemoteAddress 

func (t NETunnelNetworkSettings) TunnelRemoteAddress() string

The IP address of the tunnel server.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelNetworkSettings/tunnelRemoteAddress

type NETunnelNetworkSettingsClass 

type NETunnelNetworkSettingsClass struct {
	// contains filtered or unexported fields
}

func GetNETunnelNetworkSettingsClass 

func GetNETunnelNetworkSettingsClass() NETunnelNetworkSettingsClass

GetNETunnelNetworkSettingsClass returns the class object for NETunnelNetworkSettings.

func (NETunnelNetworkSettingsClass) Alloc 

func (nc NETunnelNetworkSettingsClass) Alloc() NETunnelNetworkSettings

Alloc allocates memory for a new instance of the class.

func (NETunnelNetworkSettingsClass) Class 

func (nc NETunnelNetworkSettingsClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NETunnelProvider 

type NETunnelProvider struct {
	NEProvider
}

An abstract base class shared by NEPacketTunnelProvider and NEAppProxyProvider.

Overview

Each NETunnelProvider instance corresponds to a single tunneling session, with a single associated configuration.

Subclassing Notes

The NETunnelProvider class should not be subclassed directly. Instead, you should create subclasses of NETunnelProvider subclasses.

Methods to Override

- NETunnelProvider.HandleAppMessageCompletionHandler

Getting the tunnel configuration

Configuring the tunnel interface

Communicating with the containing app

Setting tunnel status

Errors

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProvider

func NETunnelProviderFromID 

func NETunnelProviderFromID(id objc.ID) NETunnelProvider

NETunnelProviderFromID constructs a NETunnelProvider from an objc.ID.

An abstract base class shared by NEPacketTunnelProvider and NEAppProxyProvider.

func NewNETunnelProvider 

func NewNETunnelProvider() NETunnelProvider

NewNETunnelProvider creates a new NETunnelProvider instance.

func (NETunnelProvider) AppRules 

func (t NETunnelProvider) AppRules() []NEAppRule

The app rules dictating which apps use the current tunneling session.

Discussion

This property is only non-`nil` if the current configuration is a Per-App VPN configuration.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProvider/appRules

func (NETunnelProvider) Autorelease 

func (t NETunnelProvider) Autorelease() NETunnelProvider

Autorelease adds the receiver to the current autorelease pool.

func (NETunnelProvider) HandleAppMessage 

func (t NETunnelProvider) HandleAppMessage(ctx context.Context, messageData foundation.INSData) (*foundation.NSData, error)

HandleAppMessage is a synchronous wrapper around NETunnelProvider.HandleAppMessageCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NETunnelProvider) HandleAppMessageCompletionHandler 

func (t NETunnelProvider) HandleAppMessageCompletionHandler(messageData foundation.INSData, completionHandler DataHandler)

Handle messages sent by the tunnel provider extension’s containing app.

messageData: The message data sent by the tunnel provider extension’s containing app.

completionHandler: A block to be executed by the Tunnel Provider when it is finished handling the message. It may be nil, in which case the containing app does not expect a reply. The provider can send information back to the containing app via the `responseData` parameter.

Discussion

Use this method to communicate information between the Tunnel Provider and the Tunnel Provider’s containing app.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProvider/handleAppMessage(_:completionHandler:)

func (NETunnelProvider) Init 

func (t NETunnelProvider) Init() NETunnelProvider

Init initializes the instance.

func (NETunnelProvider) NETunnelProviderErrorDomain 

func (t NETunnelProvider) NETunnelProviderErrorDomain() string

The domain used for Tunnel Provider errors.

See: https://developer.apple.com/documentation/networkextension/netunnelprovidererrordomain

func (NETunnelProvider) ProtocolConfiguration 

func (t NETunnelProvider) ProtocolConfiguration() INEVPNProtocol

The configuration of the current tunneling session.

Discussion

The configuration is created by the containing app of the Tunnel Provider using the NETunnelProviderManager class, or by the ingestion of a `com.AppleXCUIElementTypeVpnXCUIElementTypeManaged()` or a `com.AppleXCUIElementTypeVpnXCUIElementTypeManagedXCUIElementTypeApplayer()` configuration profile payload. See the NETunnelProviderManager class for more details.

For NEPacketTunnelProvider subclasses and NEAppProxyProvider subclasses, this property will be set to a NETunnelProviderProtocol object.

NETunnelProvider subclasses can observe this property using KVO to be notified when the configuration changes. For details see Key-Value Observing Programming Guide.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProvider/protocolConfiguration

func (NETunnelProvider) Reasserting 

func (t NETunnelProvider) Reasserting() bool

Indicate to the system that the tunnel is being re-established.

Discussion

The Tunnel Provider should set this property to true whenever it starts to reconnect to the tunnel server. Once the Tunnel Provider completes the process of reconnecting it should set this property to false.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProvider/reasserting

func (NETunnelProvider) RoutingMethod 

func (t NETunnelProvider) RoutingMethod() NETunnelProviderRoutingMethod

The method by which network traffic is routed to the tunnel.

Discussion

The default is NETunnelProviderRoutingMethod.destinationIP.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProvider/routingMethod

func (NETunnelProvider) SetReasserting 

func (t NETunnelProvider) SetReasserting(value bool)

func (NETunnelProvider) SetTunnelNetworkSettings 

func (t NETunnelProvider) SetTunnelNetworkSettings(ctx context.Context, tunnelNetworkSettings INETunnelNetworkSettings) error

SetTunnelNetworkSettings is a synchronous wrapper around NETunnelProvider.SetTunnelNetworkSettingsCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NETunnelProvider) SetTunnelNetworkSettingsCompletionHandler 

func (t NETunnelProvider) SetTunnelNetworkSettingsCompletionHandler(tunnelNetworkSettings INETunnelNetworkSettings, completionHandler ErrorHandler)

Specify the network settings for the current tunneling session.

tunnelNetworkSettings: The network settings to use for the tunnel. Pass nil to clear out the network settings for the current tunneling session.

completionHandler: A block that will be executed when the operation of setting the network settings is complete. If the network settings could not be set due to an error, then the error parameter will be set to an [NSError] object containing more information about the error. See NETunnelProviderError for possible error codes. If the network settings were set successfully then the error parameter will be set to nil. // [NSError]: https://developer.apple.com/documentation/Foundation/NSError

Discussion

Use this method to specify the settings to be used by network communication that traverses the tunnel. If you are implementing a Packet Tunnel Provider, pass a NEPacketTunnelNetworkSettings object containing virtual IP configuration, DNS settings, proxy settings, the tunnel MTU, and IP routes. If you are implementing an App Proxy Provider, pass a NETunnelNetworkSettings containing DNS settings and proxy settings.

This method should be called as part of the process of establishing the tunnel, as follows:

- The system calls the appropriate “start” method on the tunnel provider object. - The provider obtains the network settings for the tunnel by some means dictated by the tunnel provider, such as by downloading them from the tunnel server. - The tunnel provider calls [SetTunnelNetworkSettingsCompletionHandler] method to apply the network settings to the system. - The system executes the completion handler passed to `completionHandler`: to indicate that the network settings have been set. - The tunnel provider executes the completion handler block passed to the “start” method to indicate that the tunnel is fully established.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProvider/setTunnelNetworkSettings(_:completionHandler:)

type NETunnelProviderClass 

type NETunnelProviderClass struct {
	// contains filtered or unexported fields
}

func GetNETunnelProviderClass 

func GetNETunnelProviderClass() NETunnelProviderClass

GetNETunnelProviderClass returns the class object for NETunnelProvider.

func (NETunnelProviderClass) Alloc 

func (nc NETunnelProviderClass) Alloc() NETunnelProvider

Alloc allocates memory for a new instance of the class.

func (NETunnelProviderClass) Class 

func (nc NETunnelProviderClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NETunnelProviderError 

type NETunnelProviderError int

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderError-swift.struct/Code 

const (
	// NETunnelProviderErrorNetworkSettingsCanceled: The request to set or clear the tunnel network settings was canceled.
	NETunnelProviderErrorNetworkSettingsCanceled NETunnelProviderError = 2
	// NETunnelProviderErrorNetworkSettingsFailed: The request to set or clear the tunnel network settings failed.
	NETunnelProviderErrorNetworkSettingsFailed NETunnelProviderError = 3
	// NETunnelProviderErrorNetworkSettingsInvalid: The provided tunnel network settings are invalid.
	NETunnelProviderErrorNetworkSettingsInvalid NETunnelProviderError = 1
)

func (NETunnelProviderError) String 

func (e NETunnelProviderError) String() string

type NETunnelProviderManager 

type NETunnelProviderManager struct {
	NEVPNManager
}

An object to create and manage the tunnel provider’s VPN configuration.

Overview

Like its superclass NEVPNManager, you use the NETunnelProviderManager class to configure and control VPN connections. The difference is that NETunnelProviderManager is used to to configure and control VPN connections that use a custom VPN protocol. The client side of the custom protocol implementation is implemented as a Packet Tunnel Provider extension. The Packet Tunnel Provider extension’s containing app uses NETunnelProviderManager to create and manage VPN configurations that use the custom protocol, and to control the VPN connections specified by the configurations.

The NETunnelProviderManager class inherits most of its functionality from the NEVPNManager class. The key differences to be aware of when using NETunnelProviderManager are:

- The [NETunnelProviderManager.ProtocolConfiguration] property can only be set to instances of the NETunnelProviderProtocol class - The [NETunnelProviderManager.Connection] read-only property is set to an instance of the NETunnelProviderSession class.

Configuration Model

Each NETunnelProviderManager instance corresponds to a single VPN configuration stored in the Network Extension preferences. Multiple VPN configurations can be created and managed by creating multiple NETunnelProviderManager instances.

Each VPN configuration is associated with the app that created it. The app’s view of the Network Extension preferences is limited to include only the configurations that were created by the app.

VPN configurations created using NETunnelProviderManager are classified as regular enterprise VPN configurations (as opposed to the Personal VPN configurations created by NEVPNManager). Only one enterprise VPN configuration can be enabled on the system at a time. If both a Personal VPN and an enterprise VPN are active on the system simultaneously, the enterprise VPN takes precedence, meaning that if the routes for the two VPNs conflict then the routes for the enterprise VPN will take precedence. The Personal VPN will remain active and connected while the enterprise VPN is active and connected, and any traffic that is routed to the Personal VPN and is not routed to the enterprise VPN will continue to traverse the Personal VPN.

Profile Configuration

It is possible to create Packet Tunnel Provider configurations using configuration profiles. See the `com.AppleXCUIElementTypeVpnXCUIElementTypeManaged()` and `com.AppleXCUIElementTypeVpnXCUIElementTypeManagedXCUIElementTypeApplayer()` payload types in Configuration Profile Reference. To specify that a configuration created via a profile payload is associated with a particular app (and therefore allow the app to use NETunnelProviderManager to manage the configuration), the app’s bundle identifier must be set as the value of the [VPNSubType] field in the profile payload.

Credential Storage

VPN credentials such as private keys and passwords that are imported into the system via configuration profiles are stored in the keychain in a special access group called `com.AppleXCUIElementTypeManagedXCUIElementTypeVpnXCUIElementTypeShared()`. In order to use these credentials the app and Packet Tunnel Provider extension must have the `com.AppleXCUIElementTypeManagedXCUIElementTypeVpnXCUIElementTypeShared()` keychain access group entitlement.

Routing Network Data to the VPN

There are two ways or methods by which network data is routed to the VPN:

- By destination IP address - By source application (Per-App VPN)

Routing by Destination IP

This is the default routing method. The IP routes are specified by the Packet Tunnel Provider extension at the time that the VPN tunnel is fully established. See NETunnelProvider for more details.

Per-App VPN

The only way to configure Per-App VPN is by enrolling the device in a Mobile Device Management (MDM) system, and then linking apps that are managed by the MDM system with a VPN configuration created from a `com.AppleXCUIElementTypeVpnXCUIElementTypeManagedXCUIElementTypeApplayer()` configuration profile payload. Here are some details about how this works:

- The MDM server creates a configuration profile containing a `com.AppleXCUIElementTypeVpnXCUIElementTypeManagedXCUIElementTypeApplayer()` payload. The `com.AppleXCUIElementTypeVpnXCUIElementTypeManagedXCUIElementTypeApplayer()` payload contains all of the usual VPN configuration profile payload fields, and also must contain a [VPNUUID] field, containing a unique string defined by the MDM server. - If the VPN provider extension is a Packet Tunnel Provider extension, then the [ProviderType] field in the `com.AppleXCUIElementTypeVpnXCUIElementTypeManagedXCUIElementTypeApplayer()` payload should be set to `packet-tunnel`. If the VPN provider extension is an App Proxy Provider extension, then the [ProviderType] field in the `com.AppleXCUIElementTypeVpnXCUIElementTypeManagedXCUIElementTypeApplayer()` should be set to `app-proxy`. - The MDM server adds a [VPNUUID] key to the attributes dictionary of all of the managed apps that will use the VPN. The value of the [VPNUUID] key must be set to the same unique string contained in the [VPNUUID] field in the `com.AppleXCUIElementTypeVpnXCUIElementTypeManagedXCUIElementTypeApplayer()` payload. - The MDM server pushes the configuration profile and the managed apps to the iOS device using the MDM protocol.

The MDM client running on the device creates one app rule in the VPN configuration for each managed app that is linked to the VPN configuration via the [VPNUUID] app attribute.

Per-App VPN On Demand

The Per-App VPN app rules serve as both routing rules and VPN On Demand rules. This is in contrast to IP destination-based routing, where the VPN On Demand rules are configured separately from the routing rules. When the `onDemandEnabled` property is set to true and an app that matches the Per-App VPN rules attempts to communicate over the network, the VPN will be started automatically.

It is possible to set regular VPN On Demand rules in a Per-App VPN configuration via the [NETunnelProviderManager.OnDemandRules] property, but only NEOnDemandRuleDisconnect rules will be used. When a NEOnDemandRuleDisconnect rule matches, apps which match the Per-App VPN rules will bypass the VPN.

Testing Per-App VPN

As described above, an MDM server is required to configure Per-App VPN for VPN apps distributed via the App Store. To make testing Per-App VPN easier, it is possible to configure Per-App VPN without an MDM server during development by using the [NETestAppMapping] `Info.Plist()` key.

Here is what you need to do to make use of this capability:

- Create a configuration profile containing a `com.AppleXCUIElementTypeVpnXCUIElementTypeManagedXCUIElementTypeApplayer()` payload as described in Configuration Profile Reference. In addition to all of the usual VPN configuration payload fields, the payload must also contain a [VPNUUID] field, containing a unique string defined by you. - Add the [NETestAppMapping] key to your app’s `Info.Plist()`. The value of this key should be a dictionary that maps [VPNUUID] values to arrays of app bundle identifiers. Here is a sample:

- Rebuild the app. - Install the app and the configuration profile on the device.

The system will create one app rule in the VPN configuration for each bundle identifier listed in the array in the [NETestAppMapping] dictionary corresponding to the value of the [VPNUUID] field in the `com.AppleXCUIElementTypeVpnXCUIElementTypeManagedXCUIElementTypeApplayer()` payload.

Managing tunnel configurations

Getting tunnel configuration properties

Configuring a per-app VPN

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderManager

func NETunnelProviderManagerFromID 

func NETunnelProviderManagerFromID(id objc.ID) NETunnelProviderManager

NETunnelProviderManagerFromID constructs a NETunnelProviderManager from an objc.ID.

An object to create and manage the tunnel provider’s VPN configuration.

func NewNETunnelProviderManager 

func NewNETunnelProviderManager() NETunnelProviderManager

NewNETunnelProviderManager creates a new NETunnelProviderManager instance.

func (NETunnelProviderManager) AppRules 

func (t NETunnelProviderManager) AppRules() []NEAppRule

The rules for specific apps in a per-app VPN.

Discussion

For per-app VPNs only, the system routes network traffic originating from an app that matches one of these rules through the VPN.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderManager/appRules

func (NETunnelProviderManager) AssociatedDomains 

func (t NETunnelProviderManager) AssociatedDomains() []string

The domains that the system routes network traffic through for a per-app VPN.

Discussion

For per-app VPNs only, the system routes HTTP requests to download the Apple app site association files for domains in this property through the VPN.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderManager/associatedDomains

func (NETunnelProviderManager) Autorelease 

func (t NETunnelProviderManager) Autorelease() NETunnelProviderManager

Autorelease adds the receiver to the current autorelease pool.

func (NETunnelProviderManager) CalendarDomains 

func (t NETunnelProviderManager) CalendarDomains() []string

The calendar servers that the system routes connections from the Calendar app through for a per-app VPN.

Discussion

This property applies only to per-app VPNs.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderManager/calendarDomains

func (NETunnelProviderManager) ContactsDomains 

func (t NETunnelProviderManager) ContactsDomains() []string

The contacts servers that the system routes connections from the Contacts app through for a per-app VPN.

Discussion

This property applies only to per-app VPNs.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderManager/contactsDomains

func (NETunnelProviderManager) CopyAppRules 

func (t NETunnelProviderManager) CopyAppRules() []NEAppRule

Returns a copy of the app rules currently set in the configuration.

Return Value

An array of NEAppRule objects, or `nil` if the configuration doesn’t have any app rules.

Discussion

This method provides read-only access to the configuration’s app rules.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderManager/copyAppRules()

func (NETunnelProviderManager) ExcludedDomains 

func (t NETunnelProviderManager) ExcludedDomains() []string

The domains that the system excludes from a per-app VPN.

Discussion

For per-app VPNs only, the system doesn’t route network traffic to servers within these domains.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderManager/excludedDomains

func (NETunnelProviderManager) Init 

func (t NETunnelProviderManager) Init() NETunnelProviderManager

Init initializes the instance.

func (NETunnelProviderManager) MailDomains 

func (t NETunnelProviderManager) MailDomains() []string

The mail servers that the system routes connections from the Mail app through for a per-app VPN.

Discussion

This property applies only to per-app VPNs.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderManager/mailDomains

func (NETunnelProviderManager) RoutingMethod 

func (t NETunnelProviderManager) RoutingMethod() NETunnelProviderRoutingMethod

The method that the system uses to route network traffic to the tunnel.

Discussion

The default is NETunnelProviderRoutingMethod.destinationIP.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderManager/routingMethod

func (NETunnelProviderManager) SafariDomains 

func (t NETunnelProviderManager) SafariDomains() []string

The website domains that the system routes connections from the Safari app through a per-app VPN.

Discussion

For per-app VPNs only, when the user navigates in Safari to a website within one of these domains, the system routes the website traffic through the VPN.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderManager/safariDomains

func (NETunnelProviderManager) SetAppRules 

func (t NETunnelProviderManager) SetAppRules(value []NEAppRule)

func (NETunnelProviderManager) SetAssociatedDomains 

func (t NETunnelProviderManager) SetAssociatedDomains(value []string)

func (NETunnelProviderManager) SetCalendarDomains 

func (t NETunnelProviderManager) SetCalendarDomains(value []string)

func (NETunnelProviderManager) SetContactsDomains 

func (t NETunnelProviderManager) SetContactsDomains(value []string)

func (NETunnelProviderManager) SetExcludedDomains 

func (t NETunnelProviderManager) SetExcludedDomains(value []string)

func (NETunnelProviderManager) SetMailDomains 

func (t NETunnelProviderManager) SetMailDomains(value []string)

func (NETunnelProviderManager) SetSafariDomains 

func (t NETunnelProviderManager) SetSafariDomains(value []string)

type NETunnelProviderManagerClass 

type NETunnelProviderManagerClass struct {
	// contains filtered or unexported fields
}

func GetNETunnelProviderManagerClass 

func GetNETunnelProviderManagerClass() NETunnelProviderManagerClass

GetNETunnelProviderManagerClass returns the class object for NETunnelProviderManager.

func (NETunnelProviderManagerClass) Alloc 

func (nc NETunnelProviderManagerClass) Alloc() NETunnelProviderManager

Alloc allocates memory for a new instance of the class.

func (NETunnelProviderManagerClass) Class 

func (nc NETunnelProviderManagerClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

func (NETunnelProviderManagerClass) ForPerAppVPN 

func (_NETunnelProviderManagerClass NETunnelProviderManagerClass) ForPerAppVPN() NETunnelProviderManager

Returns a tunnel provider manager for managing a per-app VPN configuration.

Return Value

An object you use to configure a per-app VPN.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderManager/forPerAppVPN()

type NETunnelProviderProtocol 

type NETunnelProviderProtocol struct {
	NEVPNProtocol
}

Configuration parameters for a VPN tunnel.

Overview

NETunnelProviderProtocol objects are used to specify configuration parameters for Tunnel Provider extensions.

Accessing the tunnel configuration

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderProtocol

func NETunnelProviderProtocolFromID 

func NETunnelProviderProtocolFromID(id objc.ID) NETunnelProviderProtocol

NETunnelProviderProtocolFromID constructs a NETunnelProviderProtocol from an objc.ID.

Configuration parameters for a VPN tunnel.

func NewNETunnelProviderProtocol 

func NewNETunnelProviderProtocol() NETunnelProviderProtocol

NewNETunnelProviderProtocol creates a new NETunnelProviderProtocol instance.

func (NETunnelProviderProtocol) Autorelease 

func (t NETunnelProviderProtocol) Autorelease() NETunnelProviderProtocol

Autorelease adds the receiver to the current autorelease pool.

func (NETunnelProviderProtocol) Init 

func (t NETunnelProviderProtocol) Init() NETunnelProviderProtocol

Init initializes the instance.

func (NETunnelProviderProtocol) ProviderBundleIdentifier 

func (t NETunnelProviderProtocol) ProviderBundleIdentifier() string

A string identifying the specific Tunnel Provider extension that should be used with this configuration.

Discussion

A single app may contain multiple Tunnel Provider extensions. This property is used to specify which Tunnel Provider extension should be used with this configuration.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderProtocol/providerBundleIdentifier

func (NETunnelProviderProtocol) ProviderConfiguration 

func (t NETunnelProviderProtocol) ProviderConfiguration() foundation.INSDictionary

A dictionary containing keys and values defined by the Tunnel Provider developer.

Discussion

All of the keys and values in this dictionary must conform to the NSSecureCoding and NSCopying protocols.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderProtocol/providerConfiguration

func (NETunnelProviderProtocol) SetProviderBundleIdentifier 

func (t NETunnelProviderProtocol) SetProviderBundleIdentifier(value string)

func (NETunnelProviderProtocol) SetProviderConfiguration 

func (t NETunnelProviderProtocol) SetProviderConfiguration(value foundation.INSDictionary)

type NETunnelProviderProtocolClass 

type NETunnelProviderProtocolClass struct {
	// contains filtered or unexported fields
}

func GetNETunnelProviderProtocolClass 

func GetNETunnelProviderProtocolClass() NETunnelProviderProtocolClass

GetNETunnelProviderProtocolClass returns the class object for NETunnelProviderProtocol.

func (NETunnelProviderProtocolClass) Alloc 

func (nc NETunnelProviderProtocolClass) Alloc() NETunnelProviderProtocol

Alloc allocates memory for a new instance of the class.

func (NETunnelProviderProtocolClass) Class 

func (nc NETunnelProviderProtocolClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NETunnelProviderRoutingMethod 

type NETunnelProviderRoutingMethod int

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderRoutingMethod 

const (
	// NETunnelProviderRoutingMethodDestinationIP: Route network traffic to the tunnel based on destination IP.
	NETunnelProviderRoutingMethodDestinationIP NETunnelProviderRoutingMethod = 1
	// NETunnelProviderRoutingMethodNetworkRule: A routing method that routes traffic based on network rule objects specified by the provider.
	NETunnelProviderRoutingMethodNetworkRule NETunnelProviderRoutingMethod = 3
	// NETunnelProviderRoutingMethodSourceApplication: Route network traffic to the tunnel based on source application.
	NETunnelProviderRoutingMethodSourceApplication NETunnelProviderRoutingMethod = 2
)

func (NETunnelProviderRoutingMethod) String 

func (e NETunnelProviderRoutingMethod) String() string

type NETunnelProviderSession 

type NETunnelProviderSession struct {
	NEVPNConnection
}

An object to start and stop a tunnel connection and get its status.

Overview

NETunnelProviderSession objects control network tunnel connections provided by Tunnel Provider extensions.

NETunnelProviderSession objects are not instantiated directly. Instead, each NETunnelProviderManager object has an associated NETunnelProviderSession as a read-only property.

Controlling the tunnel connection

Communicating with the tunnel provider

  • NETunnelProviderSession.SendProviderMessageReturnErrorResponseHandler: Send a message to the Tunnel Provider extension. If the extension is not running, it should be launched to handle the message. If this method can’t start sending the message it reports an error in the `returnError` parameter. If an error occurs while sending the message or returning the result, `nil` should be sent to the response handler as notification.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderSession

func NETunnelProviderSessionFromID 

func NETunnelProviderSessionFromID(id objc.ID) NETunnelProviderSession

NETunnelProviderSessionFromID constructs a NETunnelProviderSession from an objc.ID.

An object to start and stop a tunnel connection and get its status.

func NewNETunnelProviderSession 

func NewNETunnelProviderSession() NETunnelProviderSession

NewNETunnelProviderSession creates a new NETunnelProviderSession instance.

func (NETunnelProviderSession) Autorelease 

func (t NETunnelProviderSession) Autorelease() NETunnelProviderSession

Autorelease adds the receiver to the current autorelease pool.

func (NETunnelProviderSession) Init 

func (t NETunnelProviderSession) Init() NETunnelProviderSession

Init initializes the instance.

func (NETunnelProviderSession) SendProviderMessageReturnErrorResponseHandler 

func (t NETunnelProviderSession) SendProviderMessageReturnErrorResponseHandler(messageData foundation.INSData, error_ foundation.INSError, responseHandler DataHandler) bool

Send a message to the Tunnel Provider extension. If the extension is not running, it should be launched to handle the message. If this method can’t start sending the message it reports an error in the `returnError` parameter. If an error occurs while sending the message or returning the result, `nil` should be sent to the response handler as notification.

messageData: An [NSData] object containing the message to be sent. // [NSData]: https://developer.apple.com/documentation/Foundation/NSData

responseHandler: An optional block that handles the response from the Tunnel Provider extension. Pass nil if no response is expected.

Discussion

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderSession/sendProviderMessage(_:responseHandler:)

func (NETunnelProviderSession) SendProviderMessageReturnErrorResponseHandlerSync 

func (t NETunnelProviderSession) SendProviderMessageReturnErrorResponseHandlerSync(ctx context.Context, messageData foundation.INSData, error_ foundation.INSError) (*foundation.NSData, error)

SendProviderMessageReturnErrorResponseHandlerSync is a synchronous wrapper around NETunnelProviderSession.SendProviderMessageReturnErrorResponseHandler. It blocks until the completion handler fires or the context is cancelled.

func (NETunnelProviderSession) StartTunnelWithOptionsAndReturnError 

func (t NETunnelProviderSession) StartTunnelWithOptionsAndReturnError(options foundation.INSDictionary) (bool, error)

Start the process of connecting the tunnel.

options: A dictionary containing options to be passed to the Tunnel Provider extension.

Discussion

This method returns immediately after starting the process of connecting the tunnel. In order to be notified when the tunnel is fully connected, register to observe the NEVPNStatusDidChangeNotification notification on the NETunnelProviderSession object and examine its status property when the notification is received.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderSession/startTunnel(options:)

func (NETunnelProviderSession) StopTunnel 

func (t NETunnelProviderSession) StopTunnel()

Start the process of disconnecting the tunnel.

Discussion

This method returns immediately after starting the process of disconnecting the tunnel. In order to be notified when the tunnel is fully disconnected, register to observe the NEVPNStatusDidChangeNotification notification on the NETunnelProviderSession object and examine its status property when the notification is received.

See: https://developer.apple.com/documentation/NetworkExtension/NETunnelProviderSession/stopTunnel()

type NETunnelProviderSessionClass 

type NETunnelProviderSessionClass struct {
	// contains filtered or unexported fields
}

func GetNETunnelProviderSessionClass 

func GetNETunnelProviderSessionClass() NETunnelProviderSessionClass

GetNETunnelProviderSessionClass returns the class object for NETunnelProviderSession.

func (NETunnelProviderSessionClass) Alloc 

func (nc NETunnelProviderSessionClass) Alloc() NETunnelProviderSession

Alloc allocates memory for a new instance of the class.

func (NETunnelProviderSessionClass) Class 

func (nc NETunnelProviderSessionClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEURLFilter 

type NEURLFilter struct {
	objectivec.Object
}

A class used to voluntarily validate URLs for apps that don’t use WebKit or the URL session API.

Overview

When using networking frameworks other than WebKit or Foundation’s URLSession, use the NEURLFilter API to evaluate URLs before potentially connecting to a restricted or malicious site. Call the class method verdict(for:) to check a URL and honor the “allow” or “deny” verdict. Don’t connect to any URL that receives a “deny” verdict.

See: https://developer.apple.com/documentation/NetworkExtension/NEURLFilter

func NEURLFilterFromID 

func NEURLFilterFromID(id objc.ID) NEURLFilter

NEURLFilterFromID constructs a NEURLFilter from an objc.ID.

A class used to voluntarily validate URLs for apps that don’t use WebKit or the URL session API.

func NewNEURLFilter 

func NewNEURLFilter() NEURLFilter

NewNEURLFilter creates a new NEURLFilter instance.

func (NEURLFilter) Autorelease 

func (u NEURLFilter) Autorelease() NEURLFilter

Autorelease adds the receiver to the current autorelease pool.

func (NEURLFilter) Init 

func (u NEURLFilter) Init() NEURLFilter

Init initializes the instance.

type NEURLFilterClass 

type NEURLFilterClass struct {
	// contains filtered or unexported fields
}

func GetNEURLFilterClass 

func GetNEURLFilterClass() NEURLFilterClass

GetNEURLFilterClass returns the class object for NEURLFilter.

func (NEURLFilterClass) Alloc 

func (nc NEURLFilterClass) Alloc() NEURLFilter

Alloc allocates memory for a new instance of the class.

func (NEURLFilterClass) Class 

func (nc NEURLFilterClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEURLFilterVerdict 

type NEURLFilterVerdict int

See: https://developer.apple.com/documentation/NetworkExtension/NEURLFilter/Verdict 

const (
	// NEURLFilterVerdictAllow: A verdict that indicates that accessing the URL is allowed.
	NEURLFilterVerdictAllow NEURLFilterVerdict = 2
	// NEURLFilterVerdictDeny: A verdict that indicates that accessing the URL is denied.
	NEURLFilterVerdictDeny NEURLFilterVerdict = 3
	// NEURLFilterVerdictUnknown: A verdict that indicates URL validation failed.
	NEURLFilterVerdictUnknown NEURLFilterVerdict = 1
)

func (NEURLFilterVerdict) String 

func (e NEURLFilterVerdict) String() string

type NEVPNConnection 

type NEVPNConnection struct {
	objectivec.Object
}

An object to start and stop a Personal VPN connection and get its status.

Overview

NEVPNConnection objects are not instantiated directly. Instead, each NEVPNManager object has an associated NEVPNConnection object as a read-only property.

The NEVPNConnection class provides methods for starting and stopping the VPN programmatically. The other way that the VPN can be started and stopped is through VPN On Demand. See the `onDemandRules` property in NEVPNManager and NEOnDemandRule.

Instances of this class are thread safe.

Controlling the VPN connection

Getting VPN connection status

Notifications

Handling errors

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNConnection

func NEVPNConnectionFromID 

func NEVPNConnectionFromID(id objc.ID) NEVPNConnection

NEVPNConnectionFromID constructs a NEVPNConnection from an objc.ID.

An object to start and stop a Personal VPN connection and get its status.

func NewNEVPNConnection 

func NewNEVPNConnection() NEVPNConnection

NewNEVPNConnection creates a new NEVPNConnection instance.

func (NEVPNConnection) Autorelease 

func (v NEVPNConnection) Autorelease() NEVPNConnection

Autorelease adds the receiver to the current autorelease pool.

func (NEVPNConnection) ConnectedDate 

func (v NEVPNConnection) ConnectedDate() foundation.INSDate

The date and time when the connection status changed to NEVPNStatusConnected.

Discussion

This property contains the date and time when the connection status changed to NEVPNStatusConnected after previously being set to NEVPNStatusDisconnected. This property is set to nil whenever the status changes to NEVPNStatusDisconnected.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNConnection/connectedDate

func (NEVPNConnection) FetchLastDisconnectError 

func (v NEVPNConnection) FetchLastDisconnectError(ctx context.Context) error

FetchLastDisconnectError is a synchronous wrapper around NEVPNConnection.FetchLastDisconnectErrorWithCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEVPNConnection) FetchLastDisconnectErrorWithCompletionHandler 

func (v NEVPNConnection) FetchLastDisconnectErrorWithCompletionHandler(handler ErrorHandler)

Retrives the most recent error that caused the VPN to disconnect.

handler: An error handler that receives the last disconnect error as a parameter.

Discussion

If VPN system (including the IPsec client) generated the error, then the error uses the NEVPNConnectionErrorDomain error domain. If the error came from a tunnel provider app extension instead, then the error is the NSError that the provider passed when disconnecting the tunnel.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNConnection/fetchLastDisconnectError(completionHandler:)

func (NEVPNConnection) Init 

func (v NEVPNConnection) Init() NEVPNConnection

Init initializes the instance.

func (NEVPNConnection) Manager 

func (v NEVPNConnection) Manager() INEVPNManager

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNConnection/manager

func (NEVPNConnection) NEVPNConnectionErrorDomain 

func (v NEVPNConnection) NEVPNConnectionErrorDomain() string

The domain for errors resulting from VPN connection calls.

See: https://developer.apple.com/documentation/networkextension/nevpnconnectionerrordomain

func (NEVPNConnection) NEVPNConnectionStartOptionPassword 

func (v NEVPNConnection) NEVPNConnectionStartOptionPassword() string

See: https://developer.apple.com/documentation/networkextension/nevpnconnectionstartoptionpassword

func (NEVPNConnection) NEVPNConnectionStartOptionUsername 

func (v NEVPNConnection) NEVPNConnectionStartOptionUsername() string

See: https://developer.apple.com/documentation/networkextension/nevpnconnectionstartoptionusername

func (NEVPNConnection) NEVPNStatusDidChange 

func (v NEVPNConnection) NEVPNStatusDidChange() foundation.NSString

Posted when the status of the VPN connection changes.

See: https://developer.apple.com/documentation/Foundation/NSNotification/Name-swift.struct/NEVPNStatusDidChange

func (NEVPNConnection) StartVPNTunnelAndReturnError 

func (v NEVPNConnection) StartVPNTunnelAndReturnError() (bool, error)

Start the process of connecting the VPN.

Discussion

This method returns immediately after starting the process of connecting the VPN. In order to be notified when the VPN is fully connected, register to observe the NEVPNStatusDidChangeNotification notification on the NEVPNConnection object, and examine the status property when the notification is received.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNConnection/startVPNTunnel()

func (NEVPNConnection) StartVPNTunnelWithOptionsAndReturnError 

func (v NEVPNConnection) StartVPNTunnelWithOptionsAndReturnError(options foundation.INSDictionary) (bool, error)

Start the process of connecting the VPN.

options: An [NSDictionary] that will be passed to the tunnel provider during the process of starting the tunnel. See Constants, below.

Discussion

This method returns immediately after starting the process of connecting the VPN. In order to be notified when the VPN is fully connected, register to observe the NEVPNStatusDidChangeNotification notification on the NEVPNConnection object, and examine the status property when the notification is received.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNConnection/startVPNTunnel(options:)

func (NEVPNConnection) Status 

func (v NEVPNConnection) Status() NEVPNStatus

The current status of the VPN connection.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNConnection/status

func (NEVPNConnection) StopVPNTunnel 

func (v NEVPNConnection) StopVPNTunnel()

Start the process of disconnecting the VPN.

Discussion

This method returns immediately after starting the process of disconnecting the VPN. In order to be notified when the VPN is fully disconnected, register to observe the NEVPNStatusDidChangeNotification notification on the NEVPNConnection object and examine the status property when the notification is received.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNConnection/stopVPNTunnel()

type NEVPNConnectionClass 

type NEVPNConnectionClass struct {
	// contains filtered or unexported fields
}

func GetNEVPNConnectionClass 

func GetNEVPNConnectionClass() NEVPNConnectionClass

GetNEVPNConnectionClass returns the class object for NEVPNConnection.

func (NEVPNConnectionClass) Alloc 

func (nc NEVPNConnectionClass) Alloc() NEVPNConnection

Alloc allocates memory for a new instance of the class.

func (NEVPNConnectionClass) Class 

func (nc NEVPNConnectionClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEVPNConnectionError 

type NEVPNConnectionError int

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNConnectionError 

const (
	// NEVPNConnectionErrorAuthenticationFailed: An error code that indicates the VPN connection failed because the VPN server rejected the user credentials.
	NEVPNConnectionErrorAuthenticationFailed NEVPNConnectionError = 8
	// NEVPNConnectionErrorClientCertificateExpired: An error code that indicates the client certfiicate’s validity period has passed.
	NEVPNConnectionErrorClientCertificateExpired NEVPNConnectionError = 11
	// NEVPNConnectionErrorClientCertificateInvalid: An error code that indicates the client certfiicate is invalid.
	NEVPNConnectionErrorClientCertificateInvalid NEVPNConnectionError = 9
	// NEVPNConnectionErrorClientCertificateNotYetValid: An error code that indicates the client certfiicate won’t be valid until some time in the future.
	NEVPNConnectionErrorClientCertificateNotYetValid NEVPNConnectionError = 10
	// NEVPNConnectionErrorConfigurationFailed: An error code that indicates the VPN connection failed because the configuration is invalid.
	NEVPNConnectionErrorConfigurationFailed NEVPNConnectionError = 4
	// NEVPNConnectionErrorConfigurationNotFound: An error code that indicates the VPN connection failed because the system couldn’t find a configuration.
	NEVPNConnectionErrorConfigurationNotFound NEVPNConnectionError = 13
	// NEVPNConnectionErrorNegotiationFailed: An error code that indicates the VPN connection failed because the negotiation failed.
	NEVPNConnectionErrorNegotiationFailed NEVPNConnectionError = 15
	// NEVPNConnectionErrorNoNetworkAvailable: An error code that indicates the VPN connection failed because the system isn’t connected to a network.
	NEVPNConnectionErrorNoNetworkAvailable NEVPNConnectionError = 2
	// NEVPNConnectionErrorOverslept: An error code that indicates the system slept for an extended period of time, causing the VPN connection to terminate.
	NEVPNConnectionErrorOverslept NEVPNConnectionError = 1
	// NEVPNConnectionErrorPluginDisabled: An error code that indicates the VPN plugin isn’t available or needs an update.
	NEVPNConnectionErrorPluginDisabled NEVPNConnectionError = 14
	// NEVPNConnectionErrorPluginFailed: An error code that indicates the VPN plugin failed unexpectedly.
	NEVPNConnectionErrorPluginFailed NEVPNConnectionError = 12
	// NEVPNConnectionErrorServerAddressResolutionFailed: An error code that indicates the VPN connection failed because the system couldn’t determine the VPN server address.
	NEVPNConnectionErrorServerAddressResolutionFailed NEVPNConnectionError = 5
	// NEVPNConnectionErrorServerCertificateExpired: An error code that indicates the server certfiicate’s validity period has passed.
	NEVPNConnectionErrorServerCertificateExpired NEVPNConnectionError = 19
	// NEVPNConnectionErrorServerCertificateInvalid: An error code that indicates the server certfiicate is invalid.
	NEVPNConnectionErrorServerCertificateInvalid NEVPNConnectionError = 17
	// NEVPNConnectionErrorServerCertificateNotYetValid: An error code that indicates the server certfiicate won’t be valid until some time in the future.
	NEVPNConnectionErrorServerCertificateNotYetValid NEVPNConnectionError = 18
	// NEVPNConnectionErrorServerDead: An error code that indicates the VPN connection failed because the VPN server has stopped responding.
	NEVPNConnectionErrorServerDead NEVPNConnectionError = 7
	// NEVPNConnectionErrorServerDisconnected: An error code that indicates the VPN connection failed because the VPN server terminated the connection.
	NEVPNConnectionErrorServerDisconnected NEVPNConnectionError = 16
	// NEVPNConnectionErrorServerNotResponding: An error code that indicates the VPN connection failed because the VPN server isn’t responding.
	NEVPNConnectionErrorServerNotResponding NEVPNConnectionError = 6
	// NEVPNConnectionErrorUnrecoverableNetworkChange: An error code that indicates network conditions changed such that the VPN connection needed to terminate.
	NEVPNConnectionErrorUnrecoverableNetworkChange NEVPNConnectionError = 3
)

func (NEVPNConnectionError) String 

func (e NEVPNConnectionError) String() string

type NEVPNError 

type NEVPNError int

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNError-swift.struct/Code 

const (
	// NEVPNErrorConfigurationDisabled: An error code indicating the VPN configuration associated with the VPN manager isn’t enabled.
	NEVPNErrorConfigurationDisabled NEVPNError = 2
	// NEVPNErrorConfigurationInvalid: An error code indicating the VPN configuration associated with the VPN manager object is invalid.
	NEVPNErrorConfigurationInvalid NEVPNError = 1
	// NEVPNErrorConfigurationReadWriteFailed: An error code that indicates an error occurred while reading or writing the Network Extension preferences.
	NEVPNErrorConfigurationReadWriteFailed NEVPNError = 5
	// NEVPNErrorConfigurationStale: An error code that indicates another process modfied the VPN configuration since the last time the app loaded the configuration.
	NEVPNErrorConfigurationStale NEVPNError = 4
	// NEVPNErrorConfigurationUnknown: An error code that indicates that unspecified error occurred.
	NEVPNErrorConfigurationUnknown NEVPNError = 6
	// NEVPNErrorConnectionFailed: The connection to the VPN server failed.
	NEVPNErrorConnectionFailed NEVPNError = 3
)

func (NEVPNError) String 

func (e NEVPNError) String() string

type NEVPNIKEAuthenticationMethod 

type NEVPNIKEAuthenticationMethod int

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEAuthenticationMethod 

const (
	// NEVPNIKEAuthenticationMethodCertificate: Use a certificate and private key as the authentication credential.
	NEVPNIKEAuthenticationMethodCertificate NEVPNIKEAuthenticationMethod = 1
	// NEVPNIKEAuthenticationMethodNone: Do not authenticate with the IPSec server.
	NEVPNIKEAuthenticationMethodNone NEVPNIKEAuthenticationMethod = 0
	// NEVPNIKEAuthenticationMethodSharedSecret: Use a shared secret as the authentication credential.
	NEVPNIKEAuthenticationMethodSharedSecret NEVPNIKEAuthenticationMethod = 2
)

func (NEVPNIKEAuthenticationMethod) String 

func (e NEVPNIKEAuthenticationMethod) String() string

type NEVPNIKEv2CertificateType 

type NEVPNIKEv2CertificateType int

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEv2CertificateType 

const (
	// NEVPNIKEv2CertificateTypeECDSA256: The ECDSA with p-256 curve certificate type.
	NEVPNIKEv2CertificateTypeECDSA256 NEVPNIKEv2CertificateType = 2
	// NEVPNIKEv2CertificateTypeECDSA384: The ECDSA with p-384 curve certificate type.
	NEVPNIKEv2CertificateTypeECDSA384 NEVPNIKEv2CertificateType = 3
	// NEVPNIKEv2CertificateTypeECDSA521: The ECDSA with p-521 curve certificate type.
	NEVPNIKEv2CertificateTypeECDSA521 NEVPNIKEv2CertificateType = 4
	// NEVPNIKEv2CertificateTypeEd25519: The Edwards 25519 curve certificate type.
	NEVPNIKEv2CertificateTypeEd25519 NEVPNIKEv2CertificateType = 5
	// NEVPNIKEv2CertificateTypeRSA: The RSA certificate type.
	NEVPNIKEv2CertificateTypeRSA NEVPNIKEv2CertificateType = 1
	// NEVPNIKEv2CertificateTypeRSAPSS: The RSA-PSS certificate type.
	NEVPNIKEv2CertificateTypeRSAPSS NEVPNIKEv2CertificateType = 6
)

func (NEVPNIKEv2CertificateType) String 

func (e NEVPNIKEv2CertificateType) String() string

type NEVPNIKEv2DeadPeerDetectionRate 

type NEVPNIKEv2DeadPeerDetectionRate int

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEv2DeadPeerDetectionRate 

const (
	// NEVPNIKEv2DeadPeerDetectionRateHigh: Run dead peer detection once every 1 minute.
	NEVPNIKEv2DeadPeerDetectionRateHigh NEVPNIKEv2DeadPeerDetectionRate = 3
	// NEVPNIKEv2DeadPeerDetectionRateLow: Run dead peer detection once every 30 minutes.
	NEVPNIKEv2DeadPeerDetectionRateLow NEVPNIKEv2DeadPeerDetectionRate = 1
	// NEVPNIKEv2DeadPeerDetectionRateMedium: Run dead peer detection once every 10 minutes.
	NEVPNIKEv2DeadPeerDetectionRateMedium NEVPNIKEv2DeadPeerDetectionRate = 2
	// NEVPNIKEv2DeadPeerDetectionRateNone: Do not perform dead peer detection.
	NEVPNIKEv2DeadPeerDetectionRateNone NEVPNIKEv2DeadPeerDetectionRate = 0
)

func (NEVPNIKEv2DeadPeerDetectionRate) String 

func (e NEVPNIKEv2DeadPeerDetectionRate) String() string

type NEVPNIKEv2DiffieHellmanGroup 

type NEVPNIKEv2DiffieHellmanGroup int

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEv2DiffieHellmanGroup 

const (
	// NEVPNIKEv2DiffieHellmanGroup1: Diffie Hellman group 1 (768-bit modular exponential [MODP]).
	NEVPNIKEv2DiffieHellmanGroup1 NEVPNIKEv2DiffieHellmanGroup = 1
	// NEVPNIKEv2DiffieHellmanGroup14: Diffie Hellman group 14 (2048-bit modular exponential [MODP]).
	NEVPNIKEv2DiffieHellmanGroup14 NEVPNIKEv2DiffieHellmanGroup = 14
	// NEVPNIKEv2DiffieHellmanGroup15: Diffie Hellman group 15 (3072-bit modular exponential [MODP]).
	NEVPNIKEv2DiffieHellmanGroup15 NEVPNIKEv2DiffieHellmanGroup = 15
	// NEVPNIKEv2DiffieHellmanGroup16: Diffie Hellman group 16 (4096-bit modular exponential [MODP]).
	NEVPNIKEv2DiffieHellmanGroup16 NEVPNIKEv2DiffieHellmanGroup = 16
	// NEVPNIKEv2DiffieHellmanGroup17: Diffie Hellman group 17 (6144-bit modular exponential [MODP]).
	NEVPNIKEv2DiffieHellmanGroup17 NEVPNIKEv2DiffieHellmanGroup = 17
	// NEVPNIKEv2DiffieHellmanGroup18: Diffie Hellman group 18 (8192-bit modular exponential [MODP]).
	NEVPNIKEv2DiffieHellmanGroup18 NEVPNIKEv2DiffieHellmanGroup = 18
	// NEVPNIKEv2DiffieHellmanGroup19: Diffie Hellman group 19 (256-bit random elliptic curve group over GF[P] [ECP]).
	NEVPNIKEv2DiffieHellmanGroup19 NEVPNIKEv2DiffieHellmanGroup = 19
	// NEVPNIKEv2DiffieHellmanGroup2: Diffie Hellman group 2 (1024-bit modular exponential [MODP]).
	NEVPNIKEv2DiffieHellmanGroup2 NEVPNIKEv2DiffieHellmanGroup = 2
	// NEVPNIKEv2DiffieHellmanGroup20: Diffie Hellman group 20 (384-bit random elliptic curve group over GF[P] [ECP]).
	NEVPNIKEv2DiffieHellmanGroup20 NEVPNIKEv2DiffieHellmanGroup = 20
	// NEVPNIKEv2DiffieHellmanGroup21: Diffie Hellman group 21 (521-bit random elliptic curve group over GF[P] [ECP]).
	NEVPNIKEv2DiffieHellmanGroup21 NEVPNIKEv2DiffieHellmanGroup = 21
	// NEVPNIKEv2DiffieHellmanGroup31: Diffie Hellman group 31 (Curve 25519).
	NEVPNIKEv2DiffieHellmanGroup31 NEVPNIKEv2DiffieHellmanGroup = 31
	// NEVPNIKEv2DiffieHellmanGroup32: Diffie Hellman group 32 (Curve 448).
	NEVPNIKEv2DiffieHellmanGroup32 NEVPNIKEv2DiffieHellmanGroup = 32
	// NEVPNIKEv2DiffieHellmanGroup5: Diffie Hellman group 5 (1536-bit modular exponential [MODP]).
	NEVPNIKEv2DiffieHellmanGroup5 NEVPNIKEv2DiffieHellmanGroup = 5
	// NEVPNIKEv2DiffieHellmanGroupInvalid: A value indicating the group is not a valid Diffie-Hellman group.
	NEVPNIKEv2DiffieHellmanGroupInvalid NEVPNIKEv2DiffieHellmanGroup = 0
)

func (NEVPNIKEv2DiffieHellmanGroup) String 

func (e NEVPNIKEv2DiffieHellmanGroup) String() string

type NEVPNIKEv2EncryptionAlgorithm 

type NEVPNIKEv2EncryptionAlgorithm int

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEv2EncryptionAlgorithm 

const (
	// NEVPNIKEv2EncryptionAlgorithm3DES: Triple Data Encryption Algorithm (aka 3DES)
	NEVPNIKEv2EncryptionAlgorithm3DES NEVPNIKEv2EncryptionAlgorithm = 2
	// NEVPNIKEv2EncryptionAlgorithmAES128: Advanced Encryption Standard 256-bit (AES256).
	NEVPNIKEv2EncryptionAlgorithmAES128 NEVPNIKEv2EncryptionAlgorithm = 3
	// NEVPNIKEv2EncryptionAlgorithmAES128GCM: Advanced Encryption Standard 128-bit Galois/Counter Mode (AES128GCM).
	NEVPNIKEv2EncryptionAlgorithmAES128GCM NEVPNIKEv2EncryptionAlgorithm = 5
	// NEVPNIKEv2EncryptionAlgorithmAES256: Advanced Encryption Standard 256 bit (AES256).
	NEVPNIKEv2EncryptionAlgorithmAES256 NEVPNIKEv2EncryptionAlgorithm = 4
	// NEVPNIKEv2EncryptionAlgorithmAES256GCM: Advanced Encryption Standard 256-bit Galois/Counter Mode (AES256GCM).
	NEVPNIKEv2EncryptionAlgorithmAES256GCM NEVPNIKEv2EncryptionAlgorithm = 6
	// NEVPNIKEv2EncryptionAlgorithmChaCha20Poly1305: ChaCha20 and Poly1305 (ChaCha20Poly1305).
	NEVPNIKEv2EncryptionAlgorithmChaCha20Poly1305 NEVPNIKEv2EncryptionAlgorithm = 7
	// NEVPNIKEv2EncryptionAlgorithmDES: Data Encryption Standard (DES)
	NEVPNIKEv2EncryptionAlgorithmDES NEVPNIKEv2EncryptionAlgorithm = 1
)

func (NEVPNIKEv2EncryptionAlgorithm) String 

func (e NEVPNIKEv2EncryptionAlgorithm) String() string

type NEVPNIKEv2IntegrityAlgorithm 

type NEVPNIKEv2IntegrityAlgorithm int

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEv2IntegrityAlgorithm 

const (
	// NEVPNIKEv2IntegrityAlgorithmSHA160: SHA-1 160-bit.
	NEVPNIKEv2IntegrityAlgorithmSHA160 NEVPNIKEv2IntegrityAlgorithm = 2
	// NEVPNIKEv2IntegrityAlgorithmSHA256: SHA-2 256-bit.
	NEVPNIKEv2IntegrityAlgorithmSHA256 NEVPNIKEv2IntegrityAlgorithm = 3
	// NEVPNIKEv2IntegrityAlgorithmSHA384: SHA-2 384-bit.
	NEVPNIKEv2IntegrityAlgorithmSHA384 NEVPNIKEv2IntegrityAlgorithm = 4
	// NEVPNIKEv2IntegrityAlgorithmSHA512: SHA-2 512-bit.
	NEVPNIKEv2IntegrityAlgorithmSHA512 NEVPNIKEv2IntegrityAlgorithm = 5
	// NEVPNIKEv2IntegrityAlgorithmSHA96: SHA-1 96-bit.
	NEVPNIKEv2IntegrityAlgorithmSHA96 NEVPNIKEv2IntegrityAlgorithm = 1
)

func (NEVPNIKEv2IntegrityAlgorithm) String 

func (e NEVPNIKEv2IntegrityAlgorithm) String() string

type NEVPNIKEv2PPKConfiguration 

type NEVPNIKEv2PPKConfiguration struct {
	objectivec.Object
}

A class that manages parameters of a post-quantum pre-shared key (PPK).

Discussion

Instances of this class are thread safe. The class conforms to RFC 8784.

Creating a PPK configuration

Accessing the configuration parameters

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEv2PPKConfiguration

func NEVPNIKEv2PPKConfigurationFromID 

func NEVPNIKEv2PPKConfigurationFromID(id objc.ID) NEVPNIKEv2PPKConfiguration

NEVPNIKEv2PPKConfigurationFromID constructs a NEVPNIKEv2PPKConfiguration from an objc.ID.

A class that manages parameters of a post-quantum pre-shared key (PPK).

func NewNEVPNIKEv2PPKConfiguration 

func NewNEVPNIKEv2PPKConfiguration() NEVPNIKEv2PPKConfiguration

NewNEVPNIKEv2PPKConfiguration creates a new NEVPNIKEv2PPKConfiguration instance.

func NewVPNIKEv2PPKConfigurationWithIdentifierKeychainReference 

func NewVPNIKEv2PPKConfigurationWithIdentifierKeychainReference(identifier string, keychainReference foundation.INSData) NEVPNIKEv2PPKConfiguration

Initializes a quantum-secure pre-shared key (PPK) configuration.

identifier: The identifier for the PPK.

keychainReference: A persistent reference to a keychain item with the class [kSecClassGenericPassword] that contains the PPK. // [kSecClassGenericPassword]: https://developer.apple.com/documentation/Security/kSecClassGenericPassword

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEv2PPKConfiguration/init(identifier:keychainReference:)

func (NEVPNIKEv2PPKConfiguration) AllowPostQuantumKeyExchangeFallback 

func (v NEVPNIKEv2PPKConfiguration) AllowPostQuantumKeyExchangeFallback() bool

A Boolean value that indicates whether servers that don’t support post-quantum key exchanges can skip them.

See: https://developer.apple.com/documentation/networkextension/nevpnprotocolikev2/allowpostquantumkeyexchangefallback

func (NEVPNIKEv2PPKConfiguration) Autorelease 

func (v NEVPNIKEv2PPKConfiguration) Autorelease() NEVPNIKEv2PPKConfiguration

Autorelease adds the receiver to the current autorelease pool.

func (NEVPNIKEv2PPKConfiguration) Identifier 

func (v NEVPNIKEv2PPKConfiguration) Identifier() string

The identifier for the PPK.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEv2PPKConfiguration/identifier

func (NEVPNIKEv2PPKConfiguration) Init 

func (v NEVPNIKEv2PPKConfiguration) Init() NEVPNIKEv2PPKConfiguration

Init initializes the instance.

func (NEVPNIKEv2PPKConfiguration) InitWithIdentifierKeychainReference 

func (v NEVPNIKEv2PPKConfiguration) InitWithIdentifierKeychainReference(identifier string, keychainReference foundation.INSData) NEVPNIKEv2PPKConfiguration

Initializes a quantum-secure pre-shared key (PPK) configuration.

identifier: The identifier for the PPK.

keychainReference: A persistent reference to a keychain item with the class [kSecClassGenericPassword] that contains the PPK. // [kSecClassGenericPassword]: https://developer.apple.com/documentation/Security/kSecClassGenericPassword

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEv2PPKConfiguration/init(identifier:keychainReference:)

func (NEVPNIKEv2PPKConfiguration) IsMandatory 

func (v NEVPNIKEv2PPKConfiguration) IsMandatory() bool

A Boolean value that indicates whether it’s mandatory for the VPN server to use this PPK.

Discussion

The default value is `true`.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEv2PPKConfiguration/isMandatory

func (NEVPNIKEv2PPKConfiguration) KeychainReference 

func (v NEVPNIKEv2PPKConfiguration) KeychainReference() foundation.INSData

A persistent reference to the key in the keychain.

Discussion

The keychain item needs to have the class kSecClassGenericPassword.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEv2PPKConfiguration/keychainReference

func (NEVPNIKEv2PPKConfiguration) PpkConfiguration 

func (v NEVPNIKEv2PPKConfiguration) PpkConfiguration() INEVPNIKEv2PPKConfiguration

The configuration for a post-quantum pre-shared key (PPK).

See: https://developer.apple.com/documentation/networkextension/nevpnprotocolikev2/ppkconfiguration

func (NEVPNIKEv2PPKConfiguration) SetAllowPostQuantumKeyExchangeFallback 

func (v NEVPNIKEv2PPKConfiguration) SetAllowPostQuantumKeyExchangeFallback(value bool)

func (NEVPNIKEv2PPKConfiguration) SetIsMandatory 

func (v NEVPNIKEv2PPKConfiguration) SetIsMandatory(value bool)

func (NEVPNIKEv2PPKConfiguration) SetPpkConfiguration 

func (v NEVPNIKEv2PPKConfiguration) SetPpkConfiguration(value INEVPNIKEv2PPKConfiguration)

type NEVPNIKEv2PPKConfigurationClass 

type NEVPNIKEv2PPKConfigurationClass struct {
	// contains filtered or unexported fields
}

func GetNEVPNIKEv2PPKConfigurationClass 

func GetNEVPNIKEv2PPKConfigurationClass() NEVPNIKEv2PPKConfigurationClass

GetNEVPNIKEv2PPKConfigurationClass returns the class object for NEVPNIKEv2PPKConfiguration.

func (NEVPNIKEv2PPKConfigurationClass) Alloc 

func (nc NEVPNIKEv2PPKConfigurationClass) Alloc() NEVPNIKEv2PPKConfiguration

Alloc allocates memory for a new instance of the class.

func (NEVPNIKEv2PPKConfigurationClass) Class 

func (nc NEVPNIKEv2PPKConfigurationClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEVPNIKEv2PostQuantumKeyExchangeMethod 

type NEVPNIKEv2PostQuantumKeyExchangeMethod int

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEv2PostQuantumKeyExchangeMethod 

const (
	// NEVPNIKEv2PostQuantumKeyExchangeMethod36: Instructs the server to use the ML-KEM-768 key exchange method.
	NEVPNIKEv2PostQuantumKeyExchangeMethod36 NEVPNIKEv2PostQuantumKeyExchangeMethod = 36
	// NEVPNIKEv2PostQuantumKeyExchangeMethod37: Instructs the server to use the ML-KEM-1024 key exchange method.
	NEVPNIKEv2PostQuantumKeyExchangeMethod37 NEVPNIKEv2PostQuantumKeyExchangeMethod = 37
	// NEVPNIKEv2PostQuantumKeyExchangeMethodNone: Instructs the server not to use a quantum-secure key exchange method.
	NEVPNIKEv2PostQuantumKeyExchangeMethodNone NEVPNIKEv2PostQuantumKeyExchangeMethod = 0
)

func (NEVPNIKEv2PostQuantumKeyExchangeMethod) String 

func (e NEVPNIKEv2PostQuantumKeyExchangeMethod) String() string

type NEVPNIKEv2SecurityAssociationParameters 

type NEVPNIKEv2SecurityAssociationParameters struct {
	objectivec.Object
}

Parameters for an IKEv2 Security Association.

IKEv2 Security Association parameters

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEv2SecurityAssociationParameters

func NEVPNIKEv2SecurityAssociationParametersFromID 

func NEVPNIKEv2SecurityAssociationParametersFromID(id objc.ID) NEVPNIKEv2SecurityAssociationParameters

NEVPNIKEv2SecurityAssociationParametersFromID constructs a NEVPNIKEv2SecurityAssociationParameters from an objc.ID.

Parameters for an IKEv2 Security Association.

func NewNEVPNIKEv2SecurityAssociationParameters 

func NewNEVPNIKEv2SecurityAssociationParameters() NEVPNIKEv2SecurityAssociationParameters

NewNEVPNIKEv2SecurityAssociationParameters creates a new NEVPNIKEv2SecurityAssociationParameters instance.

func (NEVPNIKEv2SecurityAssociationParameters) Autorelease 

func (v NEVPNIKEv2SecurityAssociationParameters) Autorelease() NEVPNIKEv2SecurityAssociationParameters

Autorelease adds the receiver to the current autorelease pool.

func (NEVPNIKEv2SecurityAssociationParameters) ChildSecurityAssociationParameters 

func (v NEVPNIKEv2SecurityAssociationParameters) ChildSecurityAssociationParameters() INEVPNIKEv2SecurityAssociationParameters

An

See: https://developer.apple.com/documentation/networkextension/nevpnprotocolikev2/childsecurityassociationparameters

func (NEVPNIKEv2SecurityAssociationParameters) DiffieHellmanGroup 

func (v NEVPNIKEv2SecurityAssociationParameters) DiffieHellmanGroup() NEVPNIKEv2DiffieHellmanGroup

The Diffie Hellman group used by the Security Association.

Discussion

The default value of this property is NEVPNIKEv2DiffieHellmanGroup.group14.

The value of this property on [ChildSecurityAssociationParameters] of NEVPNProtocolIKEv2 only takes effect if the [EnablePFS] of NEVPNProtocolIKEv2 is true (its default value is false).

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEv2SecurityAssociationParameters/diffieHellmanGroup

func (NEVPNIKEv2SecurityAssociationParameters) EncodeWithCoder 

func (v NEVPNIKEv2SecurityAssociationParameters) EncodeWithCoder(coder foundation.INSCoder)

func (NEVPNIKEv2SecurityAssociationParameters) EncryptionAlgorithm 

func (v NEVPNIKEv2SecurityAssociationParameters) EncryptionAlgorithm() NEVPNIKEv2EncryptionAlgorithm

The algorithm used by the Security Association to encrypt and decrypt data.

Discussion

The default value of this property is NEVPNIKEv2EncryptionAlgorithm.algorithmAES256, except on tvOS where the default is NEVPNIKEv2EncryptionAlgorithm.algorithmAES256GCM.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEv2SecurityAssociationParameters/encryptionAlgorithm

func (NEVPNIKEv2SecurityAssociationParameters) IkeSecurityAssociationParameters 

func (v NEVPNIKEv2SecurityAssociationParameters) IkeSecurityAssociationParameters() INEVPNIKEv2SecurityAssociationParameters

An

See: https://developer.apple.com/documentation/networkextension/nevpnprotocolikev2/ikesecurityassociationparameters

func (NEVPNIKEv2SecurityAssociationParameters) Init 

func (v NEVPNIKEv2SecurityAssociationParameters) Init() NEVPNIKEv2SecurityAssociationParameters

Init initializes the instance.

func (NEVPNIKEv2SecurityAssociationParameters) IntegrityAlgorithm 

func (v NEVPNIKEv2SecurityAssociationParameters) IntegrityAlgorithm() NEVPNIKEv2IntegrityAlgorithm

The algorithm used by the Security Association to verify the integrity of data.

Discussion

The default value of this property is NEVPNIKEv2IntegrityAlgorithm.SHA256.

The system infers its IKE psedo-random number generation algorithm based on the integrity algorithm.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEv2SecurityAssociationParameters/integrityAlgorithm

func (NEVPNIKEv2SecurityAssociationParameters) LifetimeMinutes 

func (v NEVPNIKEv2SecurityAssociationParameters) LifetimeMinutes() int32

The duration of the lifetime of the Security Association, in minutes.

Discussion

The default is 60 for IKE Security Associations, and 30 for Child Security Associations. Before the end of the lifetime is reached, IKEv2 will attempt to negotiate new keys for the Security Association in order to maintain the IKEv2 session.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEv2SecurityAssociationParameters/lifetimeMinutes

func (NEVPNIKEv2SecurityAssociationParameters) PostQuantumKeyExchangeMethods 

func (v NEVPNIKEv2SecurityAssociationParameters) PostQuantumKeyExchangeMethods() NEVPNIKEv2PostQuantumKeyExchangeMethod

A list of the quantum-secure key exchange methods the Security Association uses.

See: https://developer.apple.com/documentation/networkextension/nevpnikev2securityassociationparameters/postquantumkeyexchangemethods-3173s

func (NEVPNIKEv2SecurityAssociationParameters) SetChildSecurityAssociationParameters 

func (v NEVPNIKEv2SecurityAssociationParameters) SetChildSecurityAssociationParameters(value INEVPNIKEv2SecurityAssociationParameters)

func (NEVPNIKEv2SecurityAssociationParameters) SetDiffieHellmanGroup 

func (v NEVPNIKEv2SecurityAssociationParameters) SetDiffieHellmanGroup(value NEVPNIKEv2DiffieHellmanGroup)

func (NEVPNIKEv2SecurityAssociationParameters) SetEncryptionAlgorithm 

func (v NEVPNIKEv2SecurityAssociationParameters) SetEncryptionAlgorithm(value NEVPNIKEv2EncryptionAlgorithm)

func (NEVPNIKEv2SecurityAssociationParameters) SetIkeSecurityAssociationParameters 

func (v NEVPNIKEv2SecurityAssociationParameters) SetIkeSecurityAssociationParameters(value INEVPNIKEv2SecurityAssociationParameters)

func (NEVPNIKEv2SecurityAssociationParameters) SetIntegrityAlgorithm 

func (v NEVPNIKEv2SecurityAssociationParameters) SetIntegrityAlgorithm(value NEVPNIKEv2IntegrityAlgorithm)

func (NEVPNIKEv2SecurityAssociationParameters) SetLifetimeMinutes 

func (v NEVPNIKEv2SecurityAssociationParameters) SetLifetimeMinutes(value int32)

func (NEVPNIKEv2SecurityAssociationParameters) SetPostQuantumKeyExchangeMethods 

func (v NEVPNIKEv2SecurityAssociationParameters) SetPostQuantumKeyExchangeMethods(value NEVPNIKEv2PostQuantumKeyExchangeMethod)

type NEVPNIKEv2SecurityAssociationParametersClass 

type NEVPNIKEv2SecurityAssociationParametersClass struct {
	// contains filtered or unexported fields
}

func GetNEVPNIKEv2SecurityAssociationParametersClass 

func GetNEVPNIKEv2SecurityAssociationParametersClass() NEVPNIKEv2SecurityAssociationParametersClass

GetNEVPNIKEv2SecurityAssociationParametersClass returns the class object for NEVPNIKEv2SecurityAssociationParameters.

func (NEVPNIKEv2SecurityAssociationParametersClass) Alloc 

func (nc NEVPNIKEv2SecurityAssociationParametersClass) Alloc() NEVPNIKEv2SecurityAssociationParameters

Alloc allocates memory for a new instance of the class.

func (NEVPNIKEv2SecurityAssociationParametersClass) Class 

func (nc NEVPNIKEv2SecurityAssociationParametersClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEVPNIKEv2TLSVersion 

type NEVPNIKEv2TLSVersion int

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNIKEv2TLSVersion 

const (
	// NEVPNIKEv2TLSVersion1_0: A value to use TLS version 1.0.
	NEVPNIKEv2TLSVersion1_0 NEVPNIKEv2TLSVersion = 1
	// NEVPNIKEv2TLSVersion1_1: A value to use TLS version 1.1.
	NEVPNIKEv2TLSVersion1_1 NEVPNIKEv2TLSVersion = 2
	// NEVPNIKEv2TLSVersion1_2: A value to use TLS version 1.2.
	NEVPNIKEv2TLSVersion1_2 NEVPNIKEv2TLSVersion = 3
	// NEVPNIKEv2TLSVersionDefault: A value to use the default TLS configuration.
	NEVPNIKEv2TLSVersionDefault NEVPNIKEv2TLSVersion = 0
)

func (NEVPNIKEv2TLSVersion) String 

func (e NEVPNIKEv2TLSVersion) String() string

type NEVPNManager 

type NEVPNManager struct {
	objectivec.Object
}

An object to create and manage a Personal VPN configuration.

Overview

The NEVPNManager API gives apps the ability to create and manage a Personal VPN configuration on iOS and macOS. Personal VPN configurations are typically used to provide a service to users that protects their Internet browsing activity on insecure networks such as public Wi-Fi networks.

Managing VPN configurations

Accessing VPN configuration properties

Connecting and disconnecting VPN

  • NEVPNManager.Connection: An NEVPNConnection(<doc://com.apple.networkextension/documentation/NetworkExtension/NEVPNConnection>) object that is used to control the VPN tunnel specified by the VPN configuration.

Errors

Notifications

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNManager

func NEVPNManagerFromID 

func NEVPNManagerFromID(id objc.ID) NEVPNManager

NEVPNManagerFromID constructs a NEVPNManager from an objc.ID.

An object to create and manage a Personal VPN configuration.

func NewNEVPNManager 

func NewNEVPNManager() NEVPNManager

NewNEVPNManager creates a new NEVPNManager instance.

func (NEVPNManager) Autorelease 

func (v NEVPNManager) Autorelease() NEVPNManager

Autorelease adds the receiver to the current autorelease pool.

func (NEVPNManager) Connection 

func (v NEVPNManager) Connection() INEVPNConnection

An NEVPNConnection object that is used to control the VPN tunnel specified by the VPN configuration.

Discussion

The connection object is used to manually start and stop the VPN tunnel, and introspect the current status of the VPN tunnel. If the VPN configuration does not exist in the Network Extension preferences then the connection’s status is set to NEVPNStatusInvalid.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNManager/connection

func (NEVPNManager) Enabled 

func (v NEVPNManager) Enabled() bool

A Boolean used to toggle the enabled state of the VPN configuration.

Discussion

A VPN configuration must be enabled before it can be used to bring up a VPN tunnel. Only one Personal VPN configuration can be enabled simultaneously on the system. If another Personal VPN configuration is enabled, then this property will be automatically set to false in the Network Extension preferences. Note that you will need to re-load the VPN configuration from the preferences in order to see the change in value. You can register with NotificationCenter to observe the NEVPNConfigurationChangeNotification notification for the NEVPNManager object so that your code can detect when the VPN configuration has been disabled.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNManager/isEnabled

func (NEVPNManager) Init 

func (v NEVPNManager) Init() NEVPNManager

Init initializes the instance.

func (NEVPNManager) LoadFromPreferences 

func (v NEVPNManager) LoadFromPreferences(ctx context.Context) error

LoadFromPreferences is a synchronous wrapper around NEVPNManager.LoadFromPreferencesWithCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEVPNManager) LoadFromPreferencesWithCompletionHandler 

func (v NEVPNManager) LoadFromPreferencesWithCompletionHandler(completionHandler ErrorHandler)

Load the VPN configuration from the Network Extension preferences.

completionHandler: A block that takes an [NSError] object. This block will be executed on the caller’s main thread after the load operation is complete. If the configuration does not exist in the preferences or is loaded successfully, the error parameter will be nil. If an error occurred while loading the configuration, the error parameter will be set to an [NSError] object containing details about the error. See `NEVPN Errors` for a list of possible errors. // [NSError]: https://developer.apple.com/documentation/Foundation/NSError

Discussion

You must call this method at least once before calling “ for the first time after your app launches.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNManager/loadFromPreferences(completionHandler:)

func (NEVPNManager) LocalizedDescription 

func (v NEVPNManager) LocalizedDescription() string

A string containing the display name of the VPN configuration.

Discussion

This string is used as the display name of the VPN configuration in the system’s VPN settings UI. If this property is set to nil at the time that the configuration is created, it will be automatically set to the display name of the calling app.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNManager/localizedDescription

func (NEVPNManager) NEVPNConfigurationChange 

func (v NEVPNManager) NEVPNConfigurationChange() foundation.NSString

Posted after the VPN configuration stored in the Network Extension preferences changes.

See: https://developer.apple.com/documentation/Foundation/NSNotification/Name-swift.struct/NEVPNConfigurationChange

func (NEVPNManager) NEVPNErrorDomain 

func (v NEVPNManager) NEVPNErrorDomain() string

See: https://developer.apple.com/documentation/networkextension/nevpnerrordomain

func (NEVPNManager) OnDemandEnabled 

func (v NEVPNManager) OnDemandEnabled() bool

A Boolean used to toggle the Connect On Demand capability.

Discussion

The default value of this property is false.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNManager/isOnDemandEnabled

func (NEVPNManager) OnDemandRules 

func (v NEVPNManager) OnDemandRules() []NEOnDemandRule

An ordered list of Connect On Demand rules.

Discussion

The VPN configuration can optionally be configured to connect automatically based on a variety of criteria specified in NEOnDemandRule objects. The [OnDemandRules] property contains the current set of Connect On Demand rules for the VPN configuration. Each rule is evaluated in order, and the first rule that matches all criteria on the current network is applied.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNManager/onDemandRules

func (NEVPNManager) ProtocolConfiguration 

func (v NEVPNManager) ProtocolConfiguration() INEVPNProtocol

An NEVPNProtocol object containing the configuration settings of the VPN tunneling protocol.

Discussion

For NEVPNManager objects, this property can be set to either an NEVPNProtocolIPSec object or an NEVPNProtocolIKEv2 object.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNManager/protocolConfiguration

func (NEVPNManager) RemoveFromPreferences 

func (v NEVPNManager) RemoveFromPreferences(ctx context.Context) error

RemoveFromPreferences is a synchronous wrapper around NEVPNManager.RemoveFromPreferencesWithCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEVPNManager) RemoveFromPreferencesWithCompletionHandler 

func (v NEVPNManager) RemoveFromPreferencesWithCompletionHandler(completionHandler ErrorHandler)

Remove the VPN configuration from the Network Extension preferences.

completionHandler: An optional block that takes an [NSError] object. If specified, this block will be executed on the caller’s main thread after the removal operation is complete. If the configuration does not exist or an error occurs while removing it, the error parameter will be set to an [NSError] object containing details about the error. See `NEVPN Errors` for a list of possible errors. If the configuration is removed successfully then the error parameter will be set to nil. // [NSError]: https://developer.apple.com/documentation/Foundation/NSError

Discussion

After the configuration is removed from the preferences the NEVPNManager object will still contain the configuration parameters. Calling [LoadFromPreferencesWithCompletionHandler]: will clear out the configuration parameters from the NEVPNManager object.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNManager/removeFromPreferences(completionHandler:)

func (NEVPNManager) SaveToPreferences 

func (v NEVPNManager) SaveToPreferences(ctx context.Context) error

SaveToPreferences is a synchronous wrapper around NEVPNManager.SaveToPreferencesWithCompletionHandler. It blocks until the completion handler fires or the context is cancelled.

func (NEVPNManager) SaveToPreferencesWithCompletionHandler 

func (v NEVPNManager) SaveToPreferencesWithCompletionHandler(completionHandler ErrorHandler)

Save the VPN configuration in the Network Extension preferences.

completionHandler: An optional block that takes an [NSError] object. If specified, this block will be executed on the caller’s main thread after the save operation is complete. If the configuration could not be saved to the preferences, the error parameter will be set to an [NSError] object containing details about the error. See `NEVPN Errors` for a list of possible errors. If the configuration is saved successfully then the error parameter will be set to nil. // [NSError]: https://developer.apple.com/documentation/Foundation/NSError

Discussion

You must call [LoadFromPreferencesWithCompletionHandler]: at least once before calling this method the first time after your app launches.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNManager/saveToPreferences(completionHandler:)

func (NEVPNManager) SetAuthorization 

func (v NEVPNManager) SetAuthorization(authorization objectivec.IObject)

authorization is a [systemconfiguration.AuthorizationRef].

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNManager/setAuthorization(_:) authorization is a [systemconfiguration.AuthorizationRef].

func (NEVPNManager) SetEnabled 

func (v NEVPNManager) SetEnabled(value bool)

func (NEVPNManager) SetLocalizedDescription 

func (v NEVPNManager) SetLocalizedDescription(value string)

func (NEVPNManager) SetOnDemandEnabled 

func (v NEVPNManager) SetOnDemandEnabled(value bool)

func (NEVPNManager) SetOnDemandRules 

func (v NEVPNManager) SetOnDemandRules(value []NEOnDemandRule)

func (NEVPNManager) SetProtocolConfiguration 

func (v NEVPNManager) SetProtocolConfiguration(value INEVPNProtocol)

type NEVPNManagerClass 

type NEVPNManagerClass struct {
	// contains filtered or unexported fields
}

func GetNEVPNManagerClass 

func GetNEVPNManagerClass() NEVPNManagerClass

GetNEVPNManagerClass returns the class object for NEVPNManager.

func (NEVPNManagerClass) Alloc 

func (nc NEVPNManagerClass) Alloc() NEVPNManager

Alloc allocates memory for a new instance of the class.

func (NEVPNManagerClass) Class 

func (nc NEVPNManagerClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

func (NEVPNManagerClass) SharedManager 

func (_NEVPNManagerClass NEVPNManagerClass) SharedManager() NEVPNManager

Access the single instance of NEVPNManager.

Return Value

The NEVPNManager instance for the calling application.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNManager/shared()

type NEVPNProtocol 

type NEVPNProtocol struct {
	objectivec.Object
}

Settings common to both IKEv2 and IPsec VPN configurations.

Overview

The NEVPNProtocol class is an abstract base class with one subclass for each type of supported VPN configuration. This class provides properties for configuring the VPN, authenticating network connections, and routing network traffic. You can include all network traffic, with some exceptions, and selectively exclude types of network traffic.

Instances of this class are thread-safe.

Configuring the VPN

Authenticating the user

Routing network traffic

Instance Properties

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocol

func NEVPNProtocolFromID 

func NEVPNProtocolFromID(id objc.ID) NEVPNProtocol

NEVPNProtocolFromID constructs a NEVPNProtocol from an objc.ID.

Settings common to both IKEv2 and IPsec VPN configurations.

func NewNEVPNProtocol 

func NewNEVPNProtocol() NEVPNProtocol

NewNEVPNProtocol creates a new NEVPNProtocol instance.

func (NEVPNProtocol) Autorelease 

func (v NEVPNProtocol) Autorelease() NEVPNProtocol

Autorelease adds the receiver to the current autorelease pool.

func (NEVPNProtocol) DisconnectOnSleep 

func (v NEVPNProtocol) DisconnectOnSleep() bool

A Boolean value that indicates whether the VPN disconnects when the device sleeps.

Discussion

The default value of this property is false.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocol/disconnectOnSleep

func (NEVPNProtocol) EncodeWithCoder 

func (v NEVPNProtocol) EncodeWithCoder(coder foundation.INSCoder)

func (NEVPNProtocol) EnforceRoutes 

func (v NEVPNProtocol) EnforceRoutes() bool

A Boolean value that indicates whether route rules for the tunnel take precedence over any locally defined routes.

Discussion

If this property is true when the [IncludeAllNetworks] property is false, the system scopes the included routes to the VPN and the excluded routes to the current primary network interface. This property supersedes the system routing table and scoping operations by apps.

If you set both the [EnforceRoutes] and [ExcludeLocalNetworks] properties to true, the system excludes network connections to hosts on the local network.

NETransparentProxyManager doesn’t support this property. The default value for this property is false.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocol/enforceRoutes

func (NEVPNProtocol) ExcludeAPNs 

func (v NEVPNProtocol) ExcludeAPNs() bool

A Boolean value that indicates whether the system excludes all APNs network traffic from the tunnel.

Discussion

If this property is true, the system excludes Apple Push Notification services (APNs) traffic, but only when the [IncludeAllNetworks] property is also true. NETransparentProxyManager doesn’t support this property.

The default value for this property is true.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocol/excludeAPNs

func (NEVPNProtocol) ExcludeCellularServices 

func (v NEVPNProtocol) ExcludeCellularServices() bool

A Boolean value that indicates whether the system excludes all cellular services network traffic from the tunnel.

Discussion

If this property is true, the system excludes cellular services — such as Wi-Fi Calling, MMS, SMS, and Visual Voicemail — but only when the [IncludeAllNetworks] property is also true. This property doesn’t impact services that use the cellular network only — such as VoLTE — which the system automatically excludes. NETransparentProxyManager doesn’t support this property.

The default value for this property is true.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocol/excludeCellularServices

func (NEVPNProtocol) ExcludeDeviceCommunication 

func (v NEVPNProtocol) ExcludeDeviceCommunication() bool

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocol/excludeDeviceCommunication

func (NEVPNProtocol) ExcludeLocalNetworks 

func (v NEVPNProtocol) ExcludeLocalNetworks() bool

A Boolean value that indicates whether the system excludes all traffic destined for local networks from the tunnel.

Discussion

If this property is true, the system excludes network connections to hosts on the local network — such as AirPlay, AirDrop, and CarPlay — but only when the [IncludeAllNetworks] or [EnforceRoutes] property is also true. NETransparentProxyManager doesn’t support this property.

The default value for this property is false in macOS and true in iOS`.`

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocol/excludeLocalNetworks

func (NEVPNProtocol) IdentityData 

func (v NEVPNProtocol) IdentityData() foundation.INSData

The certificate and private key components of the tunneling protocol authentication credential, in PKCS12 format.

Discussion

In macOS, the system ignores this property for NEVPNProtocolIKEv2 and NETunnelProviderProtocol objects. On iOS, the system ignores this property for NETunnelProviderProtocol objects. In cases where the system ignores this property, set the identity using the [IdentityReference] property.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocol/identityData

func (NEVPNProtocol) IdentityDataPassword 

func (v NEVPNProtocol) IdentityDataPassword() string

The password for the PKCS12 tunneling protocol authentication credentials.

Discussion

If the PKCS12 data set in the [IdentityData] property uses a password for encryption, you must specify the password here.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocol/identityDataPassword

func (NEVPNProtocol) IdentityReference 

func (v NEVPNProtocol) IdentityReference() foundation.INSData

A persistent keychain reference to a keychain item containing the certificate and private key components of the tunneling protocol authentication credential.

Discussion

The keychain item must have the kSecClassIdentity class. In macOS, the system ignores this property for NEVPNProtocolIPSec objects. On iOS, the system ignores this property for NEVPNProtocolIPSec and NEVPNProtocolIKEv2 objects. In these cases where the system ingores this property, set the identity using the [IdentityData] property.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocol/identityReference

func (NEVPNProtocol) IncludeAllNetworks 

func (v NEVPNProtocol) IncludeAllNetworks() bool

A Boolean value that indicates whether the system sends most network traffic over the tunnel.

Discussion

If this property is true, the system routes network traffic through the tunnel except traffic for designated system services necessary for maintaining expected device functionality.

You can exclude some types of traffic using the [ExcludeAPNs], [ExcludeLocalNetworks], and [ExcludeCellularServices] properties in combination with this property. The system always excludes the following network traffic from the tunnel regardless of this property value:

- Network control plane traffic that maintains a device’s connection to the local network, such as DHCP. - Captive portal negotiation traffic that authorizes a device with a Wi-Fi hotspot. - Certain cellular services traffic that uses the cellular network only, such as VoLTE. - Traffic that communicates with a companion device, such as an Apple Watch.

NETransparentProxyManager doesn’t support this property. The default value for this property is false.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocol/includeAllNetworks

func (NEVPNProtocol) Init 

func (v NEVPNProtocol) Init() NEVPNProtocol

Init initializes the instance.

func (NEVPNProtocol) PasswordReference 

func (v NEVPNProtocol) PasswordReference() foundation.INSData

A persistent keychain reference to a keychain item containing the password component of the tunneling protocol authentication credential.

Discussion

The keychain item must have the kSecClassGenericPassword class.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocol/passwordReference

func (NEVPNProtocol) ProxySettings 

func (v NEVPNProtocol) ProxySettings() INEProxySettings

The proxy settings to use for HTTP and HTTPS connections that route through the VPN.

Discussion

While operating under an established VPN tunnel, HTTP and HTTPS connections inside the tunnel use the given proxy settings.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocol/proxySettings

func (NEVPNProtocol) ServerAddress 

func (v NEVPNProtocol) ServerAddress() string

The address of the VPN server.

Discussion

The format of the value of this property depends on the type of VPN protocol in use. For example, for IPSec the value should be a hostname or an IP address. For a custom SSL-VPN protocol the value may be a URL. The only requirement imposed by the Network Extension framework is that this property must have a non-`nil` string value for the protocol configuration to be valid.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocol/serverAddress

func (NEVPNProtocol) SetDisconnectOnSleep 

func (v NEVPNProtocol) SetDisconnectOnSleep(value bool)

func (NEVPNProtocol) SetEnforceRoutes 

func (v NEVPNProtocol) SetEnforceRoutes(value bool)

func (NEVPNProtocol) SetExcludeAPNs 

func (v NEVPNProtocol) SetExcludeAPNs(value bool)

func (NEVPNProtocol) SetExcludeCellularServices 

func (v NEVPNProtocol) SetExcludeCellularServices(value bool)

func (NEVPNProtocol) SetExcludeDeviceCommunication 

func (v NEVPNProtocol) SetExcludeDeviceCommunication(value bool)

func (NEVPNProtocol) SetExcludeLocalNetworks 

func (v NEVPNProtocol) SetExcludeLocalNetworks(value bool)

func (NEVPNProtocol) SetIdentityData 

func (v NEVPNProtocol) SetIdentityData(value foundation.INSData)

func (NEVPNProtocol) SetIdentityDataPassword 

func (v NEVPNProtocol) SetIdentityDataPassword(value string)

func (NEVPNProtocol) SetIdentityReference 

func (v NEVPNProtocol) SetIdentityReference(value foundation.INSData)

func (NEVPNProtocol) SetIncludeAllNetworks 

func (v NEVPNProtocol) SetIncludeAllNetworks(value bool)

func (NEVPNProtocol) SetPasswordReference 

func (v NEVPNProtocol) SetPasswordReference(value foundation.INSData)

func (NEVPNProtocol) SetProxySettings 

func (v NEVPNProtocol) SetProxySettings(value INEProxySettings)

func (NEVPNProtocol) SetServerAddress 

func (v NEVPNProtocol) SetServerAddress(value string)

func (NEVPNProtocol) SetUsername 

func (v NEVPNProtocol) SetUsername(value string)

func (NEVPNProtocol) Username 

func (v NEVPNProtocol) Username() string

The user name component of the tunneling protocol authentication credential.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocol/username

type NEVPNProtocolClass 

type NEVPNProtocolClass struct {
	// contains filtered or unexported fields
}

func GetNEVPNProtocolClass 

func GetNEVPNProtocolClass() NEVPNProtocolClass

GetNEVPNProtocolClass returns the class object for NEVPNProtocol.

func (NEVPNProtocolClass) Alloc 

func (nc NEVPNProtocolClass) Alloc() NEVPNProtocol

Alloc allocates memory for a new instance of the class.

func (NEVPNProtocolClass) Class 

func (nc NEVPNProtocolClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEVPNProtocolIKEv2 

type NEVPNProtocolIKEv2 struct {
	NEVPNProtocolIPSec
}

Settings for an IKEv2 VPN configuration.

Overview

Instances of this class are thread safe.

Accessing IKEv2 Security Association parameters

Accessing certificate properties

Accessing TLS version properties

Accessing other IKEv2 properties

Supporting quantum-secure cryptography

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIKEv2

func NEVPNProtocolIKEv2FromID 

func NEVPNProtocolIKEv2FromID(id objc.ID) NEVPNProtocolIKEv2

NEVPNProtocolIKEv2FromID constructs a NEVPNProtocolIKEv2 from an objc.ID.

Settings for an IKEv2 VPN configuration.

func NewNEVPNProtocolIKEv2 

func NewNEVPNProtocolIKEv2() NEVPNProtocolIKEv2

NewNEVPNProtocolIKEv2 creates a new NEVPNProtocolIKEv2 instance.

func (NEVPNProtocolIKEv2) AllowPostQuantumKeyExchangeFallback 

func (v NEVPNProtocolIKEv2) AllowPostQuantumKeyExchangeFallback() bool

A Boolean value that indicates whether servers that don’t support post-quantum key exchanges can skip them.

Discussion

This property has no effect if you don’t configure any post-quantum key exchange methods in the NEVPNIKEv2SecurityAssociationParameters. The property’s default value is `false`.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIKEv2/allowPostQuantumKeyExchangeFallback

func (NEVPNProtocolIKEv2) Autorelease 

func (v NEVPNProtocolIKEv2) Autorelease() NEVPNProtocolIKEv2

Autorelease adds the receiver to the current autorelease pool.

func (NEVPNProtocolIKEv2) CertificateType 

func (v NEVPNProtocolIKEv2) CertificateType() NEVPNIKEv2CertificateType

The type of the certificate in the identity configured in `identityReference` or `identityData`.

Discussion

The default value is NEVPNIKEv2CertificateType.RSA.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIKEv2/certificateType

func (NEVPNProtocolIKEv2) ChildSecurityAssociationParameters 

func (v NEVPNProtocolIKEv2) ChildSecurityAssociationParameters() INEVPNIKEv2SecurityAssociationParameters

An NEVPNIKEv2SecurityAssociationParameters object containing the parameters for the child IPSec security associations to be negotiated for each IKEv2 policy.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIKEv2/childSecurityAssociationParameters

func (NEVPNProtocolIKEv2) DeadPeerDetectionRate 

func (v NEVPNProtocolIKEv2) DeadPeerDetectionRate() NEVPNIKEv2DeadPeerDetectionRate

The frequency at which the IKEv2 client will run the dead peer detection algorithm.

Discussion

The IKEv2 client periodically communicates with the IKEv2 server to detect when communication with the IKEv2 server has been interrupted. This property specifies how frequently this communication takes place. The default is NEVPNIKEv2DeadPeerDetectionRate.medium.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIKEv2/deadPeerDetectionRate

func (NEVPNProtocolIKEv2) DisableMOBIKE 

func (v NEVPNProtocolIKEv2) DisableMOBIKE() bool

A Boolean indicating whether or not MOBIKE should be disabled for the IKEv2 sessions.

Discussion

The default value is false.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIKEv2/disableMOBIKE

func (NEVPNProtocolIKEv2) DisableRedirect 

func (v NEVPNProtocolIKEv2) DisableRedirect() bool

A Boolean indicating whether or not IKEv2 server redirects are disabled.

Discussion

The default value is false.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIKEv2/disableRedirect

func (NEVPNProtocolIKEv2) EnablePFS 

func (v NEVPNProtocolIKEv2) EnablePFS() bool

A Boolean indicating whether or not Perfect Forward Secrecy is enabled.

Discussion

The default value is false.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIKEv2/enablePFS

func (NEVPNProtocolIKEv2) EnableRevocationCheck 

func (v NEVPNProtocolIKEv2) EnableRevocationCheck() bool

Enable revocation checking of the IKEv2 server certificate.

Discussion

The default value is NO. If this property is set to YES, then during IKEv2 negotiation the certificate identifying the server is checked to see if it has been revoked.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIKEv2/enableRevocationCheck

func (NEVPNProtocolIKEv2) IKESecurityAssociationParameters 

func (v NEVPNProtocolIKEv2) IKESecurityAssociationParameters() INEVPNIKEv2SecurityAssociationParameters

An NEVPNIKEv2SecurityAssociationParameters object containing the parameters for the initial IKE security association to be negotiated with the IKEv2 server.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIKEv2/ikeSecurityAssociationParameters

func (NEVPNProtocolIKEv2) Init 

func (v NEVPNProtocolIKEv2) Init() NEVPNProtocolIKEv2

Init initializes the instance.

func (NEVPNProtocolIKEv2) MaximumTLSVersion 

func (v NEVPNProtocolIKEv2) MaximumTLSVersion() NEVPNIKEv2TLSVersion

The minimum TLS version to allow for EAP-TLS authentication.

Discussion

The default value of this property is NEVPNIKEv2TLSVersion.versionDefault.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIKEv2/maximumTLSVersion

func (NEVPNProtocolIKEv2) MinimumTLSVersion 

func (v NEVPNProtocolIKEv2) MinimumTLSVersion() NEVPNIKEv2TLSVersion

The minimum TLS version to allow for EAP-TLS authentication.

Discussion

The default value of this property is NEVPNIKEv2TLSVersion.versionDefault.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIKEv2/minimumTLSVersion

func (NEVPNProtocolIKEv2) Mtu 

func (v NEVPNProtocolIKEv2) Mtu() uint

The Maximum Transmission Unit (MTU) size in bytes to assign to the tunnel interface.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIKEv2/mtu

func (NEVPNProtocolIKEv2) PpkConfiguration 

func (v NEVPNProtocolIKEv2) PpkConfiguration() INEVPNIKEv2PPKConfiguration

The configuration for a post-quantum pre-shared key (PPK).

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIKEv2/ppkConfiguration

func (NEVPNProtocolIKEv2) ServerCertificateCommonName 

func (v NEVPNProtocolIKEv2) ServerCertificateCommonName() string

A string containing the value of the Subject Common Name field of the IKEv2 server’s certificate.

Discussion

This string is used to help verify the identity of the IKEv2 server.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIKEv2/serverCertificateCommonName

func (NEVPNProtocolIKEv2) ServerCertificateIssuerCommonName 

func (v NEVPNProtocolIKEv2) ServerCertificateIssuerCommonName() string

A string containing the value of the Subject Common Name field of the Certificate Authority certificate that issued the IKEv2 server’s certificate.

Discussion

This string helps verify the identity of the IKEv2 server.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIKEv2/serverCertificateIssuerCommonName

func (NEVPNProtocolIKEv2) SetAllowPostQuantumKeyExchangeFallback 

func (v NEVPNProtocolIKEv2) SetAllowPostQuantumKeyExchangeFallback(value bool)

func (NEVPNProtocolIKEv2) SetCertificateType 

func (v NEVPNProtocolIKEv2) SetCertificateType(value NEVPNIKEv2CertificateType)

func (NEVPNProtocolIKEv2) SetDeadPeerDetectionRate 

func (v NEVPNProtocolIKEv2) SetDeadPeerDetectionRate(value NEVPNIKEv2DeadPeerDetectionRate)

func (NEVPNProtocolIKEv2) SetDisableMOBIKE 

func (v NEVPNProtocolIKEv2) SetDisableMOBIKE(value bool)

func (NEVPNProtocolIKEv2) SetDisableRedirect 

func (v NEVPNProtocolIKEv2) SetDisableRedirect(value bool)

func (NEVPNProtocolIKEv2) SetEnablePFS 

func (v NEVPNProtocolIKEv2) SetEnablePFS(value bool)

func (NEVPNProtocolIKEv2) SetEnableRevocationCheck 

func (v NEVPNProtocolIKEv2) SetEnableRevocationCheck(value bool)

func (NEVPNProtocolIKEv2) SetMaximumTLSVersion 

func (v NEVPNProtocolIKEv2) SetMaximumTLSVersion(value NEVPNIKEv2TLSVersion)

func (NEVPNProtocolIKEv2) SetMinimumTLSVersion 

func (v NEVPNProtocolIKEv2) SetMinimumTLSVersion(value NEVPNIKEv2TLSVersion)

func (NEVPNProtocolIKEv2) SetMtu 

func (v NEVPNProtocolIKEv2) SetMtu(value uint)

func (NEVPNProtocolIKEv2) SetPpkConfiguration 

func (v NEVPNProtocolIKEv2) SetPpkConfiguration(value INEVPNIKEv2PPKConfiguration)

func (NEVPNProtocolIKEv2) SetServerCertificateCommonName 

func (v NEVPNProtocolIKEv2) SetServerCertificateCommonName(value string)

func (NEVPNProtocolIKEv2) SetServerCertificateIssuerCommonName 

func (v NEVPNProtocolIKEv2) SetServerCertificateIssuerCommonName(value string)

func (NEVPNProtocolIKEv2) SetStrictRevocationCheck 

func (v NEVPNProtocolIKEv2) SetStrictRevocationCheck(value bool)

func (NEVPNProtocolIKEv2) SetUseConfigurationAttributeInternalIPSubnet 

func (v NEVPNProtocolIKEv2) SetUseConfigurationAttributeInternalIPSubnet(value bool)

func (NEVPNProtocolIKEv2) StrictRevocationCheck 

func (v NEVPNProtocolIKEv2) StrictRevocationCheck() bool

Require a “not revoked” result when checking if the certificate identifying the server is revoked.

Discussion

The default value is NO. If this property is set to NO, then either a “not revoked” result from the certificate revocation server or a failure to communicate with the certificate revocation server will result in a successful revocation check. If this property is set to YES, then only a “not revoked” result from the certificate revocation server will result in a successful revocation check.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIKEv2/strictRevocationCheck

func (NEVPNProtocolIKEv2) UseConfigurationAttributeInternalIPSubnet 

func (v NEVPNProtocolIKEv2) UseConfigurationAttributeInternalIPSubnet() bool

A Boolean indicating whether or not the IKEv2 client should use the INTERNAL_IP4_SUBNET and/or INTERNAL_IP6_SUBNET attributes sent by the IKEv2 server.

Discussion

If this property is false, split tunnel configurations may still be communicated via Traffic Selectors during IKE negotiation.

Some IKEv2 servers use the INTERNAL_IP4_SUBNET and INTERNAL_IP6_SUBNET protocol message attributes to communicate split tunnel routes to IKEv2 clients. The default value of this property is false.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIKEv2/useConfigurationAttributeInternalIPSubnet

type NEVPNProtocolIKEv2Class 

type NEVPNProtocolIKEv2Class struct {
	// contains filtered or unexported fields
}

func GetNEVPNProtocolIKEv2Class 

func GetNEVPNProtocolIKEv2Class() NEVPNProtocolIKEv2Class

GetNEVPNProtocolIKEv2Class returns the class object for NEVPNProtocolIKEv2.

func (NEVPNProtocolIKEv2Class) Alloc 

func (nc NEVPNProtocolIKEv2Class) Alloc() NEVPNProtocolIKEv2

Alloc allocates memory for a new instance of the class.

func (NEVPNProtocolIKEv2Class) Class 

func (nc NEVPNProtocolIKEv2Class) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEVPNProtocolIPSec 

type NEVPNProtocolIPSec struct {
	NEVPNProtocol
}

Settings for an IPsec VPN configuration.

Overview

To configure IKE version 2 (IKEv2), use the NEVPNProtocolIKEv2 subclass. Instantiating NEVPNProtocolIPSec directly implies IKE version 1.

Accessing IPSec properties

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIPSec

func NEVPNProtocolIPSecFromID 

func NEVPNProtocolIPSecFromID(id objc.ID) NEVPNProtocolIPSec

NEVPNProtocolIPSecFromID constructs a NEVPNProtocolIPSec from an objc.ID.

Settings for an IPsec VPN configuration.

func NewNEVPNProtocolIPSec 

func NewNEVPNProtocolIPSec() NEVPNProtocolIPSec

NewNEVPNProtocolIPSec creates a new NEVPNProtocolIPSec instance.

func (NEVPNProtocolIPSec) AuthenticationMethod 

func (v NEVPNProtocolIPSec) AuthenticationMethod() NEVPNIKEAuthenticationMethod

The method used to authenticate the device with the IPSec server. For IKE version 2, when using extended authentication, this authentication method only affects how the client validates the authentication payload presented by the server.

Discussion

If this property is set to NEVPNIKEAuthenticationMethodNone, extended authentication will still be negotiated if [UseExtendedAuthentication] is set to true.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIPSec/authenticationMethod

func (NEVPNProtocolIPSec) Autorelease 

func (v NEVPNProtocolIPSec) Autorelease() NEVPNProtocolIPSec

Autorelease adds the receiver to the current autorelease pool.

func (NEVPNProtocolIPSec) Init 

func (v NEVPNProtocolIPSec) Init() NEVPNProtocolIPSec

Init initializes the instance.

func (NEVPNProtocolIPSec) LocalIdentifier 

func (v NEVPNProtocolIPSec) LocalIdentifier() string

A string identifying the iOS or macOS device for authentication purposes

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIPSec/localIdentifier

func (NEVPNProtocolIPSec) RemoteIdentifier 

func (v NEVPNProtocolIPSec) RemoteIdentifier() string

A string identifying the IPSec server for authentication purposes

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIPSec/remoteIdentifier

func (NEVPNProtocolIPSec) SetAuthenticationMethod 

func (v NEVPNProtocolIPSec) SetAuthenticationMethod(value NEVPNIKEAuthenticationMethod)

func (NEVPNProtocolIPSec) SetLocalIdentifier 

func (v NEVPNProtocolIPSec) SetLocalIdentifier(value string)

func (NEVPNProtocolIPSec) SetRemoteIdentifier 

func (v NEVPNProtocolIPSec) SetRemoteIdentifier(value string)

func (NEVPNProtocolIPSec) SetSharedSecretReference 

func (v NEVPNProtocolIPSec) SetSharedSecretReference(value foundation.INSData)

func (NEVPNProtocolIPSec) SetUseExtendedAuthentication 

func (v NEVPNProtocolIPSec) SetUseExtendedAuthentication(value bool)

func (NEVPNProtocolIPSec) SharedSecretReference 

func (v NEVPNProtocolIPSec) SharedSecretReference() foundation.INSData

A persistent keychain reference to a keychain item containing the IKE shared secret.

Discussion

The persistent keychain reference must refer to a kerychain item of class kSecClassGenericPassword

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIPSec/sharedSecretReference

func (NEVPNProtocolIPSec) UseExtendedAuthentication 

func (v NEVPNProtocolIPSec) UseExtendedAuthentication() bool

A flag indicating if extended authentication will be negotiated.

Discussion

This authentication is in addition to the IKE authentication used to authenticate the endpoints of the IKE session.

- For IKE version 1, when this flag is set X-Auth authentication will be negotiated as part of the IKE session, using the `username` and `passwordReference` properties as the credential. - For IKE version 2, when this flag is set EAP authentication will be negotiated as part of the IKE session, using the `username`, `passwordReference`, and/or `identityReference` properties as the credential depending on which EAP method the server requires.

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNProtocolIPSec/useExtendedAuthentication

type NEVPNProtocolIPSecClass 

type NEVPNProtocolIPSecClass struct {
	// contains filtered or unexported fields
}

func GetNEVPNProtocolIPSecClass 

func GetNEVPNProtocolIPSecClass() NEVPNProtocolIPSecClass

GetNEVPNProtocolIPSecClass returns the class object for NEVPNProtocolIPSec.

func (NEVPNProtocolIPSecClass) Alloc 

func (nc NEVPNProtocolIPSecClass) Alloc() NEVPNProtocolIPSec

Alloc allocates memory for a new instance of the class.

func (NEVPNProtocolIPSecClass) Class 

func (nc NEVPNProtocolIPSecClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NEVPNStatus 

type NEVPNStatus int

See: https://developer.apple.com/documentation/NetworkExtension/NEVPNStatus 

const (
	// NEVPNStatusConnected: The VPN is connected.
	NEVPNStatusConnected NEVPNStatus = 3
	// NEVPNStatusConnecting: The VPN is in the process of connecting.
	NEVPNStatusConnecting NEVPNStatus = 2
	// NEVPNStatusDisconnected: The VPN is disconnected.
	NEVPNStatusDisconnected NEVPNStatus = 1
	// NEVPNStatusDisconnecting: The VPN is in the process of disconnecting.
	NEVPNStatusDisconnecting NEVPNStatus = 5
	// NEVPNStatusInvalid: The associated VPN configuration doesn’t exist in the Network Extension preferences or isn’t enabled.
	NEVPNStatusInvalid NEVPNStatus = 0
	// NEVPNStatusReasserting: The VPN is in the process of reconnecting.
	NEVPNStatusReasserting NEVPNStatus = 4
)

func (NEVPNStatus) String 

func (e NEVPNStatus) String() string

type NWBonjourServiceEndpoint 

type NWBonjourServiceEndpoint struct {
	NWEndpoint
}

A network endpoint specified as a Bonjour service name, type, and domain.

Overview

For example, the Bonjour service `MyMusicStudio._music._tcp.Local().` has the name `"MyMusicStudio"`, the type `"_music._tcp"`, and the domain `"local"`.

Getting endpoint properties

See: https://developer.apple.com/documentation/NetworkExtension/NWBonjourServiceEndpoint

func NWBonjourServiceEndpointFromID 

func NWBonjourServiceEndpointFromID(id objc.ID) NWBonjourServiceEndpoint

NWBonjourServiceEndpointFromID constructs a NWBonjourServiceEndpoint from an objc.ID.

A network endpoint specified as a Bonjour service name, type, and domain.

func NewNWBonjourServiceEndpoint 

func NewNWBonjourServiceEndpoint() NWBonjourServiceEndpoint

NewNWBonjourServiceEndpoint creates a new NWBonjourServiceEndpoint instance.

func NewNWBonjourServiceEndpointWithNameTypeDomain 

func NewNWBonjourServiceEndpointWithNameTypeDomain(name string, type_ string, domain string) NWBonjourServiceEndpoint

Create an endpoint with a Bonjour service name, type, and domain. All fields must be specified.

name: The Bonjour service name.

type: The Bonjour service type.

domain: The Bonjour service domain.

Return Value

The new NWBonjourServiceEndpoint object.

See: https://developer.apple.com/documentation/NetworkExtension/NWBonjourServiceEndpoint/init(name:type:domain:)

func (NWBonjourServiceEndpoint) Autorelease 

func (n NWBonjourServiceEndpoint) Autorelease() NWBonjourServiceEndpoint

Autorelease adds the receiver to the current autorelease pool.

func (NWBonjourServiceEndpoint) Domain 

func (n NWBonjourServiceEndpoint) Domain() string

The endpoint’s Bonjour service domain, such as `"local"`.

See: https://developer.apple.com/documentation/NetworkExtension/NWBonjourServiceEndpoint/domain

func (NWBonjourServiceEndpoint) Init 

func (n NWBonjourServiceEndpoint) Init() NWBonjourServiceEndpoint

Init initializes the instance.

func (NWBonjourServiceEndpoint) Name 

func (n NWBonjourServiceEndpoint) Name() string

The endpoint’s Bonjour service name.

See: https://developer.apple.com/documentation/NetworkExtension/NWBonjourServiceEndpoint/name

func (NWBonjourServiceEndpoint) Type 

func (n NWBonjourServiceEndpoint) Type() string

The endpoint’s Bonjour service type.

Discussion

For example, the service type could be `"_music._tcp"`.

See: https://developer.apple.com/documentation/NetworkExtension/NWBonjourServiceEndpoint/type

type NWBonjourServiceEndpointClass 

type NWBonjourServiceEndpointClass struct {
	// contains filtered or unexported fields
}

func GetNWBonjourServiceEndpointClass 

func GetNWBonjourServiceEndpointClass() NWBonjourServiceEndpointClass

GetNWBonjourServiceEndpointClass returns the class object for NWBonjourServiceEndpoint.

func (NWBonjourServiceEndpointClass) Alloc 

func (nc NWBonjourServiceEndpointClass) Alloc() NWBonjourServiceEndpoint

Alloc allocates memory for a new instance of the class.

func (NWBonjourServiceEndpointClass) Class 

func (nc NWBonjourServiceEndpointClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NWEndpoint 

type NWEndpoint struct {
	objectivec.Object
}

An abstract base class, shared by NWHostEndpoint or NWBonjourServiceEndpoint, that represents the source or destination of a network connection.

Overview

All endpoint objects are static collections of parameters that describe a network resource. They do not directly provide any resolution services, but instead must be used with other classes to be resolved and create connections.

See: https://developer.apple.com/documentation/NetworkExtension/NWEndpoint

func NWEndpointFromID 

func NWEndpointFromID(id objc.ID) NWEndpoint

NWEndpointFromID constructs a NWEndpoint from an objc.ID.

An abstract base class, shared by NWHostEndpoint or NWBonjourServiceEndpoint, that represents the source or destination of a network connection.

func NewNWEndpoint 

func NewNWEndpoint() NWEndpoint

NewNWEndpoint creates a new NWEndpoint instance.

func (NWEndpoint) Autorelease 

func (n NWEndpoint) Autorelease() NWEndpoint

Autorelease adds the receiver to the current autorelease pool.

func (NWEndpoint) EncodeWithCoder 

func (n NWEndpoint) EncodeWithCoder(coder foundation.INSCoder)

func (NWEndpoint) Init 

func (n NWEndpoint) Init() NWEndpoint

Init initializes the instance.

type NWEndpointArray 

type NWEndpointArray = []objectivec.Object

See: https://developer.apple.com/documentation/NetworkExtension/NWEndpointArray

type NWEndpointClass 

type NWEndpointClass struct {
	// contains filtered or unexported fields
}

func GetNWEndpointClass 

func GetNWEndpointClass() NWEndpointClass

GetNWEndpointClass returns the class object for NWEndpoint.

func (NWEndpointClass) Alloc 

func (nc NWEndpointClass) Alloc() NWEndpoint

Alloc allocates memory for a new instance of the class.

func (NWEndpointClass) Class 

func (nc NWEndpointClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NWHostEndpoint 

type NWHostEndpoint struct {
	NWEndpoint
}

A network endpoint specified by DNS name (or IP address) and port.

Getting endpoint properties

See: https://developer.apple.com/documentation/NetworkExtension/NWHostEndpoint

func NWHostEndpointFromID 

func NWHostEndpointFromID(id objc.ID) NWHostEndpoint

NWHostEndpointFromID constructs a NWHostEndpoint from an objc.ID.

A network endpoint specified by DNS name (or IP address) and port.

func NewNWHostEndpoint 

func NewNWHostEndpoint() NWHostEndpoint

NewNWHostEndpoint creates a new NWHostEndpoint instance.

func NewNWHostEndpointWithHostnamePort 

func NewNWHostEndpointWithHostnamePort(hostname string, port string) NWHostEndpoint

Create a host endpoint with a hostname and port.

hostname: A string representation of the hostname or address, such as `www.ExampleXCUIElementTypeCom()` or `10.0.0.1`.

port: A string containing the port on the host, such as `80`.

Discussion

If the hostname is a domain name, such as `www.ExampleXCUIElementTypeCom()`, starting a connection to the host endpoint causes the hostname to be resolved to an address during the connection process. If the hostname is an IPv4 or IPv6 address, such as `10.0.0.1` or `:1`, starting a connection to the host endpoint will cause the address to be used directly.

See: https://developer.apple.com/documentation/NetworkExtension/NWHostEndpoint/init(hostname:port:)

func (NWHostEndpoint) Autorelease 

func (n NWHostEndpoint) Autorelease() NWHostEndpoint

Autorelease adds the receiver to the current autorelease pool.

func (NWHostEndpoint) Hostname 

func (n NWHostEndpoint) Hostname() string

The endpoint’s hostname.

See: https://developer.apple.com/documentation/NetworkExtension/NWHostEndpoint/hostname

func (NWHostEndpoint) Init 

func (n NWHostEndpoint) Init() NWHostEndpoint

Init initializes the instance.

func (NWHostEndpoint) Port 

func (n NWHostEndpoint) Port() string

The endpoint’s port, represented as a string.

Discussion

Since the port is represented as a string, it is always represented in host byte order. If converting between byte fields and strings, make sure to use host byte ordering.

See: https://developer.apple.com/documentation/NetworkExtension/NWHostEndpoint/port

type NWHostEndpointClass 

type NWHostEndpointClass struct {
	// contains filtered or unexported fields
}

func GetNWHostEndpointClass 

func GetNWHostEndpointClass() NWHostEndpointClass

GetNWHostEndpointClass returns the class object for NWHostEndpoint.

func (NWHostEndpointClass) Alloc 

func (nc NWHostEndpointClass) Alloc() NWHostEndpoint

Alloc allocates memory for a new instance of the class.

func (NWHostEndpointClass) Class 

func (nc NWHostEndpointClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NWPath 

type NWPath struct {
	objectivec.Object
}

The path made by a network connection, including information about its viability.

Overview

For example, if the path status is NWPathStatus.satisfied, then a connection attempt will be made.

When attached to a specific connection, a path takes all of the connection parameters into account. For example, if the route for a connection changes or is removed, the path will reflect that change. Note that every path is evaluated within the context of the process it is running in, and may be different across processes.

NWPath is a static object, and properties of the path will never change. To monitor changing network status, use Key-Value Observing (KVO) to watch a path property on another object. For information about KVO, see Key-Value Observing Programming Guide.

Getting network path properties

  • NWPath.Status: The evaluated status of the network path.
  • NWPath.Expensive: A Boolean that indicates whether or not the path uses an expensive interface.
  • NWPath.Constrained: A Boolean that indicates whether or not the path uses a constrained interface, such as when using low-data mode.

See: https://developer.apple.com/documentation/NetworkExtension/NWPath

func NWPathFromID 

func NWPathFromID(id objc.ID) NWPath

NWPathFromID constructs a NWPath from an objc.ID.

The path made by a network connection, including information about its viability.

func NewNWPath 

func NewNWPath() NWPath

NewNWPath creates a new NWPath instance.

func (NWPath) Autorelease 

func (n NWPath) Autorelease() NWPath

Autorelease adds the receiver to the current autorelease pool.

func (NWPath) Constrained 

func (n NWPath) Constrained() bool

A Boolean that indicates whether or not the path uses a constrained interface, such as when using low-data mode.

See: https://developer.apple.com/documentation/NetworkExtension/NWPath/isConstrained

func (NWPath) Expensive 

func (n NWPath) Expensive() bool

A Boolean that indicates whether or not the path uses an expensive interface.

Discussion

Returns YES is the path uses an interface that is considered expensive, such as when using a cellular data plan.

See: https://developer.apple.com/documentation/NetworkExtension/NWPath/isExpensive

func (NWPath) Init 

func (n NWPath) Init() NWPath

Init initializes the instance.

func (NWPath) Status 

func (n NWPath) Status() NWPathStatus

The evaluated status of the network path.

Discussion

The status of a path indicates whether or not the process is able to make connection attempts to any, or a specific, network endpoint. A satisfied status does not guarantee that a connection will be successful, but it does ensure that there is some interface over which an attempt can be made.

See: https://developer.apple.com/documentation/NetworkExtension/NWPath/status

type NWPathClass 

type NWPathClass struct {
	// contains filtered or unexported fields
}

func GetNWPathClass 

func GetNWPathClass() NWPathClass

GetNWPathClass returns the class object for NWPath.

func (NWPathClass) Alloc 

func (nc NWPathClass) Alloc() NWPath

Alloc allocates memory for a new instance of the class.

func (NWPathClass) Class 

func (nc NWPathClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NWPathStatus 

type NWPathStatus int

See: https://developer.apple.com/documentation/NetworkExtension/NWPathStatus 

const (
	// NWPathStatusInvalid: The path cannot be evaluated.
	NWPathStatusInvalid NWPathStatus = 0
	// NWPathStatusSatisfiable: The path is not currently satisfied, but may become satisfied upon a connection attempt.
	NWPathStatusSatisfiable NWPathStatus = 3
	// NWPathStatusSatisfied: The path is ready to be used for network connections.
	NWPathStatusSatisfied NWPathStatus = 1
	// NWPathStatusUnsatisfied: The path for network connections is not available, either due to lack of network connectivity or being prohibited by system policy.
	NWPathStatusUnsatisfied NWPathStatus = 2
)

func (NWPathStatus) String 

func (e NWPathStatus) String() string

type NWTCPConnection 

type NWTCPConnection struct {
	objectivec.Object
}

An object to manage a TCP connection, with or without TLS.

Monitoring the connection status

Responding to network changes

Getting connection properties

See: https://developer.apple.com/documentation/NetworkExtension/NWTCPConnection

func NWTCPConnectionFromID 

func NWTCPConnectionFromID(id objc.ID) NWTCPConnection

NWTCPConnectionFromID constructs a NWTCPConnection from an objc.ID.

An object to manage a TCP connection, with or without TLS.

func NewNWTCPConnection 

func NewNWTCPConnection() NWTCPConnection

NewNWTCPConnection creates a new NWTCPConnection instance.

func NewNWTCPConnectionWithUpgradeForConnection 

func NewNWTCPConnectionWithUpgradeForConnection(connection INWTCPConnection) NWTCPConnection

This convenience initializer can be used to create a new connection that will only be connected if there exists a better path (as determined by the system) to the remote endpoint of the original connection.

Discussion

An upgraded connection will be initialized using the same remote endpoint and set of parameters from the original connection. If the original connection becomes disconnected or cancelled, the new upgrade connection will automatically be considered better.

The caller should create an NWTCPConnection and watch for the `hasBetterPath` property. When this property is true, the caller should attempt to create a new upgrade connection, with the goal to start transferring data on the new connection path as soon as possible to reduce power and avoid expensive networks. When the new connection is successfully connected the caller can start using the new connection and cancel the original one.

See: https://developer.apple.com/documentation/NetworkExtension/NWTCPConnection/init(upgradeFor:)

func (NWTCPConnection) Autorelease 

func (n NWTCPConnection) Autorelease() NWTCPConnection

Autorelease adds the receiver to the current autorelease pool.

func (NWTCPConnection) ConnectedPath 

func (n NWTCPConnection) ConnectedPath() INWPath

The network path over which the connection was established.

Discussion

The caller can query additional properties from the NWPath object for more information. Note that this contains a snapshot of information at the time of connection establishment for this connection only. As a result, some underlying properties might change in time and might not reflect the path for other connections that might be established at different times.

See: https://developer.apple.com/documentation/NetworkExtension/NWTCPConnection/connectedPath

func (NWTCPConnection) Endpoint 

func (n NWTCPConnection) Endpoint() INWEndpoint

The destination endpoint with which this connection was created.

See: https://developer.apple.com/documentation/NetworkExtension/NWTCPConnection/endpoint

func (NWTCPConnection) Error 

func (n NWTCPConnection) Error() foundation.INSError

The connection-wide error property.

Discussion

Indicates any fatal error that occurred while processing the connection or performing data reading or writing. Use Key-Value Observing to watch this property.

See: https://developer.apple.com/documentation/NetworkExtension/NWTCPConnection/error

func (NWTCPConnection) HasBetterPath 

func (n NWTCPConnection) HasBetterPath() bool

If a connection has a better path, new connections would use a different interface.

Discussion

Evaluates to true if a new connection attempt to the remote endpoint would use a different and preferred path. If the current connection is not viable, this can be used as a hint to try again. If the current connection is still viable, this can indicate that the system or user has a preference for the newly available network path. For example, if the connection is established over a cellular data network and Wi-Fi is now available, then the connection has a better path available and this property is set to true. Use the “ initializer to create a new connection with the same parameters as the current connection. Use Key-Value Observing to watch this property.

See: https://developer.apple.com/documentation/NetworkExtension/NWTCPConnection/hasBetterPath

func (NWTCPConnection) Init 

func (n NWTCPConnection) Init() NWTCPConnection

Init initializes the instance.

func (NWTCPConnection) LocalAddress 

func (n NWTCPConnection) LocalAddress() INWEndpoint

The IP address endpoint from which the connection was established.

See: https://developer.apple.com/documentation/NetworkExtension/NWTCPConnection/localAddress

func (NWTCPConnection) RemoteAddress 

func (n NWTCPConnection) RemoteAddress() INWEndpoint

The IP address endpoint to which the connection was established.

See: https://developer.apple.com/documentation/NetworkExtension/NWTCPConnection/remoteAddress

func (NWTCPConnection) State 

func (n NWTCPConnection) State() NWTCPConnectionState

The status of the connection.

Discussion

Use Key-Value Observing (KVO) to monitor the state. Many methods, such as reading and writing on the connection, are only valid when the state is NWTCPConnectionStateConnected. For information about KVO, see Key-Value Observing Programming Guide.

See: https://developer.apple.com/documentation/NetworkExtension/NWTCPConnection/state

func (NWTCPConnection) TxtRecord 

func (n NWTCPConnection) TxtRecord() foundation.INSData

The TXT record associated with a connected Bonjour service endpoint.

Discussion

When the connection is connected to a Bonjour service endpoint, the TXT record associated with the Bonjour service is available via this property.

See: https://developer.apple.com/documentation/NetworkExtension/NWTCPConnection/txtRecord

func (NWTCPConnection) Viable 

func (n NWTCPConnection) Viable() bool

The viability of a TCP connection indicates whether or not data can be transferred.

Discussion

Evaluates to true if the connection can read and write data, false otherwise. Use Key-Value Observing to watch this property.

See: https://developer.apple.com/documentation/NetworkExtension/NWTCPConnection/isViable

type NWTCPConnectionAuthenticationDelegate 

type NWTCPConnectionAuthenticationDelegate interface {
	objectivec.IObject
}

A delegate protocol to customize the TLS authentication done by a connection.

See: https://developer.apple.com/documentation/NetworkExtension/NWTCPConnectionAuthenticationDelegate

type NWTCPConnectionAuthenticationDelegateConfig 

type NWTCPConnectionAuthenticationDelegateConfig struct {

	// Other Methods
	// ShouldEvaluateTrustForConnection — Indicate that the delegate should override the default trust evaluation for the connection.
	ShouldEvaluateTrustForConnection func(connection NWTCPConnection) bool
	// ShouldProvideIdentityForConnection — Indicate that the delegate can provide an identity for the connection authentication.
	ShouldProvideIdentityForConnection func(connection NWTCPConnection) bool
}

NWTCPConnectionAuthenticationDelegateConfig holds optional typed callbacks for NWTCPConnectionAuthenticationDelegate methods. Set non-nil fields to register the corresponding Objective-C delegate method. Methods with nil callbacks are not registered, so [NSObject.RespondsToSelector] returns false for them — matching the Objective-C delegate pattern exactly.

See Apple Documentation for protocol details.

type NWTCPConnectionAuthenticationDelegateObject 

type NWTCPConnectionAuthenticationDelegateObject struct {
	objectivec.Object
}

NWTCPConnectionAuthenticationDelegateObject wraps an existing Objective-C object that conforms to the NWTCPConnectionAuthenticationDelegate protocol.

func NWTCPConnectionAuthenticationDelegateObjectFromID 

func NWTCPConnectionAuthenticationDelegateObjectFromID(id objc.ID) NWTCPConnectionAuthenticationDelegateObject

NWTCPConnectionAuthenticationDelegateObjectFromID constructs a NWTCPConnectionAuthenticationDelegateObject from an objc.ID. The object is determined to conform to the protocol at runtime.

func NewNWTCPConnectionAuthenticationDelegate 

func NewNWTCPConnectionAuthenticationDelegate(config NWTCPConnectionAuthenticationDelegateConfig) NWTCPConnectionAuthenticationDelegateObject

NewNWTCPConnectionAuthenticationDelegate creates an Objective-C object implementing the NWTCPConnectionAuthenticationDelegate protocol.

Each call registers a unique Objective-C class containing only the methods set in config. This means [NSObject.RespondsToSelector] works correctly for optional delegate methods — only non-nil callbacks are registered.

The returned NWTCPConnectionAuthenticationDelegateObject satisfies the NWTCPConnectionAuthenticationDelegate interface and can be passed directly to SetDelegate and similar methods.

See Apple Documentation for protocol details.

func (NWTCPConnectionAuthenticationDelegateObject) BaseObject 

func (o NWTCPConnectionAuthenticationDelegateObject) BaseObject() objectivec.Object

type NWTCPConnectionClass 

type NWTCPConnectionClass struct {
	// contains filtered or unexported fields
}

func GetNWTCPConnectionClass 

func GetNWTCPConnectionClass() NWTCPConnectionClass

GetNWTCPConnectionClass returns the class object for NWTCPConnection.

func (NWTCPConnectionClass) Alloc 

func (nc NWTCPConnectionClass) Alloc() NWTCPConnection

Alloc allocates memory for a new instance of the class.

func (NWTCPConnectionClass) Class 

func (nc NWTCPConnectionClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NWTCPConnectionState 

type NWTCPConnectionState int

See: https://developer.apple.com/documentation/NetworkExtension/NWTCPConnectionState 

const (
	// NWTCPConnectionStateCancelled: The connection has been cancelled by the client calling .
	NWTCPConnectionStateCancelled NWTCPConnectionState = 5
	// NWTCPConnectionStateConnected: The connection is established.
	NWTCPConnectionStateConnected NWTCPConnectionState = 3
	// NWTCPConnectionStateConnecting: The connection is attempting to connect.
	NWTCPConnectionStateConnecting NWTCPConnectionState = 1
	// NWTCPConnectionStateDisconnected: The connection is disconnected.
	NWTCPConnectionStateDisconnected NWTCPConnectionState = 4
	// NWTCPConnectionStateInvalid: The connection is in an invalid or uninitialized state.
	NWTCPConnectionStateInvalid NWTCPConnectionState = 0
	// NWTCPConnectionStateWaiting: The connection has attempted to connect but failed.
	NWTCPConnectionStateWaiting NWTCPConnectionState = 2
)

func (NWTCPConnectionState) String 

func (e NWTCPConnectionState) String() string

type NWTLSParameters 

type NWTLSParameters struct {
	objectivec.Object
}

TLS properties for creating a connection.

Accessing TLS parameters

See: https://developer.apple.com/documentation/NetworkExtension/NWTLSParameters

func NWTLSParametersFromID 

func NWTLSParametersFromID(id objc.ID) NWTLSParameters

NWTLSParametersFromID constructs a NWTLSParameters from an objc.ID.

TLS properties for creating a connection.

func NewNWTLSParameters 

func NewNWTLSParameters() NWTLSParameters

NewNWTLSParameters creates a new NWTLSParameters instance.

func (NWTLSParameters) Autorelease 

func (n NWTLSParameters) Autorelease() NWTLSParameters

Autorelease adds the receiver to the current autorelease pool.

func (NWTLSParameters) Init 

func (n NWTLSParameters) Init() NWTLSParameters

Init initializes the instance.

func (NWTLSParameters) MaximumSSLProtocolVersion 

func (n NWTLSParameters) MaximumSSLProtocolVersion() uint

The maximum allowed [SSLProtocol] value to use when negotiating TLS.

Discussion

Values for [SSLProtocol] are defined in “. If set to a non-zero value, the SSL handshake will not accept any protocol version greater than the maximum.

See: https://developer.apple.com/documentation/NetworkExtension/NWTLSParameters/maximumSSLProtocolVersion

func (NWTLSParameters) MinimumSSLProtocolVersion 

func (n NWTLSParameters) MinimumSSLProtocolVersion() uint

The minimum allowed [SSLProtocol] value to use when negotiating TLS.

Discussion

Values for [SSLProtocol] are defined in “. If set to a non-zero value, the SSL handshake will not accept any protocol version less than the minimum.

See: https://developer.apple.com/documentation/NetworkExtension/NWTLSParameters/minimumSSLProtocolVersion

func (NWTLSParameters) SSLCipherSuites 

func (n NWTLSParameters) SSLCipherSuites() foundation.INSSet

The set of allowed cipher suites when negotiating TLS.

Discussion

Values for cipher suites are defined in “. These values should be wrapped as NSNumber objects in a set. If this property is set to `nil`, the default cipher suites will be used.

See: https://developer.apple.com/documentation/NetworkExtension/NWTLSParameters/sslCipherSuites

func (NWTLSParameters) SetMaximumSSLProtocolVersion 

func (n NWTLSParameters) SetMaximumSSLProtocolVersion(value uint)

func (NWTLSParameters) SetMinimumSSLProtocolVersion 

func (n NWTLSParameters) SetMinimumSSLProtocolVersion(value uint)

func (NWTLSParameters) SetSSLCipherSuites 

func (n NWTLSParameters) SetSSLCipherSuites(value foundation.INSSet)

func (NWTLSParameters) SetTLSSessionID 

func (n NWTLSParameters) SetTLSSessionID(value foundation.INSData)

func (NWTLSParameters) TLSSessionID 

func (n NWTLSParameters) TLSSessionID() foundation.INSData

The Session ID to use for the associated TCP connection.

Discussion

The Session ID is used for TLS session resumption.

See: https://developer.apple.com/documentation/NetworkExtension/NWTLSParameters/tlsSessionID

type NWTLSParametersClass 

type NWTLSParametersClass struct {
	// contains filtered or unexported fields
}

func GetNWTLSParametersClass 

func GetNWTLSParametersClass() NWTLSParametersClass

GetNWTLSParametersClass returns the class object for NWTLSParameters.

func (NWTLSParametersClass) Alloc 

func (nc NWTLSParametersClass) Alloc() NWTLSParameters

Alloc allocates memory for a new instance of the class.

func (NWTLSParametersClass) Class 

func (nc NWTLSParametersClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NWUDPSession 

type NWUDPSession struct {
	objectivec.Object
}

An object to manage a UDP session to a network endpoint.

Overview

Since UDP does not include a handshake with the remote endpoint as part of its protocol, it is up to the client of the UDP session to provide feedback on the viability of the current endpoint. If a session is opened to a hostname, the system will resolve that hostname into potentially several IP addresses. Once the session state is NWUDPSessionStateReady, the client should try to write and read datagrams. If there is no response from the remote endpoint, the client can try the next address that was resolved using `tryNextResolvedEndpoint`.

Monitoring the session state

Selecting remote endpoints

Transferring data

Responding to network changes

Getting session properties

  • NWUDPSession.Endpoint: The destination endpoint with which this session was created.
  • NWUDPSession.CurrentPath: The current evaluated path for the session’s [resolvedEndpoint](<doc://com.apple.networkextension/documentation/NetworkExtension/NWUDPSession/resolvedEndpoint>) property.

See: https://developer.apple.com/documentation/NetworkExtension/NWUDPSession

func NWUDPSessionFromID 

func NWUDPSessionFromID(id objc.ID) NWUDPSession

NWUDPSessionFromID constructs a NWUDPSession from an objc.ID.

An object to manage a UDP session to a network endpoint.

func NewNWUDPSession 

func NewNWUDPSession() NWUDPSession

NewNWUDPSession creates a new NWUDPSession instance.

func NewNWUDPSessionWithUpgradeForSession 

func NewNWUDPSessionWithUpgradeForSession(session INWUDPSession) NWUDPSession

This convenience initializer can be used to create a new session based on the original session’s endpoint and parameters.

Discussion

The caller should watch the `hasBetterPath` property on an existing NWUDPSession object. When `hasBetterPath` is true, the caller should call “ to create a new session, then start transferring data on the new session as soon as possible to reduce power and and avoid expensive networks. When the new session is ready, the application can start using the new session and tear down the original one.

See: https://developer.apple.com/documentation/NetworkExtension/NWUDPSession/init(upgradeFor:)

func (NWUDPSession) Autorelease 

func (n NWUDPSession) Autorelease() NWUDPSession

Autorelease adds the receiver to the current autorelease pool.

func (NWUDPSession) CurrentPath 

func (n NWUDPSession) CurrentPath() INWPath

The current evaluated path for the session’s [ResolvedEndpoint] property.

Discussion

Use Key-Value Observing (KVO) to watch for changes to this property. For information about KVO, see Key-Value Observing Programming Guide.

See: https://developer.apple.com/documentation/NetworkExtension/NWUDPSession/currentPath

func (NWUDPSession) Endpoint 

func (n NWUDPSession) Endpoint() INWEndpoint

The destination endpoint with which this session was created.

See: https://developer.apple.com/documentation/NetworkExtension/NWUDPSession/endpoint

func (NWUDPSession) HasBetterPath 

func (n NWUDPSession) HasBetterPath() bool

If a session has a better path, new session would use a different interface.

Discussion

Evaluates to true if a new session to the remote endpoint would use a different and preferred path. If the current session is not viable, this can be used as a hint to try again. If the current session is still viable, this can indicate that the system or user has a preference for the newly available network path. For example, if the session is established over a cellular data network and Wi-Fi is now available, then the session has a better path available and this property is set to true. Use the “ initializer to create a new session with the same parameters as the current session. Use Key-Value Observing to watch this property.

See: https://developer.apple.com/documentation/NetworkExtension/NWUDPSession/hasBetterPath

func (NWUDPSession) Init 

func (n NWUDPSession) Init() NWUDPSession

Init initializes the instance.

func (NWUDPSession) MaximumDatagramLength 

func (n NWUDPSession) MaximumDatagramLength() uint

The maximum size of a datagram to be written currently.

Discussion

If a datagram is written with a longer length than `maximumDatagramLength`, the datagram may be fragmented or encounter an error. Note that this value is not guaranteed to be the maximum datagram length for end-to-end communication across the network. Use Key-Value Observing to watch this property.

See: https://developer.apple.com/documentation/NetworkExtension/NWUDPSession/maximumDatagramLength

func (NWUDPSession) ResolvedEndpoint 

func (n NWUDPSession) ResolvedEndpoint() INWEndpoint

The currently targeted remote endpoint.

Discussion

Use Key-Value Observing (KVO) to watch this property.

See: https://developer.apple.com/documentation/NetworkExtension/NWUDPSession/resolvedEndpoint

func (NWUDPSession) State 

func (n NWUDPSession) State() NWUDPSessionState

The current state of the UDP session.

Discussion

Use Key-Value Observing (KVO) to monitor the state. If the state is NWUDPSessionStateReady, then the connection is eligible for reading and writing. The state will be NWUDPSessionStateFailed if the endpoint could not be resolved, or all endpoints have been rejected. For information about KVO, see Key-Value Observing Programming Guide.

See: https://developer.apple.com/documentation/NetworkExtension/NWUDPSession/state

func (NWUDPSession) Viable 

func (n NWUDPSession) Viable() bool

The viability of a UDP session represents whether or not data can be transferred.

Discussion

Evaluates to true if the session can read and write data, false otherwise. Use Key-Value Observing to watch this property.

See: https://developer.apple.com/documentation/NetworkExtension/NWUDPSession/isViable

type NWUDPSessionClass 

type NWUDPSessionClass struct {
	// contains filtered or unexported fields
}

func GetNWUDPSessionClass 

func GetNWUDPSessionClass() NWUDPSessionClass

GetNWUDPSessionClass returns the class object for NWUDPSession.

func (NWUDPSessionClass) Alloc 

func (nc NWUDPSessionClass) Alloc() NWUDPSession

Alloc allocates memory for a new instance of the class.

func (NWUDPSessionClass) Class 

func (nc NWUDPSessionClass) Class() objc.Class

Class returns the underlying Objective-C class pointer.

type NWUDPSessionState 

type NWUDPSessionState int

See: https://developer.apple.com/documentation/NetworkExtension/NWUDPSessionState 

const (
	// NWUDPSessionStateCancelled: The session has been cancelled by the client calling .
	NWUDPSessionStateCancelled NWUDPSessionState = 5
	// NWUDPSessionStateFailed: None of the currently resolved endpoints can be used at this time, either due to problems with the path or the client rejecting the endpoints.
	NWUDPSessionStateFailed NWUDPSessionState = 4
	// NWUDPSessionStateInvalid: The session is in an invalid or uninitialized state.
	NWUDPSessionStateInvalid NWUDPSessionState = 0
	// NWUDPSessionStatePreparing: The remote endpoint is being resolved.
	NWUDPSessionStatePreparing NWUDPSessionState = 2
	// NWUDPSessionStateReady: The session is ready for reading and writing data.
	NWUDPSessionStateReady NWUDPSessionState = 3
	// NWUDPSessionStateWaiting: The session is waiting for better conditions before attempting to make the session ready.
	NWUDPSessionStateWaiting NWUDPSessionState = 1
)

func (NWUDPSessionState) String 

func (e NWUDPSessionState) String() string

type SecTrustRefHandler 

type SecTrustRefHandler = func(security.SecTrustRef)

SecTrustRefHandler handles The completion handler for passing the SecTrust object to the connection.

Used by:

  • [NWTCPConnectionAuthenticationDelegate.EvaluateTrustForConnectionPeerCertificateChainCompletionHandler]

type VoidHandler 

type VoidHandler = func()

VoidHandler handles A block that must be executed when the proxy is fully stopped.

Used by:

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.