NEPacketTunnelProvider

Declaration

class NEPacketTunnelProvider

Mentioned in

• Routing your VPN network traffic

Overview

The NEPacketTunnelProvider class gives its subclasses access to a virtual network interface via the packetFlow property. Use the setTunnelNetworkSettings(_:completionHandler:) method in the Packet Tunnel Provider to specify that the following network settings be associated with the virtual interface:

• Virtual IP address

• DNS resolver configuration

• HTTP proxy configuration

• IP destination networks to be routed through the tunnel

• IP destination networks to be routed outside the tunnel

• Interface MTU

By specifying IP destination networks, the Packet Tunnel Provider can dictate what IP destinations will be routed to the virtual interface. IP packets with matching destination addresses will then be diverted to Packet Tunnel Provider and can be read using the packetFlow property. The Packet Tunnel Provider can then encapsulate the IP packets per a custom tunneling protocol and send them to a tunnel server. When the Packet Tunnel Provider decapsulates IP packets received from the tunnel server, it can use the packetFlow property to inject the packets into the networking stack.

Creating a Packet Tunnel Provider Extension

Packet Tunnel Providers run as App Extensions for the com.apple.networkextension.packet-tunnel extension point.

To create a Packet Tunnel Provider extension, first create a new App Extension target in your project.

For an example of an Xcode build target for this app extension, see the SimpleTunnel: Customized Networking Using the NetworkExtension Framework sample code project.

Once you have a Packet Tunnel Provider extension target, create a subclass of NEPacketTunnelProvider. Then, set the NSExtensionPrincipalClass key in the the extension’s Info.plist to the name of your subclass.

If it is not already, set the NSExtensionPointIdentifier key in the extension’s Info.plist to com.apple.networkextension.packet-tunnel.

Here is an example of the NSExtension dictionary in a Packet Tunnel Provider extension’s Info.plist:

<key>NSExtension</key>
<dict>
    <key>NSExtensionPointIdentifier</key>
    <string>com.apple.networkextension.packet-tunnel</string>
    <key>NSExtensionPrincipalClass</key>
    <string>MyCustomPacketTunnelProvider</string>
</dict>

Finally, add the Packet Tunnel Provider extension target to your app’s Embed App Extensions build phase.

Subclassing Notes

In order to create a Packet Tunnel Provider extension, you must create a subclass of NEPacketTunnelProvider and override the methods listed below.

Methods to Override

• startTunnel(options:completionHandler:)

• stopTunnel(with:completionHandler:)

Topics

Managing the tunnel life cycle

• startTunnel(options:completionHandler:)
• stopTunnel(with:completionHandler:)
• cancelTunnelWithError(_:)

Handling IP packets

• packetFlow

Creating network connections through the tunnel

• createTCPConnectionThroughTunnel(to:enableTLS:tlsParameters:delegate:)
• createUDPSessionThroughTunnel(to:from:)

Instance Properties

• virtualInterface

Relationships

Inherits From

• NETunnelProvider

Inherited By

• NEEthernetTunnelProvider

Conforms To

• CVarArg
• CustomDebugStringConvertible
• CustomStringConvertible
• Equatable
• Hashable
• NSObjectProtocol

See Also

Packet tunnel provider

• NETunnelProvider
• NEProvider
• NEPacketTunnelNetworkSettings
• NETunnelNetworkSettings
• NEEthernetTunnelProvider
• NEEthernetTunnelNetworkSettings