Cannot enable Network Extensions - Objective-C

So I wanted to get my hands dirty with objective-c so I decided to create a project to list all outbound traffic, after digging a little I found that I could use the Network Extension API. I created a simple command line project with xcode and tried to load this extension but for some reason I can't get it to work.

I don't have a developer license yet and I'm not sure if it has anything to do with the problem I'm facing.

This is just some test code so there are 2 free functions, one for loading the system extension and another for checking its status:

// activates the extension?
BOOL toggleNetworkExtension(NSUInteger action)
{
BOOL toggled = NO;
__block BOOL wasError = NO;
__block NEFilterProviderConfiguration* config = nil;
dispatch_semaphore_t semaphore = 0;
semaphore = dispatch_semaphore_create(0);
NSLog(@"toggling the network extension");
[NEFilterManager.sharedManager loadFromPreferencesWithCompletionHandler:^(NSError * _Nullable error) {
if(nil != error)
{
wasError = YES;
NSLog(@"loadFromPreferencesWithCompletionHandler error");
}
dispatch_semaphore_******(semaphore);
}];
NSLog(@"waiting for the network extension configuration...");
if(YES == wasError) goto fail;
NSLog(@"loaded current filter configuration for the network extension");
if(1 == action)
{
NSLog(@"activating network extension...") ;
if(nil == NEFilterManager.sharedManager.providerConfiguration)
{
config = [[NEFilterProviderConfiguration alloc] init];
config.filterPackets = NO;
config.filterSockets = YES;
NEFilterManager.sharedManager.providerConfiguration = config;
}
NEFilterManager.sharedManager.enabled = YES;
}
else
{
NSLog(@"deactivating the network extension...");
NEFilterManager.sharedManager.enabled = NO;
}
{ [NEFilterManager.sharedManager saveToPreferencesWithCompletionHandler:^(NSError * _Nullable error) {
if(nil != error)
{
wasError = YES;
NSLog(@"saveToPreferencesWithCompletionHandler error!");
}
dispatch_semaphore_******(semaphore);
}]; }
NSLog(@"waiting for network extension configuration to save...");
if(YES == wasError) goto fail;
NSLog(@"saved current filter configuration for the network extension");
toggled = YES;
fail:
return toggled;
}

Then there's this function to check if the extension is enabled which for some reason always returns false.

BOOL isNetworkExtensionEnabled(void)
{
__block BOOL isEnabled = NO;
dispatch_semaphore_t semaphore = dispatch_semaphore_create(0);
[NEFilterManager.sharedManager loadFromPreferencesWithCompletionHandler:^(NSError * _Nullable error) {
if (error != nil)
{
NSLog(@"Error with loadFromPreferencesWithCompletionHandler");
}
else
{
isEnabled = NEFilterManager.sharedManager.enabled;
}
dispatch_semaphore_******(semaphore);
}];
return isEnabled;
}

Is something wrong is this code or is this related to entitlements or the developer license?

As a side note I have already disabled SIP not sure if it matters in this case.

Thanks in advance.

Answered by DTS Engineer in 802843022
Written by aynas in 763281021
I wanted to get my hands dirty with objective-c

You have chosen a very difficult task for My First Objective-C Project™ (-:

Specifically…

Written by aynas in 763281021
I created a simple command line project with xcode and tried to load this extension

That’s not supported. In general, only the NE provider’s container app can configure the NE provider.

Written by aynas in 763281021
I don't have a developer license yet

That’s a showstopper. If you’re using a Personal Team — aka free provisioning — you can only use a limited set of capabilities. See the Apple Developer column in Developer Account Help > Reference > Supported capabilities (macOS). Notably, Network Extension is not on that list.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Accepted Answer
Written by aynas in 763281021
I wanted to get my hands dirty with objective-c

You have chosen a very difficult task for My First Objective-C Project™ (-:

Specifically…

Written by aynas in 763281021
I created a simple command line project with xcode and tried to load this extension

That’s not supported. In general, only the NE provider’s container app can configure the NE provider.

Written by aynas in 763281021
I don't have a developer license yet

That’s a showstopper. If you’re using a Personal Team — aka free provisioning — you can only use a limited set of capabilities. See the Apple Developer column in Developer Account Help > Reference > Supported capabilities (macOS). Notably, Network Extension is not on that list.

Share and Enjoy

Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Cannot enable Network Extensions - Objective-C
 
 
Q