As the tile shows, the Wi-Fi join popup is displayed unexpectedly on top of other apps as well as lock screen. Why is this?

I am developing an iOS application. In that i should show a status of their cellular provider such as Active, Inactive, or sim not available. Which also includes physical and eSim. I used Telephony.CTcarrier. One thing its deprecated and another case iOS 15 and below, even if i put my device in Airplane mode still its returning the carrierName and NetworkCode. Is there any specific API to retrieve these realtime data? TIA

We would like to understand/double check if it is possible to use QUIC in Swift via Network framework as the client along with some other QUIC solution on the server (ex. s2n-quic, quiche, msquic, etc..) which won't be a macOS server. If that interoperability is indeed possible, the NWConnectionGroup won't be an approach we could use IMO, since probably we will need to develop that from scratch on both sides. Thanks in advance.

With the recent change to socketfilterfw in macOS 15 we can no longer check if the application firewall is enabled or not via a plist. This is significant in our app because we rely on the NSFilePresenter interface to monitor the plist to alert our app whenever a user changes their firewall settings. Removing the plist is a breaking change for us. Can you please advise either some new location on disk for us to monitor, or if there is another way to observe this setting? We would ideally rather not have to poll 'socketfilterfw' on an interval. Thanks!

We are not seeing any traffic from iOS to App-Proxy extension. We have a Safari domains specified in the per App App Proxy VPN configuration which is pushed to our device. When we tap on the safari and start loading one of these domains, safari will not load any websites with these domains. But if we load any other websites with any other domain, the websites are loaded properly. But the same behavior works fine and app receives traffic on iOS 17.5.1 and older iOS versions. The issue is observed only on iOS 18 Beta versions.

I am developing an app which heavily relies on TCP device to device connections in the local network. The devices (multiple iPhones 13) are connected through a common consumer wifi router and act as server and client simultaneously. My problem is that 2 out of 3 iPhones can't establish outgoing TCP connections. However, they can act as server and accept incoming connections. All devices have the same iOS version (17.5.1) and access to Local Network is granted in the Privacy & Security settings. All devices have IPs in the range 192.168.x.x and the correct subnet is set. Safari can connect to IPs in the local network but not my app. The wifi network does not provide access to internet. Mobile data is turned off on all devices. As the error is happening out in the field, I cannot reproduce it under controlled conditions. What settings (beside not granting access to Local Network) may block outgoing connections to local IPs? What configurations of the app (e.g. entries in Info.plist) may result in or fix this behaviour?

I have a simple SwiftUI application that sends a URLRequest as shown in the code snippet below: import SwiftUI @main struct GOGODemoApp: App { var body: some Scene { WindowGroup { MyView() } } } struct MyView: View { var body: some View { Button("Click") { sendHTTPRequest(to: "https://www.google.com") { code, err in print("Finished, code: \(code ?? -1), err: \(String(describing: err))") } } } } func sendHTTPRequest(to urlString: String, completion: @escaping (Int?, Error?) -> Void) { guard let url = URL(string: urlString) else { completion(nil, NSError(domain: "InvalidURL", code: 0, userInfo: nil)) return } let task = URLSession.shared.dataTask(with: url) { _, resp, error in if let httpResponse = resp as? HTTPURLResponse { completion(httpResponse.statusCode, error) } else { completion(-1, error) } } task.resume() } However, Xcode prints the following warning messages: nw_connection_copy_connected_local_endpoint_block_invoke [C1] Connection has no local endpoint nw_connection_copy_connected_local_endpoint_block_invoke [C1] Connection has no local endpoint nw_connection_copy_connected_local_endpoint_block_invoke [C3] Connection has no local endpoint nw_connection_copy_connected_local_endpoint_block_invoke [C3] Connection has no local endpoint Finished, code: 200, err: nil What does the warning 'Connection has no local endpoint' mean? Thank you for your assistance!

We provide software that our customers deploy on their employee work computers to secure sensitive data. We have a daemon which could connect to an on-premise web-server for certain functionality. In Mac OS 15 beta we see that there is a local network access permission dialog that comes up sometimes, and it requires a permission to be provided under the Privacy & Security section of the system preferences. We have seen the local network access permission would pop up only when both Server and Client are residing in the same private network range (eg 172.16.x.x. in our case.) When the same server is accessed from a Sequoia machine over a VPN from external network, the local network access permission does NOT pop up. But note in this case, the Sequoia machine has an IP in the 10.x.y.z range, whereas the server is at 172.16.x.y. We have the following questions: In our setup with Macs connecting to a web-server, what conditions can trigger the local network prompt? In particular, do both the client and server need to be in the same private subnet range for the prompt to be shown? Is it possible that a user at home, working on a Sequoia machine, connecting over VPN to an on-prem server, would trigger this prompt? If so, we would submit this is not expected, as a VPN is not really a local network. Is there an MDM way of automatically providing the permission, so that the prompt is suppressed? In general, is there a programmatic way of providing this permission during installation ? if yes how can we do it. How do we stop users from disabling the permission incase the user has admin rights?

Hi all, I'm working on deploying a VPN for users of our enterprise app, using the built-in IKEv2 provider (configured either by a configuration profile or an app). I'm struggling to get the user experience right and was curious to hear if the behaviors I'm observing have been seen by other developers. The main behavior I am observing is that the client tends to randomly disconnect, and it does not attempt to reconnect. This is particularly problematic when paired with the includeAllNetworks option. Paired with includeAllNetworks: The device does not attempt to reconnect the tunnel Once the tunnel disconnects, onDemandRules don't seem to evaluate. Even if a NEOnDemandRuleConnect rule matches the current network, the connection does not reestablish. All network traffic remains blocked on both WiFi and Cellular (rendering any network-dependent app unusable) until the user intervenes and toggles the connection in the Settings app This seems like a problematic user experience and I would be surprised if this is by design. As for the disconnects themselves, I have had a hard time correlating them to any particular network condition or protocol behavior. I've seen a connection drop after as little as 10 minutes and stay up for over 16 hours (including while the device roamed from WiFi to Cellular networks and in and out of connectivity). We confirmed with server logs that the clients were able to successfully re-key both the IKE SA and CHILD SAs. I had difficulty retrieving system logs from iOS, but on macOS I was able to observe this error from NEIKEv2Provider that lined up with one of the disconnect events: "Internal: Initiate MOBIKE failed to migrate child SAs" (server logs showed a successful rekey exchange at the same time). Thanks, Lucas

Trying to send and receive data in the GameCenter environment using the following methods: func sendData(dictionaryWithData dictionary: Dictionary<String, Any>,toPeer targetPeers: [GKPlayer]) { guard let match = self.match else { return } do { let dataToSend = try NSKeyedArchiver.archivedData(withRootObject: dictionary, requiringSecureCoding: false) try match.send(dataToSend, to: targetPeers, dataMode: .reliable) } catch { #if DEBUG print("CONNECTION MANAGER SEND DATA ERROR") #endif } } public func match(_ theMatch: GKMatch,didReceive data: Data,forRecipient recipient: GKPlayer,fromRemotePlayer player: GKPlayer) { if match != theMatch { return } DispatchQueue.main.async { do { guard let message = NSDictionary.unsecureUnarchived(from: data) as? Dictionary<String, Any> else {return} ... <CODE> ... } ///Source: https://stackoverflow.com/questions/51487622/unarchive-array-with-nskeyedunarchiver-unarchivedobjectofclassfrom static func unsecureUnarchived(from data: Data) -> Self? { do { let unarchiver = try NSKeyedUnarchiver(forReadingFrom: data) unarchiver.requiresSecureCoding = false let obj = unarchiver.decodeObject(of: self, forKey: NSKeyedArchiveRootObjectKey) if let error = unarchiver.error { print("Error:\(error)") } return obj } catch { print("Error:\(error)") } return nil } Everything works great until the data exceeds 87K (which, I understand, is the limit for exchanging data in GameCenter). The data is not sent and gives the following error: Async message[1FCA0D11-05DE-47D0-9714-983C8023F5C1] send error: FailedToSendData: , InternalError: reliable, maxPayloadSizeExceeded Interesting enough, I do not have this problem when using MCSession, as follows, even if data exceeds 87K: func sendData(dictionaryWithData dictionary: Dictionary<String, Any>, toPeer targetPeers: [MCPeerID]) { do { let dataToSend = try NSKeyedArchiver.archivedData(withRootObject: dictionary, requiringSecureCoding: false) try session.send(dataToSend, toPeers: targetPeers, with: MCSessionSendDataMode.reliable) } catch { #if DEBUG print("CONNECTION MANAGER SEND DATA ERROR") #endif } } I have been doing research and found that I need to fragment data and send and receive it in packages. But I could not find a good explanation how to do it. Any help would be appreciated!

My requirement is to create a App and all the traffic from this App will be forwarded to relay servers(only implement socks5 protocol), the relay server then forward the traffic to the destination server. I have tried the two plans below: A. I tried the NEAppProxyProvider but it seemed to work only under MDM, MDM looks like very complex , so I gave it up. Actually this way is more appropraite for me. B. the other way is NEPacketTunnelProvider. I have figured out a common solution, steps: config the routes for NEPacketTunnelProvider get the fd from packetFlow start a tun2socks service to forward the traffic from the fd。 Sadly the way gettting the traffic from the fd is not recommened by apple official. so the only way to deal with the traffic is handling the packets. may be steps: parse the packet modify the packet write the packet back ... it seems even more complex than plan A,Besides, we have multiple relay servers, if there is a whole request we can make sure all this request data is forwarded by a same relay server, But if there is a packet, may be god can tell which relay server it should go to. We have implemented the same functionality in Android devices. can you help me to find out which way is better in iOS devices? I will be appreciated if you can provide more advice. Thanks.

I have an application that enables recording video from multiple iPhones through an iPad. It uses Multipeer Connectivity for all the device communication. When the user presses record on the iPad, it sends a command to each device in parallel and they start capturing video. But since network latency varies, I cannot guarantee that the recording start and stop times are consistent among all the iPhones. I need the frames to be exactly in sync. I tried using the system clock on each device for synchronizing the videos. If all the device system clocks were in sync within 3ms (30 frames per second), then it should be okay. But I tested and the clocks vary quite a bit, multiple seconds. So that won't work. I ultimately solved the problem by having a countdown timer on the iPad. The user puts the iPad in view of each phone with the countdown. Then later I use a python script to cut all the videos when the countdown timer goes to 0. But that's more work for the end user and requires manual work on our end. With a little ML text recognition, this could get better. Some people have suggested using a time server and syncing the clocks that way. I still haven't tried this out, and I'm not sure if it's even possible to run a NTP server on an iPad, and whether the NTP resolution will be below 3ms. I tried out Final Cut Camera and it has solved the synchronization problem. Each frame is in sync. The phones don't start and stop at exactly the same time, and they account for this by adding black frames to the front and/or back of videos to account for differences. I've searched online and other people have the same problem. I'd love to know how Apple was able to solve the synchronization issue when recording video from multiple iPhones from an iPad over what I assume is Multipeer Connectivity.

Hi everyone! I'm developing a smart shutter motor control application for a custom electric shutter motor. I'm creating the application in MAUI using Visual Studio Code. Almost everything works except for the initial setup of the motor, during which the phone needs to connect to the shutter motor's AP and send about 500 bytes via TCP socket. The TCP socket solution works when I upload the application with HOT RELOAD, but it doesn't work when I distribute it via TestFlight. I've tried using both the TcpClient class and the Socket class, but neither works under TestFlight. iOS 17.5.1 .net 8 It works on android, windows... Do you have any ideas? Thank you in advance.

I have a project with two processes: a UI app (non root) and a system extension (root). The XPC communication between them is functioning correctly. Now, I want to add another process for a different task. I created a new XPC target (HelperProcess) in Xcode and set up an XPC connection between the UI process and this new HelperProcess, which works fine. However, when I try to establish an XPC connection between the HelperProcess and the system extension, it fails. I used the same steps I did to set up the XPC connection between the HelperProcess and the UI process. Specifically, I am using initWithServiceName: to identify the process for communication, but this approach only fails for the system extension and not for the UI part.

HI, I have Mac Sequoia Beta3. I installed Content Filer network extension which is same as https://developer.apple.com/documentation/networkextension/filtering_network_traffic in my machine. When I try to connect a machine through "ssh", NEFilterFlow.description in handleNewFlow(_ flow: NEFilterFlow) is showing "sourceAppIdentifier" (process name) as "Terminal" instead of "ssh". But other Mac OS versions, it is showing as "ssh". Is there any issue with Sequoia Beta3? or Is this expected? Thanks

Is there any cause that would make this happen? We all know that Apple does not provide any API to disconnect cellular data.

My iPhone 6s (iOS 15.0) is the national version of Chinese Mainland, without a sim card I have connected the WiFi of intelligent hardware, which is not connected to the Internet When downloading the app for the first time, the network permission pop-up cannot appear I have tried all the methods that can be found online, including simulating triggering network requests and making socket connections with devices What's even more outrageous is that there is no access option for network requests in the app settings Of course, I know that permission can be triggered when I connect to the Internet, but my usage scenario is not like that I am very grateful for any suggestions.

Is that possible to capture inbound DNS traffic using NEDNSProxyProvider using swift ? I can see the outbound DNS traffic via handleNewUDPFlow. how to get the inbound DNS traffic? I want to see all the DNS response in a macos device

We have BLE on a vehicle that acts as a peripheral and pairs with the user's iOS device as a central device. As we understand, the only way for a peripheral to be "remembered" for the next connection is registration with ANCS. If we don't register while being connected and then the user goes away, when he next time is in range, fresh pairing has to happen. Is that the right understanding? Before we register, we are discovering the ANCS on an iOS device, with UID for ANCS and connection handle as arguments. There are times when discovering API returns 0x06 (implying service not available). At times, we are able to discover the service and are able to register. We wanted to know if there is a deterministic way to ensure ANCS to be discoverable from the peripheral side? If not, is there another way (say any other service) by which the peripheral can take some action to be remembered?

Hi, we are developing a carpooling app. In our app, once, the car driver enters his car, the app connects automatically in the background to the car. The connection to the car is done either via CarPlay or Bluetooth. Currently, when setting up the app, the user has to define how the connection to the car is established. He can choose between three options: either 1)CarPlay, or 2)Bluetooth or 3)both. Is it correct, that starting with the AccessoyKit of IOS18, the user will only have to choose the device, he wants the app to be connected with? However, he no longer has to define the kind of connection, i. e. CarPlay or Bluetooth by which to connect to the device? So in future, users will be able to connect to their Car, but they do not even know, whether the connection is via Bluetooth or CarPlay? If that is the case, it would make our lives much easier;) Many thanks for your help! Greets, Simon