I have an NEPacketTunnelProvider subclass setup and I'm able to see traffic entering the tunnel. I know I can set up new connections to encapsulate existing traffic in say a new TCP or UDP connection but is there any way to just resume traffic unmodified? For instance if an ICMP packet comes into the tunnel how can I send that ICMP packet unmodified through to it's set destination?

Looking over the SimpleTunnel code example, how is the subclassed NEPacketTunnelProvider being used and the startTunnel() function being called? I've looked over the documentation and watched the "What's New in Network Extension and VPN" WWDC15 video and I'm not sure how it's actually started. When I do a search for "PacketTunnelProvider" I don't see any references outside the file itself aside from the NSExtensionPrincipalClass entry in the associated Info.plist. Is creating this file and having it present in a system extension enough to "activate" the PacketTunnelProvider class and call startTunnel()? What else must be done? The SimpleTunnel example uses an App Extension since it's targeting iOS. Am I correct in thinking that for the macOS it should be a System Extension?

Hello, I'm trying to send a copy of an intercepted packet through the network stack again using sockets. I'm currently trying to do this using a raw socket with Swift code calling a C function that does the following: socket(AF_INET, SOCK_RAW, IPPROTO_RAW) This results in an error: Operation not permitted I understand that raw sockets require root privileges. I'm calling this code from my network extension already. Is there anything else I have to do to get a raw socket working? Is there a better way I should resend a packet that I've intercepted in my packet filter?