I implemented a per-app vpn with packetTunnelProvider on MacOS, fully functional. I would like to get the PID from sourceAppAuditToken but it is always nil. This is the code: self.packetFlow.readPacketObjects { packets in for packet in packets { if let auditToken = packet.metadata!.sourceAppAuditToken { log.debug("ok") } else { log.debug("No audit Token") } } } I read a lot of answer about this problem but all solved on NEFilterFlow and they don't actually work on PacketTunnelFlow

I'm writing an update to Security framework crate that is a bindings to Security.framework. I added some functionalities as SecCertificateAddToKeychain without any problem but with SecTrustSettingsSetTrustSettings the result is always -2070 errSecInternalComponent . use crate::base::SecCertificateRef; use core_foundation_sys::array::CFArrayRef; use core_foundation_sys::base::CFTypeRef; use core_foundation_sys::base::OSStatus; pub type SecTrustSettingsDomain = u32; pub const kSecTrustSettingsDomainUser: SecTrustSettingsDomain = 0; pub const kSecTrustSettingsDomainAdmin: SecTrustSettingsDomain = 1; pub const kSecTrustSettingsDomainSystem: SecTrustSettingsDomain = 2; pub type SecTrustSettingsResult = u32; pub const kSecTrustSettingsResultInvalid: SecTrustSettingsResult = 0; pub const kSecTrustSettingsResultTrustRoot: SecTrustSettingsResult = 1; pub const kSecTrustSettingsResultTrustAsRoot: SecTrustSettingsResult = 2; pub const kSecTrustSettingsResultDeny: SecTrustSettingsResult = 3; pub const kSecTrustSettingsResultUnspecified: SecTrustSettingsResult = 4; extern "C" { pub fn SecTrustSettingsCopyCertificates( domain: SecTrustSettingsDomain, certsOut: *mut CFArrayRef, ) -> OSStatus; pub fn SecTrustSettingsCopyTrustSettings( certificateRef: SecCertificateRef, domain: SecTrustSettingsDomain, trustSettings: *mut CFArrayRef, ) -> OSStatus; pub fn SecTrustSettingsSetTrustSettings( certificateRef: SecCertificateRef, domain: SecTrustSettingsDomain, trustSettingsDictOrArray: CFTypeRef, ) -> OSStatus; } And this is the way I call the function: pub fn set_trust_settings(cert: &SecCertificate) -> Result<()>{ let domain = kSecTrustSettingsDomainAdmin; let trust_settings: CFTypeRef = ptr::null_mut(); cvt(unsafe { SecTrustSettingsSetTrustSettings( cert.as_CFTypeRef() as *mut _, domain, trust_settings, ) }) } Notes sudo security add-trusted-certs [..] works without any problem

I built a transparent-proxy app but currently I have to use workaround to redirect traffic coming from the same machine where I run pf, this because I can’t distinguish between an outbound connection from a non-transparent-proxy app, and an outbound connection from transparent-proxy app itself. The only solution I found is to launch the transparent-proxy app from a fancy nobody user and add an exception in pf.conf to that nobody user. I read something about NETransparentProxyNetworkSettings in #658631 thread but the solution is not clear and probably out dated thanks for helping