Providers are meant to provide network data collection (statistics for existing connections), in addition to some firewall capabilities - network isolation for an endpoint, connection dropping etc. Both providers are needed since DataProvider does not supply protocols other than TCP/UDP. This means if we want to achieve complete network isolation for an endpoint, or firewall capabilities for ICMP for example, we must use PacketFilter as well. Usually there isn't any network effect to our usage - Just in the cases I have mentioned above. In both cases PacketFilter is actually configured as pass-through, without any action performed.

Update - apparently this happens only on 3rd party LAN adapters only, and not ones created by Apple. When network interface is changed between LAN adapter to Wi-Fi, or the other way around.

Hi Matt, have you seen anything like that before? Maybe do you know of some workaround? This started on 11.3. We have opened 3 relevant Bugs for it: FB9127408 FB9127413

Hi, We are seeing this issue on our end as well. I guess the status here: https://developer.apple.com/system-status/ is wrong?

I do not think this is a MDM issue. My understanding is that NEFilterPacketProvider and NEFilterDataProvider are guaranteed > to support TCP and UDP traffic. ICMP traffic happened to work, but was never documented. My advice here would be to open > up a bug report, since you seen a change in behavior, so that this matter can be further weighed in on by our internal teams. > Please post a the Feedback ID here also if you go this route. Optionally, you can also open a TSI with a sample project and I can do some further digging on this as well. @meaton this is strange, as for packet filter there is no documentation whatsoever that it supports only TCP/UDP: https://developer.apple.com/documentation/networkextension/nefilterpacketprovider?language=objc Moreover, on several lab sessions on WWDC we were answered that Packet Filter is the right solution for filtering non-TCP/UDP flows. In any case, we have opened a support ticket: FB9847349

Rebooting the machine solves the issue, but of course this is not a solution one can give to users.

Hi, This also happens with an App that is compiled with Xcode 14, and still happens on latest beta (7). Did anyone experience such crashes? Also opened a ticket: FB11447626

I have a similar question - can anyone tell the difference between dispatch_main and CFRunLoopRun on a daemon's main function? What reasons are there to pick one over the other?