Network Extension
Your app needs a Packet Tunnel Provider extension. See Installation for the full setup, but the minimal implementation is:
// PacketTunnelProvider.swift in your extension target
import KapeVPN
class PacketTunnelProvider: KapePacketTunnelProvider {}
The base class reads KapeSDK.plist from the extension bundle and handles:
- SDK initialization with shared keychain credentials
- Endpoint discovery and authentication
- WireGuard tunnel setup and handshake
- Connection status notifications back to the app
Required Entitlements
Both the app and extension need:
<key>com.apple.developer.networking.networkextension</key>
<array>
<string>packet-tunnel-provider</string>
</array>
<key>com.apple.security.application-groups</key>
<array>
<string>group.com.your.app</string>
</array>
How App and Extension Communicate
| Direction | Mechanism |
|---|---|
| App → Extension | NETunnelProviderSession.sendProviderMessage() |
| Extension → App | Darwin notifications |
| Shared config | KapeSDK.plist (in both bundles) |
| Shared state | JSON file in App Group container |
You don't interact with these directly — KapeVPNManager and KapePacketTunnelProvider handle all IPC.