1
https://apps.apple.com/us/app/mintflow-netstack/id6742394218
also creator of NovaScale(formerly NovaAccess), an iOS app that allow you to access SSH server/Codex/Web Services on tailscale private network without requiring VPN, download at
https://apps.apple.com/us/app/novaaccess/id6749938291
These days LLM agents such as Claude Code/Codex are getting more and more popular, In my daily work, I leverage them to do much portion of the development work, but I am wondering how people manage time efficiently when LLM agent is doing the work.
Take me as a example, when LLM agent doing the work especially I turn on the auto accept mode. I just do the following things:
1. thinking about designs of new task or read some document related of the project I am working on 2. surfing on hacker news:)
but it seems the context switching bother me. when I jump back to check how the LLM agent do the work it seems slowly to get into the context.
Maybe this is the new norm we need to adapt to?
I just got MintFlow NetStack 1.1.0 approved by Apple, which introduces app-level routing capabilities. I thought this would be a good time to share the project and some of the technical background behind its development.
Over the past two years, I’ve built two iOS VPN apps based on Tailscale. I appreciate their excellent documentation and high-quality code. However, I wanted more flexibility on the client side—particularly around local routing and split tunneling. While Tailscale now offers an App Connector feature, my use case required everything to run locally, without needing a central coordinator to distribute DNS routes.
Since I’ve been working with fd.io VPP for a while and really like its architecture, I decided to try building a WireGuard-based VPN app on top of it. VPP has a WireGuard plugin modeled after FreeBSD’s implementation (though not actively maintained). My first challenge was porting the VPP core to Darwin (the underlying OS for iOS/macOS). Thanks to recent FreeBSD support via epoll-shim, it turned out to be complex but feasible—and I eventually got VPP running on macOS.
From there, I bridged Apple’s utun interface with VPP’s host stack, handling BSD socket I/O and eventually getting a working app. Version 1.0.0 shipped with basic split tunneling based on CIDR prefixes, but that felt too limited.
So last month, I added an internal stub DNS resolver using hickory-dns (Rust-based), and enabled VPP's host stack to reconstruct TCP/UDP connections from the Apple tunnel interface and forward them via local interfaces (Wi-Fi/Cellular). This unlocks much more granular routing—like selectively sending specific traffic through WireGuard, keeping others local, or blocking routes entirely using VPP’s blackhole.
I'm happy to discuss the technical details. Never thought I’d still be writing C in 2025 for an iOS app core—though Rust is now part of the stack too. I initially tried using c-ares for DNS but opted for Rust to move faster and learn something new.
It’s been a lot of fun building this. Right now, MintFlow is a paid app with a one-time purchase. I plan to keep expanding it—VPP’s active development means I can add features like MITM-based HTTPS capture and more advanced routing in future releases.
Here are the links:
App Store: https://apps.apple.com/us/app/mintflow-netstack/id6742394218
Website: https://mintflow.643216.xyz
Thanks!