search

AdguardTeam / AdGuardVPNForAndroid

AdGuard VPN Android app open bug tracker
https://adguard-vpn.com/
143 stars 12 forks source link

Excluded apps won't connect after VPN reconnect. #202

Open S7venLights opened 2 years ago

S7venLights commented 2 years ago

Issue Details

Expected Behavior

When using the 'apps settings' tab to "make apps work without the VPN" and also excluding apps from the VPN with the 'low level settings' via UID's; I expect that those apps I excluded will connect to the internet normally, without using the VPN tunnel, even when 'block connections without VPN' is on.

Actual Behavior

Those excluded apps can't access the internet until I disable the 'block connections without VPN' setting. But when 'block connections without VPN' is disabled and adguard is disconnected, all apps are now accessing the internet without the VPN (exposing my IP). I don't want this, I expect that when Adguard VPN is disconnected and 'block connections without VPN' is on, that no apps can connect to the internet. I want some apps to only ever be able to use the VPN connection and those I exclude to access the internet normally.

Additional Information

This is causing IP leaks. Ideal scenario: 'block connections without VPN' is always on. Adguard VPN connected: Included apps use VPN server and exluded apps can connect to internet without the VPN. Adguard VPN is disconnected: No apps can access the internet.

Should VPN servers be down for some reason, there could be a setting to turn off the VPN entirely, for users who need connectivity.

Versty commented 2 years ago

@S7venLights Sounds like a bug. We've tried to reproduce, but with no luck. On our side, the app works exactly as you described in the ideal scenario.

Could you collect logs and send it to our mail?

  1. Open AdGuard VPN app settings;
  2. Advanced settings --> Logging level --> Extended;
  3. Reproduce the issue (apps can not connect while excluded, vpn connected and 'block connections without VPN' is on) and remember the exact time it happened;
  4. Open Support --> Export logs and system info;
  5. Send the archive to devteam@adguard.com and mention this issue number in the subject.
S7venLights commented 2 years ago

Will do in the week.

S7venLights commented 2 years ago

Sent as requested.

Versty commented 2 years ago

@S7venLights Is the issue still persists on your device? If so, I recommend you to uninstall the app and install it again. Please let me know if the issue is resolved after reinstalling.

S7venLights commented 2 years ago

Well there's been no feedback after submitting logs but I can test a reinstall in the week, sure.

Versty commented 2 years ago

@S7venLights Your logs have been received and still being examined by developers team. The log file is long enough, it would be helpful if you could recall the exact or at least approximate time when the issue occurred and provide this info to us.

S7venLights commented 2 years ago

Due to this issue I'm not using Adguard VPN. The Logs I provided were only of me replicating the issue. I turned logging on, connected to Wifi and the VPN and reproduced this issue by trying to browse with two applications and then turned off wifi and disconnected. The logs should only be for that time period.

maxikuzmin commented 2 years ago

@S7venLights if kill switch is enabled, then all applications, requests, past the VPN client will be dropped. You enabled this and turned chrome off of the tunnel. It won't work that way

S7venLights commented 2 years ago

I figured out this issue and it is still a bug. It's causing crashes but not IP leaks anymore.

On V2.2(36) Steps I took to produce the bug:

1.I removed the low level settings to exclude apps from the VPN via UID's.

  1. In AdguardVPNs 'App settings' tab I excluded Bromite browser from the VPN and included Vanadium.
  2. Android VPN settings: Always on and block connections without VPN enabled.
  3. I connected to wifi in airplane mode.
  4. I connected to an Adguard VPN server
  5. I browsed to https://ipleak.net on Vanadium browser and got the VPN server IP as expected. 7.I visited https://ipleak.net on Bromite and got a clear IP as expected. (All working correctly so far)
  6. I disconnected from Wifi and reconnected. The VPN waited for connection and reconnected as expected
  7. Browsers still worked as with correct IPs.
  8. I manually disconnected from the VPN in the adguard app.
  9. No apps could access internet as expected.
  10. I reconnected manually
  11. [bug presents] Vanadium worked as expected but now Bromite couldn't access the internet.
  12. I went to App settings in AdguardVPN and included Bromite in the VPN, but it still wouldn't connect.
  13. I disconnected from Adguard and reconnected then Bromite would work.
  14. [2nd Bug Crash] I went back to App settings and excluded bromite from the VPN and on trying to apply settings Adguard crashed and restarted.
  15. I had this back and forth of trying to exclude and test https://ipleak.net on bromite with multiple crashes and fails.

In short: If Adguard VPN gets disconnected and reconnects, excluded apps can no longer access the internet. Once that has happened, changing Asguards exclude app settings, causes crashes.

I Will also email extended logs that show things working and then the mess of point 17.

S7venLights commented 2 years ago

As an aside note to the original title:

When 'block connections without VPN' is disabled IP leaks occur, when on, excluded apps are blocked.

That issue was still present when using the exclude apps by UID in low level settings. When these low level settings were used, all apps would not respect killswitch when the VPN disconnected.

maxikuzmin commented 2 years ago

@S7venLights I'll check it

maxikuzmin commented 2 years ago

@S7venLights applications that are excluded do not have internet access when kill switch is enabled, no matter when they were excluded

S7venLights commented 2 years ago

Then why did I get a clear IP connection in step 7 with the VPN active?

and why did it go away in step 13 with the VPN active after a manual reconnect of the VPN?

S7venLights commented 2 years ago

And even if 7 is not how you intend the app to work, there should be an option to do that shouldn't there?

Besides all that, there were repeated crashes and bugs with connection when trying to change in app settings.

S7venLights commented 2 years ago

Then why did I get a clear IP connection in step 7 with the VPN active?

and why did it go away in step 13 with the VPN active after a manual reconnect of the VPN?

There clearly is buggy behavior here