Firewall leak in Root mode. Edge case when turning off third-party VPN.

Gedsh / InviZible

Android application for online privacy and security

https://invizible.net

GNU General Public License v3.0

1.5k stars 103 forks source link

Firewall leak in Root mode. Edge case when turning off third-party VPN. #287

Closed 3xp10its closed 3 weeks ago

3xp10its commented 2 months ago

there is a leak when running root commands notification take place

turn on firewall from the app
choose let's say chrome and keep vpn traffic allowed only
run dnscrypt or tor
run any vpn
open chrome and load ipinfo.io for example
turn off vpn and then immediately reload the page

you will see the chrome will successfully connect to the Internet without vpn

3xp10its commented 2 months ago

this will be for around 4 or 5 seconds till reconfiguring the connection in notification bar (running root commands)

Gedsh commented 2 months ago

It takes time to react to the network changes. In any case it can't be immediate. It mostly depends on the android system. I can't do anything about it.

emtreulapollaguera commented 1 month ago

https://x.com/GrapheneOS/status/1841236289263116381

Gedsh commented 1 month ago

@emtreulapollaguera This issue is about the firewall operating in root mode when using a third-party VPN.