longzuyuan / ics-openvpn

Automatically exported from code.google.com/p/ics-openvpn
0 stars 0 forks source link

Route Exclusion #134

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
We're using ICS-OpenVPN, and would like to exclude specific IPs from the VPN 
tunnel.
so that traffic which is destined to that ip will be routed directly to the 
network, without passing through the VPN tunnel). We're trying to reduce 
network load and costs on our VPN, by allowing bandwidth intensive services 
such as youtube pass unencrypted, while still securing the rest of the traffic.

Is this possible with ICS-OpenVPN? 

What mobile phone are you using?
Samsung S3.

Which Android Version and stock ROM or aftermarket like cyanogenmod?
ICS (4.0.4), Stock ROM.

Please provide any additional information below.

Original issue reported on code.google.com by sharon.s...@gmail.com on 27 Jan 2013 at 12:56

GoogleCodeExporter commented 9 years ago
(See also 
http://stackoverflow.com/questions/14545800/android-vpnservice-route-exclusion/1
4546762)

Short answer no.

Long answer. You either have to do multiple routes by (e.g. using 32 routes 
from /1 to /32 to exclude a ip). And you can parse the packets and proxy these 
using a new protected socket. (possible cpu intensive)

I do not plan to implement an IP parser. 

See also http://code.google.com/p/android/issues/detail?id=38594

Original comment by arne@rfc2549.org on 27 Jan 2013 at 5:31

GoogleCodeExporter commented 9 years ago
Ok.. I got it now.
Thing is if we need to exclude IP- 12.13.14.15

firstly we need to addroute for -> 0.0.0.0 - 12.13.14.14
secondly -> 12.13.14.16 - 255.255.255.255

I am wondering if you/any one can post just logic how to get these in form of 
ip/mask from these range.i,e algorithm for calculating the "reverse" routes 
given a set of IPs which to exclude.
( 
http://stackoverflow.com/questions/14545800/android-vpnservice-route-exclusion/1
4546762 )
Thanks in Advance.

Original comment by arun.s...@gmail.com on 29 Sep 2013 at 8:28