Closed KaustubhPatange closed 3 years ago
Yes. You are correct. You can only setup alllow/disallowed apps on VPN setup. That is a limitation of the Android API. You might be able to workaround it by reopening the tunnel interface.
Btw. this is not a library. It is a app.
Re-opening the tunnel interface
Can you highlight this one? I mean just a little guidance on how to approach this (if possible).
It is not trivial to do this: you basically need to modify both openvpn and the whole OpenVPNService to be able to do that. Basically call VPNBuiilder.establish() a second time with different parameters and then switch the tun fd for OpenVPN itself.
You could also just reconnect the VPN.
Sorry to bother you again, the first approach seems a bit out of my scope. You said about reconnecting VPN, how do I do that? Just stopVpn()
followed by startVpn()
?
Sorry to bother you again as you know I'm developing an open source VPN app called Gear VPN in public.
And I was looking to implement split tunnel feature where you can give access to individual apps whether to use VPN or not. So I was browsing the code & found that I can use
mAllowedAppsVpn
andmAllowedAppsVpnAreDisallowed
fromVpnProfile.java
in conjunction to allow/disallow VPN access to the app. I useOpenVpnApi.startVpn
method to start connection to a VPN service where I was deciding to modify it to accept list of app packages.This wasn't hard, the question is once the VPN is connected how can I add or remove application packages to grant or deny their access to the VPN? From the docs I saw that you can only configure
addDisallowedApplication
when setting up VPN connection from the builder (this is something I saw inopenTun
method fromOpenVPNService.java
).Is there a way to achieve this without resetting the connection? I saw a method in
OpenVPNService.java
calledaddAllowedExternalApp
, is this is something I could use?