wiresock / WireSockUI

GUI to use Wiresock VPN Client in application mode
https://www.wiresock.net/
302 stars 14 forks source link

Mac OS support with AllowedApps #75

Closed ishpagin closed 3 months ago

ishpagin commented 3 months ago

I have been looking for a long time to make my Chrome use the same configuration as your Allowed Apps on Mac OS. I can't find an option to separate traffic on an OpenVPN connection and another VPN (WireGuard/other) for some apps only. Can you tell me if it's possible to configure access to the internet on Mac OS for selected apps or domains without specifying IPs? My 2 VPNs need to work together (OpenVPN and another one I set up).

Thank you for your time

wiresock commented 3 months ago

Thank you for reaching out. Unfortunately, MacOS has relatively limited network filtering and traffic routing capabilities, and I don't believe it's possible to achieve the specific configuration you're describing natively. Specifically, the ability to selectively route traffic from Chrome or other apps through different VPNs (such as OpenVPN and WireGuard) simultaneously is not natively supported on MacOS. This kind of advanced traffic management typically requires more granular control over network interfaces and routing than what MacOS offers.

However, there are a few third-party tools and workarounds that might help you achieve a similar outcome:

  1. PF (Packet Filter): MacOS includes a built-in firewall called PF, which can be configured for more advanced network routing and filtering. However, it requires command-line expertise and isn't particularly user-friendly if you're unfamiliar with network configuration.

  2. Luna Display (for split tunneling): This app allows you to route some traffic through a VPN while keeping other traffic on your regular network. While it’s not specifically designed for managing multiple VPNs, it could help with certain split-tunneling scenarios.

  3. Vagrant with Linux VM: If you're comfortable running a virtual machine, you could set up a Linux VM on MacOS using Vagrant or another virtualization tool. Inside the VM, more advanced network configurations can be applied, and specific traffic can be routed through the VM while keeping the host's network separate.

  4. Proxifier: This application allows you to route specific app traffic through different proxies. While it doesn’t natively support routing through multiple VPNs, you might be able to combine it with a VPN service that provides proxy access.

  5. Hummingbird VPN Client (by OpenVPN): Hummingbird is a lightweight client for OpenVPN that may offer more flexibility in how VPN traffic is routed, although it still has limitations on MacOS.

  6. Shimo: Shimo is a VPN client for Mac that supports multiple VPN protocols (including OpenVPN and WireGuard). It offers some advanced features like split tunneling and might allow more granular control over your VPN connections.

  7. Little Snitch: This is a popular network monitoring and control tool that allows you to create rules for network traffic. While it doesn't directly manage multiple VPN connections, it can help you monitor and control which apps use which network interfaces.

  8. PF Sense (via a dedicated router): For a more robust solution, you could consider setting up a dedicated router with PF Sense (a powerful, open-source firewall/router software). This would give you the ability to manage complex VPN routing, including routing specific app traffic through different VPNs. This involves more hardware and setup but offers much greater control.

I hope this helps clarify the situation and gives you some options to explore. Thanks again for reaching out!