[strongSwan] application exclusion from tunneling in android
Tobias Brunner
tobias at strongswan.org
Mon Aug 17 11:38:50 CEST 2020
Hi Winny,
> The strongswan android app has a feature where in a particular app
> can be selected and its traffic will bypass the tunnel. Could someone
> briefly explain how is the traffic originating from this application
> identified and then sent outside the tunnel.
The Android app uses Android's VpnService API. The VpnService.Builder
class [1] provides the addDisallowedApplication method to exclude apps
from the VPN. Android implements this via policy routing (each app runs
under a separate user ID), see [2].
Regards,
Tobias
[1]
https://developer.android.com/reference/android/net/VpnService.Builder.html
[2] https://stackoverflow.com/a/54982521/1158499
More information about the Users
mailing list