this post was submitted on 14 Dec 2023
37 points (97.4% liked)

Privacy

31823 readers
142 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Question for the group on a problem I'm trying to solve: How can I block internet access for some apps on standard, OOTB Android?

My current set-up is to use Proton VPN with the Android settings "Always-on VPN" and "Block connections without VPN" and then use Proton VPN's Split-tunneling to exclude certain apps from using the VPN. This has the desired effect of blocking certain apps from having access to the internet.

However, I now find that I need to use certain Apps without the VPN but with internet access. In the past, I'd used something like NetGuard to control which apps have internet access, but, as Android only allows one VPN slot, this would require me to swap out Proton VPN.

So my problem statement: I'd like to be able to continue to use Proton VPN, exclude some apps from using that VPN but still have access to the internet, and block still other apps from the internet entirely. I'm struggling to find a way to do this.

Any suggestions are welcome!

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 10 points 10 months ago (4 children)

You can do this. But you need to use rethinkdns and download the configuration of the proton vpn wireguard server(s) you wanna reach. You can have internet blocked for individual apps, have some tunnel without VPN but DNS and firewall protection and some go through servers of proton (even per app to different servers). It’s a powerful tool. You won’t get the same protection as you would get with let’s say GrapheneOS but you are getting damn close to it if done right

[–] [email protected] 2 points 10 months ago

Was going to say this. Rethinkdns is awesome

[–] [email protected] 1 points 10 months ago

Interesting idea, a DNS filter won't do much for traffic pointed at a specific IP though. Curious how that would set the system wide DNS without being a root level app.

[–] [email protected] 1 points 10 months ago

Rethinkdns is probably your best bet! Right now they are missing an important feature where It takes wireguard's DNS configuration into account, making it obsolete for those who have private dns in a local environnement with an upstream dns !

Can't wait for version 0.5.6 😄