I have a VpnService with some allowed applications and some that arent, taken from a list that could change anytime.
public void onCreate() {
super.onCreate();
isRunning = true;
setupVPN();
LocalBroadcastManager.getInstance(this).sendBroadcast(new Intent(BROADCAST_VPN_STATE).putExtra("running", true));
Log.i(TAG, "Started");
registerReceiver(stopBr, new IntentFilter("stop_vpn"));
setupNotification();
}
private void setupVPN() {
if (vpnInterface == null) {
Builder builder = new Builder();
builder.addAddress(VPN_ADDRESS, 32);
builder.addRoute(VPN_ROUTE, 0);
// Deciding which applications will be able to access the internet
try {
builder.addDisallowedApplication("com.android.chrome");
} catch (PackageManager.NameNotFoundException e) {
e.printStackTrace();
}
vpnInterface = builder.setSession(getString(R.string.app_name)).setConfigureIntent(pendingIntent).establish();
}
}
In this case the application just disallows "com.android.chrome". The Vpn actually doesn't handle any incoming packet, so I use it to block traffic, meaning any app that is not the "disallowed" list won't have access to the internet.
The problem: what if wanted to, while running, change the disallowed application list? Do I have to have an external service or something to control the VpnService or is there another way to do it?
My first thought was an external service that detects and restarts the Vpn with different parameters, but it seems a little complicated for something like this.
I was also thinking it could be done in another way, by having a fully working Vpn and filtering packets by app. But (supposing there is a way packets are tied to apps) how would I determine what packets are tied to what applications?
