My threat model isn’t such that I need it, it’s just really annoying. GrapheneOS does allow blocking network per-app, which is a sufficient workaround. It’s a bit tedious, but I can do the following:
disable network on sensitive apps
disable NetGuard and enable other VPN
finish what I was doing
undo step 2
undo step 1
I really wish there was a way to get VPNs and NetGuard playing nicely together. I want all traffic to be filtered by NetGuard, and then routed over the VPN. This is trivial on Linux, but apparently not so on Android, which is a shame.
There might be an easier way to accomplish this. The RethinkDNS app has a built-in Firewall and WireGuard VPN client. It also allows you to configure per-app Wifi and cellular data separately. The only caveat is that you would need to manually import the WireGuard profiles from your VPN provider.
I meant it more tongue-in-cheek :)
My threat model isn’t such that I need it, it’s just really annoying. GrapheneOS does allow blocking network per-app, which is a sufficient workaround. It’s a bit tedious, but I can do the following:
I really wish there was a way to get VPNs and NetGuard playing nicely together. I want all traffic to be filtered by NetGuard, and then routed over the VPN. This is trivial on Linux, but apparently not so on Android, which is a shame.
There might be an easier way to accomplish this. The RethinkDNS app has a built-in Firewall and WireGuard VPN client. It also allows you to configure per-app Wifi and cellular data separately. The only caveat is that you would need to manually import the WireGuard profiles from your VPN provider.
Thanks, I’ll check it out. :) That should do nicely.