From 6ce4b6f1716313403f72a311714ae248cc6b3cc7 Mon Sep 17 00:00:00 2001 From: Gabi Date: Fri, 2 Aug 2024 02:06:36 -0300 Subject: [PATCH] fix(android): on full route dont allow bypass vpn (#6133) If blocking non-vpn connections `allowBypass` breaks the VPN. To fix this, we disable `allowBypass` when full-route is enable. Fixes #4834 (hopefully) --- .../main/java/dev/firezone/android/tunnel/TunnelService.kt | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/kotlin/android/app/src/main/java/dev/firezone/android/tunnel/TunnelService.kt b/kotlin/android/app/src/main/java/dev/firezone/android/tunnel/TunnelService.kt index b952b7c1d..8bd55a8ed 100644 --- a/kotlin/android/app/src/main/java/dev/firezone/android/tunnel/TunnelService.kt +++ b/kotlin/android/app/src/main/java/dev/firezone/android/tunnel/TunnelService.kt @@ -314,8 +314,10 @@ class TunnelService : VpnService() { private fun buildVpnService(): Int { Builder().apply { - // Allow traffic to bypass the VPN interface when Always-on VPN is enabled. - allowBypass() + if (tunnelRoutes.all { it.prefix != 0 }) { + // Allow traffic to bypass the VPN interface when Always-on VPN is enabled. + allowBypass() + } if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.Q) { setMetered(false) // Inherit the metered status from the underlying networks.