If you are who I think you are, we’ve probably had this discussion before. Even with an always on VPN, if the system runs out of memory it will kill the VPN first before the browser. In a perfect world the traffic would still be routed into a dead tunnel. From what I’ve seen, once the VPN is killed, the tunnel device is gone and the default route snaps back to wlan
Always on vs the additional option of blocking internet until the VPN connects.
The second option is more system level?
Using shizuku (rish) in termux I checked the active links with VPN on and then force stopped / killed the VPN in terminal and checked again. The VPN tunnel disappeared but the dummy kill switch tunnels remained. I could not access any network connection.
*The routing table also maintains the dummy kill switch
(oh sorry, but) I’ve heard this argument before. All I can say is that in my experience, when the system is out of memory, it kills some process (e.g. the UI) which upon restarting resets the networking
Android system
Google services framework
Network
System UI
System WiFi Resources
Wi-Fi
Settings
System connectivity resources
Secure UI service
The results are the same
VPN kill switch prevents network access.
*later, when I’m connected to a PC, I’ll try killing/restarting userspace, shell, and user to see if I can get the kill switch to fail. (If I try those now it may kill shizuku which relies on shell - not sure.)
I’ll also see if I can’t force lmk to kill all the memory.
In cmd settings list secure these may be some part of what keeps the system from allowing a connection.
In settings on my android, non root.
Always on VPN. Block unless active
If you are who I think you are, we’ve probably had this discussion before. Even with an always on VPN, if the system runs out of memory it will kill the VPN first before the browser. In a perfect world the traffic would still be routed into a dead tunnel. From what I’ve seen, once the VPN is killed, the tunnel device is gone and the default route snaps back to wlan
I am not. And I’ve never had this discussion.
Always on vs the additional option of blocking internet until the VPN connects.
The second option is more system level?
Using shizuku (rish) in termux I checked the active links with VPN on and then force stopped / killed the VPN in terminal and checked again. The VPN tunnel disappeared but the dummy kill switch tunnels remained. I could not access any network connection.
*The routing table also maintains the dummy kill switch
(oh sorry, but) I’ve heard this argument before. All I can say is that in my experience, when the system is out of memory, it kills some process (e.g. the UI) which upon restarting resets the networking
You’ll be happy to know I just force killed :
Android system
Google services framework
Network
System UI
System WiFi Resources
Wi-Fi
Settings
System connectivity resources
Secure UI service
The results are the same
VPN kill switch prevents network access.
*later, when I’m connected to a PC, I’ll try killing/restarting userspace, shell, and user to see if I can get the kill switch to fail. (If I try those now it may kill shizuku which relies on shell - not sure.)
I’ll also see if I can’t force lmk to kill all the memory.
In
cmd settings list securethese may be some part of what keeps the system from allowing a connection.always_on_vpn_lockdown=1 always_on_vpn_lockdown_whitelist=
deleted by creator