Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Feature request] Add a firewall support #54

Open
maniackcrudelis opened this issue Jan 15, 2021 · 7 comments
Open

[Feature request] Add a firewall support #54

maniackcrudelis opened this issue Jan 15, 2021 · 7 comments

Comments

@maniackcrudelis
Copy link

Hi

While updating my Android app yesterday I saw the new NetShield feature that is awesome !
With my Plus plan, I could enjoy it, but I'm actually more worried about what apps installed on my device could leak over internet without my consent.
Especially, on Android, there's a lot of Google apps that I can't remove, the only thing I can do to secure my privacy is to stop those apps from connecting to internet.
But the DNS filtering won't prevent such thing.

I'm currently using NetGuard as a firewall, but I can't use ProtonVPN as the same time.
It would be wonderful if ProtonVPN could implement a simple firewall feature to prevent apps to access internet. It would be a big step toward privacy on mobile devices.

@sirenondine
Copy link

I love this, specifying specific IP addresses/urls to block via the firewall would be amazing as well.

@AlgirdasPundzius
Copy link
Contributor

Thanks for raising this question. However until we have proper support for such feature, you can do a workaround to get the somewhat similar behaviour and block unwanted apps.

Enable always-on and block connections without VPN.
Add unwanted apps/IP to be excluded from VPN via Split tunneling
Unwanted apps/IPs gets their traffic blocked by kill switch

@maniackcrudelis
Copy link
Author

Hi AlgirdasPundzius
Thanks for your answer and your possible workaround, I did try it, unfortunately it wasn't really convenient and reliable.

First, in opposition with a proper firewall, the default behavior is to authorize all apps to connect, not the opposite. And, to change anything in the list, the VPN has to be stopped first.
So, for a newly installed app, the VPN has to be quickly stopped as soon as the app is installed (otherwise, it couldn't be installed by the store) to prevent the very app to connect to internet...
Even thought, the list of app isn't convenient to use, no filter nor any search part.

Furthermore, I couldn't get apps to work properly on local network, even though the option was turned on.

And the overall behavior wasn't reliable, as apps could connect, even-though excluded from the VPN, until I reload the VPN once or twice. The opposite did happen as well when reauthorizing an app.

While the app on its own does a good job, this feature seems really not reliable to operate as a proper firewall.

@git70
Copy link

git70 commented Nov 5, 2021

There is no need to add a large firewall function.
Just add SOCKS5 support to ProtonVPN to work together with NetGuard!
Both applications are great separately. But when cooperating, they can be even better!
Look here: #42

@Tombstone2K
Copy link

A firewall could be really great.

But SOCK5 support for chaining with netguard would be even better.

@Gamer750
Copy link

Gamer750 commented Oct 1, 2023

Any update on firewall

@vsrt89
Copy link

vsrt89 commented Jul 29, 2024

Simple firewall-like blocking of user specified IP-addresses and domains should be very nice step towards the firewall feature. And it shouldn't be that difficult. In my particular use case I know the addresses I want to block.

Another nice option could be to allow custom DNS servers (issue #113 ?). Then blocking could be shifted to NextDNS.

What looks like possible workaroud for now is Rethink: DNS + Firewall + VPN app (https://github.com/celzero/rethink-app). At least on screenshots it shows that it's possible to configure it to use ProtonVPN. I haven't tried it personally.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

7 participants