Non-root Firewall and VPN

[Fierio]

Hello, developers.
I am a student wanting to create an app which will run as a non-root firewall (netguard) and then route to one's choice VPN provider (openVPN). I haven't been able to try, yet, as the teachers want me to find out why nobody has done it yet before getting it started on how we think we would do it.
I have heard that the main issue with doing this is IP tables will take long to do, and thus isn't worth it.
Is this accurate and if so, why would this be the issue stopping me?

I imagine that this would work, if i were able to just do both of the previously mentioned app functions on one app,

 

[Deleted User]

Looks like it has been done

https://play.google.com/store/apps/details?id=app.greyshirts.firewall&hl=en_GB

 

[Fierio]

Looks like it has been done

https://play.google.com/store/apps/details?id=app.greyshirts.firewall&hl=en_GB

I am thinking capability to route to a different VPN after the firewall VPN.
Or capability to route from one VPN provider to another.
This is a non-root firewall (which are VPNs), but this does not allow routing to a choice VPN provider (correct me if I am wrong, as I haven't used the app), thus not the same thing.

 

[svim]

All those non-root firewall apps are using a really clever workaround, a localized VPN. It's not a matter of relying on any VPN service on the Internet, it's all contained within your phone. There is no option to choose outbound servers because they're not involved in any way, the VPN service is bouncing back to your phone from within your phone.
As for iptables, that's an integral part of the Android kernel so it requires root access. That's why root-required firewall apps like APWall+ can use iptables while non-root apps like NetGuard, Mobiwol, and NoRoot Firewall (just do a search for 'non root firewall' in the Play Store for more options) have to instead use an internalized VPN as a substitute. Regarding it taking longer when using iptables, it does require a learning curve and no one will learn all the rules and syntax right away. Relying on iptables, already a part of the operating system itself, makes for a more expansive and functional firewall than using a VPN kluge, but for most consumers rooting isn't a factor so that sets the tone for viable options on what kind of firewall you want to develop.

 

[Fierio]

There is no option to choose outbound servers because they're not involved in any way, the VPN service is bouncing back to your phone from within your phone.

Okay, so do developers just not build in the functionality?
Is something stopping them?
Could I take Netguard or noroot firewall (as they are open-source) and add in functionality for routing to a choice VPN provider?
I can't run two VPN apps at the same time, after all, so is it possible to do this, if they are both in one app?

 

[svim]

Without access to iptables, these non-root firewall apps rely on a workaround, using a local-only VPN. Online activity gets routed through this internalized VPN, so by strict definition they're not actually firewalls but they are functioning like one. With iptables there are 'filters' set up to manage connectivity, all done within your mobile device; with non-root firewall apps this is done through that internal VPN, also all done within your mobile device, If you want to implement an external VPN service into your firewall app, this removes its functionality as a 'firewall' since all traffic is now being routed through an online server(s).

 

[anonymous 32]

Hello, developers.
I am a student wanting to create an app which will run as a non-root firewall (netguard) and then route to one's choice VPN provider (openVPN). I haven't been able to try, yet, as the teachers want me to find out why nobody has done it yet before getting it started on how we think we would do it.
I have heard that the main issue with doing this is IP tables will take long to do, and thus isn't worth it.
Is this accurate and if so, why would this be the issue stopping me?

I imagine that this would work, if i were able to just do both of the previously mentioned app functions on one app,

I have successfully incorporated a VPN along with a non-root firewall on Android systems. There is only one catch. You must use 2 Android devices. I don't know about anyone else but I'm a collector of devices. I currently use 2 tablets 4 Android phones. Only 1 my Galaxy A52 having service. I use Proton VPN and no-root firewall.

My setup is as follows. One Android device Running Android 11 is used as a bridge. I have installed PDA Net on it. This allows me to share my home WiFi over the same channel. This device runs the ProtonVPN free service out of the Netherlands Netherlands. Note that the free service only allows 1 active user.

My other devices run No-root firewall with their own set of specific rules. When they connect to the Android hotspot, they tunnel out through the VPN connection like regular traffic.

Along with the Brave web browser and the GPS Emulator emulator simulating travel routes, my true location and information is secure.

I hope this helps anyone that reads this.

I don't want to be told what to wear, what to eat, what to think, what to buy, and who to be. The internet is continuing to control the populations across the world. I can never disappear from the net, but I can at least make what data it has on me obsolete. This time around the Kool aid will be delivered same day shipping..

Anonymous