Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Convert trusted networks to on-demand activation #119

Closed
keeshux opened this issue Nov 21, 2019 · 12 comments · Fixed by #333
Closed

Convert trusted networks to on-demand activation #119

keeshux opened this issue Nov 21, 2019 · 12 comments · Fixed by #333
Assignees
@keeshux
Labels
enhancement New feature or request
Milestone
2.2.0

Comments

@keeshux
Copy link
Member

keeshux commented Nov 21, 2019

Like WireGuard does, with only/except matching policy.
@keeshux keeshux added the enhancement New feature or request label Nov 21, 2019
@keeshux keeshux self-assigned this Nov 21, 2019
@keeshux keeshux removed their assignment Feb 26, 2020
@fumoboy007
Copy link

Is this related to not being able to explicitly connect on a trusted network?

@keeshux
Copy link
Member Author

keeshux commented May 26, 2020

Exactly, that's the idea.

@keeshux keeshux added this to the 1.12.0 milestone May 26, 2020
@keeshux keeshux self-assigned this Jun 22, 2020
@keeshux keeshux removed this from the 1.13.0 milestone Dec 28, 2020
@somebody-somewhere-over-the-rainbow
Copy link

would that also add the ability to connect on-demand in the iOS sense, meaning by app. This would be awesome as well. Meaning a VPN connection is established when a specific app is used (and ideally only that traffic is routed via this specific tunnel)

@keeshux
Copy link
Member Author

keeshux commented Jan 6, 2021

Nope, it's not related.

@somebody-somewhere-over-the-rainbow
Copy link

somebody-somewhere-over-the-rainbow commented Jan 6, 2021
edited
Loading

I was referencing the function outlined here:
https://developer.apple.com/documentation/networkextension/personal_vpn/vpn_on_demand_rules

@keeshux
Copy link
Member Author

keeshux commented Jan 7, 2021

I see, but it has nothing to do with what you expect it to accomplish!

@somebody-somewhere-over-the-rainbow
Copy link

Does it make sense to open the topic for discussion as a future feature? I do not know the level of interest for this. I would imagine that everyone that uses the VPN to bypass geo restrictions on certain apps (hulu, cnn and many other apps) would love this feature ...

@keeshux
Copy link
Member Author

keeshux commented Jan 7, 2021

I understand the need and also like the feature, but I wouldn't do it unless Apple makes it native. Not in OpenVPN at least. If WireGuard supports it, that's another story for later.

@somebody-somewhere-over-the-rainbow
Copy link

okay, my understanding was that is is nativly supported (at least for ikev2 and ipsec)

@keeshux
Copy link
Member Author

keeshux commented Jan 7, 2021

I mean that "on demand rules" are not rules for a "per app VPN".

@keeshux keeshux added this to the 2.0.0 milestone Nov 23, 2021
@keeshux keeshux modified the milestones: 2.0.0, 2.1.0 Mar 7, 2022
@keeshux keeshux removed their assignment Mar 24, 2022
@mikicof
Copy link

mikicof commented May 12, 2022

I’ve seen on other vpn apps that you can include a list of domains to be added to the connect on demand rules so it will only connect to the vpn when any connection is done to them…
That would be great for my home network, don’t know if related to this or better on another thread.

@keeshux keeshux removed this from the 2.1.0 milestone Sep 30, 2022
@juev
Copy link

juev commented Oct 4, 2022

This function is present on Shadowrocket.

It great function. For example, I setup disconnect from vpn when my iPhone will sleep, and connect to vpn when I open domain from list. Another one, we can setup vpn only for specific domains. All other request will use direct connection.

When we activate vpn only when we open specific domains, we will economy our battery energy.

@keeshux keeshux added this to the 2.2.0 milestone Jul 22, 2023
@keeshux keeshux self-assigned this Jul 22, 2023
@keeshux keeshux mentioned this issue Jul 22, 2023
Merged
keeshux added a commit that referenced this issue Jul 23, 2023
@keeshux
Rework "Trusted networks" to be a generic "On-demand" (#333)
e0dbca2 
Extend the feature by also providing a complementary "include" policy,
i.e. activate the VPN _only_ on the specified networks. "Trusted
networks" was only providing the "exclude" counterpart, i.e. _except_
the specified networks.

Closes #119
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@keeshux keeshux

Labels
enhancement New feature or request
Projects
None yet
Milestone
2.2.0
Development

Successfully merging a pull request may close this issue.

Rework "Trusted networks" to be a generic "On-demand" passepartoutvpn/passepartout
5 participants
@juev @keeshux @fumoboy007 @somebody-somewhere-over-the-rainbow @mikicof