From 1f5095b59c93b04120a2e10f0b083b4f6846ca68 Mon Sep 17 00:00:00 2001 From: cyBerta Date: Fri, 9 Nov 2018 19:17:19 +0100 Subject: block ipv6 addresses if void vpn is running --- .../java/se/leap/bitmaskclient/eip/VoidVpnService.java | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) (limited to 'app/src/main/java') diff --git a/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java b/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java index 76d5fb8e..a896197c 100644 --- a/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java +++ b/app/src/main/java/se/leap/bitmaskclient/eip/VoidVpnService.java @@ -16,12 +16,14 @@ */ package se.leap.bitmaskclient.eip; +import android.annotation.TargetApi; import android.app.Notification; import android.content.Intent; import android.content.SharedPreferences; import android.net.VpnService; import android.os.Build; import android.os.ParcelFileDescriptor; +import android.system.OsConstants; import android.util.Log; import java.io.IOException; @@ -122,14 +124,27 @@ public class VoidVpnService extends VpnService implements Observer, VpnNotificat private Builder prepareBlockingVpnProfile() { Builder builder = new Builder(); builder.setSession("Blocking until running"); - builder.addRoute("0.0.0.0", 1); + builder.addRoute("0.0.0.0", 0); builder.addRoute("192.168.1.0", 24); builder.addDnsServer("10.42.0.1"); builder.addAddress("10.42.0.8", 16); + builder.addRoute("::",0); + builder.addAddress("fc00::", 7); + + if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) { + allowAllAFFamilies(builder); + } + return builder; } + @TargetApi(Build.VERSION_CODES.LOLLIPOP) + private void allowAllAFFamilies(Builder builder) { + builder.allowFamily(OsConstants.AF_INET); + builder.allowFamily(OsConstants.AF_INET6); + } + private void establishBlockingVpn() { try { VpnStatus.logInfo(getString(R.string.void_vpn_establish)); -- cgit v1.2.3