On 07/02/18 21:31, Jason A. Donenfeld wrote: > On Tue, Jul 3, 2018 at 4:27 AM Eric Kuck <e...@bluelinelabs.com> wrote: >> >> I was originally thinking the new fragment would be a per-tunnel thing >> (set when you create the tunnel or edit it), but you’re right - making it >> a general setting likely makes a whole lot more sense. I can’t think of >> any use-cases for different tunnels handling different apps. > > It might actually make most sense to make it a per-tunnel thing. We'd then > have to introduce conf key called, "ExemptedApplications=" or something. > Samuel - any thoughts on this?
Right, trying to make it a global setting requires either some sort of out-of-band way to pass the information to wg-quick, or rewriting the configuration file every time the tunnel is brought up. Since from netd's point of view, this is a per-network setting anyway, I agree it makes sense to configure it per-tunnel. ExemptedApplications works as a configuration key, though I prefer ExcludedApplications--the application isn't just not required to use the tunnel, it's not allowed to use the tunnel. In that case, here are my UI suggestions: - Add a button in the editor that switches to a fragment or pops up a Dialog similar to a MultiSelectListPreference. - For consistency, checked means excluded -- everything defaults to unchecked. - The package names of excluded apps are put in the com.wireguard.config.Interface, and wg-quick handles package name to uid translation. How does that sound? Samuel _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard