| ▲ | chis 2 hours ago | |
I think this is a great idea. Wouldn't have guessed this would be possible so I looked into how it'd actually be implemented. I guess this is done on the device as a VPN via Apple's NetworkExtension config. But instead of a normal VPN where traffic goes through a server, the app just locally applies rules based on the app the packet came from and then routes them normally to their destination. | ||
| ▲ | gcampos 20 minutes ago | parent [-] | |
That is correct! There is no annotation of which apps a packet comes from, so VineWall also runs locally a DNS proxy and uses the domain to infer the app | ||