WG Tunnel impression

[gitthangbaby]

I'm trying the app after some time. The main WG client with its own auto tunneling implemntation done in 2013 was never published, and I continued to control the VPN connectivity via shell commands all the time. And rooted every user's phone to do this.

Logs display lot of UI commands, I wish none of it was published there, in order to monitor the actions. That would help me to understand the logic.

Quick status Icon is "lying" often, Not sure how the icon is refreshed based on the real state. Same as main WG app, we have often the icon turned on while tunnel is not running. There could also be a state between (like when a function is being turned on), when the quick status icon is half highlighted to indicate some of the incomplete tasks.

There are dozens of UI glitches. The screen can freeze and dim for some time. Checkboxes don't react. Some of them are greyed out but operable. Kill switch can be visually turned on in kernel mode. Duplicit notifications "Tunnel running". Connection status lines blinking, alternating between "handshake:none" and "handshake:xx sec". And so on.

The UI settings are also pretty confusing. I can find same settings under a specific tunnel, and in general settings. Or in general settings versus system settings. I don't know how to approach it.

Switching connectivity is such a huge deal, that's the main thing to test.
When app is in nonkernel mode, it works only if system setting of VPN is set to "Always On". But that disables auto tunneling. I couldn't do anything this mode. Wifi name fetched via location or shell, it didn't do anything. However, the system's settings "Always on" and "Block connectivity outside of tunnel" were never reliable. Plus they interfere with VPN app, blocking it from getting DNS record (which ideally a VPN app would cache all of the time!). So this is not a desired mode.

In kernel mode, auto tunneling works. With data leaks, of course. When wifi is turned off, all apps will switch to unprotected cell connection, adding your ISP IP to their UniqueIP database (which you can later fetch from the companies via GPDR form). You have enough time to test it via some webpage. So now the companies easily correlate your VPN IP to your name and home address (a.k.a. ISP IP). This is why I immediately set iptables to allow only UDP connectivity (=DNS and VPN) on any connection change. On a rooted phone, you can have complete workflow with WIFI auto tunneling and kernel kill switch shell commands in XPosedEdge app.

I'd like to read some notes, but found no wiki here, and the referred doc "Read the docs" is mostly empty. I'd like to know what is the recommended approach in nonkernel mode and kernel mode. Why are some checkboxes grayed out. Why use built in "Always on" mode. When does it apply. If it doesn't apply in kernel mode, why not hide it from the app. If kill switch is not working in kernel mode, why not hide it. Why each tunnel has duplicit "Mobile data tunnel" setting. Does it mean it won't work unless it's checked? What if global setting "Turned on mobile data" was turned off? If no primary tunnel is set, what is then turned on? First tunnel from the list (apparently), or last connected tunnel? And so on.

Thank you for your efforts and I hope one day we can have seamless WG switching. We need kill switch in kernel mode.

[zaneschepke]

Hello!

Thanks for all of this feedback. Many of these UI bugs should now be fixed in the latest version 3.6.6.

I simplified some of the options as well. Basically, although they look like duplicates, some options are global and some of tunnel specific options. I'll try to make this more clear.

I am still working on getting a kernel kill switch working so hopefully that will come soon!