From 69ddab4575ff684c533c995e07ca15fe18543fc0 Mon Sep 17 00:00:00 2001 From: Jeff Sharkey Date: Sat, 25 Aug 2012 00:05:46 -0700 Subject: Always-on VPN. Adds support for always-on VPN profiles, also called "lockdown." When enabled, LockdownVpnTracker manages the netd firewall to prevent unencrypted traffic from leaving the device. It creates narrow rules to only allow traffic to the selected VPN server. When an egress network becomes available, LockdownVpnTracker will try bringing up the VPN connection, and will reconnect if disconnected. ConnectivityService augments any NetworkInfo based on the lockdown VPN status to help apps wait until the VPN is connected. This feature requires that VPN profiles use an IP address for both VPN server and DNS. It also blocks non-default APN access when enabled. Waits for USER_PRESENT after boot to check KeyStore status. Bug: 5756357 Change-Id: If615f206b1634000d78a8350a17e88bfcac8e0d0 --- core/java/android/net/IConnectivityManager.aidl | 2 ++ 1 file changed, 2 insertions(+) (limited to 'core/java/android/net/IConnectivityManager.aidl') diff --git a/core/java/android/net/IConnectivityManager.aidl b/core/java/android/net/IConnectivityManager.aidl index dea25dd..3614045 100644 --- a/core/java/android/net/IConnectivityManager.aidl +++ b/core/java/android/net/IConnectivityManager.aidl @@ -122,4 +122,6 @@ interface IConnectivityManager void startLegacyVpn(in VpnProfile profile); LegacyVpnInfo getLegacyVpnInfo(); + + boolean updateLockdownVpn(); } -- cgit v1.1