Skip to content

Remove unnecessary VPN rebuilds on network changes#541

Open
kasnder wants to merge 4 commits intomasterfrom
claude/remove-vpn-network-rebuilds-EZBGK
Open

Remove unnecessary VPN rebuilds on network changes#541
kasnder wants to merge 4 commits intomasterfrom
claude/remove-vpn-network-rebuilds-EZBGK

Conversation

@kasnder
Copy link
Copy Markdown
Member

@kasnder kasnder commented Apr 3, 2026

Summary

TrackerControl always runs in filter mode and doesn't differentiate blocking rules by network type (WiFi vs mobile), unlike NetGuard. This PR removes the unnecessary VPN rebuilds triggered by network changes, reducing VPN disruptions for users.

  • Stop rebuilding VPN on network-type changes: connectivity receiver (WiFi/mobile switch), phone state listener (2G/3G/4G generation), AP state receiver (hotspot toggle), and interactive state receiver (screen on/off) no longer trigger reload(). These only mattered for NetGuard's per-network blocking rules which TC doesn't use.
  • Simplify getAllowedRules(): Removed all wifi/metered/roaming/generation/screen filtering logic. In filter mode, listAllowed doesn't affect VPN routing (builder uses rule.apply) and mapUidAllowed is never read in isAddressAllowed(). Now returns all rules.
  • Remove reload() interactive optimization: The screen-based rule check (screen_wifi/screen_other) was dead code — all 49 callers pass interactive=false.
  • Preserve Doze exit reload: The reload on exiting Doze mode is kept as it serves as a health check for the native tunnel thread after network restrictions are lifted.
  • Remove unused ExecutorService: Was only used by old interactiveStateReceiver reload logic.
  • Preserve last_metered WiFi override: The metered state adjustment for WiFi is kept to avoid any edge-case behavioral change in isLockedDown().

What still triggers VPN rebuilds (intentionally kept)

  • App install/uninstall (changes VPN routing)
  • Settings changes (blocklist, blocking mode, etc.)
  • Doze exit (tunnel health check)
  • Explicit user actions (lockdown toggle, etc.)

Test plan

  • Verify VPN stays up and tracker blocking works after WiFi/mobile network switches
  • Verify VPN stays up after screen on/off cycles
  • Verify tracker blocking resumes correctly after device exits Doze mode
  • Verify app install/uninstall still triggers VPN update
  • Verify changing blocking mode or tracker settings still takes effect

https://claude.ai/code/session_01PuXevPG3gUKEXWHrgRMptV

claude added 4 commits April 5, 2026 13:52
@claude
Remove unnecessary VPN rebuilds on network changes
4104499 
TrackerControl doesn't need to rebuild the VPN when the network type
changes (WiFi/mobile/2G/3G/4G/hotspot). Unlike NetGuard, TC doesn't
apply different blocking rules per network type — tracker blocking is
handled dynamically in blockKnownTracker() and the VPN app routing
(filter mode) uses rule.apply which is network-independent.

Removed reload() calls from three network-change receivers:
- connectivityChangedReceiver: no longer rebuilds VPN on WiFi/mobile switch
- phoneStateListener: no longer rebuilds VPN on 2G/3G/4G generation change
- apStateReceiver: no longer rebuilds VPN on hotspot state change

The networkMonitorCallback (connectivity validation), idleStateReceiver,
interactiveStateReceiver, and packageChangedReceiver are preserved as
they serve purposes beyond network-type differentiation.

https://claude.ai/code/session_01PuXevPG3gUKEXWHrgRMptV
@claude
Remove legacy NetGuard network-type VPN rebuild logic
666586b 
TrackerControl always runs in filter mode, making several NetGuard
mechanisms dead code:

- getAllowedRules(): Removed all wifi/metered/roaming/generation/screen
  logic. In filter mode, listAllowed doesn't affect VPN routing (builder
  uses rule.apply) and mapUidAllowed is never read in isAddressAllowed().
  Now simply returns all rules for the notification count.

- reload() interactive check: Removed the screen_wifi/screen_other
  optimization that skipped reloads. TC doesn't use screen-based
  per-network blocking rules.

- interactiveStateReceiver: Removed VPN rebuild on screen on/off.
  Kept last_interactive update for stats handling.

- idleStateReceiver: Removed VPN rebuild when exiting Doze mode.
  TC's tracker blocking doesn't change based on idle state.

https://claude.ai/code/session_01PuXevPG3gUKEXWHrgRMptV
@claude
Fix potential lockdown regression and remove unused executor
5ba5261 
- Preserve WiFi metered override in getAllowedRules(): the old code
  treated WiFi as unmetered unless use_metered was set, which affects
  isLockedDown() for IP filter rules. Without this, users on metered
  WiFi networks (hotspots) could see different lockdown behavior.

- Remove unused ExecutorService field and imports: was only used by the
  old interactiveStateReceiver reload logic, now creates a thread pool
  that's never used.

https://claude.ai/code/session_01PuXevPG3gUKEXWHrgRMptV
@claude
Restore VPN reload on Doze exit for tunnel health
7ba263f 
The native tunnel thread may get into a bad state during Doze's network
restrictions. Reloading on Doze exit ensures the tunnel is healthy and
packet filtering resumes correctly. Without this, a stuck tunnel could
silently stop filtering until the next reload from another trigger.

Also removed unused ExecutorService (was only used by old
interactiveStateReceiver logic).

https://claude.ai/code/session_01PuXevPG3gUKEXWHrgRMptV
@kasnder kasnder force-pushed the claude/remove-vpn-network-rebuilds-EZBGK branch from df70999 to 7ba263f Compare April 5, 2026 13:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@kasnder @claude