This concept is originally from Android VPN API, which provides a way to "protect" socket so that data sent through this socket will go directly to the network and will not be forwarded through the VPN.
OpenVPN3 has been influenced by Android VPN API. It also has a mechanism to ensure that data sent through the socket or to specific IP address is not routed to the VPN. The API method is also named "socket_protect". The "protection" implementation is OS-specific and outside of OpenVPN3 core library. Android client (at least ics-openvpn, likely Connect too) indeed calls VpnService.protect(). Windows and Mac Connect clients modify routing table and add bypass route. Linux client either uses SO_MARK, bind to dev or host route. _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
