Our software (VPN client) has Split-Tunnel functionality which allows splitting IP traffic for particular applications (some applications can be excluded from VPN tunnel).
I am wondering if there are any possibilities to have it working out from snap with
‘interfaces’ that are needed for the software:
- ability to control cgroup subfolder
/sys/fs/cgroup/net_cls/(mount subfolder and edit it’s content)
- ability to read\write network interface rp_filter (
- (important!) ability to run external binary out from user environment (to start and add it to cgroup)
- ability to list all installed applications in a system and read appropriate app icons (to show this info to the user out from the application UI).
According to specifications: https://specifications.freedesktop.org/desktop-entry-spec/desktop-entry-spec-latest.html
This requires also the ability to read user environment variables:
HOMEand read access to these directories.
- ability to get info about running apps in user environment (read PID from
I guess 1 and 2 can be covered by the
network-control interface. Right?
What about the 3, 4 and 5?
Thanks in advance for any comments.
P.S. The approval-request topic related to our software: Manual review request for 'ivpn' package and auto-connect interfaces