Only block QUIC for connections to decrypt

Since PCAPdroid can now be run with decryption enabled all the time, blocking QUIC is now limited to the connections matching the decryption whitelist. This also hides the block QUIC option when TLS decryption is disabled. Closes #369
2026-05-08 21:12:26 +00:00 · 2023-12-25 17:06:58 +01:00
parent d5661bed72
commit ddec1a85eb
4 changed files with 25 additions and 15 deletions
@@ -94,7 +94,7 @@ As shown above, the capture settings can be specified by using intent extras. Th
 | max_pkts_per_flow       | int    |  43 |      | only dump the first max_pkts_per_flow packets per flow             |
 | max_dump_size           | int    |  43 |      | max size in bytes for the PCAP dump                                |
 | tls_decryption          | bool   |  49 | vpn  | true to enable the built-in TLS decryption                         |
-| block_quic              | bool   |  51 | vpn  | true to block QUIC traffic                                         |
+| block_quic              | bool   |  51 | vpn  | true to block QUIC traffic (73+: matching the decryption whitelist)|
 | auto_block_private_dns  | bool   |  51 | vpn  | true to detect and possibly block private DNS to inspect traffic   |
 | ip_mode                 | string |  56 | vpn  | which IP addresses to use for the VPN: ipv4 \| ipv6 \| both        |
 | mitmproxy_opts          | string |  62 |      | additional options to provide to mitmproxy in decryption mode      |