[Feature Request] Support per-app VPN exclusion on Android (e.g. Android Auto compatibility)

[jeje57]

trafficstars

Is your feature request related to a problem? Please describe. When using Defguard with WireGuard, split tunneling works fine. However, on Android devices, Android Auto refuses to start if a VPN is detected (red warning screen). This behavior seems more related to application detection than subnet routing.

Describe the solution you'd like. It would be great if Defguard could provide the option to exclude specific applications from the VPN tunnel, similar to what the native WireGuard Android application offers. This would make Android Auto and similar apps compatible while still keeping Defguard as the main VPN solution.

Describe alternatives you've considered. I created a standard WireGuard tunnel from Defguard (v1.5, dockerized) and used the official WireGuard Android application. In that app, it is possible to exclude certain applications, and Android Auto works perfectly in that setup.

[axelere]

It is also for android auto reason that I create request to add split-dns. It seems to me that this can solve it because before using Defguard, I used Headscale with the split-dns active and I did not have this issue.