Since: API level 9

public class

GenericVpnService

extends Service

java.lang.Object
↳	android.content.Context
	↳	android.content.ContextWrapper
		↳	android.app.Service
			↳	com.samsung.android.knox.net.vpn.serviceprovider.GenericVpnService

Class Overview

The class provides APIs to create and establish multiple virtual interface tunnels per user. Please refer to Android`s VpnService documentation for further details on VPN solution creation. Following are some key points:

VPN clients can integrate with Knox VPN framework either by using the VPN service provided by Android (prepare function needs to be called with GenericVpnContext) or by using GenericVpnService.
When establishing the VPN connection for a Knox profile, set the setSession value of the VpnService.Builder class to the profile name of the connection.
When establishing the VPN connection for Knox profile, the addRoute value of the VpnService.Builder class will be set to null by default.
GenericVpnService is almost replica of Android`s VpnService and it facilitates to create multiple interfaces.

Since

API level 9

KNOX 1.1.0

Summary

Nested Classes
class	GenericVpnService.Builder	Helper class to create a VPN interface.

Constants
String	SERVICE_INTERFACE	The action must be matched by the IntentFilter of this service.

[Expand]

Inherited Constants

From class android.app.Service

From class android.content.Context

String	ACCESSIBILITY_SERVICE
String	ACCOUNT_SERVICE
String	ACTIVITY_SERVICE
String	ALARM_SERVICE
String	APPWIDGET_SERVICE
String	APP_OPS_SERVICE
String	AUDIO_SERVICE
String	BATTERY_SERVICE
int	BIND_ABOVE_CLIENT
int	BIND_ADJUST_WITH_ACTIVITY
int	BIND_ALLOW_OOM_MANAGEMENT
int	BIND_AUTO_CREATE
int	BIND_DEBUG_UNBIND
int	BIND_EXTERNAL_SERVICE
int	BIND_IMPORTANT
int	BIND_INCLUDE_CAPABILITIES
int	BIND_NOT_FOREGROUND
int	BIND_NOT_PERCEPTIBLE
int	BIND_WAIVE_PRIORITY
String	BIOMETRIC_SERVICE
String	BLOB_STORE_SERVICE
String	BLUETOOTH_SERVICE
String	CAMERA_SERVICE
String	CAPTIONING_SERVICE
String	CARRIER_CONFIG_SERVICE
String	CLIPBOARD_SERVICE
String	COMPANION_DEVICE_SERVICE
String	CONNECTIVITY_DIAGNOSTICS_SERVICE
String	CONNECTIVITY_SERVICE
String	CONSUMER_IR_SERVICE
int	CONTEXT_IGNORE_SECURITY
int	CONTEXT_INCLUDE_CODE
int	CONTEXT_RESTRICTED
String	CROSS_PROFILE_APPS_SERVICE
String	DEVICE_POLICY_SERVICE
String	DISPLAY_SERVICE
String	DOWNLOAD_SERVICE
String	DROPBOX_SERVICE
String	EUICC_SERVICE
String	FILE_INTEGRITY_SERVICE
String	FINGERPRINT_SERVICE
String	HARDWARE_PROPERTIES_SERVICE
String	INPUT_METHOD_SERVICE
String	INPUT_SERVICE
String	IPSEC_SERVICE
String	JOB_SCHEDULER_SERVICE
String	KEYGUARD_SERVICE
String	LAUNCHER_APPS_SERVICE
String	LAYOUT_INFLATER_SERVICE
String	LOCATION_SERVICE
String	MEDIA_PROJECTION_SERVICE
String	MEDIA_ROUTER_SERVICE
String	MEDIA_SESSION_SERVICE
String	MIDI_SERVICE
int	MODE_APPEND
int	MODE_ENABLE_WRITE_AHEAD_LOGGING
int	MODE_MULTI_PROCESS
int	MODE_NO_LOCALIZED_COLLATORS
int	MODE_PRIVATE
int	MODE_WORLD_READABLE
int	MODE_WORLD_WRITEABLE
String	NETWORK_STATS_SERVICE
String	NFC_SERVICE
String	NOTIFICATION_SERVICE
String	NSD_SERVICE
String	POWER_SERVICE
String	PRINT_SERVICE
int	RECEIVER_VISIBLE_TO_INSTANT_APPS
String	RESTRICTIONS_SERVICE
String	ROLE_SERVICE
String	SEARCH_SERVICE
String	SENSOR_SERVICE
String	SHORTCUT_SERVICE
String	STORAGE_SERVICE
String	STORAGE_STATS_SERVICE
String	SYSTEM_HEALTH_SERVICE
String	TELECOM_SERVICE
String	TELEPHONY_IMS_SERVICE
String	TELEPHONY_SERVICE
String	TELEPHONY_SUBSCRIPTION_SERVICE
String	TEXT_CLASSIFICATION_SERVICE
String	TEXT_SERVICES_MANAGER_SERVICE
String	TV_INPUT_SERVICE
String	UI_MODE_SERVICE
String	USAGE_STATS_SERVICE
String	USB_SERVICE
String	USER_SERVICE
String	VIBRATOR_SERVICE
String	VPN_MANAGEMENT_SERVICE
String	WALLPAPER_SERVICE
String	WIFI_AWARE_SERVICE
String	WIFI_P2P_SERVICE
String	WIFI_RTT_RANGING_SERVICE
String	WIFI_SERVICE
String	WINDOW_SERVICE

From interface android.content.ComponentCallbacks2

Public Constructors
	GenericVpnService()

Public Methods
IBinder	onBind(Intent intent) Return the communication interface to the service.
void	onRevoke() Invoked when the application is revoked.
static Intent	prepare(Context context, String profile, boolean type, boolean isConnecting) Prepare to establish a VPN connection.
boolean	protect(Socket socket) Convenience method to protect a Socket from VPN connections.
boolean	protect(int socket) Protect a socket from VPN connections.
boolean	protect(DatagramSocket socket) Convenience method to protect a DatagramSocket from VPN connections.

[Expand]

Inherited Methods

From class android.app.Service

void	attachBaseContext(Context arg0)
void	dump(FileDescriptor arg0, PrintWriter arg1, String[] arg2)
final Application	getApplication()
final int	getForegroundServiceType()
abstract IBinder	onBind(Intent arg0)
void	onConfigurationChanged(Configuration arg0)
void	onCreate()
void	onDestroy()
void	onLowMemory()
void	onRebind(Intent arg0)
void	onStart(Intent arg0, int arg1)
int	onStartCommand(Intent arg0, int arg1, int arg2)
void	onTaskRemoved(Intent arg0)
void	onTrimMemory(int arg0)
boolean	onUnbind(Intent arg0)
final void	startForeground(int arg0, Notification arg1)
final void	startForeground(int arg0, Notification arg1, int arg2)
final void	stopForeground(int arg0)
final void	stopForeground(boolean arg0)
final void	stopSelf()
final void	stopSelf(int arg0)
final boolean	stopSelfResult(int arg0)

From class android.content.ContextWrapper

From class android.content.Context

boolean	bindIsolatedService(Intent arg0, int arg1, String arg2, Executor arg3, ServiceConnection arg4)
boolean	bindService(Intent arg0, int arg1, Executor arg2, ServiceConnection arg3)
abstract boolean	bindService(Intent arg0, ServiceConnection arg1, int arg2)
boolean	bindServiceAsUser(Intent arg0, ServiceConnection arg1, int arg2, UserHandle arg3)
abstract int	checkCallingOrSelfPermission(String arg0)
abstract int	checkCallingOrSelfUriPermission(Uri arg0, int arg1)
abstract int	checkCallingPermission(String arg0)
abstract int	checkCallingUriPermission(Uri arg0, int arg1)
abstract int	checkPermission(String arg0, int arg1, int arg2)
abstract int	checkSelfPermission(String arg0)
abstract int	checkUriPermission(Uri arg0, String arg1, String arg2, int arg3, int arg4, int arg5)
abstract int	checkUriPermission(Uri arg0, int arg1, int arg2, int arg3)
abstract void	clearWallpaper()
Context	createAttributionContext(String arg0)
abstract Context	createConfigurationContext(Configuration arg0)
abstract Context	createContextForSplit(String arg0)
abstract Context	createDeviceProtectedStorageContext()
abstract Context	createDisplayContext(Display arg0)
abstract Context	createPackageContext(String arg0, int arg1)
Context	createWindowContext(int arg0, Bundle arg1)
abstract String[]	databaseList()
abstract boolean	deleteDatabase(String arg0)
abstract boolean	deleteFile(String arg0)
abstract boolean	deleteSharedPreferences(String arg0)
abstract void	enforceCallingOrSelfPermission(String arg0, String arg1)
abstract void	enforceCallingOrSelfUriPermission(Uri arg0, int arg1, String arg2)
abstract void	enforceCallingPermission(String arg0, String arg1)
abstract void	enforceCallingUriPermission(Uri arg0, int arg1, String arg2)
abstract void	enforcePermission(String arg0, int arg1, int arg2, String arg3)
abstract void	enforceUriPermission(Uri arg0, String arg1, String arg2, int arg3, int arg4, int arg5, String arg6)
abstract void	enforceUriPermission(Uri arg0, int arg1, int arg2, int arg3, String arg4)
abstract String[]	fileList()
abstract Context	getApplicationContext()
abstract ApplicationInfo	getApplicationInfo()
abstract AssetManager	getAssets()
String	getAttributionTag()
abstract File	getCacheDir()
abstract ClassLoader	getClassLoader()
abstract File	getCodeCacheDir()
final int	getColor(int arg0)
final ColorStateList	getColorStateList(int arg0)
abstract ContentResolver	getContentResolver()
abstract File	getDataDir()
abstract File	getDatabasePath(String arg0)
abstract File	getDir(String arg0, int arg1)
Display	getDisplay()
final Drawable	getDrawable(int arg0)
abstract File	getExternalCacheDir()
abstract File[]	getExternalCacheDirs()
abstract File	getExternalFilesDir(String arg0)
abstract File[]	getExternalFilesDirs(String arg0)
abstract File[]	getExternalMediaDirs()
abstract File	getFileStreamPath(String arg0)
abstract File	getFilesDir()
Executor	getMainExecutor()
abstract Looper	getMainLooper()
abstract File	getNoBackupFilesDir()
abstract File	getObbDir()
abstract File[]	getObbDirs()
String	getOpPackageName()
abstract String	getPackageCodePath()
abstract PackageManager	getPackageManager()
abstract String	getPackageName()
abstract String	getPackageResourcePath()
abstract Resources	getResources()
abstract SharedPreferences	getSharedPreferences(String arg0, int arg1)
final String	getString(int arg0, Object... arg1)
final String	getString(int arg0)
final <T> T	getSystemService(Class<T> arg0)
abstract Object	getSystemService(String arg0)
abstract String	getSystemServiceName(Class<?> arg0)
final CharSequence	getText(int arg0)
abstract Resources.Theme	getTheme()
abstract Drawable	getWallpaper()
abstract int	getWallpaperDesiredMinimumHeight()
abstract int	getWallpaperDesiredMinimumWidth()
abstract void	grantUriPermission(String arg0, Uri arg1, int arg2)
abstract boolean	isDeviceProtectedStorage()
boolean	isRestricted()
abstract boolean	moveDatabaseFrom(Context arg0, String arg1)
abstract boolean	moveSharedPreferencesFrom(Context arg0, String arg1)
final TypedArray	obtainStyledAttributes(AttributeSet arg0, int[] arg1)
final TypedArray	obtainStyledAttributes(AttributeSet arg0, int[] arg1, int arg2, int arg3)
final TypedArray	obtainStyledAttributes(int arg0, int[] arg1)
final TypedArray	obtainStyledAttributes(int[] arg0)
abstract FileInputStream	openFileInput(String arg0)
abstract FileOutputStream	openFileOutput(String arg0, int arg1)
abstract SQLiteDatabase	openOrCreateDatabase(String arg0, int arg1, SQLiteDatabase.CursorFactory arg2, DatabaseErrorHandler arg3)
abstract SQLiteDatabase	openOrCreateDatabase(String arg0, int arg1, SQLiteDatabase.CursorFactory arg2)
abstract Drawable	peekWallpaper()
void	registerComponentCallbacks(ComponentCallbacks arg0)
abstract Intent	registerReceiver(BroadcastReceiver arg0, IntentFilter arg1)
abstract Intent	registerReceiver(BroadcastReceiver arg0, IntentFilter arg1, int arg2)
abstract Intent	registerReceiver(BroadcastReceiver arg0, IntentFilter arg1, String arg2, Handler arg3, int arg4)
abstract Intent	registerReceiver(BroadcastReceiver arg0, IntentFilter arg1, String arg2, Handler arg3)
abstract void	removeStickyBroadcast(Intent arg0)
abstract void	removeStickyBroadcastAsUser(Intent arg0, UserHandle arg1)
abstract void	revokeUriPermission(Uri arg0, int arg1)
abstract void	revokeUriPermission(String arg0, Uri arg1, int arg2)
abstract void	sendBroadcast(Intent arg0, String arg1)
abstract void	sendBroadcast(Intent arg0)
abstract void	sendBroadcastAsUser(Intent arg0, UserHandle arg1)
abstract void	sendBroadcastAsUser(Intent arg0, UserHandle arg1, String arg2)
void	sendBroadcastWithMultiplePermissions(Intent arg0, String[] arg1)
void	sendOrderedBroadcast(Intent arg0, String arg1, String arg2, BroadcastReceiver arg3, Handler arg4, int arg5, String arg6, Bundle arg7)
abstract void	sendOrderedBroadcast(Intent arg0, String arg1, BroadcastReceiver arg2, Handler arg3, int arg4, String arg5, Bundle arg6)
abstract void	sendOrderedBroadcast(Intent arg0, String arg1)
abstract void	sendOrderedBroadcastAsUser(Intent arg0, UserHandle arg1, String arg2, BroadcastReceiver arg3, Handler arg4, int arg5, String arg6, Bundle arg7)
abstract void	sendStickyBroadcast(Intent arg0)
abstract void	sendStickyBroadcastAsUser(Intent arg0, UserHandle arg1)
abstract void	sendStickyOrderedBroadcast(Intent arg0, BroadcastReceiver arg1, Handler arg2, int arg3, String arg4, Bundle arg5)
abstract void	sendStickyOrderedBroadcastAsUser(Intent arg0, UserHandle arg1, BroadcastReceiver arg2, Handler arg3, int arg4, String arg5, Bundle arg6)
abstract void	setTheme(int arg0)
abstract void	setWallpaper(Bitmap arg0)
abstract void	setWallpaper(InputStream arg0)
abstract void	startActivities(Intent[] arg0, Bundle arg1)
abstract void	startActivities(Intent[] arg0)
abstract void	startActivity(Intent arg0)
abstract void	startActivity(Intent arg0, Bundle arg1)
abstract ComponentName	startForegroundService(Intent arg0)
abstract boolean	startInstrumentation(ComponentName arg0, String arg1, Bundle arg2)
abstract void	startIntentSender(IntentSender arg0, Intent arg1, int arg2, int arg3, int arg4)
abstract void	startIntentSender(IntentSender arg0, Intent arg1, int arg2, int arg3, int arg4, Bundle arg5)
abstract ComponentName	startService(Intent arg0)
abstract boolean	stopService(Intent arg0)
abstract void	unbindService(ServiceConnection arg0)
void	unregisterComponentCallbacks(ComponentCallbacks arg0)
abstract void	unregisterReceiver(BroadcastReceiver arg0)
void	updateServiceGroup(ServiceConnection arg0, int arg1, int arg2)

From class java.lang.Object

From interface android.content.ComponentCallbacks

From interface android.content.ComponentCallbacks2

Constants

public static final String SERVICE_INTERFACE

Since: API level 28

The action must be matched by the IntentFilter of this service. It also needs to require BIND_VPN_SERVICE permission so that other applications cannot abuse it.

Constant Value: "android.net.VpnService"

Public Constructors

public GenericVpnService ()

Since: API level 9

Public Methods

public IBinder onBind (Intent intent)

Since: API level 9

Return the communication interface to the service. This method returns null on Intents other than SERVICE_INTERFACE action. Applications overriding this method must identify the Intent and return the corresponding interface accordingly.

Parameters

intent	The Intent that was used to bind to this service.

Returns

The communication interface to the service.

Since

API level 9

KNOX 1.1.0

public void onRevoke ()

Since: API level 9

Invoked when the application is revoked. At this moment, the VPN interface is already deactivated by the system. The application should close the file descriptor and shut down gracefully. The default implementation of this method is calling stopSelf().

Calls to this method may not happen on the main thread of the process.

Since

API level 9

KNOX 1.1.0

public static Intent prepare (Context context, String profile, boolean type, boolean isConnecting)

Since: API level 9

Prepare to establish a VPN connection. Following is the explanation of prepare API in context of system VPN. This method returns null if the VPN application is already prepared. Otherwise, it returns an Intent to a system activity. The application should launch the activity using startActivityForResult to get itself prepared. The activity may pop up a dialog to require user action, and the result will come back via its onActivityResult. If the result is RESULT_OK, the application becomes prepared and is granted to use other methods in this class.

Only one application can be granted at the same time. The right is revoked when another application is granted. The application losing the right will be notified via its onRevoke(). Unless it becomes prepared again, subsequent calls to other methods in this class will fail. In case of per application VPN, the function can be called before establish and can be called at the end to destroy the connection based on profile name.

Parameters

context	Context of the VPN Application trying to bind to Knox Framework.
profile	Name of the VPN Connection.
type	`True`: if the profile is system VPN; `false`: if the profile is per-app VPN.
isConnecting	`True`: for starting the VPN connection; `false`: for stopping a VPN connection.

Returns

Null if the VPN application is already prepared. Otherwise, it returns an Intent to a system activity.

Since

API level 9

KNOX 1.1.0

public boolean protect (Socket socket)

Since: API level 9

Convenience method to protect a Socket from VPN connections.

Parameters

socket	The socket that will be protected from VPN connections.

Returns

True on success.

Since

API level 9

KNOX 1.1.0

public boolean protect (int socket)

Since: API level 9

Protect a socket from VPN connections. The socket will be bound to the current default network interface, so its traffic will not be forwarded through VPN. This method is useful if some connections need to be kept outside of VPN. For example, a VPN tunnel should protect itself if its destination is covered by VPN routes. Otherwise its outgoing packets will be sent back to the VPN interface and cause an infinite loop. This method will fail if the application is not prepared or is revoked.

The socket is NOT closed by this method.

Parameters

socket	The socket that will be protected from VPN connections.

Returns

True on success. Parameter required for protect.

Since

API level 9

KNOX 1.1.0

public boolean protect (DatagramSocket socket)

Since: API level 9

Convenience method to protect a DatagramSocket from VPN connections.

Parameters

socket	The socket that will be protected from VPN connections.

Returns

True on success.

Since

API level 9

KNOX 1.1.0

Knox SDK API reference

Classes

GenericVpnService

Class Overview

Since

Summary

Constants

public static final String SERVICE_INTERFACE

Public Constructors

public GenericVpnService ()

Public Methods

public IBinder onBind (Intent intent)

Parameters

Returns

Since

See Also

public void onRevoke ()

Since

See Also

public static Intent prepare (Context context, String profile, boolean type, boolean isConnecting)

Parameters

Returns

Since

See Also

public boolean protect (Socket socket)

Parameters

Returns

Since

See Also

public boolean protect (int socket)

Parameters

Returns

Since

public boolean protect (DatagramSocket socket)

Parameters

Returns

Since

See Also