iCloud Private Relay is probably incompatible with network filtering #875
Comments
|
Apple does not seem to want Private Relay to be used alongside a VPN. macOS network extension is considered a VPN, so it will likely not solve the problem. |
|
@ZeroClover well, that would be an okay outcome. The problem is that according to #876 it simply breaks instead of gracefully disabling private relay. |
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
|
Bad bot, we need to test it one more time |
|
I don't think this issue has been resolved. I sent an email with this issue number to apple@adguard.com with the debug logs attached when I had complete loss of internet access which I am assuming is because of a conflict with private relay. Once I quit Adguard the internet access is restored.
|
|
|
Hi. I was wondering, how do you test the fact that it's working or not? On iOS I have Private Relay activated with AG in split tunnel with Windscribe. I know crazy 🙃 The IP is the one from WS and AG activity log still show a full list of requests blocked. |
|
@Quorum75 well, it's rather simple: when iCloud Private Relay is active, the traffic in Safari won't be filtered at all. At the same time, it will be filtered in other browsers just okay. The only solution that we found is to make AG use the "default route", this would automatically disable private relay.
In this configuration Private Relay does nothing, it won't work alongside any VPN. |
|
@ameshkov OK. But why do I still have requests blocked within AG beside Private Relay? |
|
Yes, AG should work just okay. |
|
I forgot to mention I don't use AG Pro in extension mode, Safari protection and DNS DoQ filtering are done through AG app. |
|
@tomiams @ZeroClover @Quorum75 We've published a Nightly version in which should be no issues with filtering in the Safari browser when using the Private Relay feature. Download link: agrd.io/mac_nightly |
I have been using the nightly version, but the nightly version released today crashed repeatedly on my macOS 11 / 12 device, and I had to switch back to the stable version. |
|
@ZeroClover I see no new crash reports, could you please send one? |
|
Anyone? We're almost ready to release this version, but this info about crashes kinda changes everything. Since we cannot reproduce it, we need someone to at least share the crash info with us. |
|
@ameshkov |
|
It seems like when AdGuard is working in Network Extension mode, iCloud Private Relay doesn't do anything. Is that the expected behavior? |
|
AdGuard and iCloud Private Relay cannot work at the same time. iCloud Private Relay is disabled automatically when AdGuard is active. AdGuard cannot block ads when Private Relay is tunnelling traffic, because the Private Relay does it before network connections can be filtered by AdGuard. It is recommended to use more traditional VPNs when using AdGuard. |
|
Mail privacy protection is also not working: I guess I'll switch to Adguard for Safari then, it does the job for me :) |
|
I uninstalled Adguard for macOS because it is incompatible with iCloud Private Relay. I was disappointed to see this issue marked as closed on the Adguard for macOS repository, but I hope a solution will be available in the future. |
This is expected considering how it works, but we should confirm this first. Also, it would definitely break DNS filtering as well. Some people would definitely be crazy about this and I guess the only thing we can suggest them to do is using AG for Safari instead.
Nevertheless, here's what we need to do:
An additional concern that we should check is intelligent tracking protection. They say that now it hides the users' IP addresses from trackers and this may mean that trackers are routed via this "private relay" automatically. We should check if this is the case.
The text was updated successfully, but these errors were encountered: