App "KDEConnect" cannot be allowed/bypassed

[marscher]

App "KDEConnect" cannot be allowed/bypassed in Rethink.

Symptoms:

• No connection possible on a local and trusted (within KDEConnect) wifi.
• "Bypass Universal" + "Bypass app from all Proxies" does not make it possible to connect.
• "Bypass DNS & Firewall" + "Bypass app from all Proxies" does not make it possible to connect.
• Adding a "universal firewall" rule to allow (bypass) broadcast traffic to 255.255.255.255

Solution/Workaround:
pause or disable Rethink seamlessly works until re-activation of the firewall.

Desired:
Do not stop/pause the firewall to make local connections.

[ignoramous]

KDE Connect likely uses P2P/LAN? If so, try enabling:

• Either: Configure -> Network -> Do not route Private IPs.
• Or: Configure -> Apps -> (search for KDE Connect, tap on it) -> Choose Exclude.

Some prev refs:

• Rethink blocks incoming P2P connections #577
• MixPlorer SMB connection not possible #1159

[marscher]

Thanks, excluding private IPs did do the trick.

[alexanderadam]

I think that there should be some FOSS apps which should be on the exclude list by default or have at least some rules to have them working by default.

What do you think?

[ignoramous]

Imposing allowlists/whitelists on unsuspecting users is a landmine.

The ones who use apps like KDE Connect or Syncthing already know enough to look for and understand the workarounds, imo.

[alexanderadam]

The ones who use apps like KDE Connect or Syncthing already know enough to look for and understand the workarounds, imo.

I didn't and I guess the others in this issue as well in #577 or #1159 did neither.

How about a middle ground where the first blocked request of a well-known FOSS app that's logged will cause a notification saying something like "Hey, it looks like you're using $app and we blocked the request for you which will lead to some functions not working." and then having two options "Allow request for $app" "Dismiss and don't ask again".