Network Rules

The following preset rules are available to control how applications started in GPass interact with the network:

1. Via GPass - Pass all network access of this application through GPass. This is the rule used when applications are started in automatic mode or via bookmarks.

2. Ban unsafe IPs - Allow application to access the network directly except for IPs from China and some other totalitarian regimes that are banned (See Note 1).

3. Safe domains only - Allow application to access the network directly except to censored domains (e.g., edoors.com, ntdtv.com; See Note 2).

4. Pass all - Allow application to access the network directly without restriction.

5. Stop all - Do not allow application to access the network.

6. Ask me - Ask me what to do when application accesses the network.

7. No firewall - Do not apply network rules to this application. This requires application restart to take effect.

Usage Example: Using the same browser, when visiting websites in China, use "Safe domains only;" when visiting overseas websites, switch to "via GPass." For software from sources that are untrusted or are likely to have viruses or backdoors, "Ban unsafe IPs" can be used.

Notes:

1. For the "Ban unsafe IPs" rule, the banned IPs depend on where GPass is used. This rule depends on the user's location. For example, when used in China, IPs from China and Hong Kong are banned.
    

2. When the "Safe domains only" rule is effective, censored domains are internally resolved to localhost, i.e., 127.0.0.1, so network traffic to these domains will never go our your computer. The list censored domains can be extended by a bdomains.txt file in the folder where GPass.exe is stored.
    

3. When Skype and Tor are used as tunnels, the "Ban unsafe IPs" rule is applied to these applications. In some cases, however, this security measure reduces the network speed. If you do not want this security feature used, start Skype or Tor before starting GPass, and when asked if you want to restart Skype or Tor, answer No.