Controlling Network Traffic

14 Oct, 2025

VEERY LONG INTRODUCTION:

I am building homelab )
so I wanted to have pretty nice touch display to monitor and control my homelab without need to ssh or use phone. just single dedicated mounted display.

inspired by: Vas3k Homelab

and I thought it might look very cool and futuristic in my house to have display that could do everything that I myself hosted.

Requirements:

• Actual Touch Display (Tablet or ipad, device with internet access)
• homelab (already ✅ed)

as you can see on post that inspired me, I started to search for cheapest tablet I could find, but I don't wanted to waste time on searching + purchasing, I just wanted everything now and here.

fortunately, I have Onyx Boox Note air 3C which I use only for reading and besided it is e-ink, it can still be used as regular tablet + homelab dashboard does not need to be updated always and also I can use it as book also.

to start, on my Boox I was not using internet at all, I have airplane mode and everything disabled, I am using it just for reading + taking notes, nothing more.
and I don't want to change it's use case(and don't want to have million requests, it is just book not device that should track me!!!), at times when I don't use boox it will serve as dashboard, that's all, SUPER EASY.

and (actually post should start form here) I started to think, how I should disable all be unwanted connections from the boox, but still it should have access to my homelab server.

Method 1: Router

I don't have custom router, my internet provider's router sucks, I can't access the admin settings, so this option died for me, unfortunately (((

Method 2: NetGuard

NetGuard is android application that gives you full control over your network traffic (I hope so). I am using OpenSnitch on my desktop, so I think it's just Android version of it.

it is super easy to set-up, I will share my configs how I am disabling everything while it is turned on, but enabling only LAN services, like my homelab self-hosted services

1. in defaults Block Wi-Fi + Block mobile

2. in Network Options enable Subnet routing + Allow LAN access

3. in Advanced options enable Manage system apps (to disable even root to send requests to soldered IP address, if you don't know what they are please read here DNS can't block everything)

and enable netguard by switching shield icon at the top left corner and now all apps wifi's should be turned off.

and now you blocked the whole WAN access and are in LAN network safely )

(this post is experimentation, if something is messed up you should fix it by yourself. I am just learning the stuff.)

in future, I plan to post how I am building my homelab, and what it could give, was it worth or not. this post is single piece of whole journey ) thank you for reading and I will see you next time.