I’m gonna start by saying my offer won’t be a big deal. (Well, at least I hope so.)
The idea came to me after I experienced some problems with AFWall+ firewall which I use to control overall traffic consumption, restrict internet access for selected processes, and by default — for all newly installed apps until I grant it by myself. But the problem is not only that AFWall+ is too heavy and superfluous tool for such basic tasks, but also that it has long-term compatibility issues with android feature called work profile, and as a result — cannot work correctly with popular sandboxing tools Shelter/Island, which is another useful solution for privacy and security. Moreover, all Android firewall apps require ROOT or occupy VPN.
On the other hand, we all know that parental LineageOS already have build-in capabilities to restrict applications from cellular and/or WiFi data access. (Settings » Apps » your target app » Data usage) This is a pretty sophisticated way, and you can’t choose to strict internet for freshly installed apps by default, but still, it is a native mechanism with flawless compatibility and minimum load on the system. This definitely sounds better.
So I want to ask if it is possible to equip this build-in mechanism with more advanced control interface to recreate a possible maximum of features that are offered by third-party app firewalls? I think this could completely eliminate the need in such tools for most of us.
And I’m curious, why the LineageOS developers didn’t add these features to the Privacy Guard permissions system?