Add option to turn off masquerade

It turns out that this option may not be necessary but I've already implemented it so just in case.

mobile/src/main/java/be/mygod/vpnhotspot/App.kt

@@ -19,6 +19,7 @@ class App : Application() {
     companion object {
         const val KEY_OPERATING_CHANNEL = "service.repeater.oc"
         private const val KEY_DNS = "service.dns"
+        private const val KEY_MASQUERADE = "service.masquerade"
 
         @SuppressLint("StaticFieldLeak")
         lateinit var app: App
@@ -33,6 +34,7 @@ class App : Application() {
         } else deviceContext = this
         // workaround for support lib PreferenceDataStore bug
         dns = dns
+        masquerade = masquerade
         ServiceNotification.updateNotificationChannels()
     }
 
@@ -54,6 +56,9 @@ class App : Application() {
     var dns: String
         get() = pref.getString(KEY_DNS, "8.8.8.8")
         set(value) = pref.edit().putString(KEY_DNS, value).apply()
+    var masquerade: Boolean
+        get() = pref.getBoolean(KEY_MASQUERADE, true)
+        set(value) = pref.edit().putBoolean(KEY_MASQUERADE, value).apply()
 
     val cleanRoutings = Event0()
 

mobile/src/main/java/be/mygod/vpnhotspot/LocalOnlyInterfaceManager.kt

@@ -45,9 +45,10 @@ class LocalOnlyInterfaceManager(val downstream: String) : UpstreamMonitor.Callba
             this.dns = dns
             val strict = app.pref.getBoolean("service.repeater.strict", false)
             if (strict && upstream == null) return  // in this case, nothing to be done
-            if (routing.ipForward()                 // local only interfaces may not enable ip_forward
-                            .rule().forward(strict).masquerade(strict).dnsRedirect(dns).start()) return
-            app.toast(R.string.noisy_su_failure)
+            routing.ipForward()                     // local only interfaces need not enable ip_forward
+                    .rule().forward(strict)
+            if (app.masquerade) routing.masquerade(strict)
+            if (!routing.dnsRedirect(dns).start()) app.toast(R.string.noisy_su_failure)
         } catch (e: SocketException) {
             Toast.makeText(app, e.message, Toast.LENGTH_SHORT).show()
             Crashlytics.logException(e)

mobile/src/main/java/be/mygod/vpnhotspot/RepeaterService.kt

@@ -23,7 +23,6 @@ import be.mygod.vpnhotspot.net.wifi.WifiP2pManagerHelper.startWps
 import be.mygod.vpnhotspot.util.*
 import com.crashlytics.android.Crashlytics
 import java.lang.reflect.InvocationTargetException
-import java.net.InetAddress
 
 class RepeaterService : Service(), WifiP2pManager.ChannelListener, SharedPreferences.OnSharedPreferenceChangeListener {
     companion object {

mobile/src/main/java/be/mygod/vpnhotspot/TetheringService.kt

@@ -51,7 +51,9 @@ class TetheringService : IpNeighbourMonitoringService(), UpstreamMonitor.Callbac
                         if (value?.stop() == false) failed = true
                         // system tethering already has working forwarding rules
                         // so it doesn't make sense to add additional forwarding rules
-                        val routing = Routing(upstream, downstream).rule().forward().masquerade().dnsRedirect(dns)
+                        val routing = Routing(upstream, downstream).rule().forward()
+                        if (app.masquerade) routing.masquerade()
+                        routing.dnsRedirect(dns)
                         if (app.pref.getBoolean("service.disableIpv6", false)) routing.disableIpv6()
                         routings[downstream] = routing
                         if (!routing.start()) failed = true