TunnelGuard

TunnelGuard is a desktop + mobile VPN client focused on one thing most VPNs still do poorly: controlling and proving what went through the tunnel. Instead of “all traffic on/off,” users can route specific apps, domains, and subnets through WireGuard while everything else stays local. It adds a simple, tamper-evident activity log (not content) that shows which rules were applied, which endpoints were used, and whether any traffic leaked outside the tunnel. The product is aimed at teams and power users who need VPNs for real work (admin, support, contractors) and can’t afford misconfiguration, split-tunnel mistakes, or silent DNS leaks. It ships with sane presets (e.g., “Only corporate SaaS,” “Only RDP/SSH,” “Only Git/CI”) and a policy export that IT can review. This is not a “privacy miracle” VPN; it’s a practical control-and-compliance client.