Comment by Lockal

If this firewall is available as a commercial product, eventually it be infected, so there won't be any need to hack any client devices. Since this is clearly a niche product, the device manufacturer won't be able to identify and fix bugs as effectively as companies like Apple do. This follows ROSKOMNADZOR recommendations: to install a middleware device that decrypts, stores, modifies, blocks and redirects all traffic depending on rules submitted from external party.