For now, Blokada's utility is limited to DNS-based content blocking. It cannot and does not prevent most forms of fingerprinting.

> Is it doing some kind of packet inspection?

Yes, only DNS packet inspection, but even for the only thing it does, it is clumsy: It leaks DNS requests; that is, Blokada does not trap all DNS traffic on port 53, and it does not handle DNS queries sent over TCP. DNS66 has these same issues, too.

> As a secondary layer of blocking I use DNS66 which intercepts DNS requests and fails them for blacklisted domains, by installing itself as a virtual VPN - essentially a cooked /etc/hosts for Android.

Blokada uses the same trick (I mean, core parts of Blokada 4 code-base does bear similarities with DNS66 which preceded it... Blokada 5 however was re-written in Rust).

> Would Blokada work alongside that?

No, it cannot. But: Apps that support "DNS proxying" (like Nebulo [0]) can. It is quite an involved setup. I'd simply use Nebulo over DNS66, as it is not only more capable but also encrypts DNS traffic unlike Blokada 4 or DNS66.

> ...but you seem to be a good person to ask..

A disclosure, rather something to keep in mind: I have been accused of spreading fud by the Blokada lead developer and using it to "market" a "competitor" app I co-develop. In my defense, it wasn't / isn't fud what I spread, unless fud === uncomfortable truth.

[0] https://github.com/ch4t4r/Nebulo (fixed link, thanks u/NoGravitas)

https://github.com/Ch4t4r/Nebulo