Drop PROHIBIT_NON_VPN priority 11500 -> 12500

So that the rule can be kept up 100% of the time instead of dropping
it when VPN comes on.

Bug: 26694104
Change-Id: I1df6b8f588e54d72e34dbcbd15492513e07fac3d

server/RouteController.cpp

@@ -47,8 +47,8 @@ namespace {
 const uint32_t RULE_PRIORITY_VPN_OVERRIDE_SYSTEM = 10000;
 const uint32_t RULE_PRIORITY_VPN_OVERRIDE_OIF    = 10500;
 const uint32_t RULE_PRIORITY_VPN_OUTPUT_TO_LOCAL = 11000;
-const uint32_t RULE_PRIORITY_PROHIBIT_NON_VPN    = 11500;
 const uint32_t RULE_PRIORITY_SECURE_VPN          = 12000;
+const uint32_t RULE_PRIORITY_PROHIBIT_NON_VPN    = 12500;
 const uint32_t RULE_PRIORITY_EXPLICIT_NETWORK    = 13000;
 const uint32_t RULE_PRIORITY_OUTPUT_INTERFACE    = 14000;
 const uint32_t RULE_PRIORITY_LEGACY_SYSTEM       = 15000;

tests/binder_test.cpp

@@ -235,7 +235,7 @@ TEST_F(BinderTest, TestBandwidthEnableDataSaver) {
 static bool ipRuleExistsForRange(const uint32_t priority, const UidRange& range,
         const std::string& action, const char* ipVersion) {
     // Output looks like this:
-    //   "11500:\tfrom all fwmark 0x0/0x20000 iif lo uidrange 1000-2000 prohibit"
+    //   "12500:\tfrom all fwmark 0x0/0x20000 iif lo uidrange 1000-2000 prohibit"
     std::vector<std::string> rules = listIpRules(ipVersion);
 
     std::string prefix = StringPrintf("%" PRIu32 ":", priority);
@@ -259,7 +259,7 @@ static bool ipRuleExistsForRange(const uint32_t priority, const UidRange& range,
 }
 
 TEST_F(BinderTest, TestNetworkRejectNonSecureVpn) {
-    constexpr uint32_t RULE_PRIORITY = 11500;
+    constexpr uint32_t RULE_PRIORITY = 12500;
 
     constexpr int baseUid = MULTIUSER_APP_PER_USER_RANGE * 5;
     std::vector<UidRange> uidRanges = {