Fellow geek just pointed me at the RethinkDNS android app, which is an incredibly full-featured firewalling app including ad/tracker blocking, rulemaking, granular app blocking depending on wifi/mobile, and more. Native proxy support.

TLDR this allows me to block 80% of the surveillance bullshit in my android devices, with the ability to do much more with domain or IP-based rulesets.