Techniques for zero rating through redirection

What is claimed is: 1. A computer-implemented method, comprising: receiving, at a network interface on a proxy server device, a proxy network packet from a local gateway application on a client device, the proxy network packet containing an application network packet for delivery to a network server device; determining that the application network packet is associated with a local user application capable of execution on the client device; determining that the local user application is authorized to use the proxy server device; and forwarding the application network packet to the network server device based on the determination that the local user application is authorized to use the proxy server device, the application network packet addressed to a network address, further comprising; determining that the network address corresponds to an interceptor address that is distinct from a legitimate network address associated with the network server device: searching an interceptor record using the interceptor address to determine the legitimate network address and an intercepted local application associated with the interceptor address, determining that the determined local user application corresponds to the determined intercepted local application; and forwarding the application network packet to the network server device at the legitimate network address based on the determination that the determined local user application corresponds to the determined intercepted local application. 2. The method of claim 1 , the interceptor record comprising a mapping between interceptor addresses and legitimate network addresses, the interceptor address returned to the client device in response to a domain name query performed on behalf of the local user application, further comprising: determining that the network server device is associated with the local user application based on the receiving of the application network packet addressed to the interceptor address; and authorizing the forwarding of the application network packet to the network server device based on the determination that the network server device is associated with the local user application. 3. The method of claim 1 , further comprising: receiving a domain name query from the client device, the domain name query performed on behalf of the local user application; determining that the domain name query is for a domain name associated with the local user application; performing a domain name lookup based on the domain name to determine a legitimate network address for the network server device; generating an interceptor address; recording an interceptor mapping between the interceptor address and the legitimate network address in an interceptor record; and returning the interceptor address to the client device in response to the domain name query. 4. The method of claim 1 , the proxy server device zero-rated with a mobile data provider for the client device, further comprising: authorizing the forwarding of the application network packet to the network server device based on a determination that the local user application is authorized to use zero-rated data access. 5. The method of claim 4 , the local user application authorized to user zero-rated data access based on a data plan record on the proxy server indicating the association of a zero-rated application data plan for the local user application with the client device. 6. The method of claim 1 , further comprising: receiving a secure token from the client device, the secure token uniquely associated with the client device; extracting a sequence number from the secure token; determine that the sequence number is a next number in sequence for the secure token; and authorizing the forwarding of the application network packet to the network server device based on the determination that the sequence number is the next number in sequence for the secure token. 7. The method of claim 1 , the determination of the application network packet being associated with the local user application determined based on one or more of process identifier, application identifier, identification of foreground application, application permissions, and destination network address. 8. An apparatus, comprising: a processor circuit on a proxy server device; a network interface on the proxy server device; a client proxy component operative on the processor circuit to receive, from the network interface, a proxy network packet from a local gateway application on a client device, the proxy network packet containing an application network packet for delivery to a network server device; and forward the application network packet to the network server device based on a determination that a local user application associated with the application network packet and capable of execution on the client device is authorized to use the proxy server device; and a proxy access component operative on the processor circuit to determine that the application network packet is associated with the local user application on the client device; and determine that the local user application is authorized to use the proxy server device, the application network packet addressed to a network address, further comprising; a DNS interceptor operative on the processor circuit to determine that the network address corresponds to an interceptor address that is distinct from a legitimate network address associated with the network server device: search an interceptor record using the interceptor address to determine the legitimate network address and an intercepted local application associated with the interceptor address, the legitimate network address associated with the network server device; determine that the determined local user application corresponds to the determined intercepted local application; and the client proxy component operative on the processor circuit to forward the application network packet to the network server device at the legitimate network address based on the determination that the determined local user application corresponds to the determined intercepted local application. 9. The apparatus of claim 8 , the interceptor record comprising a mapping between interceptor addresses and legitimate network addresses, the interceptor address returned to the client device in response to a domain name query performed on behalf of the local user application, the proxy access component further operative to determine that the network server device is associated with the local user application based on the receiving of the application network packet addressed to the interceptor address and authorize the forwarding of the application network packet to the network server device based on the determination that the network server device is associated with the local user application. 10. The apparatus of claim 8 , further comprising: the client proxy component further operative to receive a domain name query from the client device, the domain name query performed on behalf of the local user application; and return and interceptor address to the client device in response to the domain name query; and a DNS interceptor operative to determine that the domain name query is for a domain name associated with the local user application; perform a domain name lookup based on the domain name to determine a legitimate network address for the network server device; generate an interceptor address; and record an interceptor mapping between the interceptor address and the legitimate network address in an interceptor record. 11. The apparatus of claim 8 , the proxy server device zero-rated with a mobile data provider for the client device, the proxy access compo