FORUMS
Remove All Ads from XDA

 View Poll Results: What are you mainly using NetGuard for?

Reducing data usage
 
353 Vote(s)
31.46%
Saving battery
 
247 Vote(s)
22.01%
Increasing privacy
 
554 Vote(s)
49.38%
Blocking ads
 
743 Vote(s)
66.22%

[APP][6.0+] NetGuard - No-root firewall

19,697 posts
Thanks Meter: 40,399
 
By M66B, Recognized Developer on 25th October 2015, 02:33 PM
Post Reply Email Thread
1st December 2019, 02:39 PM |#10651  
M66B's Avatar
OP Recognized Developer
Thanks Meter: 40,399
 
More
Quote:
Originally Posted by deggar

Under android 10 settings/vpn there are 2 options. Should I turn these on?
: Always-on VPN
: Block Connections without VPN

Please see the FAQ about this.
1st December 2019, 05:18 PM |#10652  
Ikearat's Avatar
Member
Thanks Meter: 5
 
More
Message 1.) -
Quote:
Originally Posted by M66B

The app is the initiator/originator of a connection and therefore the "holder" of the connection. Connections are made via the Linux kernel and Android has no direct part in this.

Message 2.) -
Quote:
Originally Posted by M66B

Only TCP, UDP and ICMP ping packets can be related to an app, so this is normal.

I am taking the liberty to reply to two messages...
1.) - If each app originates traffic, why can't NetGuard tell them apart? Something is hiding the individuality of the apps from NetGuard preventing NetGuard from telling them apart.
I will assume this is an issue with Android and move on.
2.) - This is a TCP packet and yes, it is blocked in it's app. The URL is listed in no other app. The URL is known and I'm not alarmed with this instance. My concern is that an app that is troublesome may also do this.
Hard question, how does a TCP connection pass through a total lock-down WITHOUT a PID associated with it?
1st December 2019, 05:49 PM |#10653  
M66B's Avatar
OP Recognized Developer
Thanks Meter: 40,399
 
More
Quote:
Originally Posted by Ikearat

Message 1.) -

Message 2.) -


I am taking the liberty to reply to two messages...
1.) - If each app originates traffic, why can't NetGuard tell them apart? Something is hiding the individuality of the apps from NetGuard preventing NetGuard from telling them apart.
I will assume this is an issue with Android and move on.
2.) - This is a TCP packet and yes, it is blocked in it's app. The URL is listed in no other app. The URL is known and I'm not alarmed with this instance. My concern is that an app that is troublesome may also do this.
Hard question, how does a TCP connection pass through a total lock-down WITHOUT a PID associated with it?

  1. https://github.com/M66B/NetGuard/blo...-content-faq31
  2. It might be a short lived connection and NetGuard being to late to get the uid, see also https://github.com/M66B/NetGuard/blo...r-content-faq1
1st December 2019, 06:24 PM |#10654  
Ikearat's Avatar
Member
Thanks Meter: 5
 
More
Quote:
Originally Posted by M66B

  1. https://github.com/M66B/NetGuard/blo...-content-faq31
  2. It might be a short lived connection and NetGuard being to late to get the uid, see also https://github.com/M66B/NetGuard/blo...r-content-faq1

These are acceptable replies. I am now relaxed.
Thank you!

Sometimes you need to remind us, the users that NetGuard must work within the limitations of Android.
2nd December 2019, 06:15 PM |#10655  
jawz101's Avatar
Senior Member
Thanks Meter: 723
 
More
Quote:
Originally Posted by M66B

If it works with a mobile data connection and not with WiFi, this is what I understood, the problem is that the app doesn't determine the connection type correctly. Basically, this is caused by a bug in Android. In FairEmail there is a complex workaround for this.

Phone permissions are still required to query the phone/SIM country, which is needed to check for RLAH.

Thanks.


Are you aware of any bug reports that have been reported to AOSP in regards to the issue? It is a significant bug


it looks like it's been said to be fixed before


https://piunikaweb.com/2017/12/21/go...wifivpn-issue/
5th December 2019, 05:55 PM |#10656  
Knoth's Avatar
Senior Member
Thanks Meter: 19
 
More
Hi. Despite activating the system applications mode, and blocking everything, certain system apps are still leaking data ... why? Thank you.

It's like blocking the connection, but then in the background there is leaking data .
5th December 2019, 09:43 PM |#10657  
M66B's Avatar
OP Recognized Developer
Thanks Meter: 40,399
 
More
Quote:
Originally Posted by jawz101

Are you aware of any bug reports that have been reported to AOSP in regards to the issue? It is a significant bug


it looks like it's been said to be fixed before


https://piunikaweb.com/2017/12/21/go...wifivpn-issue/

I am pretty sure this kind of bugs have been reported, but Google tends to ignore lots of bug reports.
I have reported a few bugs myself, including source code to fix the bugs and guess what? A waste of time.
5th December 2019, 09:57 PM |#10658  
M66B's Avatar
OP Recognized Developer
Thanks Meter: 40,399
 
More
Quote:
Originally Posted by Knoth

Hi. Despite activating the system applications mode, and blocking everything, certain system apps are still leaking data ... why? Thank you.

It's like blocking the connection, but then in the background there is leaking data .

You'll need to be more specific for help.
9th December 2019, 04:15 PM |#10659  
Junior Member
Thanks Meter: 0
 
More
Quote:
Originally Posted by M66B

Only the app currently "owning" the Android VPN service can monitor the VPN state.

About being okay, please see this FAQ:
https://github.com/M66B/NetGuard/blo...r-content-faq1

An update on that, most likely back then Seamless VPN handover on reload was also enabled but for sure I tried to test it recently and it was enabled but still the same thing happen, I'm getting notifications from the blocked app. If it uses google play services as it is mentioned elsewhere does the app server gets notified that the messages are delivered? Because as I mentioned previous time when I got the notification I was shown to be online at that moment. Also I'm not sure if it's accurate or explained differntly but from my settings I can see about a douzen of blocked apps to have a small amount of data traffic. If it's accurate, from how the app with most traffic (about 3MB) works I assume the leak is happening when screen is turned on regardless of the VPN handover setting
9th December 2019, 07:18 PM |#10660  
Junior Member
Thanks Meter: 0
 
More
Unfortunately can See that unwanted and blocked APP still uses mobile data to communicate. Netguard logs this, but not blocks it as intended. But was my fault, left mobile data activ. Was difficult to select the icon. Besides the icons would like to See status as text when you open details and bigger buttons to configure.
10th December 2019, 12:44 PM |#10661  
M66B's Avatar
OP Recognized Developer
Thanks Meter: 40,399
 
More
Quote:
Originally Posted by nick-gr

An update on that, most likely back then Seamless VPN handover on reload was also enabled but for sure I tried to test it recently and it was enabled but still the same thing happen, I'm getting notifications from the blocked app. If it uses google play services as it is mentioned elsewhere does the app server gets notified that the messages are delivered? Because as I mentioned previous time when I got the notification I was shown to be online at that moment. Also I'm not sure if it's accurate or explained differntly but from my settings I can see about a douzen of blocked apps to have a small amount of data traffic. If it's accurate, from how the app with most traffic (about 3MB) works I assume the leak is happening when screen is turned on regardless of the VPN handover setting

Did you read these FAQs?

https://github.com/M66B/NetGuard/blo...-content-faq19

https://github.com/M66B/NetGuard/blo...-content-faq66
Post Reply Subscribe to Thread

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes