FORUMS

 View Poll Results: What are you mainly using NetGuard for?

Reducing data usage
 
373 Vote(s)
31.74%
Saving battery
 
264 Vote(s)
22.47%
Increasing privacy
 
591 Vote(s)
50.30%
Blocking ads
 
772 Vote(s)
65.70%

[APP][6.0+] NetGuard - No-root firewall

21,012 posts
Thanks Meter: 44,159
 
By M66B, Recognized Developer on 25th October 2015, 01:33 PM
Post Reply Email Thread
22nd March 2020, 07:53 PM |#11051  
M66B's Avatar
OP Recognized Developer
Thanks Meter: 44,159
 
More
I have just released beta stable version 2.276

Changelog/download:
https://github.com/M66B/NetGuard/releases
The Following 8 Users Say Thank You to M66B For This Useful Post: [ View ]
22nd March 2020, 09:09 PM |#11052  
M66B's Avatar
OP Recognized Developer
Thanks Meter: 44,159
 
More
Quote:
Originally Posted by dqonxt

can i use orwall with netgaurd ?

Which orWall? I found this project:

https://github.com/EthACKdotOrg/orWall

This project is unmaintained, so maybe it is not a good idea to use it.

As long as the app is not based on the Android VPN service it will likely work.
23rd March 2020, 05:27 PM |#11053  
Junior Member
Thanks Meter: 0
 
More
Something seems to be wrong. I don't think, the Irobot app really contacted tinder and stocard:

Screenshot

I have a lot of apps with strange entries in the log. And those apps only seem to work properly, when I give permission to this strange requests. That leads me to the assumption, that the just the label of the request is wrong, but the request was done on the app, where it is listed.

I have the newest version 2.276 from Github, but had this already in earlier versions.
23rd March 2020, 06:05 PM |#11054  
M66B's Avatar
OP Recognized Developer
Thanks Meter: 44,159
 
More
Quote:
Originally Posted by virtale13

Something seems to be wrong. I don't think, the Irobot app really contacted tinder and stocard:

Screenshot


I have a lot of apps with strange entries in the log. And those apps only seem to work properly, when I give permission to this strange requests. That leads me to the assumption, that the just the label of the request is wrong, but the request was done on the app, where it is listed.

I have the newest version 2.276 from Github, but had this already in earlier versions.

The request is served by a server, in this case Amazon CloudFront, that serves at least 8 other domain names too.
The domain name might be used by another app too, but the resolved IP address is the same and since it is not possible to know which domain name belong to which app due to the way Android works, this is the result.

Related FAQ:
https://github.com/M66B/NetGuard/blo...-content-faq48
23rd March 2020, 06:14 PM |#11055  
Junior Member
Thanks Meter: 0
 
More
[QUOTE=M66B;82084455]The request is served by a server, in this case Amazon CloudFront, that serves at least 8 other domain names too.
The domain name might be used by another app too, but the resolved IP address is the same and since it is not possible to know which domain name belong to which app due to the way Android works, this is the result.

Related FAQ:

Ok, thank you for the quick answer.
25th March 2020, 02:59 AM |#11056  
Member
Thanks Meter: 9
 
More
Is there a way to quickly append and unappend a hosts file? I couldn't find an intent for this.

Right now the only way to unappend is to download the main hosts file every time.
25th March 2020, 07:52 AM |#11057  
M66B's Avatar
OP Recognized Developer
Thanks Meter: 44,159
 
More
Quote:
Originally Posted by LowVolume

Is there a way to quickly append and unappend a hosts file? I couldn't find an intent for this.

Right now the only way to unappend is to download the main hosts file every time.

No, there isn't.
29th March 2020, 02:11 PM |#11058  
Junior Member
Thanks Meter: 0
 
More
Socks5 Proxy with Termux
I'm thankfully using NetGuard (Pro) since quite a while on multiple devices. Great work, much appreciated!

Just recently, I started setting up my private VPN infrastructure and would love to onboard my (non-root) Android 9 running NetGuard as well.
I understand, I need to daisy-chain a SOCKS5 proxy to couple NetGuard firewalling my apps with a secure tunnel.

To create a secure SOCKS tunnel between localhost <=> <sshserver>, I employ Termux with the openssh (not dropbear) package like so:
$> ssh -f -N -D 1080 <user>@<sshserver>

Termux is of course whitelisted in NetGuard. However, when enabling the SOCKS Proxy in NetGuard, TCP connection can't be established any more and previously established ones are being reset, regardless of whether the tunnel has been set up before. ICMP does continue to work as NetGuard only tunnels TCP.

It appears as if I am creating a dead loop here and NetGuard attempts to funnel the SSH / socks traffic through the SSH tunnel itself.
If I were to create the socks tunnel on a remote endpoint, this would presumably work, but would lack the security of a tunnel if I am not mistaken.

NetGuard Version: 2.276 (Github APK)

What am I missing here?

Keep up the good work!
29th March 2020, 02:26 PM |#11059  
M66B's Avatar
OP Recognized Developer
Thanks Meter: 44,159
 
More
Quote:
Originally Posted by Jenzo4711

I'm thankfully using NetGuard (Pro) since quite a while on multiple devices. Great work, much appreciated!

Just recently, I started setting up my private VPN infrastructure and would love to onboard my (non-root) Android 9 running NetGuard as well.
I understand, I need to daisy-chain a SOCKS5 proxy to couple NetGuard firewalling my apps with a secure tunnel.

To create a secure SOCKS tunnel between localhost <=> <sshserver>, I employ Termux with the openssh (not dropbear) package like so:
$> ssh -f -N -D 1080 <user>@<sshserver>

Termux is of course whitelisted in NetGuard. However, when enabling the SOCKS Proxy in NetGuard, TCP connection can't be established any more and previously established ones are being reset, regardless of whether the tunnel has been set up before. ICMP does continue to work as NetGuard only tunnels TCP.

It appears as if I am creating a dead loop here and NetGuard attempts to funnel the SSH / socks traffic through the SSH tunnel itself.
If I were to create the socks tunnel on a remote endpoint, this would presumably work, but would lack the security of a tunnel if I am not mistaken.

NetGuard Version: 2.276 (Github APK)

What am I missing here?

Keep up the good work!

You'll need to disabled 'Apply rules and conditions' for the proxy app.
The Following User Says Thank You to M66B For This Useful Post: [ View ]
29th March 2020, 02:31 PM |#11060  
Junior Member
Thanks Meter: 0
 
More
Quote:
Originally Posted by M66B

You'll need to disabled 'Apply rules and conditions' for the proxy app.

Dang! I was looking for this kind of option anywhere else but there!
Thanks for the quick reply. This single line would be quite a helpful hint in the FAQ section on SOCKS on Github.
29th March 2020, 02:42 PM |#11061  
Junior Member
Thanks Meter: 2
 
More
Hi M66B,
Days ago, i talked about my samsung s9, android 10, being able to check for system updates, despite netguard is running. I did not understand why but can accept that system application can do black or white magic.

I found what i could call a "user space" application that is not blocked by the firewall. It's an (official) application that gives information about the metro traffic. It can be found on the playstore here :
https://play.google.com/store/apps/d...vel.ratp&hl=fr
I really insist that ALL applications (user and system) are asked to be blocked by netguard.
In the panel "un oeil sur le traffic" (sorry, the application is in french) you can update to the last known information, even if the application is blocked (with a 4g connection)
Could you check / would you like to check? please?

I did an experiment. In the Android settings, with "Always-on VPN" and "Block connections without VPN", the application can not update anymore. That being said, my conclusion is that applications can bypass the vpn.
With all the great knowledge you have, can you explain? how is it possible?

Thanks
Post Reply Subscribe to Thread

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes