Simple App Alternative/Supplement [UNTESTED]
With AFWall+ 2.9.0, you can now block IPv6 with iptables.
This only blocks IPv6 with a firewall. It does not disable IPv6. See the main guide to disable it.
- *Recommended: init.d or su.d (SuperSU) support. HTC devices musts be configured for S-OFF
To block IPv6, go to Preferences, Rules/Connectivity, Block IPv6.
*Recommended: Fix startup data leak by going to Preferences, Experimental, Fix startup data leak
GitHub Commit for Block IPv6 feature:
Main Guide and Background
- *init.d support and knowledge of how to create and install init.d scripts
- 1 WiFi interface (wlan0). If you have more than 1, then ask for custom instructions.
- The following file system paths exist:
- **Kernel that doesn't load an IPv6 module but instead has IPv6 built in (I may make a separate guide for kernels with a loadable IPv6 module if asked)
After trying a lot of non functional methods for disabling IPv6, then using a working but sometimes high battery drain one, I decided to read the Linux kernel documentation and create my own method. All of the methods I've seen do not keep IPv6 disabled on the WiFi interface when there is a network change, or they drain battery by disabling IPv6 after a network change.
This method has only been tested on Note5 LP 5.1.1 SkyHigh kernel, but it should work for any device that meets the requirements.
Apps Using this Method
Synapse for SkyHigh kernel Note5.
If someone uses this method in their app or wants to make a FOSS app for this, please let me know.
No reboot needed. Modifications persist across network changes, but reset on boot. Thus, an init.d script is used. Notes: I haven't tested IPv6 over data as my provider doesn't seem to support it, but rmnet0/disable_ipv6 didn't reset when switching to data from Wi-Fi . wlan0/disable_ipv6 resets on reconnect, but there should be no IPv6 addresses on the interface.
Instructions (scripts at end of post and attached)
Click here to test if IPv6 is supported and working before continuing.
Add disable IPv6 script to init.d
Run disable script as root (you can use an app such as SManager)
Script needs to be re-added to init.d after flashing a ROM (I may create a flashable zip)
Maybe rename/backup ip6tables when disabling IPv6 since it won't be used, then rename/restore it when enabling IPv6.
Delete disable IPv6 init.d script
Run enable IPv6 script as root
Wait up to 30s for IPv6 addresses to be added
Explanation of Script Commands
Disable IPv6 (name: 00disable_ipv6)
# Disable IPv6
echo 0 > /proc/sys/net/ipv6/conf/wlan0/accept_ra
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6
Enable IPv6 (name: 00disable_ipv6_reset)
# Enable IPv6
echo 1 > /proc/sys/net/ipv6/conf/wlan0/accept_ra
echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6
https://diafygi.github.io/webrtc-ips/ (IPv6 addresses may still show until reconnect or reboot. Will try to fix if someone reports this issue)
Not even the paid play store app Disable IPv6 Pro or the free Pv6 Auto Disable work as simply or effectively. Those apps also increases battery drain like the free network change method I used before, whereas this method should have no effect on battery. So, AFAIK, it's the best method available for our android devices.
If using a VPN with IPv6 support, you don't need this guide. Otherwise, I recommend using Firefox with WebRTC disabled to prevent your public IPv6 address from leaking. Alternatively, you can block all connections that don't go through your VPN using iptables (eg. AFwall+).