[5.0+][ROOT][3.6.0] AFWall+ IPTables Firewall [28 AUG 2023]

Atomic Lutin · Aug 21, 2019

Hi !

Is there a way to edit the IPTables manually file and add restriction to trackers domain names ( avoir connexion to graphlytics or graph.facebook... for example)?

Thank you

PoochyX · Aug 21, 2019

Atomic Lutin said:
Hi !

Is there a way to edit the IPTables manually file and add restriction to trackers domain names ( avoir connexion to graphlytics or graph.facebook... for example)?

Thank you

Your messenger won't work without graph facebook.. Like you won't be able to access your shared content...

([emoji3590]09-09-18[emoji813])

Atomic Lutin · Aug 21, 2019

I don't have facebook account...

And if not graph.facebook there are a lot of other trackers....

For the moment graph.facebook is blocked by netguard and everything works well...

jcmm11 · Aug 21, 2019

Atomic Lutin said:
I don't have facebook account...

And if not graph.facebook there are a lot of other trackers....

For the moment graph.facebook is blocked by netguard and everything works well...

Simplest way is to add trackers to hosts file using something like AdAway. Some blacklists already include trackers

amg314 · Aug 21, 2019

Atomic Lutin said:
Hi !

Is there a way to edit the IPTables manually file and add restriction to trackers domain names ( avoir connexion to graphlytics or graph.facebook... for example)?

Thank you

Try Iptables Script Generator like http://www.mista.nu/iptables/

See also a useful post: https://www.linuxquestions.org/ques...to-block-an-entire-domain-437453/#post2211152

birkita · Aug 21, 2019

Xiaomi and Second Space

bobcov said:
Anybody using AFWall+ paid and SecondSpace on MIUI Xiaomi? All activity from SecondSpace is flagged and blocked by AFWall+. The blocked apps from SecondSpace show up in the log with UID prefaced by 101. When Dual App option is enabled, apps such as the Chrome browser which is installed in both partitions, get listed in the app list with a 999 UID prefix. Is there anyway I can change it to 101?
If I select all apps then the Internet works normally for SecondSpace, but I cannot find any single specific application to allow to get SecondSpace traffic through the firewall.

Has anyone managed to solve this problem yet?

Betelstar · Aug 22, 2019

Internet by bluetooth

Hello. Please add the ability to block the Internet received by bluetooth, this function would be very useful.

markd89 · Aug 25, 2019

Blocking Google, best practices?

I used this script to make a list of all Google IPs to block with AFWall+

https://notabug.org/maloe/ASN_IPFire_Script/wiki

Code:

asn_ipfire.sh  --afwall google

that then becomes a custom script. It works well. In a way too well.

There are some websites I want to visit (i.e. homedepot.com) which is hosted at *.googleusercontent.com and is blocked by one of the IP Ranges.

I thought of what I thought was a clever workaround - use the TOR browser. That didn't work because homedepot.com detects my IP as being from some strange land.

I'm looking for suggestions on how to block the most of Google while still being able to access a few sites hosted on googleusercontent.com

I'm on LOS with no GAPPS. I'm mostly concerned about privacy the automatic connections which still occur to Google by the guts of Android. I'm not concerned about adblocking as I have that covered with uBlock Origin in Firefox.

Thanks,
Mark

Ramihyn · Aug 27, 2019

AmroIb said:
How to use with Adguard ?

How to build a rocket engine?

darfri · Aug 27, 2019

Ramihyn said:
How to build a rocket engine?

... by using Adguard for sure

b1k3rdude · Aug 27, 2019

Afwall is blocking google play downloads on wifi under android 8.x

After spending a good half an hour with various keywords I wasnt able to find any posts that details my rather bizarre issue, Afwall is blocking google play downloads on wifi under android 8.x -

Google play is able to download under data just fine
if I temporarily unblock application ID [1000], Google play is able to download under data just fine
Under the wifi section after first connecting where it says checking the quality of your internet connection - I get the message directly below the wifi icon " your internet may not be available", but again if I temp unblock the above that message goes away.

Even updating to the Afwall+ beta didn't fix the issue and as I not comfortable allowing a core OS application/s (with a list as long as your arm of functions) access to the internet, My work around is to do updates in google play via data. So my question is why does it work just fine over data with the firewall enabled but not over wifi..?

Portgas D. Ace · Aug 28, 2019

b1k3rdude said:
After spending a good half an hour with various keywords I wasnt able to find any posts that details my rather bizarre issue, Afwall is blocking google play downloads on wifi under android 8.x -

Google play is able to download under data just fine

if I temporarily unblock application ID [1000], Google play is able to download under data just fine

Under the wifi section after first connecting where it says checking the quality of your internet connection - I get the message directly below the wifi icon " your internet may not be available", but again if I temp unblock the above that message goes away.

Evening update to the Afwall+ beta didn't fix the issue and as I not comfortable allowing a core OS application/s (with a list as long as your arm of functions) access to the internet, My work around is to do updates in google play via data. So my question is why does it work just fine over data with the firewall enabled but not over wifi..?

Please ensure that you have granted network permission for "media storage, download manager, downloads, MTP host" (UID 10009) within AFWall.

b1k3rdude · Aug 28, 2019

Portgas D. Ace said:
Please ensure that you have granted network permission for
media storage, download manager, downloads, MTP host" (UID 10009)

Yes to all of those all of those are part of UID 10037 on my rom (Galaxy project), what what else could be responsible for this..?.

Ramihyn · Aug 28, 2019

b1k3rdude said:
what what else could be responsible for this..?.

If you disabled NETD in AFWall+ settings, then internet access for UID 1000 is mandatory, otherwise your DNS queries won't be resolvable, hence your issues.

b1k3rdude · Aug 29, 2019

Ramihyn said:
If you disabled NETD in AFWall+ settings,

I am running default setting afaik, so where is this NETD setting located? as I cant find it.

markd89 · Aug 29, 2019

b1k3rdude said:
I am running default setting afaik, so where is this NETD setting located? as I cant find it.

Preferences, Binary, DNS Proxy

b1k3rdude · Aug 29, 2019

DNS Proxy (and IpTables fyi) was set to auto as per the default setting, setting it to enabled made no difference.

Is there a way or app that test NETD..? or am I barking up the wrong tree.

Oswald Boelcke · Aug 30, 2019

b1k3rdude said:
DNS Proxy (and IpTables fyi) was set to auto as per the default setting, setting it to enabled made no difference.

Is there a way or app that test NETD..? or am I barking up the wrong tree.

Please search the thread for the keyword "netd". I remember I've made some posts in that respect but also in this thread.

Ramihyn · Aug 30, 2019

For once, I have to confirm an issue which has been reported before by others on the net:

Since I upgraded my OP6 to Android Pie, I have an issue when using the phone as tethering hotspot for my work notebook by WiFi.
Apparently the DNS resolution does not work any longer despite the usual commonly known rules. At github the issue has been discussed since end of 2018 but is still unresolved. That thread mentioned UID 1052 (some strange unknown app uid) as being blocked by AFWall+, filling up the logfile with the DNS requests of my notebook. At some reddit forum I learned that UID 1052 indeed is dnsmasqd in Android Pie, so I applied some custom script, and voilà, DNS resolution suddenly works again through tethering.

Some side checks (disabling the firewall completely as well as trying "nslookup targetdomain.com 8.8.8.8" without that custom script) confirmed without any doubt that AFWall+ is the culprit here, because UID 1052 does not show up in the apps list, and in whitelist mode this results clearly in these blocking of the DNS requests from the tethering clients.
At the same time, though, DNS lookups work fine directly on the OP6 at any time.

markd89 · Aug 30, 2019

Ramihyn said:
For once, I have to confirm an issue which has been reported before by others on the net:

Since I upgraded my OP6 to Android Pie, I have an issue when using the phone as tethering hotspot for my work notebook by WiFi.
Apparently the DNS resolution does not work any longer despite the usual commonly known rules. At github the issue has been discussed since end of 2018 but is still unresolved. That thread mentioned UID 1052 (some strange unknown app uid) as being blocked by AFWall+, filling up the logfile with the DNS requests of my notebook. At some reddit forum I learned that UID 1052 indeed is dnsmasqd in Android Pie, so I applied some custom script, and voilà, DNS resolution suddenly works again through tethering.

Some side checks (disabling the firewall completely as well as trying "nslookup targetdomain.com 8.8.8.8" without that custom script) confirmed without any doubt that AFWall+ is the culprit here, because UID 1052 does not show up in the apps list, and in whitelist mode this results clearly in these blocking of the DNS requests from the tethering clients.
At the same time, though, DNS lookups work fine directly on the OP6 at any time.

It would be great if you could please post the script that resolved this for you.

Thanks!

[5.0+][ROOT][3.6.0] AFWall+ IPTables Firewall [28 AUG 2023]

Member

Senior Member

Member

Inactive Recognized Contributor

Senior Member

New member

New member

Senior Member

Member

Senior Member

Senior Member

Inactive Recognized Contributor

Senior Member

Member

Senior Member

Senior Member

Senior Member

Senior Moderator / Moderator Committee

Member

Senior Member

Top Liked Posts