FORUMS
Remove All Ads from XDA

[5.0+][ROOT][3.2.0-BETA] AFWall+ IPTables Firewall [03 JULY 2019]

1,424 posts
Thanks Meter: 4,764
 
By ukanth, Recognized Developer on 26th October 2012, 05:41 PM
Post Reply Email Thread
6th June 2019, 07:30 PM |#5411  
Recognized Contributor
Thanks Meter: 3,075
 
More
Quote:
Originally Posted by squid2g

Does anyone have any idea why AFWall+ doesn't work for me? It instantly blocks everything (internet simply doesn't work anymore, both on wifi and mobile data). I tried restarting it, rebooting, tried enabling it in Xposed module (Magisk's EdXposed) but no success. I don't even have to select anything from the menu, as soon as I enable firewall internet access is just gone (for all apps, browsers...). I tried installing multiple versions (including paid one) but it's all the same. Tried changing binaries but nothing works, as soon as I enable it internet is gone no matter what I do. I have Xiaomi mi 9 on MIUI10 (android pie) running custom ROM (Xiaomi.eu latest weekly version) but I did also try to run this app on few weeks older versions with same results. Does anyone have any idea what is happening? I haven't seen anyone having this problem.

When you start AFWall look on top at the icon next to the search icon. The one with 3 horizontal bars and a check mark. Click on that. Which option is checked?
The Following User Says Thank You to jcmm11 For This Useful Post: [ View ] Gift jcmm11 Ad-Free
 
 
6th June 2019, 07:36 PM |#5412  
Junior Member
Thanks Meter: 0
 
More
Quote:
Originally Posted by jcmm11

When you start AFWall look on top at the icon next to the search icon. The one with 3 horizontal bars and a check mark. Click on that. Which option is checked?

If only you knew how stupid I feel right now... I spend hours trying to debug a bug that never existed. Option was set to "allow selected". I went through that option before but haven't really thought about it but now that you mentioned it and I saw "allowed selected" I quickly realized that it's all inverted of how I thought it is. Thank you so much for this quick reply! appreciated!
7th June 2019, 02:04 AM |#5413  
Senior Member
Thanks Meter: 25
 
More
Quote:
Originally Posted by squid2g

Does anyone have any idea why AFWall+ doesn't work for me? It instantly blocks everything (internet simply doesn't work anymore, both on wifi and mobile data). I tried restarting it, rebooting, tried enabling it in Xposed module (Magisk's EdXposed) but no success. I don't even have to select anything from the menu, as soon as I enable firewall internet access is just gone (for all apps, browsers...). I tried installing multiple versions (including paid one) but it's all the same. Tried changing binaries but nothing works, as soon as I enable it internet is gone no matter what I do. I have Xiaomi mi 9 on MIUI10 (android pie) running custom ROM (Xiaomi.eu latest weekly version) but I did also try to run this app on few weeks older versions with same results. Does anyone have any idea what is happening? I haven't seen anyone having this problem.

There are certain things you have to enable to get DNS resolution working... it may be that AFWall+ isn't blocking all connectivity for you, it's only blocking DNS resolution. If you've got a terminal app on your phone, try pinging google.com and 172.217.31.142... if you can ping the IP address but not the domain, it's your DNS resolution that's the problem.

Try enabling:
[-12] (tethering) - DHCP+DNS services <-- DNS resolution
[10066] PacProcess <-- Proxy Auto-Config Process
[10024] ProxyHandler <-- handles proxy setup

Your UID numbers for each may be different.
The Following User Says Thank You to Lusty Rugnuts For This Useful Post: [ View ] Gift Lusty Rugnuts Ad-Free
7th June 2019, 08:32 PM |#5414  
gazzacbr's Avatar
Senior Member
Flag Dubai
Thanks Meter: 244
 
More
Quote:
Originally Posted by squid2g

If only you knew how stupid I feel right now... I spend hours trying to debug a bug that never existed. Option was set to "allow selected"

Known as a white list.
Only the apps ticked on the list are allowed, as you now know. This is usually the best option as you have control over what has access. Just takes a bit of setting up to get the minimum apps allowed for access for the way you work.
Remember to export your settings (in the settings options) from time to time just in case.
14th June 2019, 05:43 PM |#5415  
Member
Thanks Meter: 15
 
More
I need to use IPv4 so I can know the IP address of my phone while using the Verizon mobile connection. I have imported the following script to block IPv6 and it works just fine but with one caveat -- I can no longer use data while talking on the phone.
Code:
####################
# Tweaks #
####################
## Kernel
# Disable IPv6
echo 0 > /proc/sys/net/ipv6/conf/wlan0/accept_ra
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6
echo 1 > /proc/sys/net/ipv6/conf/default/disable_ipv6
# Privacy IPv6 Address
echo 2 > /proc/sys/net/ipv6/conf/all/use_tempaddr
echo 2 > /proc/sys/net/ipv6/conf/default/use_tempaddr

####################
# iptables #
####################
IPTABLES=/system/bin/iptables
IP6TABLES=/system/bin/ip6tables
# IPv6 connections
$IP6TABLES -P INPUT DROP
$IP6TABLES -P FORWARD DROP
$IP6TABLES -P OUTPUT DROP
So it appears IPv6 is a requirement for VoLTE.

Can someone please tell me if it is possible to allow IPv6 for only VoLTE? Or instead of blocking all IPv6, just block it for Internet browsing so I am issued an easily identifiable IPv4 IP address instead of an IPv6 IP. If either option is feasible, what changes do I need to make to my script? Also, does turning off IPv6 cause other issues that I'm not aware of?

Thanks,
J
16th June 2019, 12:49 PM |#5416  
darfri's Avatar
Senior Member
Thanks Meter: 34
 
More
Could someone suggest a script to redirect the tor checkbox function to an external proxy, not localhost
16th June 2019, 05:22 PM |#5417  
Senior Member
Thanks Meter: 60
 
More
Is it possible to block e. g. all ip's of Google, but allow them for specific Apps? I didn't find anything on the Wiki to that topic..
23rd June 2019, 08:31 PM |#5418  
Senior Member
Thanks Meter: 53
 
More
Location Ui DESiGN PROPOSAL
hello world

please consider providing an option to change the
theme of afwall+ to AMOLED friendly black/dark/trueblack.

thanks for reading.
The Following 3 Users Say Thank You to Tom Mix For This Useful Post: [ View ] Gift Tom Mix Ad-Free
24th June 2019, 02:47 PM |#5419  
Senior Member
Thanks Meter: 44
 
More
Is it possible to use AFWall as a split tunneling for a VPN connection? Currently when I uncheck an app in VPN column, it will be blocked completely and had no internet connection. I'd like to allow the app to connect directly not to block all it's connections.
25th June 2019, 09:28 AM |#5420  
ukanth's Avatar
OP Recognized Developer
Thanks Meter: 4,764
 
Donate to Me
More
Quote:
Originally Posted by Tom Mix

hello world

please consider providing an option to change the
theme of afwall+ to AMOLED friendly black/dark/trueblack.

thanks for reading.

Yes.
The Following 8 Users Say Thank You to ukanth For This Useful Post: [ View ]
30th June 2019, 06:25 AM |#5421  
Senior Member
Thanks Meter: 680
 
More
Is AFWall+ working fine on Android Q Beta4? Anyone running it on Q yet? With root now available, the last hurdle is gone for Q4. But I am afraid some apps will be broken.

@ukanth: have you looked at Q4 yet to see if you need to make some changes in the app?
Post Reply Subscribe to Thread

Tags
block internet, droidwall, firewall, iptables, security

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes