FORUMS

[5.0+][ROOT][3.4.0] AFWall+ IPTables Firewall [9 FEB 2020]

1,465 posts
Thanks Meter: 5,038
 
By ukanth, Recognized Developer on 26th October 2012, 05:41 PM
Post Reply Email Thread
16th February 2020, 02:27 PM |#5781  
Hello All,

Do not know if the problem as already been discussed
3.4.0 installed, if i apply rules with log service on => Error applying rules. If i disable log service => rules apply correctly.
When i enable log service => Error kernel not supporting LOG / NLOG (something like that .. writing by memory).
16th February 2020, 05:03 PM |#5782  
Member
Thanks Meter: 29
 
More
Quote:
Originally Posted by Honusnap

Hello All,

Do not know if the problem as already been discussed
3.4.0 installed, if i apply rules with log service on => Error applying rules. If i disable log service => rules apply correctly.
When i enable log service => Error kernel not supporting LOG / NLOG (something like that .. writing by memory).

If you are using immensity Kernel it doesn't Support logging. Have the same issue.
17th February 2020, 10:54 AM |#5783  
Quote:
Originally Posted by nerzwerk

If you are using immensity Kernel it doesn't Support logging. Have the same issue.

I did not swapped my stock kernel, it's the one that came with my phone, my rom is stock.
19th February 2020, 06:06 AM |#5784  
Senior Member
Thanks Meter: 50
 
More
Hello im new here,I got a problem with WiFi hotspot,if I enable afwall+ my other device cant connect the network,can anyone help me,please?
19th February 2020, 03:27 PM |#5785  
zigbye82's Avatar
Senior Member
Thanks Meter: 89
 
More
Does afwall works without root now?
19th February 2020, 03:28 PM |#5786  
Oswald Boelcke's Avatar
Forum Moderator / Recognized Translator
Flag Preserving Air Supremacy over XDA
Thanks Meter: 10,082
 
More
Quote:
Originally Posted by zigbye82

Does afwall works without root now?

Negative.
The Following User Says Thank You to Oswald Boelcke For This Useful Post: [ View ] Gift Oswald Boelcke Ad-Free
19th February 2020, 03:38 PM |#5787  
zigbye82's Avatar
Senior Member
Thanks Meter: 89
 
More
Quote:
Originally Posted by Oswald Boelcke

Negative.

Hmmm. Funny thing it doesn't ask for root and seem to be working fine (from my angle). Anyway to invoke root permission?
19th February 2020, 03:49 PM |#5788  
Oswald Boelcke's Avatar
Forum Moderator / Recognized Translator
Flag Preserving Air Supremacy over XDA
Thanks Meter: 10,082
 
More
Quote:
Originally Posted by zigbye82

Hmmm. Funny thing it doesn't ask for root and seem to be working fine (from my angle). Anyway to invoke root permission?

Without root, the application would be unable to edit the iptables. First, I'd check in your root/supersu manager (I use Magisk) if root is granted (please refer to attached screenshot in regard to my system).
Attached Thumbnails
Click image for larger version

Name:	Screenshot_20200219-164401_Magisk_Manager.jpg
Views:	160
Size:	217.5 KB
ID:	4954209  
The Following User Says Thank You to Oswald Boelcke For This Useful Post: [ View ] Gift Oswald Boelcke Ad-Free
19th February 2020, 04:26 PM |#5789  
zigbye82's Avatar
Senior Member
Thanks Meter: 89
 
More
Quote:
Originally Posted by Oswald Boelcke

Without root, the application would be unable to edit the iptables. First, I'd check in your root/supersu manager (I use Magisk) if root is granted (please refer to attached screenshot in regard to my system).

That was the first thing I did... Check magisk but no root access is granted. Then why is it working?

Edit: Clearing data in magisk solved the issue. Thanks.
20th February 2020, 02:37 AM |#5790  
aeroxy's Avatar
Senior Member
Flag Shanghai
Thanks Meter: 18
 
Donate to Me
More
How to use AFWall+ to connect to a socks5 server in local network and use it as a tunnel to bypass GFW?

I got the inspiration here: https://github.com/shadowsocks/shado....github/faq.md

It looks like AFWall+ is able to create a NAT forwarding policy to keep all traffic going through a socks5 proxy and fool Google apps into thinking they are not connected via a VPN (Google apps implement additional security measures when connecting via VPNService and if you are in China you will not pass the security check - the security check requests don't go through VPN, so they will EOF cuz GFW will kill these requests, read more here https://support.google.com/android/t...28979027?hl=en).

So my question is, if let's say I have a socks5 server running at 192.168.1.1:1088 which tunnels all connections via vmess protocol (aka V2Ray) to remote servers in the US, how do I create my custom script? I have tried:

Quote:

IP6TABLES=/system/bin/ip6tables
IPTABLES=/system/bin/iptables
ULIMIT=/system/bin/ulimit
PORT=1088
SERVER=192.168.1.1
$ULIMIT -n 4096
$IP6TABLES -F
$IP6TABLES -A INPUT -j DROP
$IP6TABLES -A OUTPUT -j DROP
$IPTABLES -t nat -F OUTPUT
$IPTABLES -t nat -A OUTPUT -o lo -j RETURN
$IPTABLES -t nat -A OUTPUT -d 127.0.0.1 -j RETURN
$IPTABLES -t nat -A OUTPUT -p tcp --dport 53 -j DNAT --to-destination $SERVER:$PORT
$IPTABLES -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to-destination $SERVER:$PORT
$IPTABLES -t nat -A OUTPUT -p tcp -j DNAT --to-destination $SERVER:$PORT
$IPTABLES -t nat -A OUTPUT -p udp -j DNAT --to-destination $SERVER:$PORT

This does not work. So did I:

1. created a wrong script? - how do I create a script that does what I want to do?
2. r there other settings that I should enable first? I didn't tick any app so I assume that means all app go through custom script, right?
The Following User Says Thank You to aeroxy For This Useful Post: [ View ] Gift aeroxy Ad-Free
23rd February 2020, 10:26 AM |#5791  
n0j0e's Avatar
Senior Member
Flag Berlin
Thanks Meter: 548
 
More
Is the Xposed AFWall+ module still relevant on Q or obsolete now?

Sent with much love and Android.
Post Reply Subscribe to Thread

Tags
block internet, droidwall, firewall, iptables, security

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes