[5.0+][ROOT][3.6.0] AFWall+ IPTables Firewall [28 AUG 2023]
- Thread starter ukanth
- Start date
Yes, actually. I'd never used that option for any app in the past, so much so that I'd literally forgotten it was there while I was so busy trying to get my head around scripts, etc. I'm an idiot, and I certainly owe you a beer on that one
That said, I'd REALLY like to learn how to do this in a script, and furthermore, if there's any way to enable/disable custom scripts by profile, or via Tasker, etc.
Thanks again!
Perhaps you could describe what is actually happening or leave a bug report with a log at the Afwall git page. There may even be a similar report already, but more details would be required to discern that. If it is similar then you might learn some workarounds and the developer would have more helpful information about the issue.
Hey, this is probably a dumb question and may be already answered but:
Is there a way to choose what domains are allow per app?
I mean like a whitelist of allow internet addresses per app.
If the answer is custom script-> where should I look to learn how to do it?
Is there a way to choose what domains are allow per app?
I mean like a whitelist of allow internet addresses per app.
If the answer is custom script-> where should I look to learn how to do it?
OnePlus one
AospExtended-v6.6-bacon 9pie
Magisk-v20.3
Ggaps not installed
I select one application, save the rule, ok, turn on the firewall, an error message appears. all applications are blocked, and not one as I noted.
when you turn off the rule, the Internet does not appear.
---------- Post added at 11:54 AM ---------- Previous post was at 11:20 AM ----------
Error appluing iptables rules. :crying::crying:
AospExtended-v6.6-bacon 9pie
Magisk-v20.3
Ggaps not installed
I select one application, save the rule, ok, turn on the firewall, an error message appears. all applications are blocked, and not one as I noted.
when you turn off the rule, the Internet does not appear.
---------- Post added at 11:54 AM ---------- Previous post was at 11:20 AM ----------
Error appluing iptables rules. :crying::crying:
This does not speak to possible cause but here are some things which might (or might not) fix that temporarily.
Leave Afwall+ enabled while you select apps and apply rules. This may help flush out and narrow down where the issue is.
Change profile,
Test
Disable/enable firewall.
Test
Force stop Afwall+ then run it.
Test
No built in way to do it. Can be done with custom scripts.
Learn about custom scripts at the afwall wiki:
https://github.com/ukanth/afwall/wiki/CustomScripts
Hey guys,
my setup cased in the same issiue.
If I select only one block or allow position for an app, all traffic will be blocked unless I disable the firewall.
Any news for this problem?
Spirit
Perhaps I am misunderstanding something but that does not sound like the same issue I described. To clarify the meaning of the post you quoted, it was describing a series of steps which could be taken if the firewall fails to block anything after a reboot or an FC. What you seem to be describing is a situation where the opposite is occurring and everything rather than nothing is being blocked.
Without details about your device and scenario it’s hard to say what the problem could be but here are some general diagnostic steps:
- Remove 3rd party factors such as VPN and any other firewalls. Test without them, then only after resolving this issue, work on VPN configuration.
- Make sure you understand and are using the “allow selected” (whitelist) or “block selected” (blacklist) modes properly.
- Test with a simple app that has no dependencies elsewhere in the system. For example, an individual browser app might be good choice for testing web browsing but when downloading files the same browser may use the system components which would also have to be allowed.
- Use logging and toasts to see what is being blocked.
If those basic steps don’t work then you would want to provide more details about the device and specific steps to reproduce the problem (literally each action listed) and perhaps a log and exported rules.
[EDIT] Corrected assignment of labels, blacklist and whitelist, which I had inverted.
Last edited:
Sorry, correct me if I'm wrong.
Wouldn't this be the other way around? point 1 and 2 of the FAQ.
https://github.com/ukanth/afwall/wiki/FAQ
Good point. Have I been happily using the wrong terminology forever? Although the terms "whitelist-mode" and "blacklist-mode" are mentioned in the FAQ , I see no clarification there as to which one is considered allow-selected or block-selected,
My interpretation has been that blacklist mode means everything is blocked (blacklisted) by default until specifically and individually allowed, while in whitelist mode everything is allowed (whitelisted) by default unless specifically and individually blocked.
That being said I could see an argument being made (albeit IMO a weaker one) for an interpretation whereim the terms blacklist and whitelist apply to the selected items rather than the default condition.
I suppose that's why
allow-selected or block-selected are used. Its just that blacklist and whitelist sound cooler. Case in point:
"That app is so chatty online that I blacklisted it."
vs.
"That app is so chatty online that I block-selected it."
No contest.:silly:
[EDIT] A bit of web searching indicates that the terms whitelist and Blacklist apply to the items being selected, (counter to what I had thought). Thanks again, corrected in earlier post.
Last edited:
- Apr 13, 2016
- 25,885
- 23
- 59,609
- 67
^^:good:I agree that the Wiki is slightly irritating. However, from my personal point of view it's more important that the settings in the app aren't ambigious, and I think they are clear. I've chosen the option "allow selcted" and then tick the allowed connection for each UID. If I had to call this something in regard to the Wiki nomenclature I'd call it a blacklist mode i.e. everything is disabled/not allowed by default.
Attachments
Hey, thanks for your responds and sorry if it isn't the same case.
I will try to explain my problem more detailed.
First of all my Device:
-OnePlus 6T
-Firmware 10.3.2
-ROM CrDroid 6.4
-Gapps 20200311 pico arm64
-Magisk 20.3
-TWRP 3.3.1-32-mauronofrio
There is no other firewall APP installed. Afwall is the only one.
I think the problem exists until I installed the march security patches with CrDroid update 6.4.
Now I couldn't block anything. If I do, all traffic will blocked. This happens If I select only one app or I select much more.
I try to change the Binaries, but that didnt solve.
By the way, if I want to apply a ruleset with an block, so I will get an error message like “error applying iptables rules”.
Afwall reinstalltion didnt help.
If you need more informations, so please ask me.
Spirit
Monkey likes wurds and the analysis thereof. Pardon a bit of OT.
I agree that within the app it is quite clear, and even in the FAQ (about which I've got no complaint) the terms allow-selected and block-selected are used so people should not get lost there either.
It seems that your logic for the terms blacklist and whitelist is similar to mine. By that model; the selected items are exceptions from the default blacklist. By the alternate terminology for the same allow-selected mode where blacklist and whitelist are inverted then the selected items are the whitelist itself. I'm finding it easy to make logical arguments for each combination as either of them can be made to sound reasonable.
To your point, It's a good thing we have allow-selected and block-selected.
Last edited:
@IronTechmonkey , @Oswald Boelcke
Capture an old version of afwall.
https://www.movilzona.es//app/uploads/2015/06/AFwall-firewall-android-foto-2.png
This is only to "clarify, unify" terms when dealing with faults and possible solutions.
Capture an old version of afwall.
https://www.movilzona.es//app/uploads/2015/06/AFwall-firewall-android-foto-2.png
This is only to "clarify, unify" terms when dealing with faults and possible solutions.
Last edited:
Just think if it this way: white=allowed/ok, black=forbidden; list=what you select (the rest isn't on the list).Monkey likes wurds and the analysis thereof. Pardon a bit of OT.
I agree that within the app it is quite clear, and even in the FAQ (about which I've got no complaint) the terms allow-selected and block-selected are used so people should not get lost there either.
It seems that your logic for the terms blacklist and whitelist is similar to mine. By that model; the selected items are exceptions from the default blacklist. By the alternate terminology for the same allow-selected mode where blacklist and whitelist are inverted then the selected items are the whitelist itself. I'm finding it easy to make logical arguments for each combination as either of them can be made to sound reasonable.
To your point, It's a good thing we have allow-selected and block-selected.
Like me, you "suffer" from Sprachgefühl.
—
noun, German
1. a sensitivity to language, especially for what is grammatically or idiomatically acceptable in a given language.
Apologies for OT, but I couldn't resist.
Top Liked Posts
-
There are no posts matching your filters.
-
404Welcome to official support page for AFWall+
Introduction
Features
Changelog - See third Post
AFWall+ BETA Program
Source Code/Wiki/FAQ
Translations
Thanks To/Credits
Cheers,
ukanth
XDA:DevDB Information
AFWall+ [ IPTables Firewall ], App for the Android General
Contributors
ukanth
Source Code: https://github.com/ukanth/afwall
Version Information
Status: Stable
Current Stable Version: 3.5.3
Stable Release Date: 2022-06-28
Current Beta Version: 3.5.3
Beta Release Date: 2022-06-28
Created 2013-12-03
Last Updated 2020-09-0541Hello All,
After careful analysis and testing, I decided not to rewrite the way rules are being applied due to lot of under hood changes required. Instead added few enhancements. Now applying rules from menu will show how many rules are getting applied with progress status. Also when adding/removing few rules , it will apply only those related rules instead of full apply.
Also fixed couple of bugs and enhancements. You can get the full changelog from https://github.com/ukanth/afwall/blob/beta/Changelog.md
This is BETA Version which is not released on playstore. I have been using this for past week and it's stable. But there might be bugs which I haven't encountered. Please test it and report it in case of any issues.
Also I have been following XPrivacy thread on the decision by it's author. Just as FYI, I might fix it for my own usage when I update to nougat, I will share it here if anybody uses it here.
BETA Link - https://www.dropbox.com/s/isvi413qyx6vb4d/AFWall+ 2.9.7-BETA-TESTER.apk?dl=040Hello everyone,
I have released 3.0.0 stable on playstore today. It's been a crazy month so far. After going through lot of dilemma of whether to support the existing afwall or write a new one from scratch, finally able to pull myself and release stable version of afwall with lots of bug fixes and new features along with pie support. Since I don't do full time Android development, it was hard to keep track of what's going on with sdk level changes.
Thank you all for your support in AFWall+ development. Without your support it would simply not possible to pull through this.
I will be out for couple of days ( taking off to spend time with my family ) and hopefully will be able to reply to questions once back.
Thanks again and have a great day.35Hello everyone,
I have released stable version of 3.1.0 to playstore and github. Its live on playstore. You can find the changelog along with md5/sha here
https://github.com/ukanth/afwall/releases/tag/v3.1.0
Thank you all for your continuous support in AFWall+ development.
