FORUMS
Remove All Ads from XDA

[5.0+][ROOT][3.2.0-BETA] AFWall+ IPTables Firewall [03 JULY 2019]

1,424 posts
Thanks Meter: 4,764
 
By ukanth, Recognized Developer on 26th October 2012, 05:41 PM
Post Reply Email Thread
8th April 2018, 06:55 AM |#4411  
Member
Thanks Meter: 3
 
More
Quote:
Originally Posted by hodanli

afwall bundles some apps under one thread. why? is there anyway to separate them?

---------- Post added at 07:55 AM ---------- Previous post was at 07:45 AM ----------



I have the same issue on tugapower oreo. but for me brave browser downloads normally while yalp doesn't work. I found by trial and error that when I enable com.qualcomm.timeservice yalp store works normally. but com.qualcomm.timeservice bundles too many apps under it and I am reluctant to enable it.

I would be really happy if it works like on nougat

If I disable the Firewall (AFWall+) I can download files from Lightning and Yalp Store; with AFWall+ enabled I can't. So yes, the culprit is AFWall+... bad design.

But that's not all... If I try to download files from Lightning, with AFWall+ enabled, the files don't download, but if, after that, I reboot the phone, when the phone reboots every file that I have tried to download is then automatically downloaded!!!

This means AFWall+ has a big lag in applying its rules after phone boots.... So AFWall+ is not secure!! This defeats the purpose of having a Firewall! Bad design indeed!

The only way to solve this issue is disabling Wi-Fi immediatly before every phone turn off or reboot...
 
 
8th April 2018, 07:44 AM |#4412  
Member
Thanks Meter: 45
 
More
Quote:
Originally Posted by Niccolò Paganini

If I disable the Firewall (AFWall+) I can download files from Lightning and Yalp Store; with AFWall+ enabled I can't. So yes, the culprit is AFWall+... bad design.

[...]

This means AFWall+ has a big lag in applying its rules after phone boots.... So AFWall+ is not secure!! This defeats the purpose of having a Firewall! Bad design indeed!

Running DU 12.1 official (NoGAPPS) and apps mostly offered via F-Droid (using Fennec for browsing the internet and Yalp for obvious reasons) l have no AF-Wall related problems like the ones you describe. And never had. So immediately claiming that AF-Wall is the culprit, especially in the way done here, seems a bit rash.

I think logcats could be more helpful than accusations.
The Following 2 Users Say Thank You to bruelltaube For This Useful Post: [ View ] Gift bruelltaube Ad-Free
8th April 2018, 08:01 AM |#4413  
Member
Thanks Meter: 6
 
More
Quote:
Originally Posted by bruelltaube

Running DU 12.1 official (NoGAPPS) and apps mostly offered via F-Droid (using Fennec for browsing the internet and Yalp for obvious reasons) l have no AF-Wall related problems like the ones you describe. And never had. So immediately claiming that AF-Wall is the culprit, especially in the way done here, seems a bit rash.

I think logcats could be more helpful than accusations.

I agree. I was using afwalls on sultan without any issue. this language doesn't help at all.
8th April 2018, 11:33 AM |#4414  
Ultramanoid's Avatar
Senior Member
日本
Thanks Meter: 4,113
 
More
Quote:
Originally Posted by hodanli

I have the same issue on tugapower oreo. but for me brave browser downloads normally while yalp doesn't work.

Again, like Fennec, Brave ( and same as Chrome and Chromium ) has an independent downloader, that can work apart from the system wide one. Applications and browsers without their own web engine use the system's available WebView and Android's media downloader.

Seems like the only problem here for both of you is not being clear on what is being blocked, which is not AFWall's responsibility. Study what parts of the system and applications do before applying rules. AFWall only does what you tell it to do.
 
The Following 2 Users Say Thank You to Ultramanoid For This Useful Post: [ View ] Gift Ultramanoid Ad-Free
8th April 2018, 01:17 PM |#4415  
PiggyFlooper's Avatar
Senior Member
Thanks Meter: 318
 
More
Quote:
Originally Posted by Niccolò Paganini

Unfortunately, with Android Oreo, it is now impossible do download anything with AFWall running. I can't even download files in Lightning of Fennec F-Droid (internet browsers). And yes, I'm allowing "Media Storage, Download Manager. Downloads, MTP Host" internet access, on AFWall rules...
Please try to fix this, because this bug renders the app unusable.
Thanks in advance.

Media storage=media server?
8th April 2018, 05:06 PM |#4416  
Member
Thanks Meter: 3
 
More
Quote:
Originally Posted by PiggyFlooper

Media storage=media server?

No. They are different things. I don't allow "media server" on AFWall+.
9th April 2018, 05:09 PM |#4417  
Junior Member
Thanks Meter: 18
 
More
Hi,

I am using afwall+ for some time on my smartphone and I am very happy with it. Thanks for developing such cool stuff!

Recently I bought a new tablet, which I want to use with other person together, therefor I activated the (experimental) multiuser function in afwall+ together with addings users in LOS 15.1. Unfortunately it didn't work and I was struggling with it until I found a hint to allow root processes in afwall+. Then it worked and after some time it didn't worked anymore.

Maybe someone can provide a manual / how-to for using the multiuser functionality and what I have to allow in afwall, what I have do in Android settings and so on. I think this could be very helpful for everybody who starts using the multiuser functionality.


edit: I don't get it. If I activate the rule "every app", then I can access the internet with other user accounts. If I allow every app access and just not the rule "every app" then it doesn't work. Seems like the app of another user account is not recognized.
The strange thing is yesterday it worked for a short time, then I encrypted the whole device and it did not work anymore. But I don't know if it is related to the encryption?!?!
Can anyone help me?
12th April 2018, 05:53 AM |#4418  
Rowdyy Ronnie's Avatar
Senior Member
Flag City Of Joy
Thanks Meter: 1,441
 
Donate to Me
More
What is the difference between Afwall+ with Xposed and without Xposed??
Do they work same way??
12th April 2018, 06:29 AM |#4419  
Senior Member
Thanks Meter: 63
 
More
Quote:
Originally Posted by quantuser

Hi,

I am using afwall+ for some time on my smartphone and I am very happy with it. Thanks for developing such cool stuff!

Recently I bought a new tablet, which I want to use with other person together, therefor I activated the (experimental) multiuser function in afwall+ together with addings users in LOS 15.1. Unfortunately it didn't work and I was struggling with it until I found a hint to allow root processes in afwall+. Then it worked and after some time it didn't worked anymore.

Maybe someone can provide a manual / how-to for using the multiuser functionality and what I have to allow in afwall, what I have do in Android settings and so on. I think this could be very helpful for everybody who starts using the multiuser functionality.


edit: I don't get it. If I activate the rule "every app", then I can access the internet with other user accounts. If I allow every app access and just not the rule "every app" then it doesn't work. Seems like the app of another user account is not recognized.
The strange thing is yesterday it worked for a short time, then I encrypted the whole device and it did not work anymore. But I don't know if it is related to the encryption?!?!
Can anyone help me?

I haven't tried the multiuser feature yet but if I'm not mistaken previously it was necessary to use "block selected" mode, which allows anything that isn't blocked, which in turn means secondary user's apps aren't blocked.

I've been using custom scripts to bypass this limitation and stay in "allow selected" mode.
I add the following line for any app from the second user that I want to allow:
$IPTABLES -A afwall -m owner --uid-owner u10_a123 -j RETURN

I don't remember how I figured out the uid-owner parameter. Probably easy enough to google it.
In any case it should contain the uid of the app you want to allow. Generally, primary user uids start with 0 while other users uids will start with 10 or higher numbers.
The Following User Says Thank You to eriol1 For This Useful Post: [ View ] Gift eriol1 Ad-Free
12th April 2018, 07:28 AM |#4420  
Portgas D. Ace's Avatar
Recognized Contributor
Flag Bergisches Land
Thanks Meter: 3,075
 
More
Quote:
Originally Posted by Rowdyy Ronnie

What is the difference between Afwall+ with Xposed and without Xposed??
Do they work same way??

The Xposed module adds some functionality to AFWall, as it prevents data leakage via the in-built download manager. Some apps might be able to send/receive data via this backdoor, the Xposed module fixes this.
The Following 4 Users Say Thank You to Portgas D. Ace For This Useful Post: [ View ] Gift Portgas D. Ace Ad-Free
12th April 2018, 07:33 AM |#4421  
Rowdyy Ronnie's Avatar
Senior Member
Flag City Of Joy
Thanks Meter: 1,441
 
Donate to Me
More
Quote:
Originally Posted by Portgas D. Ace

The Xposed module adds some functionality to AFWall, as it prevents data leakage via the in-built download manager. Some apps might be able to send/receive data via this backdoor, the Xposed module fixes this.

So let me get this straight. I don't like Xposed. So, should I use Afwall+ or is there any other alternative to Afwall+ that works better on non xposed devices??
Post Reply Subscribe to Thread

Tags
block internet, droidwall, firewall, iptables, security

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes