FORUMS
Remove All Ads from XDA

[5.0+][ROOT][3.2.0-BETA] AFWall+ IPTables Firewall [03 JULY 2019]

1,424 posts
Thanks Meter: 4,765
 
By ukanth, Recognized Developer on 26th October 2012, 05:41 PM
Post Reply Email Thread
3rd April 2019, 07:00 PM |#5311  
Senior Member
Thanks Meter: 61
 
More
Hi there, I recently found out that AFWall can be used with Orbot and so to manage your traffic through Tor or not.
I wonder if I did something wrong, because I get messages in the log view that e. g. Firefox's request was denied. I allowed Firefox to use Mobile, Wifi and Tor and I am able to use Firefox as normal, but I wonder what these messages mean. There are messages for other apps as well.

I use Orbot with vanilla settings. In AFWall I disables DNS proxy via netd and activated the handling to give permission to Tor and VPN. I don't use any custom script..
 
 
6th April 2019, 06:29 PM |#5312  
Junior Member
Thanks Meter: 1
 
More
Necessary privs for Signal over cell data?
EDIT: The solution was to give Signal access to roaming cellular data. No idea why this would be, except maybe that I'm on an MVNO that uses T-Mobile's network.

I searched here and on Google, and didn't see anything obviously matching my question:

I have a rooted phone running Lineage 16 & MindTheGapps and want to configure AFWall+ so that only a few apps can use my cellular data when it's active. I'm having a little trouble getting Signal to work correctly: I've given it permission to access LAN, WAN, and non-roaming cellular but it won't send messages until I disable AFWall+. Are there other core or system processes that I should whitelist?

I have the Core processes configured like so:
VPN access for everything.
Full access for the kernel.
Media gets WAN access
NTP gets WAN.
Root apps get everything but cellular and roaming
VPN on WAN only.

System processes:
VPN for everything.
WAN/LAN for CaptivePortalLogin
Non-roaming cellular for com.qualcomm.embms.
Same for a block consisting of Phone and Messaging Storage, Messaging service, com.qualcomm.qti.telephonyservice,com.qti.qualcomm .datastatusnotification, SIM Toolkit, org.codeaurora.ims, com.qualcomm.qcrilmsgtunnel, com.qualcomm.qti.ims, and Phone Services.

I'm testing by disconnecting from my wifi and connecting to data.
The Following User Says Thank You to bthylafh For This Useful Post: [ View ] Gift bthylafh Ad-Free
6th April 2019, 06:33 PM |#5313  
Junior Member
Thanks Meter: 0
 
More
Vivo Y31L
11th April 2019, 03:29 PM |#5314  
htr5's Avatar
Senior Member
Thanks Meter: 239
 
More
• Recently, my SuperSU app asked me to grant AFWall+ root permission again. This usually happens if the app is updated/changed but I hadn't initiate d any update. Did the AFWall+ do something by itself?

• When a new app is installed, the default action is to allow all connections. Would it be possible to switch the default action to block? The user is then required to grant access such as with firewalls on computers.

• Is there any interest from the dev or others for a screen overlay for when a new app is installed (similar to prompts on a computer's firewall)

• Finally, thank you very much. This app has completely transformed the way I use my phone.
11th April 2019, 03:49 PM |#5315  
Senior Member
Thanks Meter: 31
 
More
Unable to call (volte) after enabling afwall. any help
11th April 2019, 06:25 PM |#5316  
Portgas D. Ace's Avatar
Recognized Contributor
Flag Bergisches Land
Thanks Meter: 3,075
 
More
Quote:
Originally Posted by lazylord2016

Unable to call (volte) after enabling afwall. any help

Not possible with such less information provided.
12th April 2019, 12:01 AM |#5317  
Recognized Contributor
Thanks Meter: 3,181
 
More
Quote:
Originally Posted by htr5

• Recently, my SuperSU app asked me to grant AFWall+ root permission again. This usually happens if the app is updated/changed but I hadn't initiate d any update. Did the AFWall+ do something by itself?

• When a new app is installed, the default action is to allow all connections. Would it be possible to switch the default action to block? The user is then required to grant access such as with firewalls on computers.

• Is there any interest from the dev or others for a screen overlay for when a new app is installed (similar to prompts on a computer's firewall)

• Finally, thank you very much. This app has completely transformed the way I use my phone.

For #1 I wouldn't worry about it unless it starts to happen frequently.

For #2 - change the default from 'Block Selected' to 'Allow Selected'. You may have to redo all your rules after changing this. See attached image for where you change this.

#3 - meh. I'm fine with the notification I get when a new program is installed.
Attached Thumbnails
Click image for larger version

Name:	Screenshot_20190411-184750.jpg
Views:	196
Size:	17.7 KB
ID:	4741056  
The Following User Says Thank You to jcmm11 For This Useful Post: [ View ] Gift jcmm11 Ad-Free
12th April 2019, 09:10 AM |#5318  
cobrax2's Avatar
Senior Member
Thanks Meter: 115
 
More
hi guys
i am on htc 10, android 7
i understand that if i disable the show notification icon setting, the app is going into the background and eventually gets killed. but the rules remain active?
what happens if i let it with the notification on and block it from the android itself with "block all notifications"? will it run then and just wont show me notifications when new apps get installed?
thanks
12th April 2019, 09:15 AM |#5319  
gazzacbr's Avatar
Senior Member
Flag Dubai
Thanks Meter: 245
 
More
Quote:
Originally Posted by htr5

• When a new app is installed, the default action is to allow all connections. Would it be possible to switch the default action to block? The user is then required to grant access such as with firewalls on computers.

• Finally, thank you very much. This app has completely transformed the way I use my phone.

I am guessing that you have set for blacklist so by definition everything will be allowed by default.
I much prefer whitelist then I have more control
my 2c
The Following User Says Thank You to gazzacbr For This Useful Post: [ View ] Gift gazzacbr Ad-Free
12th April 2019, 12:18 PM |#5320  
Senior Member
Thanks Meter: 61
 
More
How is it possible that the log tells me an App was blocked (mdns UID 1020) while I don't have this App in the list of Apps? I am on Android Pie.
18th April 2019, 12:16 PM |#5321  
Member
Thanks Meter: 5
 
More
Issues with Hotspot and CaptivePortalLogin
Hi there,

I have been using AFWall+ for nearly a month now, I am still getting used to it but so far it has been very positive. However I am still facing 2 major issues: I can't get any internet connection while sharing my mobile data through my wifi hotspot, and whenever I try to login on a public wifi with the CaptivePortalLogin, the app crashes and I cannot access the public Wifi at all. Both the CaptivePortalLogin and the tethering (DHCP+DNS) services are allowed for any connection.

Are these issues related? Is there any other service that I must add to the white list?

Thanks
Post Reply Subscribe to Thread

Tags
block internet, droidwall, firewall, iptables, security

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes