Originally Posted by sabotage154
hello. i seem to be having a weird problem with afwall. i have recently noticed that when i connect to a specific wifi network (have only noticed this on one wifi network so far, not sure if its occuring on others) the afwall rules just dont work at all whatsover. i am using it as whitelist mode and everything works fine but i noticed on this one specific home wifi network all the apps that i have selected to only allow on VPN connect and have internet access whether im connected to VPN or not connected to VPN. its weird because on other wifi networks EVERYTHING WORKS PERFECTLY AS IT SHOULD, the apps only work if my VPN connection is up and STOP working as soon as the VPN disconnects.
I have replicated this issue on every single custom rom i have tried on this device based on android 8.1 and 9.0 (have not tried on stock though). im running
I tried to enable logs in afwall but nothing shows up in the logs. i have never once been able to get logs to work on afwall. i go to prefrences > log > and i check "Turn on log service" but i never see anything in "View logs", it always says its empty.
anyone have any idea or similiar experience and anything i can do or send over for debug (other than afwall logs since they dont seem to turn on for me)?
just wanted to update this maybe it will help someone in the future:
it appears like the issue with the wifi network that is bypassing afwall is that the wifi network is an ipv6 network. so certain apps that support ipv6 get access to the internet on the wifi IPv6 network even when afwall is activated but afwall still blocks any apps that use ipv4. I changed some settings and it appears like it is now blocking connections on the ipv6 wifi network i was having issues with.
I did the following:
Preferences > Rules/Connectivity
scroll to the bottom "IPv6 Chains"
IPv6 Support : if checked: from what can tell this actually allows ipv6 connections thru afwall (please correct me if im wrong)
Only Control IPv6 chains : i checked this and it allowed me to modify the following settings:
INPUT Chain (IPv6) : I set this to BLOCK incoming connections
OUTPUT Chain (IPv6) : i set this to BLOCK outgoing connections
FORWARD Chain (IPv6) : i set this to BLOCK forwarding connections
I played around with different settings but those settings there appeared to make my afwall rules work the same on IPv6 wifi network as they do on IPv4 wifi network. I beleive it just BLOCKS all IPv6 traffic since i think rules cant be set for IPv6 traffic in afwall.
Can anyone confirm:
IS THIS THE CORRECT WAY TO BLOCK IPV6 networks in afwall?