FORUMS

[5.0+][ROOT][3.4.0] AFWall+ IPTables Firewall [9 FEB 2020]

1,465 posts
Thanks Meter: 5,038
 
By ukanth, Recognized Developer on 26th October 2012, 05:41 PM
Post Reply Email Thread
23rd February 2020, 10:26 AM |#5791  
n0j0e's Avatar
Senior Member
Flag Berlin
Thanks Meter: 548
 
More
Is the Xposed AFWall+ module still relevant on Q or obsolete now?

Sent with much love and Android.
24th February 2020, 05:08 PM |#5792  
Member
Thanks Meter: 14
 
More
Quote:
Originally Posted by ukanth


Quote:
Originally Posted by freedom74 View Post
Is it possible to add a feature to block not only per app but per IP address or IP range?
For example I want to allow app to connect to the internet but not to all IP addresses
It would be really nice and usefull.
Yes, there will be a separate wizard kind of UI to beginners to create rules. I'm collecting all the usecases for it. It will be there in the future versions.

Yes, there will be a separate wizard kind of UI to beginners to create rules. I'm collecting all the usecases for it. It will be there in the future versions.

.


Did this ever happen? If so, I'm not finding it.
I am not able to find any example scripts which restrict one specific app to ONLY one IP Address OR Subnet.

If someone reading this knows of any could you please point me towards it? This is such a basic application firewall capability, yet there are only requests for the feature, no actual solutions I could find.

USE CASE:
An encrypted database app, used to store sensitive information. The app has a companion desktop program, which supports a manual network database sync with the android app.
Under NO circumstances are either of these apps to be allowed access to the internet, 'cloud', etc.
The desktop app is easily restricted to a specific ip address or subnet with any number of available firewall programs.
Ideally, I'd like a way to globally restrict the Android app to either the ip of the computer, or, at least, the lan subnet, ie 192.168.xxx

Less ideally, but still workable, an afwall profile which would temporarily lock the entire device to no access outside of 192.168.xxx, which could be selected only when needed for a manual sync

I have not found a way within the xda search function to specify literal strings, i.e "restrict app", etc. Instead, I get every instance of either term in quotes. Does that functionality exist?

Thanks for reading.
24th February 2020, 06:27 PM |#5793  
temporarium's Avatar
Senior Member
Thanks Meter: 192
 
More
Would simply allowing your app LAN access and nothing else not be enough?
24th February 2020, 07:16 PM |#5794  
Member
Thanks Meter: 14
 
More
Quote:
Originally Posted by temporarium

Would simply allowing your app LAN access and nothing else not be enough?

Yes, actually. I'd never used that option for any app in the past, so much so that I'd literally forgotten it was there while I was so busy trying to get my head around scripts, etc. I'm an idiot, and I certainly owe you a beer on that one

That said, I'd REALLY like to learn how to do this in a script, and furthermore, if there's any way to enable/disable custom scripts by profile, or via Tasker, etc.

Thanks again!
26th February 2020, 09:41 PM |#5795  
Totaly erratic on my Android 9 ... work .. then do not .... unreliable, and i'm using it for 8 years at least.. (started with AFWall) never met this kind of problems.
26th February 2020, 10:02 PM |#5796  
IronTechmonkey's Avatar
Recognized Contributor
Thanks Meter: 8,647
 
More
Quote:
Originally Posted by Honusnap

Totaly erratic on my Android 9 ... work .. then do not .... unreliable, and i'm using it for 8 years at least.. (started with AFWall) never met this kind of problems.

Perhaps you could describe what is actually happening or leave a bug report with a log at the Afwall git page. There may even be a similar report already, but more details would be required to discern that. If it is similar then you might learn some workarounds and the developer would have more helpful information about the issue.
29th February 2020, 06:46 PM |#5797  
zigbye82's Avatar
Senior Member
Thanks Meter: 89
 
More
Inside binaries option in preferences there are iptables and busybox binary options. If I select use system or use built in, afwall works normal. Is there any benefit in choosing one over the other?
2nd March 2020, 08:05 PM |#5798  
Senior Member
Thanks Meter: 84
 
More
Quote:
Originally Posted by webleeper

OK so after wiping app storage and resetting my rules, the app did in fact start working as intended and blocking internet access


Wiped cache in TWRP and reapplied the rules, and AFWall is working. Thanks!
2nd March 2020, 09:49 PM |#5799  
Junior Member
Thanks Meter: 0
 
More
Hey, this is probably a dumb question and may be already answered but:

Is there a way to choose what domains are allow per app?
I mean like a whitelist of allow internet addresses per app.

If the answer is custom script-> where should I look to learn how to do it?
3rd March 2020, 09:54 AM |#5800  
Junior Member
Thanks Meter: 0
 
More
OnePlus one
AospExtended-v6.6-bacon 9pie
Magisk-v20.3
Ggaps not installed

I select one application, save the rule, ok, turn on the firewall, an error message appears. all applications are blocked, and not one as I noted.
when you turn off the rule, the Internet does not appear.

---------- Post added at 11:54 AM ---------- Previous post was at 11:20 AM ----------

Error appluing iptables rules.
3rd March 2020, 11:06 AM |#5801  
IronTechmonkey's Avatar
Recognized Contributor
Thanks Meter: 8,647
 
More
Quote:
Originally Posted by Ghjkjhgf

OnePlus one
AospExtended-v6.6-bacon 9pie
Magisk-v20.3
Ggaps not installed

I select one application, save the rule, ok, turn on the firewall, an error message appears. all applications are blocked, and not one as I noted.
when you turn off the rule, the Internet does not appear.

---------- Post added at 11:54 AM ---------- Previous post was at 11:20 AM ----------

Error appluing iptables rules.

This does not speak to possible cause but here are some things which might (or might not) fix that temporarily.

Leave Afwall+ enabled while you select apps and apply rules. This may help flush out and narrow down where the issue is.

Change profile,
Test
Disable/enable firewall.
Test
Force stop Afwall+ then run it.
Test
Post Reply Subscribe to Thread

Tags
block internet, droidwall, firewall, iptables, security

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes