[CLOSED][APP][6.0+] NetGuard - No-root firewall

[reniko]

Only domain names with the same IP address will be grouped. Please be aware that IP addresses are pretty dynamic these days and that one domain name can have dozens of IP addresses.

Then it seems to be a DNS caching issue with dynamic changed IPs (two are completely different now) as mentioned in your quoted FAQ. Any idea/proposal for changing the DNS TTL in NetGuard?

BTW: I block/allow the DNS name not the specific IP in the rules?

Thanks

 

[M66B]

Then it seems to be a DNS caching issue with dynamic changed IPs (two are completely different now) as mentioned in your quoted FAQ. Any idea/proposal for changing the DNS TTL in NetGuard?

BTW: I block/allow the DNS name not the specific IP in the rules?

Thanks

The DNS TTL is determined by the DNS system, not by Android or NetGuard.

NetGuard blocks on domain names.

 

[lukval]

BTW: I block/allow the DNS name not the specific IP in the rules?

I think if you have a block/allow rule for some IP then all hosts pointing to this IP will be blocked/allowed.

 

[M66B]

I think if you have a block/allow rule for some IP then all hosts pointing to this IP will be blocked/allowed.

Blocking/allowing will be done on domain names, not IP addresses (unless there is no domain name).

 

[iwanttoknow]

Thanks for your reply.

My Android 10 settings for private DNS does not accept DNS addresses as 1.1.1.1 (Cloudflare) or 9.9.9.9 (Quad9) in the field text.

It seems that Android only accepts a hostname for private DNS. So it's not possible to use NetGuard and private DNS.
Am I right ?

Hi all,

My feedback experience today :


Private DNS with Android 10 :
1dot1dot1dot1.cloudflare-dns.com


NetGuard 2.294 with :
Traffic filter : ON
Subnet routing : OFF


Test private DNS with :
https://1.1.1.1/help


Result below :

DoT is ok.
It seems ignoring NetGuard.
What do you think about it ?

 

[M66B]

Hi all,

My feedback experience today :


Private DNS with Android 10 :
1dot1dot1dot1.cloudflare-dns.com


NetGuard 2.294 with :
Traffic filter : ON
Subnet routing : OFF


Test private DNS with :
https://1.1.1.1/help


Result below :

DoT is ok.
It seems ignoring NetGuard.
What do you think about it ?

View attachment 5255071

Seems to work fine.

 

[iwanttoknow]

Seems to work fine.

Yes it works fine for DoT but Ad blocking in NetGuard is not ok in this case with private DNS defined in Android.

You wrote that NetGuard has to be defined with traffic filter off and subnet routing on, to permit private DNS to be active.

In my test today with private DNS, traffic filter was on and subnet routing off in NetGuard.

I am a little confused.

Do you have an explanation ?

Thanks in advance for your reply.

 

[M66B]

Yes it works fine for DoT but Ad blocking in NetGuard is not ok in this case with private DNS defined in Android.

You wrote that NetGuard has to be defined with traffic filter off and subnet routing on, to permit private DNS to be active.

In my test today with private DNS, traffic filter was on and subnet routing off in NetGuard.

I am a little confused.

Do you have an explanation ?

Thanks in advance for your reply.

You can't use ad blocking with filtering disabled and you can't use filtering with private DNS enabled.

 

[svendsvin]

XDA developers app makes NetGuard stop when I exit it. What can I do to prevent it?
I have attached a log file but it doesn't make sense to me.

 

[iwanttoknow]

XDA developers app makes NetGuard stop when I exit it. What can I do to prevent it?
I have attached a log file but it doesn't make sense to me.

I don't understand what you wrote. Could you please give me more details ?

 

[svendsvin]

I don't understand what you wrote. Could you please give me more details ?

NetGuard simply stops (not crashing) when I terminate/exit the XDA developers app. I then have to open NG to activate it again.

The attached log is what happens in NG (I believe) when exiting the XDA app.

Hope it makes sense.

Edit: apparently it doesn't happen when I have log turned on in NG. That could be a solution but doesn't that increase battery use?

 

[iwanttoknow]

NetGuard simply stops (not crashing) when I terminate/exit the XDA developers app. I then have to open NG to activate it again.

The attached log is whar happens in NG (I believe) when exiting the XDA app.

Hope it makes sense.

Thanks for your reply. I hope it could be explained, not by me because I'm not an expert.

 

[iwanttoknow]

You can't use ad blocking with filtering disabled and you can't use filtering with private DNS enabled.

Thanks Marcel for your reply.

So it's not possible to block ad with NetGuard, and in the same time use private DNS with Android settings.

Do you know DNS providers allowing private DNS and ad blocking in the same time ? I want to continue+++ using NetGuard, increase protection of my privacy with private DNS, and use ad blocking.

 

[La_Globule]

Have a look at Adguard, they have two DNS servers which filter ads but I don't know if they have a private DNS service.

 

[iwanttoknow]

Have a look at Adguard, they have two DNS servers which filter ads but I don't know if they have a private DNS service.

Thanks for your reply.

It seems to be :
dns.adguard.com

 

[M66B]

NetGuard simply stops (not crashing) when I terminate/exit the XDA developers app. I then have to open NG to activate it again.

The attached log is what happens in NG (I believe) when exiting the XDA app.

Hope it makes sense.

Edit: apparently it doesn't happen when I have log turned on in NG. That could be a solution but doesn't that increase battery use?

Please make sure there is enough memory available and that battery optimizations are disabled for NetGuard.

In any case apps are fully isolated from each other on Android, so I don't see how this can happen.

 

[iwanttoknow]

Thanks for your reply.

It seems to be :
dns.adguard.com

I tested
dns.adguard.com
as private DNS in Android settings,
with traffic filter ON and subnet routing OFF in NetGuard settings.

It's ok to block ad.
But I don't know if it's due to ad blocking with NetGuard, or ad blocking with AdGuard. A DNS leak test showed that it was AdGuard DNS which was used and not DNS addresses in NetGuard advanced options.

I tried to understand but I don't find an answer. And you ?

 

[svendsvin]

Please make sure there is enough memory available and that battery optimizations are disabled for NetGuard.

In any case apps are fully isolated from each other on Android, so I don't see how this can happen.

Plenty of memory and battery optimization is disabled.

Turning log on didn't solve the problem anyway. Instead it looks like disabling Fennec as my default browser does the trick.

 

[brand_new_replicant]

Marsel, I enjoy your app very much (I have full pro version). Can I use multiple host files? I now use default but I think I'll need a bit more in the future.

 

[fraschi51]

Marsel, I enjoy your app very much (I have full pro version). Can I use multiple host files? I now use default but I think I'll need a bit more in the future.

Yes, you can import a second host file (either created by yourself or downloaded somewhere else) via the setting item 'Import host file (append)', which will then be merged with the first one.