I live in a region where phone security and anonymity is a concern.
To address this, I have installed a rooted custom firmware, AFWall firewall, and ProtonVPN on my smartphone.
AFWall is set up to block most apps and system apps, routing only the ones I use through the VPN.
I monitor AFWall's logfiles, which show thousands of (blocked) unknown(-100) connections, most of which resolve to Github CDNs or Googleaccount, while others resolve to unknown IPs.
I want to find out which app or process is making these connections, but as AFWall reports them as unknown(-100), I am unsure how to proceed.
I have tried using Termux (root) and "sudo netstat -nputwc" to monitor connections, but some connections remain "empty" and do not provide any "PID/Program name".
How can I identify the app/process making these connections?
Thanks in advance!
To address this, I have installed a rooted custom firmware, AFWall firewall, and ProtonVPN on my smartphone.
AFWall is set up to block most apps and system apps, routing only the ones I use through the VPN.
I monitor AFWall's logfiles, which show thousands of (blocked) unknown(-100) connections, most of which resolve to Github CDNs or Googleaccount, while others resolve to unknown IPs.
I want to find out which app or process is making these connections, but as AFWall reports them as unknown(-100), I am unsure how to proceed.
I have tried using Termux (root) and "sudo netstat -nputwc" to monitor connections, but some connections remain "empty" and do not provide any "PID/Program name".
How can I identify the app/process making these connections?
Thanks in advance!