search

celzero / rethink-app

DNS over HTTPS / DNS over Tor / DNSCrypt client, WireGuard proxifier, firewall, and connection tracker for Android.
https://rethinkfirewall.com/
Apache License 2.0
2.88k stars 147 forks source link

Firewall: Alerts and Settings #54

Open ignoramous opened 4 years ago

ignoramous commented 4 years ago

Settings:

  1. Auto-disallow Internet connectivity to newly installed apps. See also: #27

Alerts:

  1. Alert / log apps that user has never seemingly used (usage stats) but are connecting to the Internet. #88 and #129

  2. Alert / log on first Internet access by the app. #96

ignoramous commented 4 years ago

See: #39

ignoramous commented 1 year ago

A user says,

The apps would be arranged in chronological order, from the one with the most recent request, whether allowed or blocked, to the one with the oldest request. The date and time of the app's most recent request would be written. Users usually check the logs to fix the issues they're currently experiencing, so finding which apps are currently being blocked would help users narrow down which apps they need to tweak.

Then under each app, the filters that apply to the requests would be listed like App Blocked, App Not-in-Use, Isolate, UDP Blocked, DNS Bypassed etc. Something like this:

Android Services Framework (DNS Blocked) (DNS Bypassed)

Messenger (App Blocked)

This could help users narrow down what they can adjust in each app to fix the issue they're experiencing. To avoid this from getting cluttered (like if the user tweaked multiple settings), you could provide a toggle for the duration. Like for example, if set to the last 5 minutes, the filters that would appear are only those that apply to the requests in the last 5 mins. Also, I think it would be better to only list the filters of blocked IPs and domains by default as users will usually check the logs when they're having breakages.

If the user decides to press the app, they would be taken to the list of logs on that app which would look like the current implementation of logs, except that they are filtered to only those that belong to that app.

In summary:

  1. Buttons for some Universal Firewall rules in the persistent notification to quickly resolve issues caused by them
  2. Button for "Check logs" in the persistent notification to check logs in case the cause isn't one of those Universal Firewall rules
  3. Logs categorized by apps arranged chronologically instead of IPs to narrow down which apps are currently making requests
  4. Apps showing the list of filters applicable for their blocked requests to narrow down possible ways to resolve the issue on that app
  5. When the app name is pressed, the IP logs of that app are shown to narrow down the IP that is causing the issue