skullone
commented
11 years ago Thanks!
I've actually already corrected the issue. I'm working on minor issue then I'll release 2.1.6 with the fix.
-Jason
On Tue, Mar 5, 2013 at 3:03 PM, Michael Andersen notifications@github.comwrote:
Hi,
Logging is not working, and I have found a couple of places in Api.java that causes this:
Please note!!! I don't have a build environment, so I cannot build it and test it, but it should fix the issue for most people (that has LOG support anyway)
Line 300: Removed -m limit match. My kernel supports LOG, but not limit match, and thus the whole line fails, resulting in no logging. Perhaps it should be made optional via some "Limit logging" option? This limit match was not in the original Droidwall, but I guess you must have had a reason to implement it. :)
Line 491: Same as line 300, but for ipv6
Line 1019: 'grep [Android Firewall]' results in "grep: Firewall]: No such file or directory" - thus no display of logging. command should be: 'grep "[Android Firewall]"'
Need quotes because of the space. Alternatively escape the space, and leave out the quotes. The square brackets need to be excaped for grep to match them properly. I "double escaped" the whole thing in the code. This change is made from the top of my head, and should be tested.
Line 1037: Log does not contain [DROIDWALL] anymore. No logging will show. Fixed it to the new prefix.
Thank you for picking up the work on this great app. :-)
--- src/com/jtschohl/androidfirewall/Api.java.orig 2013-03-02 10:30:42.000000000 +0100 +++ src/com/jtschohl/androidfirewall/Api.java 2013-03-05 20:41:33.348188301 +0100 @@ -297,7 +297,7 @@ if (logenabled) { script.append(""
- "# Create the log and reject rules (ignore errors on the LOG target just in case it is not available)\n"
- "$IPTABLES -A droidwall-reject --m limit --limit 750/min -j LOG --log-prefix \"[Android Firewall] \" --log-level 4 --log-uid\n"
- "$IPTABLES -A droidwall-reject -j LOG --log-prefix \"[Android Firewall] \" --log-level 4 --log-uid\n"
- "$IPTABLES -A droidwall-reject -j REJECT || exit 29\n"
- ""); } else { @@ -488,7 +488,7 @@ if (logenabled && ipv6enabled) { script.append(""
- "# Create the log and reject rules (ignore errors on the LOG target just in case it is not available)\n"
- "$IP6TABLES -A droidwall-reject --m limit --limit 750/min -j LOG --log-prefix \"[Android Firewall] \" --log-level 4 --log-uid\n"
- "$IP6TABLES -A droidwall-reject -j LOG --log-prefix \"[Android Firewall] \" --log-level 4 --log-uid\n"
- "$IP6TABLES -A droidwall-reject -j REJECT || exit 76\n"
- ""); } else { @@ -1016,7 +1016,7 @@ try { StringBuilder res = new StringBuilder(); int code = runScriptAsRoot(ctx, scriptHeader(ctx)
- "dmesg | $GREP [Android Firewall]\n", res);
- "dmesg | $GREP \"[Android Firewall]\"\n", res); if (code != 0) { if (res.length() == 0) { res.append("Log is empty"); @@ -1034,7 +1034,7 @@ final HashMap map = new HashMap(); LogInfo loginfo = null; while ((line = r.readLine()) != null) {
- if (line.indexOf("[DROIDWALL]") == -1)
- if (line.indexOf("[Android Firewall]") == -1) continue; appid = unknownUID; if (((start = line.indexOf("UID=")) != -1)
— Reply to this email directly or view it on GitHubhttps://github.com/skullone/android_firewall/issues/19 .
Miwer
Hi,
Logging is not working, and I have found a couple of places in Api.java that causes this:
Please note!!! I don't have a build environment, so I cannot build it and test it, but it should fix the issue for most people (that has LOG support anyway)
Line 300: Removed -m limit match. My kernel supports LOG, but not limit match, and thus the whole line fails, resulting in no logging. Perhaps it should be made optional via some "Limit logging" option? This limit match was not in the original Droidwall, but I guess you must have had a reason to implement it. :)
Line 491: Same as line 300, but for ipv6
Line 1019: 'grep [Android Firewall]' results in "grep: Firewall]: No such file or directory" - thus no display of logging. command should be: 'grep "[Android Firewall]"'
Need quotes because of the space. Alternatively escape the space, and leave out the quotes. The square brackets need to be excaped for grep to match them properly. I "double escaped" the whole thing in the code. This change is made from the top of my head, and should be tested.
Line 1037: Log does not contain [DROIDWALL] anymore. No logging will show. Fixed it to the new prefix.
Thank you for picking up the work on this great app. :-)
--- src/com/jtschohl/androidfirewall/Api.java.orig 2013-03-02 10:30:42.000000000 +0100 +++ src/com/jtschohl/androidfirewall/Api.java 2013-03-05 20:41:33.348188301 +0100 @@ -297,7 +297,7 @@ if (logenabled) { script.append("" + "# Create the log and reject rules (ignore errors on the LOG target just in case it is not available)\n" - + "$IPTABLES -A droidwall-reject --m limit --limit 750/min -j LOG --log-prefix \"[Android Firewall] \" --log-level 4 --log-uid\n" + + "$IPTABLES -A droidwall-reject -j LOG --log-prefix \"[Android Firewall] \" --log-level 4 --log-uid\n" + "$IPTABLES -A droidwall-reject -j REJECT || exit 29\n" + ""); } else { @@ -488,7 +488,7 @@ if (logenabled && ipv6enabled) { script.append("" + "# Create the log and reject rules (ignore errors on the LOG target just in case it is not available)\n" - + "$IP6TABLES -A droidwall-reject --m limit --limit 750/min -j LOG --log-prefix \"[Android Firewall] \" --log-level 4 --log-uid\n" + + "$IP6TABLES -A droidwall-reject -j LOG --log-prefix \"[Android Firewall] \" --log-level 4 --log-uid\n" + "$IP6TABLES -A droidwall-reject -j REJECT || exit 76\n" + ""); } else { @@ -1016,7 +1016,7 @@ try { StringBuilder res = new StringBuilder(); int code = runScriptAsRoot(ctx, scriptHeader(ctx) - + "dmesg | $GREP [Android Firewall]\n", res); + + "dmesg | $GREP \"\\[Android Firewall\\]\"\n", res); if (code != 0) { if (res.length() == 0) { res.append("Log is empty"); @@ -1034,7 +1034,7 @@ final HashMap map = new HashMap();
LogInfo loginfo = null;
while ((line = r.readLine()) != null) {
- if (line.indexOf("[DROIDWALL]") == -1)
+ if (line.indexOf("[Android Firewall]") == -1)
continue;
appid = unknownUID;
if (((start = line.indexOf("UID=")) != -1)