log is empty

[hbloed69]

I know this is a bug that belongs to Android 4.2.x or 4.x. What is the problem that no app could show the log in this Android versions? For a firewall this is an essential feature! Please fix it! I have bought your app already.

[skullone]

What device are you using?

On Tue, Jun 25, 2013 at 2:22 AM, hbloed69 notifications@github.com wrote:

I know this is a bug that belongs to Android 4.2.x or 4.x. What is the problem that no app could show the log in this Android versions? For a firewall this is an essential feature! Please fix it! I have bought your app already.

— Reply to this email directly or view it on GitHubhttps://github.com/skullone/android_firewall/issues/31 .

[ringor]

I'm not the one who opened the issue but having the same problems:

Android Firewall 2.2.6 Android 4.2.2 (JDQ39) Nexus 4

Logging is enabled but the log is always displayed as empty.

[Miwer]

Hi, I'm just throwing this advice into the discussion. I'm not saying that this IS the problem here, but that it COULD be the problem. Check for yourselves before dismissing or accepting this.

When Droidwall/Android Firewall is displaying empty log, despite logging is enabled, always make sure that your kernel supports the "LOG" destination. I learned the hard way, that this was the problem back in the days I used Droidwall on an older device.

After enabling logging i the firewall, go to a terminal and check the droidwall-reject table (remember to su first):

shell@android:/ $ su                                                         
shell@android:/ # iptables -S droidwall-reject     {That's capital S, not a small s}
-N droidwall-reject
-A droidwall-reject -j LOG --log-prefix "[AndroidFirewall] " --log-uid
-A droidwall-reject -j REJECT --reject-with icmp-port-unreachable

If you do NOT have the line with the word LOG, then your kernel does NOT support the LOG destination. This line should be present when you have logging enabled. Also if your kernel does not support the LOG destination, then you will also get an error from iptables, if you were to try and insert the line manually (iptables -I droidwall-reject -j LOG --log-prefix "[AndroidFirewall] " --log-uid).

Unfortunately, this is not a problem in Android Firewall, but in your kernel, and there's nothing skullone can do to fix this. You will need to contact whoever is in charge of compiling the kernel your device uses, and ask them to enable the LOG destination in the kernel code.

Although there IS one thing skullone can do (if it's not done allready - I don't know), and that is to check the return value from the iptables command that inserts the LOG line and, if it fails, inform the user about this incompatibility, and that it's not a bug in Android Firewall.

So to sum up: If LOG destination is not enabled in the android kernel, then the logging feature of Android Firewall will not work.

Again, I'm not saying that this is the problem in this particular case, but it should be the first check in each case about empty log in Android Firewall. Skullone maybe you need to put this information in an FAQ, or implement a check on the LOG function (if you haven't already)

Have fun :) I hope you find this info helpful.

[ringor]

Wow, thank you for your detailed explanation!

Unfortunately (for me ;-) you were absolutely right. My stock kernel doesn't seem to support the LOG target. The suggestion about a warning message and an entry in the FAQ is a good idea.

Now all I have to do is switch to a custom kernel? Well, that didn't take long ... the phone is just a week old. :-)

[skullone]

Please e-mail me directly. I think I have this issue figured out but need somebody with a newer device to test it for me.

On Fri, Jul 26, 2013 at 2:10 AM, ringor notifications@github.com wrote:

Wow, thank you for your detailed explanation!

Unfortunately (for me ;-) you were absolutely right. My stock kernel doesn't seem to support the LOG target. The suggestion about a warning message and an entry in the FAQ is a good idea.

Now all I have to do is switch to a custom kernel? Well, that didn't take long ... the phone is just a week old. :-)

— Reply to this email directly or view it on GitHubhttps://github.com/skullone/android_firewall/issues/31#issuecomment-21605023 .

[skullone]

Right now this issue appears to be limited to Nexus devices starting with Nexus 4. If you have a device where logs do not work with the newly released version 2.2.7 please e-mail me so I can get more information.

I'm working on it but the issue is as Miwer stated. Some devices do not use LOG. Instead it uses NFLOG which is a totally different beast. The Nexus 10 on 4.2.2 only used NFLOG as well. However, with the 4.3 update LOG is again available on Nexus 10 but not Nexus 4. I wish Google would make up their minds. ;)

Apologies for such a late reply. I was on vacation and have been very busy with life and work.

[frank-github]

I own Samsung Note II (N7100) using stock rom I didn't get any logging, but it's enabled and I see this output

-N droidwall-reject -A droidwall-reject -j LOG --log-prefix "[AndroidFirewall] " --log-uid -A droidwall-reject -j REJECT --reject-with icmp-port-unreachable

what's wrong in my case? Why nothing is logged?

[skullone]

@frank-github Does this still occur under the new version 2.3.0?

[frank-github]

Yes, still empty :-(

Jason Tschohl notifications@github.com schrieb:

@frank-github Does this still occur under the new version 2.3.0?

---

Reply to this email directly or view it on GitHub: https://github.com/skullone/android_firewall/issues/31#issuecomment-23571442

[skullone]

Please e-mail me directly. I'm going to need more information.

On Fri, Aug 30, 2013 at 12:36 PM, frank-github notifications@github.comwrote:

Yes, still empty :-(

Jason Tschohl notifications@github.com schrieb:

@frank-github Does this still occur under the new version 2.3.0?

---

Reply to this email directly or view it on GitHub:

https://github.com/skullone/android_firewall/issues/31#issuecomment-23571442

— Reply to this email directly or view it on GitHubhttps://github.com/skullone/android_firewall/issues/31#issuecomment-23573670 .

[skullone]

2.3.1 has been released. This has corrected this issue. Please open a new issue or e-mail me if you see any other issues or have any questions.