Superuser-app missing in app-list

skullone / android_firewall

This is a fork of Droidwall by Rodrigo Zechin Rosauro - http://code.google.com/p/droidwall/

128 stars 91 forks source link

Superuser-app missing in app-list #52

Closed ghost closed 10 years ago

ghost commented 10 years ago

Hello,

the superuser-app from Clockworkmod isn't listet in the app-list. I have a rooted razr i with android 4.1.2.

Can you say why?

Thanks!

Dear Berns

skullone commented 10 years ago

Only apps that have the Internet Permission show up in the list.

As for you sync issue you need to make sure the appropriate Google services enabled.

For example just allowing Gmail doesn't allow for new mail notifications. You need to allow the Google syncing services as well. On Oct 2, 2013 8:37 AM, "Berns" notifications@github.com wrote:

Hello,

the superuser-app from Clockworkmod isn't listet in the app-list. Can you say why?

Thanks!

Dear Berns

— Reply to this email directly or view it on GitHubhttps://github.com/skullone/android_firewall/issues/52 .

ghost commented 10 years ago

Hello,

thanks for your reply.

Comment to the not listed superuser-app: The superuser-app from clockworkmod has internet-permission for updating the su-binarys. For that it should be in the list, but it isn't.

Comment to the syncing-service-problem: i think i'm missunderstood. I have "no" app allowed for internet-access in whitlist-mode (fresh installation of the firewall), but "Browser", "App Data" and "Google Play Books" are syncing.

Dear Berns

skullone commented 10 years ago

The Superuser you are talking about is this one: https://play.google.com/store/apps/details?id=com.koushikdutta.superuser

I use that one myself and it most definitely does not have the Internet Permission.

As for your syncing issues. Please use terminal emulator and e-mail me the output from this command after you enable the firewall.

su iptables -L -v -n

ghost commented 10 years ago

u0_a122@smi:/ $ su root@smi:/ # iptables -L -v -n Chain INPUT (policy ACCEPT 782 packets, 78012 bytes) pkts bytes target prot opt in out source destination 782 78012 droidwall-input all -- * * 0.0.0.0/0 0.0.0.0/0 6203 4530K bw_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 bw_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 natctrl_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 732 packets, 73858 bytes) pkts bytes target prot opt in out source destination 1395 134K droidwall all -- * * 0.0.0.0/0 0.0.0.0/0 6438 703K bw_OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain bw_FORWARD (1 references) pkts bytes target prot opt in out source destination Chain bw_INPUT (1 references) pkts bytes target prot opt in out source destination 11 13700 all -- !lo+ * 0.0.0.0/0 0.0.0.0/0 ! quota globalAlert: 2097152 bytes 1279 115K RETURN all -- lo * 0.0.0.0/0 0.0.0.0/0 4414 4320K all -- * * 0.0.0.0/0 0.0.0.0/0 owner socket exists Chain bw_OUTPUT (1 references) pkts bytes target prot opt in out source destination 12 840 all -- * !lo+ 0.0.0.0/0 0.0.0.0/0 ! quota globalAlert: 2097152 bytes 1279 115K RETURN all -- * lo 0.0.0.0/0 0.0.0.0/0 5158 588K all -- * * 0.0.0.0/0 0.0.0.0/0 owner socket exists Chain costly_shared (0 references) pkts bytes target prot opt in out source destination 0 0 penalty_box all -- * * 0.0.0.0/0 0.0.0.0/0 Chain droidwall (1 references) pkts bytes target prot opt in out source destination 40 2538 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 0 udp dpt:53 0 0 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1000 udp dpt:123 0 0 droidwall-3g all -- * rmnet+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * pdp+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * ppp+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * uwbr+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * wimax+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * vsnet+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * ccmni+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * usb+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet1+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet_sdio+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet_sdio0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet_sdio1+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * qmi+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * wwan0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * svnet0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * cdma_rmnet+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet_usb0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet_usb+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * bond1+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * ppp0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-wifi all -- * tiwlan+ 0.0.0.0/0 0.0.0.0/0 663 59967 droidwall-wifi all -- * wlan+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-wifi all -- * eth+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-wifi all -- * ra+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-wifi all -- * wlan0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-wifi all -- * eth0+ 0.0.0.0/0 0.0.0.0/0 Chain droidwall-3g (21 references) pkts bytes target prot opt in out source destination 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 9999 0 0 droidwall-reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain droidwall-input (1 references) pkts bytes target prot opt in out source destination Chain droidwall-input-drop (0 references) pkts bytes target prot opt in out source destination Chain droidwall-lan (0 references) pkts bytes target prot opt in out source destination Chain droidwall-reject (2 references) pkts bytes target prot opt in out source destination 653 59375 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 1000/min burst 5 LOG flags 8 level 4 prefix "[AndroidFirewall]" 663 59967 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain droidwall-vpn (0 references) pkts bytes target prot opt in out source destination Chain droidwall-wifi (6 references) pkts bytes target prot opt in out source destination 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1014 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1010 663 59967 droidwall-reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain natctrl_FORWARD (1 references) pkts bytes target prot opt in out source destination Chain penalty_box (1 references) pkts bytes target prot opt in out source destination root@smi:/ # Jason Tschohl notifications@github.com schrieb:

  The Superuser you are talking about is this one: https://play.google.com/store/apps/details?id=com.koushikdutta.superuser

  I use that one myself and it most definitely does not have the Internet Permission.

  As for your syncing issues. Please use terminal emulator and e-mail me the output from this command after you enable the firewall.

  su
  iptables -L -v -n

  —
  Reply to this email directly or view it on GitHub.

skullone commented 10 years ago

Hmmm. That should be working. Please send me the output from these commands using Terminal Emulator

When on WiFi su busybox route
When on cellular data su busybox route

On Wed, Oct 2, 2013 at 11:23 AM, Berns notifications@github.com wrote:

u0_a122@smi:/ $ su root@smi:/ # iptables -L -v -n Chain INPUT (policy ACCEPT 782 packets, 78012 bytes) pkts bytes target prot opt in out source destination 782 78012 droidwall-input all -- * * 0.0.0.0/0 0.0.0.0/0 6203 4530K bw_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 bw_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 natctrl_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 732 packets, 73858 bytes) pkts bytes target prot opt in out source destination 1395 134K droidwall all -- * * 0.0.0.0/0 0.0.0.0/0 6438 703K bw_OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain bw_FORWARD (1 references) pkts bytes target prot opt in out source destination Chain bw_INPUT (1 references) pkts bytes target prot opt in out source destination 11 13700 all -- !lo+ * 0.0.0.0/0 0.0.0.0/0 ! quota globalAlert: 2097152 bytes 1279 115K RETURN all -- lo * 0.0.0.0/0 0.0.0.0/0 4414 4320K all -- * * 0.0.0.0/0 0.0.0.0/0 owner socket exists Chain bw_OUTPUT (1 references) pkts bytes target prot opt in out source destination 12 840 all -- * !lo+ 0.0.0.0/0 0.0.0.0/0 ! quota globalAlert: 2097152 bytes 1279 115K RETURN all -- * lo 0.0.0.0/0 0.0.0.0/0 5158 588K all -- * * 0.0.0.0/0 0.0.0.0/0 owner socket exists Chain costly_shared (0 references) pkts bytes target prot opt in out source destination 0 0 penalty_box all -- * * 0.0.0.0/0 0.0.0.0/0 Chain droidwall (1 references) pkts bytes target prot opt in out source destination 40 2538 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 0 udp dpt:53 0 0 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1000 udp dpt:123 0 0 droidwall-3g all -- * rmnet+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * pdp+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * ppp+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * uwbr+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * wimax+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * vsnet+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * ccmni+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * usb+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet1+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet_sdio+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet_sdio0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet_sdio1+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * qmi+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * wwan0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * svnet0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * cdma_rmnet+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet_usb0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet_usb+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * bond1+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * ppp0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-wifi all -- * tiwlan+ 0.0.0.0/0 0.0.0.0/0 663 59967 droidwall-wifi all -- * wlan+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-wifi all -- * eth+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-wifi all -- * ra+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-wifi all -- * wlan0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-wifi all -- * eth0+ 0.0.0.0/0 0.0.0.0/0 Chain droidwall-3g (21 references) pkts bytes target prot opt in out source destination 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 9999 0 0 droidwall-reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain droidwall-input (1 references) pkts bytes target prot opt in out source destination Chain droidwall-input-drop (0 references) pkts bytes target prot opt in out source destination Chain droidwall-lan (0 references) pkts bytes target prot opt in out source destination Chain droidwall-reject (2 references) pkts bytes target prot opt in out source destination 653 59375 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 1000/min burst 5 LOG flags 8 level 4 prefix "[AndroidFirewall]" 663 59967 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain droidwall-vpn (0 references) pkts bytes target prot opt in out source destination Chain droidwall-wifi (6 references) pkts bytes target prot opt in out source destination 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1014 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1010 663 59967 droidwall-reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain natctrl_FORWARD (1 references) pkts bytes target prot opt in out source destination Chain penalty_box (1 references) pkts bytes target prot opt in out source destination root@smi:/ # Jason Tschohl notifications@github.com schrieb:

The Superuser you are talking about is this one: https://play.google.com/store/apps/details?id=com.koushikdutta.superuser

I use that one myself and it most definitely does not have the Internet Permission.

As for your syncing issues. Please use terminal emulator and e-mail me the output from this command after you enable the firewall.

su iptables -L -v -n

— Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHubhttps://github.com/skullone/android_firewall/issues/52#issuecomment-25548015 .

ghost commented 10 years ago

WLAN: u0_a122@smi:/ $ su root@smi:/ # busybox route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 192.168.2.1 0.0.0.0 UG 0 0 0 wlan0192.168.2.0 * 255.255.255.0 U 205 0 0 wlan0192.168.2.1 * 255.255.255.255 UH 0 0 0 wlan0 root@smi:/ # Cellular: u0_a122@smi:/ $ u0_a122@smi:/ $ su root@smi:/ # busybox route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 10.40.255.1 0.0.0.0 UG 0 0 0 rmnet010.40.255.1 * 255.255.255.255 UH 0 0 0 rmnet0 root@smi:/ # Jason Tschohl notifications@github.com schrieb:

Hmmm. That should be working. Please send me the output from these
commands using Terminal Emulator
1. When on WiFi
su
busybox route
2. When on cellular data
su
busybox route
On Wed, Oct 2, 2013 at 11:23 AM, Berns <notifications@github.com> wrote:
> u0_a122@smi:/ $ su
> root@smi:/ # iptables -L -v -n
> Chain INPUT (policy ACCEPT 782 packets, 78012 bytes)
> pkts bytes target prot opt in out source destination
> 782 78012 droidwall-input all -- * * 0.0.0.0/0 0.0.0.0/0
> 6203 4530K bw_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0
> Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
> pkts bytes target prot opt in out source destination
> 0 0 bw_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
> 0 0 natctrl_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
> Chain OUTPUT (policy ACCEPT 732 packets, 73858 bytes)
> pkts bytes target prot opt in out source destination
> 1395 134K droidwall all -- * * 0.0.0.0/0 0.0.0.0/0
> 6438 703K bw_OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
> Chain bw_FORWARD (1 references)
> pkts bytes target prot opt in out source destination
> Chain bw_INPUT (1 references)
> pkts bytes target prot opt in out source destination
> 11 13700 all -- !lo+ * 0.0.0.0/0 0.0.0.0/0 ! quota globalAlert: 2097152
> bytes
> 1279 115K RETURN all -- lo * 0.0.0.0/0 0.0.0.0/0
> 4414 4320K all -- * * 0.0.0.0/0 0.0.0.0/0 owner socket exists
> Chain bw_OUTPUT (1 references)
> pkts bytes target prot opt in out source destination
> 12 840 all -- * !lo+ 0.0.0.0/0 0.0.0.0/0 ! quota globalAlert: 2097152
> bytes
> 1279 115K RETURN all -- * lo 0.0.0.0/0 0.0.0.0/0
> 5158 588K all -- * * 0.0.0.0/0 0.0.0.0/0 owner socket exists
> Chain costly_shared (0 references)
> pkts bytes target prot opt in out source destination
> 0 0 penalty_box all -- * * 0.0.0.0/0 0.0.0.0/0
> Chain droidwall (1 references)
> pkts bytes target prot opt in out source destination
> 40 2538 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 0 udp dpt:53
> 0 0 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1000 udp dpt:123
> 0 0 droidwall-3g all -- * rmnet+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-3g all -- * pdp+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-3g all -- * ppp+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-3g all -- * uwbr+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-3g all -- * wimax+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-3g all -- * vsnet+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-3g all -- * ccmni+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-3g all -- * usb+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-3g all -- * rmnet1+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-3g all -- * rmnet_sdio+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-3g all -- * rmnet_sdio0+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-3g all -- * rmnet_sdio1+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-3g all -- * qmi+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-3g all -- * wwan0+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-3g all -- * svnet0+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-3g all -- * rmnet0+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-3g all -- * cdma_rmnet+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-3g all -- * rmnet_usb0+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-3g all -- * rmnet_usb+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-3g all -- * bond1+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-3g all -- * ppp0+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-wifi all -- * tiwlan+ 0.0.0.0/0 0.0.0.0/0
> 663 59967 droidwall-wifi all -- * wlan+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-wifi all -- * eth+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-wifi all -- * ra+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-wifi all -- * wlan0+ 0.0.0.0/0 0.0.0.0/0
> 0 0 droidwall-wifi all -- * eth0+ 0.0.0.0/0 0.0.0.0/0
> Chain droidwall-3g (21 references)
> pkts bytes target prot opt in out source destination
> 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 9999
> 0 0 droidwall-reject all -- * * 0.0.0.0/0 0.0.0.0/0
> Chain droidwall-input (1 references)
> pkts bytes target prot opt in out source destination
> Chain droidwall-input-drop (0 references)
> pkts bytes target prot opt in out source destination
> Chain droidwall-lan (0 references)
> pkts bytes target prot opt in out source destination
> Chain droidwall-reject (2 references)
> pkts bytes target prot opt in out source destination
> 653 59375 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 1000/min burst 5
> LOG flags 8 level 4 prefix "[AndroidFirewall]"
> 663 59967 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with
> icmp-port-unreachable
> Chain droidwall-vpn (0 references)
> pkts bytes target prot opt in out source destination
> Chain droidwall-wifi (6 references)
> pkts bytes target prot opt in out source destination
> 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1014
> 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1010
> 663 59967 droidwall-reject all -- * * 0.0.0.0/0 0.0.0.0/0
> Chain natctrl_FORWARD (1 references)
> pkts bytes target prot opt in out source destination
> Chain penalty_box (1 references)
> pkts bytes target prot opt in out source destination
> root@smi:/ #
> Jason Tschohl <notifications@github.com> schrieb:
>
>
> The Superuser you are talking about is this one:
> https://play.google.com/store/apps/details?id=com.koushikdutta.superuser
>
>
> I use that one myself and it most definitely does not have the Internet
> Permission.
>
>
> As for your syncing issues. Please use terminal emulator and e-mail me the
> output from this command after you enable the firewall.
>
>
> su
> iptables -L -v -n
>
>
>
> —
> Reply to this email directly or view it on GitHub.
>
> —
> Reply to this email directly or view it on GitHub<https://github.com/skullone/android_firewall/issues/52#issuecomment-25548015>
> .
>

  —
  Reply to this email directly or view it on GitHub.

skullone commented 10 years ago

Are you sure you're leaking data? Everything you've sent me says it's working.

Have you tried enabling IPv6 support and seeing if that stops the data transfer? Some cellular carriers are providing both IPv4 and IPv6 addresses now. Mine does and due to how iptables handles HTTPS requests if I don't have IPv6 enabled the HTTPS connection jumps to IPv6 and completes the data transfer.

On Wed, Oct 2, 2013 at 11:37 AM, Berns notifications@github.com wrote:

WLAN: u0_a122@smi:/ $ su root@smi:/ # busybox route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 192.168.2.1 0.0.0.0 UG 0 0 0 wlan0192.168.2.0 * 255.255.255.0 U 205 0 0 wlan0192.168.2.1 * 255.255.255.255 UH 0 0 0 wlan0 root@smi:/ # Cellular: u0_a122@smi:/ $ u0_a122@smi:/ $ su root@smi:/ # busybox route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 10.40.255.1 0.0.0.0 UG 0 0 0 rmnet010.40.255.1 * 255.255.255.255 UH 0 0 0 rmnet0

root@smi:/ # Jason Tschohl notifications@github.com schrieb:

Hmmm. That should be working. Please send me the output from these commands using Terminal Emulator

When on WiFi su busybox route

When on cellular data su busybox route On Wed, Oct 2, 2013 at 11:23 AM, Berns notifications@github.com wrote:

u0_a122@smi:/ $ su root@smi:/ # iptables -L -v -n Chain INPUT (policy ACCEPT 782 packets, 78012 bytes) pkts bytes target prot opt in out source destination 782 78012 droidwall-input all -- * * 0.0.0.0/0 0.0.0.0/0 6203 4530K bw_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 bw_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 natctrl_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 732 packets, 73858 bytes) pkts bytes target prot opt in out source destination 1395 134K droidwall all -- * * 0.0.0.0/0 0.0.0.0/0 6438 703K bw_OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain bw_FORWARD (1 references) pkts bytes target prot opt in out source destination Chain bw_INPUT (1 references) pkts bytes target prot opt in out source destination 11 13700 all -- !lo+ * 0.0.0.0/0 0.0.0.0/0 ! quota globalAlert: 2097152 bytes 1279 115K RETURN all -- lo * 0.0.0.0/0 0.0.0.0/0 4414 4320K all -- * * 0.0.0.0/0 0.0.0.0/0 owner socket exists Chain bw_OUTPUT (1 references) pkts bytes target prot opt in out source destination 12 840 all -- * !lo+ 0.0.0.0/0 0.0.0.0/0 ! quota globalAlert: 2097152 bytes 1279 115K RETURN all -- * lo 0.0.0.0/0 0.0.0.0/0 5158 588K all -- * * 0.0.0.0/0 0.0.0.0/0 owner socket exists Chain costly_shared (0 references) pkts bytes target prot opt in out source destination 0 0 penalty_box all -- * * 0.0.0.0/0 0.0.0.0/0 Chain droidwall (1 references) pkts bytes target prot opt in out source destination 40 2538 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 0 udp dpt:53 0 0 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1000 udp dpt:123 0 0 droidwall-3g all -- * rmnet+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * pdp+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * ppp+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * uwbr+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * wimax+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * vsnet+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * ccmni+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * usb+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet1+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet_sdio+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet_sdio0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet_sdio1+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * qmi+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * wwan0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * svnet0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * cdma_rmnet+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet_usb0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet_usb+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * bond1+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * ppp0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-wifi all -- * tiwlan+ 0.0.0.0/0 0.0.0.0/0 663 59967 droidwall-wifi all -- * wlan+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-wifi all -- * eth+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-wifi all -- * ra+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-wifi all -- * wlan0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-wifi all -- * eth0+ 0.0.0.0/0 0.0.0.0/0 Chain droidwall-3g (21 references) pkts bytes target prot opt in out source destination 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 9999 0 0 droidwall-reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain droidwall-input (1 references) pkts bytes target prot opt in out source destination Chain droidwall-input-drop (0 references) pkts bytes target prot opt in out source destination Chain droidwall-lan (0 references) pkts bytes target prot opt in out source destination Chain droidwall-reject (2 references) pkts bytes target prot opt in out source destination 653 59375 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 1000/min burst 5 LOG flags 8 level 4 prefix "[AndroidFirewall]" 663 59967 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain droidwall-vpn (0 references) pkts bytes target prot opt in out source destination Chain droidwall-wifi (6 references) pkts bytes target prot opt in out source destination 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1014 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1010 663 59967 droidwall-reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain natctrl_FORWARD (1 references) pkts bytes target prot opt in out source destination Chain penalty_box (1 references) pkts bytes target prot opt in out source destination root@smi:/ # Jason Tschohl notifications@github.com schrieb:

The Superuser you are talking about is this one: https://play.google.com/store/apps/details?id=com.koushikdutta.superuser

I use that one myself and it most definitely does not have the Internet Permission.

As for your syncing issues. Please use terminal emulator and e-mail me the output from this command after you enable the firewall.

su iptables -L -v -n

— Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub< https://github.com/skullone/android_firewall/issues/52#issuecomment-25548015

.

— Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHubhttps://github.com/skullone/android_firewall/issues/52#issuecomment-25549188 .

ghost commented 10 years ago

OK. Habe activated ipv6. Same behaviour. APP-data and chrome are syning. Jason Tschohl notifications@github.com schrieb:

Are you sure you're leaking data? Everything you've sent me says it's
working.
Have you tried enabling IPv6 support and seeing if that stops the data
transfer? Some cellular carriers are providing both IPv4 and IPv6
addresses now. Mine does and due to how iptables handles HTTPS requests if
I don't have IPv6 enabled the HTTPS connection jumps to IPv6 and completes
the data transfer.
On Wed, Oct 2, 2013 at 11:37 AM, Berns <notifications@github.com> wrote:
> WLAN:
> u0_a122@smi:/ $ su
> root@smi:/ # busybox route
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use Iface
> default 192.168.2.1 0.0.0.0 UG 0 0 0 wlan0192.168.2.0 * 255.255.255.0 U
> 205 0 0 wlan0192.168.2.1 * 255.255.255.255 UH 0 0 0 wlan0
> root@smi:/ #
> Cellular:
> u0_a122@smi:/ $
> u0_a122@smi:/ $ su
> root@smi:/ # busybox route
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use Iface
> default 10.40.255.1 0.0.0.0 UG 0 0 0 rmnet010.40.255.1 * 255.255.255.255
> UH 0 0 0 rmnet0
>
> root@smi:/ #
> Jason Tschohl <notifications@github.com> schrieb:
>
> Hmmm. That should be working. Please send me the output from these
> commands using Terminal Emulator
> 1. When on WiFi
> su
> busybox route
> 2. When on cellular data
> su
> busybox route
> On Wed, Oct 2, 2013 at 11:23 AM, Berns <notifications@github.com> wrote:
> > u0_a122@smi:/ $ su
> > root@smi:/ # iptables -L -v -n
> > Chain INPUT (policy ACCEPT 782 packets, 78012 bytes)
> > pkts bytes target prot opt in out source destination
> > 782 78012 droidwall-input all -- * * 0.0.0.0/0 0.0.0.0/0
> > 6203 4530K bw_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0
> > Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
> > pkts bytes target prot opt in out source destination
> > 0 0 bw_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
> > 0 0 natctrl_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
> > Chain OUTPUT (policy ACCEPT 732 packets, 73858 bytes)
> > pkts bytes target prot opt in out source destination
> > 1395 134K droidwall all -- * * 0.0.0.0/0 0.0.0.0/0
> > 6438 703K bw_OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
> > Chain bw_FORWARD (1 references)
> > pkts bytes target prot opt in out source destination
> > Chain bw_INPUT (1 references)
> > pkts bytes target prot opt in out source destination
> > 11 13700 all -- !lo+ * 0.0.0.0/0 0.0.0.0/0 ! quota globalAlert: 2097152
> > bytes
> > 1279 115K RETURN all -- lo * 0.0.0.0/0 0.0.0.0/0
> > 4414 4320K all -- * * 0.0.0.0/0 0.0.0.0/0 owner socket exists
> > Chain bw_OUTPUT (1 references)
> > pkts bytes target prot opt in out source destination
> > 12 840 all -- * !lo+ 0.0.0.0/0 0.0.0.0/0 ! quota globalAlert: 2097152
> > bytes
> > 1279 115K RETURN all -- * lo 0.0.0.0/0 0.0.0.0/0
> > 5158 588K all -- * * 0.0.0.0/0 0.0.0.0/0 owner socket exists
> > Chain costly_shared (0 references)
> > pkts bytes target prot opt in out source destination
> > 0 0 penalty_box all -- * * 0.0.0.0/0 0.0.0.0/0
> > Chain droidwall (1 references)
> > pkts bytes target prot opt in out source destination
> > 40 2538 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 0 udp
> dpt:53
> > 0 0 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1000 udp
> dpt:123
> > 0 0 droidwall-3g all -- * rmnet+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-3g all -- * pdp+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-3g all -- * ppp+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-3g all -- * uwbr+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-3g all -- * wimax+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-3g all -- * vsnet+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-3g all -- * ccmni+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-3g all -- * usb+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-3g all -- * rmnet1+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-3g all -- * rmnet_sdio+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-3g all -- * rmnet_sdio0+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-3g all -- * rmnet_sdio1+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-3g all -- * qmi+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-3g all -- * wwan0+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-3g all -- * svnet0+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-3g all -- * rmnet0+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-3g all -- * cdma_rmnet+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-3g all -- * rmnet_usb0+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-3g all -- * rmnet_usb+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-3g all -- * bond1+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-3g all -- * ppp0+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-wifi all -- * tiwlan+ 0.0.0.0/0 0.0.0.0/0
> > 663 59967 droidwall-wifi all -- * wlan+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-wifi all -- * eth+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-wifi all -- * ra+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-wifi all -- * wlan0+ 0.0.0.0/0 0.0.0.0/0
> > 0 0 droidwall-wifi all -- * eth0+ 0.0.0.0/0 0.0.0.0/0
> > Chain droidwall-3g (21 references)
> > pkts bytes target prot opt in out source destination
> > 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 9999
> > 0 0 droidwall-reject all -- * * 0.0.0.0/0 0.0.0.0/0
> > Chain droidwall-input (1 references)
> > pkts bytes target prot opt in out source destination
> > Chain droidwall-input-drop (0 references)
> > pkts bytes target prot opt in out source destination
> > Chain droidwall-lan (0 references)
> > pkts bytes target prot opt in out source destination
> > Chain droidwall-reject (2 references)
> > pkts bytes target prot opt in out source destination
> > 653 59375 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 1000/min burst 5
> > LOG flags 8 level 4 prefix "[AndroidFirewall]"
> > 663 59967 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with
> > icmp-port-unreachable
> > Chain droidwall-vpn (0 references)
> > pkts bytes target prot opt in out source destination
> > Chain droidwall-wifi (6 references)
> > pkts bytes target prot opt in out source destination
> > 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1014
> > 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1010
> > 663 59967 droidwall-reject all -- * * 0.0.0.0/0 0.0.0.0/0
> > Chain natctrl_FORWARD (1 references)
> > pkts bytes target prot opt in out source destination
> > Chain penalty_box (1 references)
> > pkts bytes target prot opt in out source destination
> > root@smi:/ #
> > Jason Tschohl <notifications@github.com> schrieb:
> >
> >
> > The Superuser you are talking about is this one:
> > https://play.google.com/store/apps/details?id=com.koushikdutta.superuser
> >
> >
> > I use that one myself and it most definitely does not have the Internet
> > Permission.
> >
> >
> > As for your syncing issues. Please use terminal emulator and e-mail me
> the
> > output from this command after you enable the firewall.
> >
> >
> > su
> > iptables -L -v -n
> >
> >
> >
> > —
> > Reply to this email directly or view it on GitHub.
> >
> > —
> > Reply to this email directly or view it on GitHub<
> https://github.com/skullone/android_firewall/issues/52#issuecomment-25548015
> >
>
> > .
> >
>
> —
> Reply to this email directly or view it on GitHub.
>
> —
> Reply to this email directly or view it on GitHub<https://github.com/skullone/android_firewall/issues/52#issuecomment-25549188>
> .
>

  —
  Reply to this email directly or view it on GitHub.

skullone commented 10 years ago

What do you mean by App data? Are some apps being blocked or are all apps able to access data? On Oct 2, 2013 12:00 PM, "Berns" notifications@github.com wrote:

OK. Habe activated ipv6. Same behaviour. APP-data and chrome are syning. Jason Tschohl notifications@github.com schrieb:

Are you sure you're leaking data? Everything you've sent me says it's working. Have you tried enabling IPv6 support and seeing if that stops the data transfer? Some cellular carriers are providing both IPv4 and IPv6 addresses now. Mine does and due to how iptables handles HTTPS requests if I don't have IPv6 enabled the HTTPS connection jumps to IPv6 and completes the data transfer. On Wed, Oct 2, 2013 at 11:37 AM, Berns notifications@github.com wrote:

WLAN: u0_a122@smi:/ $ su root@smi:/ # busybox route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 192.168.2.1 0.0.0.0 UG 0 0 0 wlan0192.168.2.0 * 255.255.255.0 U 205 0 0 wlan0192.168.2.1 * 255.255.255.255 UH 0 0 0 wlan0 root@smi:/ # Cellular: u0_a122@smi:/ $ u0_a122@smi:/ $ su root@smi:/ # busybox route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 10.40.255.1 0.0.0.0 UG 0 0 0 rmnet010.40.255.1 * 255.255.255.255 UH 0 0 0 rmnet0

root@smi:/ # Jason Tschohl notifications@github.com schrieb:

Hmmm. That should be working. Please send me the output from these commands using Terminal Emulator

When on WiFi su busybox route

When on cellular data su busybox route On Wed, Oct 2, 2013 at 11:23 AM, Berns notifications@github.com wrote:

u0_a122@smi:/ $ su root@smi:/ # iptables -L -v -n Chain INPUT (policy ACCEPT 782 packets, 78012 bytes) pkts bytes target prot opt in out source destination 782 78012 droidwall-input all -- * * 0.0.0.0/0 0.0.0.0/0 6203 4530K bw_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 bw_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 natctrl_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 732 packets, 73858 bytes) pkts bytes target prot opt in out source destination 1395 134K droidwall all -- * * 0.0.0.0/0 0.0.0.0/0 6438 703K bw_OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain bw_FORWARD (1 references) pkts bytes target prot opt in out source destination Chain bw_INPUT (1 references) pkts bytes target prot opt in out source destination 11 13700 all -- !lo+ * 0.0.0.0/0 0.0.0.0/0 ! quota globalAlert: 2097152 bytes 1279 115K RETURN all -- lo * 0.0.0.0/0 0.0.0.0/0 4414 4320K all -- * * 0.0.0.0/0 0.0.0.0/0 owner socket exists Chain bw_OUTPUT (1 references) pkts bytes target prot opt in out source destination 12 840 all -- * !lo+ 0.0.0.0/0 0.0.0.0/0 ! quota globalAlert: 2097152 bytes 1279 115K RETURN all -- * lo 0.0.0.0/0 0.0.0.0/0 5158 588K all -- * * 0.0.0.0/0 0.0.0.0/0 owner socket exists Chain costly_shared (0 references) pkts bytes target prot opt in out source destination 0 0 penalty_box all -- * * 0.0.0.0/0 0.0.0.0/0 Chain droidwall (1 references) pkts bytes target prot opt in out source destination 40 2538 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 0 udp dpt:53 0 0 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1000 udp dpt:123 0 0 droidwall-3g all -- * rmnet+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * pdp+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * ppp+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * uwbr+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * wimax+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * vsnet+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * ccmni+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * usb+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet1+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet_sdio+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet_sdio0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet_sdio1+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * qmi+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * wwan0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * svnet0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * cdma_rmnet+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet_usb0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * rmnet_usb+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * bond1+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-3g all -- * ppp0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-wifi all -- * tiwlan+ 0.0.0.0/0 0.0.0.0/0 663 59967 droidwall-wifi all -- * wlan+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-wifi all -- * eth+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-wifi all -- * ra+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-wifi all -- * wlan0+ 0.0.0.0/0 0.0.0.0/0 0 0 droidwall-wifi all -- * eth0+ 0.0.0.0/0 0.0.0.0/0 Chain droidwall-3g (21 references) pkts bytes target prot opt in out source destination 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 9999 0 0 droidwall-reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain droidwall-input (1 references) pkts bytes target prot opt in out source destination Chain droidwall-input-drop (0 references) pkts bytes target prot opt in out source destination Chain droidwall-lan (0 references) pkts bytes target prot opt in out source destination Chain droidwall-reject (2 references) pkts bytes target prot opt in out source destination 653 59375 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 1000/min burst 5 LOG flags 8 level 4 prefix "[AndroidFirewall]" 663 59967 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain droidwall-vpn (0 references) pkts bytes target prot opt in out source destination Chain droidwall-wifi (6 references) pkts bytes target prot opt in out source destination 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1014 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1010 663 59967 droidwall-reject all -- * * 0.0.0.0/0 0.0.0.0/0 Chain natctrl_FORWARD (1 references) pkts bytes target prot opt in out source destination Chain penalty_box (1 references) pkts bytes target prot opt in out source destination root@smi:/ # Jason Tschohl notifications@github.com schrieb:

The Superuser you are talking about is this one:

https://play.google.com/store/apps/details?id=com.koushikdutta.superuser

I use that one myself and it most definitely does not have the Internet Permission.

As for your syncing issues. Please use terminal emulator and e-mail me the output from this command after you enable the firewall.

su iptables -L -v -n

— Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub<

https://github.com/skullone/android_firewall/issues/52#issuecomment-25548015

.

— Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHub< https://github.com/skullone/android_firewall/issues/52#issuecomment-25549188

.

— Reply to this email directly or view it on GitHub.

— Reply to this email directly or view it on GitHubhttps://github.com/skullone/android_firewall/issues/52#issuecomment-25551108 .

ghost commented 10 years ago

Hello, i mean the snyncing function in "SETTINGS" - "ACCOUNTS" - "GOOGLE" - " xyz@Google.com" I have attached two Images, one of the firewall, of the syncing-menu. Berns Jason Tschohl notifications@github.com schrieb:

What do you mean by App data? Are some apps being blocked or are all apps
able to access data?
On Oct 2, 2013 12:00 PM, "Berns" <notifications@github.com> wrote:
> OK. Habe activated ipv6. Same behaviour. APP-data and chrome are syning.
> Jason Tschohl <notifications@github.com> schrieb:
>
> Are you sure you're leaking data? Everything you've sent me says it's
> working.
> Have you tried enabling IPv6 support and seeing if that stops the data
> transfer? Some cellular carriers are providing both IPv4 and IPv6
> addresses now. Mine does and due to how iptables handles HTTPS requests if
> I don't have IPv6 enabled the HTTPS connection jumps to IPv6 and completes
> the data transfer.
> On Wed, Oct 2, 2013 at 11:37 AM, Berns <notifications@github.com> wrote:
> > WLAN:
> > u0_a122@smi:/ $ su
> > root@smi:/ # busybox route
> > Kernel IP routing table
> > Destination Gateway Genmask Flags Metric Ref Use Iface
> > default 192.168.2.1 0.0.0.0 UG 0 0 0 wlan0192.168.2.0 * 255.255.255.0 U
> > 205 0 0 wlan0192.168.2.1 * 255.255.255.255 UH 0 0 0 wlan0
> > root@smi:/ #
> > Cellular:
> > u0_a122@smi:/ $
> > u0_a122@smi:/ $ su
> > root@smi:/ # busybox route
> > Kernel IP routing table
> > Destination Gateway Genmask Flags Metric Ref Use Iface
> > default 10.40.255.1 0.0.0.0 UG 0 0 0 rmnet010.40.255.1 * 255.255.255.255
> > UH 0 0 0 rmnet0
> >
> > root@smi:/ #
> > Jason Tschohl <notifications@github.com> schrieb:
> >
> > Hmmm. That should be working. Please send me the output from these
> > commands using Terminal Emulator
> > 1. When on WiFi
> > su
> > busybox route
> > 2. When on cellular data
> > su
> > busybox route
> > On Wed, Oct 2, 2013 at 11:23 AM, Berns <notifications@github.com> wrote:
> > > u0_a122@smi:/ $ su
> > > root@smi:/ # iptables -L -v -n
> > > Chain INPUT (policy ACCEPT 782 packets, 78012 bytes)
> > > pkts bytes target prot opt in out source destination
> > > 782 78012 droidwall-input all -- * * 0.0.0.0/0 0.0.0.0/0
> > > 6203 4530K bw_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0
> > > Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
> > > pkts bytes target prot opt in out source destination
> > > 0 0 bw_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
> > > 0 0 natctrl_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
> > > Chain OUTPUT (policy ACCEPT 732 packets, 73858 bytes)
> > > pkts bytes target prot opt in out source destination
> > > 1395 134K droidwall all -- * * 0.0.0.0/0 0.0.0.0/0
> > > 6438 703K bw_OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
> > > Chain bw_FORWARD (1 references)
> > > pkts bytes target prot opt in out source destination
> > > Chain bw_INPUT (1 references)
> > > pkts bytes target prot opt in out source destination
> > > 11 13700 all -- !lo+ * 0.0.0.0/0 0.0.0.0/0 ! quota globalAlert:
> 2097152
> > > bytes
> > > 1279 115K RETURN all -- lo * 0.0.0.0/0 0.0.0.0/0
> > > 4414 4320K all -- * * 0.0.0.0/0 0.0.0.0/0 owner socket exists
> > > Chain bw_OUTPUT (1 references)
> > > pkts bytes target prot opt in out source destination
> > > 12 840 all -- * !lo+ 0.0.0.0/0 0.0.0.0/0 ! quota globalAlert: 2097152
> > > bytes
> > > 1279 115K RETURN all -- * lo 0.0.0.0/0 0.0.0.0/0
> > > 5158 588K all -- * * 0.0.0.0/0 0.0.0.0/0 owner socket exists
> > > Chain costly_shared (0 references)
> > > pkts bytes target prot opt in out source destination
> > > 0 0 penalty_box all -- * * 0.0.0.0/0 0.0.0.0/0
> > > Chain droidwall (1 references)
> > > pkts bytes target prot opt in out source destination
> > > 40 2538 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 0 udp
> > dpt:53
> > > 0 0 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1000 udp
> > dpt:123
> > > 0 0 droidwall-3g all -- * rmnet+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-3g all -- * pdp+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-3g all -- * ppp+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-3g all -- * uwbr+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-3g all -- * wimax+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-3g all -- * vsnet+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-3g all -- * ccmni+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-3g all -- * usb+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-3g all -- * rmnet1+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-3g all -- * rmnet_sdio+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-3g all -- * rmnet_sdio0+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-3g all -- * rmnet_sdio1+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-3g all -- * qmi+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-3g all -- * wwan0+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-3g all -- * svnet0+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-3g all -- * rmnet0+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-3g all -- * cdma_rmnet+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-3g all -- * rmnet_usb0+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-3g all -- * rmnet_usb+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-3g all -- * bond1+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-3g all -- * ppp0+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-wifi all -- * tiwlan+ 0.0.0.0/0 0.0.0.0/0
> > > 663 59967 droidwall-wifi all -- * wlan+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-wifi all -- * eth+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-wifi all -- * ra+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-wifi all -- * wlan0+ 0.0.0.0/0 0.0.0.0/0
> > > 0 0 droidwall-wifi all -- * eth0+ 0.0.0.0/0 0.0.0.0/0
> > > Chain droidwall-3g (21 references)
> > > pkts bytes target prot opt in out source destination
> > > 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 9999
> > > 0 0 droidwall-reject all -- * * 0.0.0.0/0 0.0.0.0/0
> > > Chain droidwall-input (1 references)
> > > pkts bytes target prot opt in out source destination
> > > Chain droidwall-input-drop (0 references)
> > > pkts bytes target prot opt in out source destination
> > > Chain droidwall-lan (0 references)
> > > pkts bytes target prot opt in out source destination
> > > Chain droidwall-reject (2 references)
> > > pkts bytes target prot opt in out source destination
> > > 653 59375 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 1000/min
> burst 5
> > > LOG flags 8 level 4 prefix "[AndroidFirewall]"
> > > 663 59967 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with
> > > icmp-port-unreachable
> > > Chain droidwall-vpn (0 references)
> > > pkts bytes target prot opt in out source destination
> > > Chain droidwall-wifi (6 references)
> > > pkts bytes target prot opt in out source destination
> > > 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1014
> > > 0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1010
> > > 663 59967 droidwall-reject all -- * * 0.0.0.0/0 0.0.0.0/0
> > > Chain natctrl_FORWARD (1 references)
> > > pkts bytes target prot opt in out source destination
> > > Chain penalty_box (1 references)
> > > pkts bytes target prot opt in out source destination
> > > root@smi:/ #
> > > Jason Tschohl <notifications@github.com> schrieb:
> > >
> > >
> > > The Superuser you are talking about is this one:
> > >
> https://play.google.com/store/apps/details?id=com.koushikdutta.superuser
> > >
> > >
> > > I use that one myself and it most definitely does not have the Internet
> > > Permission.
> > >
> > >
> > > As for your syncing issues. Please use terminal emulator and e-mail me
> > the
> > > output from this command after you enable the firewall.
> > >
> > >
> > > su
> > > iptables -L -v -n
> > >
> > >
> > >
> > > —
> > > Reply to this email directly or view it on GitHub.
> > >
> > > —
> > > Reply to this email directly or view it on GitHub<
> >
> https://github.com/skullone/android_firewall/issues/52#issuecomment-25548015
> > >
> >
> > > .
> > >
> >
> > —
> > Reply to this email directly or view it on GitHub.
> >
> > —
> > Reply to this email directly or view it on GitHub<
> https://github.com/skullone/android_firewall/issues/52#issuecomment-25549188
> >
> > .
> >
>
> —
> Reply to this email directly or view it on GitHub.
>
> —
> Reply to this email directly or view it on GitHub<https://github.com/skullone/android_firewall/issues/52#issuecomment-25551108>
> .
>

  —
  Reply to this email directly or view it on GitHub.

skullone commented 10 years ago

I do not see any images. Please e-mail them to me directly.

ghost commented 10 years ago

Jason Tschohl notifications@github.com schrieb:

  I do not see any images. Please e-mail them to me directly.

  —
  Reply to this email directly or view it on GitHub.

skullone commented 10 years ago

Please e-mail the pictures to me directly.

skullone commented 10 years ago

ClockworkMod Superuser does not use the Internet Permission so it will not show up in the list.