Log Service process does not start

[CapitalF]

AFWall+ v3.6.0. I am an advanced long-time user with multiple devices running AFW+. The device is a new Pixel 8 running LineageOS 21/Android 14.

The Log Service is not starting on this device. I verified via "cat /proc/net/netfilter/nfnetlink_log" and "ps auxw | grep nflog". The nflog process is not running like on my other devices.

When I logcat, I see lines showing that the Log Service is supposed to be started, but nothing actually happens. There are no warnings or errors that I can see.

04-14 00:22:08.951 I/AFWall  ( 4450): Starting Log Service: /data/user/0/dev.ukanth.ufirewall/app_bin/nflog  40 for LogTarget: NFLOG
04-14 00:22:09.019 I/AFWall  ( 4450): Staring log watcher
04-14 00:22:09.021 I/AFWall  ( 4450): Starting Log Service: /data/user/0/dev.ukanth.ufirewall/app_bin/nflog  40 for LogTarget: NFLOG
04-14 00:22:09.021 I/AFWall  ( 4450): Staring log watcher

This is a freshly installed device, so the configuration is pretty basic.

[CapitalF]

Here's a quick tip you might want to add to your FAQ or troubleshooting:

Since the Log Service isn't listening to the nflog link/socket, I can attach tcpdump to it!

tcpdump -i nflog:$(iptables-save | egrep "afwall.* NFLOG " | awk '{print $(NF)}') -n

I only wish tcpdump could output the PID of the owner process for each packet. Sadly there is no such feature.

[kai-row]

I have also the issue that AFWall+ v3.6.0 does not log anymore on a plain 64 bit device like pixel 8. What I found out, is that the external binaries like iptables, nflog etc are 32 bit binaries which cannot be executed on the pixel 8. I also found that the current beta branch seems to have some fixes done for arm64 binary support. See here https://github.com/ukanth/afwall/compare/main...beta. So I thought I would have to compile it. I tried that first with the main branch not containing the fixes and that compiled just fine with android studio. Anyway when I try to compile the beta branch, it fails with the following errors:

Seems there is still an issue with the code and I don't know how to fix it.

[kai-row]

Hi, further investigation revealed that the external binaries are pre compiled by using NDK as outlined in the docs for compiling them. When cloning the afwall repository these precompiled files are stored under afwall/app/src/main/res/raw. I was using a debian bookworm with my compile try above. The gcc compiler there is the most recent one and failing for compiling the external binaries under the folder afwall/external. To not wait for the fix of the general available afwall app I downloaded a Jessie VM for virualbox from osboxes.org (Debian-8.11_64bit.vdi) and installed the required tools like build-essentials,autoconf, automake, and libtool on that VM via a the first debian DVD iso image (debian-8.11.0-amd64-DVD-1.iso) I found for Jessie (It is that old that a normal "apt install" is failing, as the resources on the debian servers are not available anymore. Hence you need to mount the iso image within the VM). For the NDK I installed the zip file android-ndk-r10e-linux-x86_64.zip under /opt. After cloning the beta archive for afwall, I tried to compile the binaries under afwall/external by simply issuing make. This failed for iptables. As I am only interested in the arm64 binary for nflog I changed the variable "PER_ARCH_TARGETS := iptables busybox nflog" to " PER_ARCH_TARGETS := nflog" in the Makefile under external/. This worked out and compiled ok. The resulting binary nflog_arm64 can be found under the afwall/app/src/main/res/raw folder. I transferred that to my phone and installed it as a replacement for the /data/data/dev.ukanth.ufirewall/app_bin/nflog file. Make sure that the file is renamed from nflog_arm64 to nflog and that permissions are set correctly (chmod 755 nflog). For me that worked out and now the log functionality also works for me on my pixel 8 phone.