Closed subdancer closed 5 years ago
Please attach firewall rules. (menu-firewall rules)
It didn't let me Export the log at first. I had to set write access in android settings app and notifications first. I'm using the donate version Form the playstore.
==========
IPv4 Rules
==========
Chain INPUT (policy ACCEPT 2 packets, 360 bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy DROP 3 packets, 366 bytes)
pkts bytes target prot opt in out source destination
3 366 afwall all -- * * 0.0.0.0/0 0.0.0.0/0
Chain afwall (1 references)
pkts bytes target prot opt in out source destination
Chain afwall-3g (0 references)
pkts bytes target prot opt in out source destination
0 0 afwall-3g-postcustom all -- * * 0.0.0.0/0 0.0.0.0/0
Chain afwall-3g-fork (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-3g-home (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-3g-postcustom (1 references)
pkts bytes target prot opt in out source destination
Chain afwall-3g-roam (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-3g-tether (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-reject (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-vpn (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-wifi (0 references)
pkts bytes target prot opt in out source destination
0 0 afwall-wifi-postcustom all -- * * 0.0.0.0/0 0.0.0.0/0
Chain afwall-wifi-fork (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-wifi-lan (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-wifi-postcustom (1 references)
pkts bytes target prot opt in out source destination
Chain afwall-wifi-tether (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-wifi-wan (0 references)
pkts bytes target prot opt in out source destination
==================
Network interfaces
==================
rmnet2
rmnet3
rmnet4
rmnet5
rmnet6
rmnet7
rmnet0
rmnet1
rev_rmnet0
rev_rmnet1
rev_rmnet2
rev_rmnet3
rev_rmnet4
rev_rmnet5
rev_rmnet6
rev_rmnet7
rev_rmnet8
wlan0
lo
p2p0
sit0
rmnet_usb0
dummy0
========
ifconfig
========
dummy0 Link encap:Ethernet HWaddr 86:5A:53:28:F5:08
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:210 (210.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
p2p0 Link encap:Ethernet HWaddr C2:EE:FB:27:45:AD
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rev_rmnet0 Link encap:Ethernet HWaddr 56:D4:0E:01:1C:9B
BROADCAST MULTICAST MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rev_rmnet1 Link encap:Ethernet HWaddr AE:14:50:79:0E:30
BROADCAST MULTICAST MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rev_rmnet2 Link encap:Ethernet HWaddr 0A:5E:1C:8E:F3:C0
BROADCAST MULTICAST MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rev_rmnet3 Link encap:Ethernet HWaddr 0E:4C:C1:10:76:41
BROADCAST MULTICAST MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rev_rmnet4 Link encap:Ethernet HWaddr 2A:45:44:3A:2C:C6
BROADCAST MULTICAST MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rev_rmnet5 Link encap:Ethernet HWaddr 7A:B8:26:70:96:A0
BROADCAST MULTICAST MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rev_rmnet6 Link encap:Ethernet HWaddr F6:2E:24:C7:98:46
BROADCAST MULTICAST MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rev_rmnet7 Link encap:Ethernet HWaddr 4A:09:11:07:E9:5F
BROADCAST MULTICAST MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rev_rmnet8 Link encap:Ethernet HWaddr 42:70:1C:AC:4B:30
BROADCAST MULTICAST MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet2 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet3 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet4 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet5 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet6 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet7 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet_usb0 Link encap:Ethernet HWaddr F2:00:17:BE:5E:E2
BROADCAST MULTICAST MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
sit0 Link encap:UNSPEC HWaddr 00-00-00-00-01-00-00-00-00-00-00-00-00-00-00-00
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
wlan0 Link encap:Ethernet HWaddr C0:EE:FB:27:45:AD
inet addr:192.168.178.27 Bcast:192.168.178.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3041 errors:0 dropped:0 overruns:0 frame:0
TX packets:2154 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1377841 (1.3 MiB) TX bytes:356492 (348.1 KiB)
===========
System info
===========
Android version: 8.1.0
Manufacturer: OnePlus
Model: A0001
Build: aosp_bacon-userdebug 8.1.0 OPM1.171019.011 eng.agentf.20171222.055453 test-keys
Active interface: wifi
Tether status: no
Roam status: no
IPv4 subnet: 192.168.178.27/24
IPv6 subnet: fe80::c2ee:fbff:fe27:45ad/64
/system/bin/su: not present
/system/xbin/su: not present
/system/app/Superuser.apk: not present
Superuser: none found
===========
Preferences
===========
activeRules: true
appVersion: 15979
controlIPv6: false
enableIPv6: false
enableLAN: false
enableRoam: false
enableVPN: false
forward_chain: true
forward_chain_v6: true
hasRoot: true
input_chain: true
input_chain_v6: true
output_chain: true
output_chain_v6: true
Profile Mode : whitelist
Status : Disabled
======
Logcat
======
23:47:12 Selected Profile: AFWallPrefs
23:47:12 binary installation for armeabi-v7a succeeded
23:47:12 binary installation for armeabi succeeded
23:47:12 Selected Profile: AFWallPrefs
23:47:19 Selected Profile: AFWallPrefs
23:47:19 Selected Profile: AFWallPrefs
23:47:19 Selected Profile: AFWallPrefs
23:47:19 Received cmds: #5
23:47:19 Starting root shell...
23:47:19 Root shell is open
23:47:19 Start processing next state
23:47:19 Total commamds: #5
23:47:21 Selected Profile: AFWallPrefs
23:47:23 Selected Profile: AFWallPrefs
23:48:08 Selected Profile: AFWallPrefs
23:48:22 Application state changed: com.amaze.filemanager
23:48:34 Using applySavedIptablesRules
23:48:34 Setting OUTPUT to Drop
23:48:34 isWifiApEnabled is false
23:48:34 Setting OUTPUT to Accept State
23:48:34 Received cmds: #89
23:48:34 Start processing next state
23:48:34 Total commamds: #89
23:48:35 command 'iptables -A afwall-reject -j REJECT' exited with status 1
Output:
iptables: No chain/target/match by that name.
23:48:54 Received cmds: #1
23:48:54 Start processing next state
23:48:54 Total commamds: #1
23:48:54 Received cmds: #1
23:48:54 Start processing next state
23:48:54 Total commamds: #1
23:48:54 Received cmds: #1
23:48:54 Start processing next state
23:48:54 Total commamds: #1
There you go
Can you also post iptables -S output from console if possible ?
sure
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N bw_FORWARD
-N bw_INPUT
-N bw_OUTPUT
-N bw_costly_shared
-N bw_data_saver
-N bw_happy_box
-N bw_penalty_box
-N fw_FORWARD
-N fw_INPUT
-N fw_OUTPUT
-N fw_dozable
-N fw_powersave
-N fw_standby
-N natctrl_FORWARD
-N natctrl_tether_counters
-N oem_fwd
-N oem_out
-N st_OUTPUT
-N st_clear_caught
-N st_clear_detect
-N st_penalty_log
-N st_penalty_reject
-A INPUT -j bw_INPUT
-A INPUT -j fw_INPUT
-A FORWARD -j oem_fwd
-A FORWARD -j fw_FORWARD
-A FORWARD -j bw_FORWARD
-A FORWARD -j natctrl_FORWARD
-A OUTPUT -o rmnet7 -p udp -m udp --dport 1900 -m comment --comment "Drop SSDP on WWAN" -j DROP
-A OUTPUT -o rmnet6 -p udp -m udp --dport 1900 -m comment --comment "Drop SSDP on WWAN" -j DROP
-A OUTPUT -o rmnet5 -p udp -m udp --dport 1900 -m comment --comment "Drop SSDP on WWAN" -j DROP
-A OUTPUT -o rmnet4 -p udp -m udp --dport 1900 -m comment --comment "Drop SSDP on WWAN" -j DROP
-A OUTPUT -o rmnet3 -p udp -m udp --dport 1900 -m comment --comment "Drop SSDP on WWAN" -j DROP
-A OUTPUT -o rmnet2 -p udp -m udp --dport 1900 -m comment --comment "Drop SSDP on WWAN" -j DROP
-A OUTPUT -o rmnet1 -p udp -m udp --dport 1900 -m comment --comment "Drop SSDP on WWAN" -j DROP
-A OUTPUT -o rmnet0 -p udp -m udp --dport 1900 -m comment --comment "Drop SSDP on WWAN" -j DROP
-A OUTPUT -j oem_out
-A OUTPUT -j fw_OUTPUT
-A OUTPUT -j st_OUTPUT
-A OUTPUT -j bw_OUTPUT
-A bw_INPUT -m quota2 ! --name globalAlert --quota 2097152
-A bw_INPUT -m owner --socket-exists
-A bw_OUTPUT -m quota2 ! --name globalAlert --quota 2097152
-A bw_OUTPUT -m owner --socket-exists
-A bw_costly_shared -j bw_penalty_box
-A bw_data_saver -j RETURN
-A bw_happy_box -m owner --uid-owner 10010 -j RETURN
-A bw_happy_box -m owner --uid-owner 10032 -j RETURN
-A bw_happy_box -m owner --uid-owner 0-9999 -j RETURN
-A bw_happy_box -j bw_data_saver
-A bw_penalty_box -j bw_happy_box
-A fw_dozable -m owner --uid-owner 1001 -j RETURN
-A fw_dozable -m owner --uid-owner 1027 -j RETURN
-A fw_dozable -m owner --uid-owner 2000 -j RETURN
-A fw_dozable -m owner --uid-owner 10006 -j RETURN
-A fw_dozable -m owner --uid-owner 10010 -j RETURN
-A fw_dozable -m owner --uid-owner 10015 -j RETURN
-A fw_dozable -m owner --uid-owner 10027 -j RETURN
-A fw_dozable -m owner --uid-owner 10032 -j RETURN
-A fw_dozable -m owner --uid-owner 10037 -j RETURN
-A fw_dozable -m owner --uid-owner 0-9999 -j RETURN
-A fw_dozable -i lo -j RETURN
-A fw_dozable -o lo -j RETURN
-A fw_dozable -p tcp -m tcp --tcp-flags RST RST -j RETURN
-A fw_dozable -j DROP
-A fw_powersave -m owner --uid-owner 0-9999 -j RETURN
-A fw_powersave -i lo -j RETURN
-A fw_powersave -o lo -j RETURN
-A fw_powersave -p tcp -m tcp --tcp-flags RST RST -j RETURN
-A fw_powersave -j DROP
-A fw_standby -i lo -j RETURN
-A fw_standby -o lo -j RETURN
-A fw_standby -p tcp -m tcp --tcp-flags RST RST -j RETURN
-A natctrl_FORWARD -j DROP
Now with LineageOS 15.1 being available, I have upgrade my OnePlus 3 and I'm facing the same issue.
When applying the rules, AFWall+ counts up to about 30 entries and then displays a toast with the error message.
I have attached the firewall rules but can't attach the iptables console output as I'm receiving the error message "Another app is currently holding the xtables lock."
I don't know if this is connected but I have noticed that AFWall+ complains about missing root when root is disabled in the developer options. However if root is enabled in the developer options but set to "Ignore" or "Ask" in the Privacy Guard, then AFWall+ will not complain about missing root but also not request it. Also the time for the last time AFWall+ requested root is not changing. From the outside it looks to me like AFWall+ isn't requesting root correctly on LineageOS 15.1
Root works perfectly fine with other Apps like AdAway.
My setup:
LineageOS 15.1 with 14.1 addon su and no Gapps. AFWall+ 2.98 from Fdroid.
IP rules (can't attach it as a file for some reason):
==========
IPv4 Rules
==========
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
4335 5885K bw_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0
4335 5885K fw_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 oem_fwd all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 fw_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 bw_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 natctrl_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy DROP 48 packets, 3984 bytes)
pkts bytes target prot opt in out source destination
48 3984 afwall all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP udp -- * r_rmnet_data8 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * r_rmnet_data7 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * r_rmnet_data6 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * r_rmnet_data5 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * r_rmnet_data4 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * r_rmnet_data3 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * r_rmnet_data2 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * r_rmnet_data1 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * r_rmnet_data0 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * rmnet_data7 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * rmnet_data6 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * rmnet_data5 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * rmnet_data4 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * rmnet_data3 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * rmnet_data2 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * rmnet_data1 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
12 1488 DROP udp -- * rmnet_data0 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * rmnet_data7 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * rmnet_data6 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * rmnet_data5 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * rmnet_data4 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * rmnet_data3 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * rmnet_data2 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * rmnet_data1 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
0 0 DROP udp -- * rmnet_data0 0.0.0.0/0 0.0.0.0/0 udp dpt:1900
4243 356K oem_out all -- * * 0.0.0.0/0 0.0.0.0/0
4243 356K fw_OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
4239 356K st_OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
4239 356K bw_OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain afwall (1 references)
pkts bytes target prot opt in out source destination
Chain afwall-3g (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-3g-fork (1 references)
pkts bytes target prot opt in out source destination
0 0 afwall-3g-home all -- * * 0.0.0.0/0 0.0.0.0/0
Chain afwall-3g-home (1 references)
pkts bytes target prot opt in out source destination
Chain afwall-3g-postcustom (0 references)
pkts bytes target prot opt in out source destination
0 0 afwall-3g-fork all -- * * 0.0.0.0/0 0.0.0.0/0
Chain afwall-3g-roam (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-3g-tether (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-reject (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-vpn (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-wifi (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-wifi-fork (1 references)
pkts bytes target prot opt in out source destination
0 0 afwall-wifi-wan all -- * * 0.0.0.0/0 0.0.0.0/0
Chain afwall-wifi-lan (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-wifi-postcustom (0 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1014
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 1010
0 0 afwall-wifi-fork all -- * * 0.0.0.0/0 0.0.0.0/0
Chain afwall-wifi-tether (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-wifi-wan (1 references)
pkts bytes target prot opt in out source destination
Chain bw_FORWARD (1 references)
pkts bytes target prot opt in out source destination
0 0 bw_costly_rmnet_data0 all -- * rmnet_data0 0.0.0.0/0 0.0.0.0/0
Chain bw_INPUT (1 references)
pkts bytes target prot opt in out source destination
18 44749 all -- * * 0.0.0.0/0 0.0.0.0/0 ! quota globalAlert: 2097152 bytes
3747 5458K bw_costly_rmnet_data0 all -- rmnet_data0 * 0.0.0.0/0 0.0.0.0/0
4229 5870K all -- * * 0.0.0.0/0 0.0.0.0/0 owner socket exists
Chain bw_OUTPUT (1 references)
pkts bytes target prot opt in out source destination
8 332 all -- * * 0.0.0.0/0 0.0.0.0/0 ! quota globalAlert: 2097152 bytes
3578 301K bw_costly_rmnet_data0 all -- * rmnet_data0 0.0.0.0/0 0.0.0.0/0
4231 356K all -- * * 0.0.0.0/0 0.0.0.0/0 owner socket exists
Chain bw_costly_rmnet_data0 (3 references)
pkts bytes target prot opt in out source destination
7325 5759K bw_penalty_box all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 ! quota rmnet_data0: 9223372036854775807 bytes reject-with icmp-port-unreachable
Chain bw_costly_shared (0 references)
pkts bytes target prot opt in out source destination
0 0 bw_penalty_box all -- * * 0.0.0.0/0 0.0.0.0/0
Chain bw_data_saver (1 references)
pkts bytes target prot opt in out source destination
7515 6152K RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain bw_happy_box (1 references)
pkts bytes target prot opt in out source destination
773 64407 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 0-9999
7515 6152K bw_data_saver all -- * * 0.0.0.0/0 0.0.0.0/0
Chain bw_penalty_box (2 references)
pkts bytes target prot opt in out source destination
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10146 reject-with icmp-port-unreachable
8288 6216K bw_happy_box all -- * * 0.0.0.0/0 0.0.0.0/0
Chain fw_FORWARD (1 references)
pkts bytes target prot opt in out source destination
Chain fw_INPUT (1 references)
pkts bytes target prot opt in out source destination
4335 5885K fw_standby all -- * * 0.0.0.0/0 0.0.0.0/0
Chain fw_OUTPUT (1 references)
pkts bytes target prot opt in out source destination
4243 356K fw_standby all -- * * 0.0.0.0/0 0.0.0.0/0
Chain fw_dozable (0 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 0-9999
0 0 RETURN all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 RETURN all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x04/0x04
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain fw_powersave (0 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 0-9999
0 0 RETURN all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 RETURN all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x04/0x04
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain fw_standby (2 references)
pkts bytes target prot opt in out source destination
38 4044 RETURN all -- lo * 0.0.0.0/0 0.0.0.0/0
46 5404 RETURN all -- * lo 0.0.0.0/0 0.0.0.0/0
96 3876 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x04/0x04
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10000
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10011
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10016
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10043
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10047
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10048
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10050
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10056
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10064
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10074
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10091
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10093
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10094
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10097
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10099
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10100
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10103
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10104
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10110
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10113
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10114
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10127
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10132
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10134
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10135
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10145
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10146
4 240 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10159
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10180
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10190
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10191
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10198
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10201
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10205
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10207
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10210
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10214
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10215
Chain natctrl_FORWARD (1 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain natctrl_tether_counters (0 references)
pkts bytes target prot opt in out source destination
Chain nm_mdmprxy_doze_mode_skip (0 references)
pkts bytes target prot opt in out source destination
Chain nm_mdmprxy_iface_pkt_fwder (0 references)
pkts bytes target prot opt in out source destination
Chain oem_fwd (1 references)
pkts bytes target prot opt in out source destination
Chain oem_out (1 references)
pkts bytes target prot opt in out source destination
Chain st_OUTPUT (1 references)
pkts bytes target prot opt in out source destination
Chain st_clear_caught (2 references)
pkts bytes target prot opt in out source destination
Chain st_clear_detect (0 references)
pkts bytes target prot opt in out source destination
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 connmark match 0x2000000/0x2000000 reject-with icmp-port-unreachable
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 connmark match 0x1000000/0x1000000
0 0 CONNMARK tcp -- * * 0.0.0.0/0 0.0.0.0/0 u32 "0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x0&0xffff0000=0x16030000&&0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x4&0xff0000=0x10000" CONNMARK or 0x1000000
0 0 CONNMARK udp -- * * 0.0.0.0/0 0.0.0.0/0 u32 "0x0>>0x16&0x3c@0x8&0xffff0000=0x16fe0000&&0x0>>0x16&0x3c@0x14&0xff0000=0x10000" CONNMARK or 0x1000000
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 connmark match 0x1000000/0x1000000
0 0 st_clear_caught tcp -- * * 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED u32 "0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x0&0x0=0x0"
0 0 st_clear_caught udp -- * * 0.0.0.0/0 0.0.0.0/0
Chain st_penalty_log (0 references)
pkts bytes target prot opt in out source destination
0 0 CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 CONNMARK or 0x1000000
0 0 NFLOG all -- * * 0.0.0.0/0 0.0.0.0/0
Chain st_penalty_reject (0 references)
pkts bytes target prot opt in out source destination
0 0 CONNMARK all -- * * 0.0.0.0/0 0.0.0.0/0 CONNMARK or 0x2000000
0 0 NFLOG all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
==================
Network interfaces
==================
r_rmnet_data6
r_rmnet_data5
r_rmnet_data7
r_rmnet_data8
r_rmnet_data0
r_rmnet_data2
r_rmnet_data1
r_rmnet_data3
r_rmnet_data4
rmnet_data6
rmnet_data5
rmnet_data7
rmnet_data0
rmnet_data1
rmnet_data3
rmnet_data2
rmnet_data4
bonding_masters
bond0
sit0
lo
rmnet_ipa0
dummy0
========
ifconfig
========
bond0 Link encap:Ethernet HWaddr 42:FB:E3:C2:69:80
BROADCAST MASTER MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
dummy0 Link encap:Ethernet HWaddr 16:F3:16:B6:C7:C8
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:560 (560.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:38 errors:0 dropped:0 overruns:0 frame:0
TX packets:38 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:4044 (3.9 KiB) TX bytes:4044 (3.9 KiB)
r_rmnet_data0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
r_rmnet_data1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
r_rmnet_data2 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
r_rmnet_data3 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
r_rmnet_data4 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
r_rmnet_data5 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
r_rmnet_data6 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
r_rmnet_data7 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
r_rmnet_data8 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet_data0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.204.29.67 Mask:255.255.255.248
UP RUNNING MTU:1500 Metric:1
RX packets:5027 errors:0 dropped:0 overruns:0 frame:0
TX packets:3367 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5915616 (5.6 MiB) TX bytes:312718 (305.3 KiB)
rmnet_data1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet_data2 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet_data3 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet_data4 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet_data5 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet_data6 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet_data7 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet_ipa0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
UP RUNNING MTU:2000 Metric:1
RX packets:2348 errors:0 dropped:0 overruns:0 frame:0
TX packets:3367 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5975940 (5.6 MiB) TX bytes:312718 (305.3 KiB)
sit0 Link encap:UNSPEC HWaddr 00-00-00-00-01-00-00-00-00-00-00-00-00-00-00-00
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
===========
System info
===========
Android version: 8.1.0
Manufacturer: OnePlus
Model: ONEPLUS A3003
Build: lineage_oneplus3-userdebug 8.1.0 OPM1.171019.018 b8738983f3
Active interface: mobile
Tether status: no
Roam status: no
IPv4 subnet:
IPv6 subnet:
/system/bin/su: 166576 bytes
/system/xbin/su: 166576 bytes
/data/magisk/magisk: not present
/system/app/Superuser.apk: not present
Superuser: none found
===========
Preferences
===========
App Restrictions: AAAAAA==
activeNotification: false
activeRules: true
addStartupDelay: false
appVersion: 15980
bb_path: builtin
blockIPv6: true
controlIPv6: false
disableIcons: false
disableTaskerToast: false
dns_value: disable
enableAdmin: true
enableConfirm: true
enableDeviceCheck: false
enableIPv6: true
enableInbound: false
enableLAN: true
enableLogService: true
enableRoam: false
enableVPN: true
fixDownloadManagerLeak: false
fixLeak: true
forward_chain: true
forward_chain_v6: true
hasRoot: true
input_chain: true
input_chain_v6: true
ip_path: auto
ipurchaseddonatekey: false
locale: en
logDmesg: OS
logPingTimeout: 10
logTarget: NFLOG
notification_priority: 0
notifyAppInstall: true
oldLogView: false
output_chain: false
output_chain_v6: true
passSetting: p2
patternMax: 3
runNotification: true
showFilter: true
showLogToasts: true
storedPid: []
sysColor: -10432
toast_pos: bottom
widgetX: 1080
widgetY: 1920
Profile Mode : whitelist
Status : Enabled
======
Logcat
======
18:26:32 Selected Profile: AFWallPrefs
18:26:32 Restarting RootShell...
18:26:32 Received cmds: #1
18:26:32 Starting root shell...
18:26:32 Starting Log Service: echo $$ & /data/user/0/dev.ukanth.ufirewall/app_bin/nflog 40 for LogTarget: NFLOG
18:26:32 rootSession is not Null
18:26:32 Cleanup session
18:26:32 Restarting LogService
18:26:32 Starting Log Service: echo $$ & /data/user/0/dev.ukanth.ufirewall/app_bin/nflog 40 for LogTarget: NFLOG
18:26:32 rootSession is not Null
18:26:32 Cleanup session
18:26:32 Root shell is open
18:26:32 Start processing next state
18:26:32 Total commamds: #1
18:26:34 Received cmds: #1
18:26:34 Start processing next state
18:26:34 Total commamds: #1
18:26:34 Selected Profile: AFWallPrefs
18:26:36 Selected Profile: AFWallPrefs
18:26:38 Using applySavedIptablesRules
18:26:38 Setting OUTPUT to Drop
18:26:38 isWifiApEnabled is false
18:26:38 No ipaddress found for LAN
18:26:38 Setting OUTPUT to Accept State
18:26:38 Setting OUTPUT to Drop
18:26:38 No ipaddress found for LAN
18:26:38 Setting OUTPUT to Accept State
18:26:38 Received cmds: #328
18:26:38 Start processing next state
18:26:38 Total commamds: #328
18:26:39 command 'settings put global captive_portal_detection_enabled 0 settings put global captive_portal_server localhost settings put global captive_portal_mode 0' exited with status 255
Output:
Argument expected to be 'default'
18:26:59 Received cmds: #1
18:26:59 Start processing next state
18:26:59 Total commamds: #1
18:26:59 Selected Profile: AFWallPrefs
18:27:01 Selected Profile: AFWallPrefs
18:27:04 Using applySavedIptablesRules
18:27:04 Setting OUTPUT to Drop
18:27:04 No ipaddress found for LAN
18:27:04 Setting OUTPUT to Accept State
18:27:04 Setting OUTPUT to Drop
18:27:04 No ipaddress found for LAN
18:27:04 Setting OUTPUT to Accept State
18:27:04 Received cmds: #328
18:27:04 Start processing next state
18:27:04 Total commamds: #328
18:27:04 command 'settings put global captive_portal_detection_enabled 0 settings put global captive_portal_server localhost settings put global captive_portal_mode 0' exited with status 255
Output:
Argument expected to be 'default'
18:28:17 Received cmds: #1
18:28:17 Start processing next state
18:28:17 Total commamds: #1
18:28:17 Received cmds: #1
18:28:17 Start processing next state
18:28:17 Total commamds: #1
18:28:17 Received cmds: #1
18:28:17 Start processing next state
18:28:17 Total commamds: #1
same problem for me.
oneplus one android 8.1
root works for other apps but afwall is giving "Error applying iptable rules" error.
could it be an LineageOS 15.1 problem? I have read (here ) that the VPN implementation in LOS 15.1 doesn't work properly...
nah, all oreo roms > android 8.0 are affected. it doesn't matter if it's aosp or los. my log shows the problem. there is a change in oreos iptables.
23:48:35 command 'iptables -A afwall-reject -j REJECT' exited with status 1 Output: iptables: No chain/target/match by that name.
explains the reason. target does not exist.
Running on Los 15.1 afwall+ currently does not properly ask for root. Gave same error as above coming from 14.1
I have tested version 2.9.8 on lineageos 15.1 (android 8.1) it gives the same error "Error applying iptable rules" so I decided to test it on other roms on the same device, I tested on ResurrectionRemix 6.0.0 (android 8.1) it's pretty much the same, then I tested on AospExtended v5.4 (android 8.1), it works like a charm!! I says "rules applied with success"! tested with both SuperSu and Magisk.
I think it's LineageOS problem. I'm using latest stock rom (Android 8.1, April 2018) on my Nexus 5X with Magisk root. Here Afwall works perfectly.
Running Android 8.1 (AOSP, no LineageOS) on an OnePlus One - it does not work.
==========
IPv4 Rules
==========
Chain INPUT (policy ACCEPT 1197 packets, 514K bytes)
pkts bytes target prot opt in out source destination
3640 1873K bw_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0
3640 1873K fw_INPUT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 oem_fwd all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 fw_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 bw_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 natctrl_FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 1310 packets, 209K bytes)
pkts bytes target prot opt in out source destination
1313 210K afwall all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP udp -- * rmnet7 0.0.0.0/0 0.0.0.0/0 udp dpt:1900 /* Drop SSDP on WWAN */
0 0 DROP udp -- * rmnet6 0.0.0.0/0 0.0.0.0/0 udp dpt:1900 /* Drop SSDP on WWAN */
0 0 DROP udp -- * rmnet5 0.0.0.0/0 0.0.0.0/0 udp dpt:1900 /* Drop SSDP on WWAN */
0 0 DROP udp -- * rmnet4 0.0.0.0/0 0.0.0.0/0 udp dpt:1900 /* Drop SSDP on WWAN */
0 0 DROP udp -- * rmnet3 0.0.0.0/0 0.0.0.0/0 udp dpt:1900 /* Drop SSDP on WWAN */
0 0 DROP udp -- * rmnet2 0.0.0.0/0 0.0.0.0/0 udp dpt:1900 /* Drop SSDP on WWAN */
0 0 DROP udp -- * rmnet1 0.0.0.0/0 0.0.0.0/0 udp dpt:1900 /* Drop SSDP on WWAN */
0 0 DROP udp -- * rmnet0 0.0.0.0/0 0.0.0.0/0 udp dpt:1900 /* Drop SSDP on WWAN */
5518 1814K oem_out all -- * * 0.0.0.0/0 0.0.0.0/0
5518 1814K fw_OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
5506 1814K st_OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
5506 1814K bw_OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain afwall (1 references)
pkts bytes target prot opt in out source destination
Chain afwall-3g (0 references)
pkts bytes target prot opt in out source destination
0 0 afwall-3g-postcustom all -- * * 0.0.0.0/0 0.0.0.0/0
Chain afwall-3g-fork (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-3g-home (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-3g-postcustom (1 references)
pkts bytes target prot opt in out source destination
Chain afwall-3g-roam (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-3g-tether (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-reject (0 references)
pkts bytes target prot opt in out source destination
0 0 NFLOG all -- * * 0.0.0.0/0 0.0.0.0/0 nflog-prefix "{AFL}" nflog-group 40
Chain afwall-vpn (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-wifi (0 references)
pkts bytes target prot opt in out source destination
0 0 afwall-wifi-postcustom all -- * * 0.0.0.0/0 0.0.0.0/0
Chain afwall-wifi-fork (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-wifi-lan (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-wifi-postcustom (1 references)
pkts bytes target prot opt in out source destination
Chain afwall-wifi-tether (0 references)
pkts bytes target prot opt in out source destination
Chain afwall-wifi-wan (0 references)
pkts bytes target prot opt in out source destination
Chain bw_FORWARD (1 references)
pkts bytes target prot opt in out source destination
Chain bw_INPUT (1 references)
pkts bytes target prot opt in out source destination
372 367K all -- * * 0.0.0.0/0 0.0.0.0/0 ! quota globalAlert: 2097152 bytes
3273 1800K all -- * * 0.0.0.0/0 0.0.0.0/0 owner socket exists
Chain bw_OUTPUT (1 references)
pkts bytes target prot opt in out source destination
401 237K all -- * * 0.0.0.0/0 0.0.0.0/0 ! quota globalAlert: 2097152 bytes
5097 1757K all -- * * 0.0.0.0/0 0.0.0.0/0 owner socket exists
Chain bw_costly_shared (0 references)
pkts bytes target prot opt in out source destination
0 0 bw_penalty_box all -- * * 0.0.0.0/0 0.0.0.0/0
Chain bw_data_saver (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain bw_happy_box (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10011
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10030
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 0-9999
0 0 bw_data_saver all -- * * 0.0.0.0/0 0.0.0.0/0
Chain bw_penalty_box (1 references)
pkts bytes target prot opt in out source destination
0 0 bw_happy_box all -- * * 0.0.0.0/0 0.0.0.0/0
Chain fw_FORWARD (1 references)
pkts bytes target prot opt in out source destination
Chain fw_INPUT (1 references)
pkts bytes target prot opt in out source destination
3640 1873K fw_standby all -- * * 0.0.0.0/0 0.0.0.0/0
Chain fw_OUTPUT (1 references)
pkts bytes target prot opt in out source destination
5518 1814K fw_standby all -- * * 0.0.0.0/0 0.0.0.0/0
Chain fw_dozable (0 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 0-9999
0 0 RETURN all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 RETURN all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x04/0x04
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain fw_powersave (0 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 0-9999
0 0 RETURN all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 RETURN all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x04/0x04
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain fw_standby (2 references)
pkts bytes target prot opt in out source destination
182 9300 RETURN all -- lo * 0.0.0.0/0 0.0.0.0/0
365 21037 RETURN all -- * lo 0.0.0.0/0 0.0.0.0/0
111 4512 RETURN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x04/0x04
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10016
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10019
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10021
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10022
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10024
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10033
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10036
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10041
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10043
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10056
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10057
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10060
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10066
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10079
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10080
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10093
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10099
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10103
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10106
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10108
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10109
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10112
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10115
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10116
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10117
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10126
12 720 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10134
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10135
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10138
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10140
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 owner UID match 10141
Chain natctrl_FORWARD (1 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain natctrl_tether_counters (0 references)
pkts bytes target prot opt in out source destination
Chain oem_fwd (1 references)
pkts bytes target prot opt in out source destination
Chain oem_out (1 references)
pkts bytes target prot opt in out source destination
Chain st_OUTPUT (1 references)
pkts bytes target prot opt in out source destination
Chain st_clear_caught (0 references)
pkts bytes target prot opt in out source destination
Chain st_clear_detect (0 references)
pkts bytes target prot opt in out source destination
Chain st_penalty_log (0 references)
pkts bytes target prot opt in out source destination
Chain st_penalty_reject (0 references)
pkts bytes target prot opt in out source destination
==================
Network interfaces
==================
rmnet_usb0
sit0
p2p0
lo
wlan0
dummy0
rev_rmnet1
rev_rmnet0
rev_rmnet8
rev_rmnet7
rev_rmnet6
rev_rmnet5
rev_rmnet4
rev_rmnet3
rev_rmnet2
rmnet1
rmnet0
rmnet7
rmnet6
rmnet5
rmnet4
rmnet3
rmnet2
========
ifconfig
========
dummy0 Link encap:Ethernet HWaddr 76:CC:0B:56:67:E6
UP BROADCAST RUNNING NOARP MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:3 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:210 (210.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:220 errors:0 dropped:0 overruns:0 frame:0
TX packets:220 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:12074 (11.7 KiB) TX bytes:12074 (11.7 KiB)
p2p0 Link encap:Ethernet HWaddr C2:EE:FB:27:F8:66
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rev_rmnet0 Link encap:Ethernet HWaddr 2E:62:99:2D:59:D1
BROADCAST MULTICAST MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rev_rmnet1 Link encap:Ethernet HWaddr A6:29:36:87:56:71
BROADCAST MULTICAST MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rev_rmnet2 Link encap:Ethernet HWaddr C6:EE:6A:74:3F:9E
BROADCAST MULTICAST MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rev_rmnet3 Link encap:Ethernet HWaddr 6E:43:01:58:1B:C7
BROADCAST MULTICAST MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rev_rmnet4 Link encap:Ethernet HWaddr 2A:3C:7E:5A:95:EC
BROADCAST MULTICAST MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rev_rmnet5 Link encap:Ethernet HWaddr 7A:07:27:FB:D3:CB
BROADCAST MULTICAST MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rev_rmnet6 Link encap:Ethernet HWaddr 5A:B8:C2:DA:91:44
BROADCAST MULTICAST MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rev_rmnet7 Link encap:Ethernet HWaddr CE:18:11:86:40:4D
BROADCAST MULTICAST MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rev_rmnet8 Link encap:Ethernet HWaddr 16:0B:B9:5E:BE:3C
BROADCAST MULTICAST MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:1500 Metric:1
RX packets:418 errors:0 dropped:0 overruns:0 frame:0
TX packets:586 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:241725 (236.0 KiB) TX bytes:107104 (104.5 KiB)
rmnet1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet2 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet3 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet4 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet5 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet6 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet7 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
[NO FLAGS] MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
rmnet_usb0 Link encap:Ethernet HWaddr 42:50:C4:17:41:36
BROADCAST MULTICAST MTU:2000 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
sit0 Link encap:UNSPEC HWaddr 00-00-00-00-01-00-00-00-00-00-00-00-00-00-00-00
NOARP MTU:1480 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
wlan0 Link encap:Ethernet HWaddr C0:EE:FB:27:F8:66
inet addr:192.168.1.47 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3144 errors:0 dropped:0 overruns:0 frame:0
TX packets:3211 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1622046 (1.5 MiB) TX bytes:1515014 (1.4 MiB)
===========
System info
===========
Android version: 8.1.0
Manufacturer: OnePlus
Model: A0001
Build: aosp_bacon-userdebug 8.1.0 OPM5.171019.017 eng.agentf.20180331.154411 test-keys
Active interface: wifi
Tether status: no
Roam status: no
IPv4 subnet: 192.168.1.47/24
IPv6 subnet: fe80::c2ee:fbff:fe27:f866/64
/system/bin/su: not present
/system/xbin/su: not present
/data/magisk/magisk: not present
/system/app/Superuser.apk: not present
Superuser: com.topjohnwu.magisk v5.6.4
===========
Preferences
===========
activeNotification: false
activeRules: false
appVersion: 15980
controlIPv6: false
disableIcons: false
disableTaskerToast: false
enableIPv6: true
enableLAN: false
enableLogService: true
enableMultiProfile: true
enableRoam: false
enableVPN: false
fixDownloadManagerLeak: false
forward_chain: true
forward_chain_v6: true
hasRoot: true
input_chain: true
input_chain_v6: true
locale: en
logDmesg: OS
logTarget: NFLOG
notification_priority: 0
notifyAppInstall: true
output_chain: true
output_chain_v6: true
runNotification: true
showFilter: false
showLogToasts: false
sort: s0
storedPid: []
storedProfile: AFWallProfile1
sysColor: -10432
toast_pos: bottom
widgetX: 1080
widgetY: 1920
Profile Mode : whitelist
Status : Enabled
======
Logcat
======
22:00:00 Selected Profile: AFWallProfile1
22:00:04 isWifiApEnabled is false
22:00:04 Now assuming wifi connection
22:00:04 IPv4 LAN netmask on wlan0: 192.168.1.47/24
22:00:04 IPv6 LAN netmask on wlan0: fe80::c2ee:fbff:fe27:f866/64
22:00:04 Selected Profile: AFWallProfile1
22:00:04 Using applySavedIptablesRules
22:00:04 Setting OUTPUT to Drop
22:00:04 Setting OUTPUT to Accept State
22:00:04 Setting OUTPUT to Drop
22:00:04 Setting OUTPUT to Accept State
22:00:04 Received cmds: #168
22:00:04 Starting root shell...
22:00:04 Root shell is open
22:00:04 Start processing next state
22:00:04 Total commamds: #168
22:00:04 Using applySavedIptablesRules
22:00:04 Setting OUTPUT to Drop
22:00:04 Setting OUTPUT to Accept State
22:00:04 Setting OUTPUT to Drop
22:00:04 Setting OUTPUT to Accept State
22:00:04 Received cmds: #168
22:00:04 command 'iptables -A afwall-reject -j REJECT' exited with status 1
Output:
iptables: No chain/target/match by that name.
22:00:04 Start processing next state
22:00:04 Total commamds: #168
22:00:05 CONNECTIVITY_CHANGE: applySavedIptablesRules() returned an error
22:00:05 Received cmds: #6
22:00:05 command 'iptables -A afwall-reject -j REJECT' exited with status 1
Output:
iptables: No chain/target/match by that name.
22:00:05 Start processing next state
22:00:05 Total commamds: #6
22:00:09 State of rootShellREADY
22:00:10 State of rootShellREADY
22:00:11 isWifiApEnabled is false
22:00:11 BOOT_COMPLETED: interface state has not changed, ignoring
22:00:11 Starting Log Service: echo $$ & /data/user/0/dev.ukanth.ufirewall/app_bin/nflog 40 for LogTarget: NFLOG
22:00:11 rootSession is not Null
22:00:11 Cleanup session
22:00:13 Received cmds: #1
22:00:13 Start processing next state
22:00:13 Total commamds: #1
22:00:13 Selected Profile: AFWallProfile1
22:00:40 Using applySavedIptablesRules
22:00:40 Setting OUTPUT to Drop
22:00:40 Setting OUTPUT to Accept State
22:00:41 Setting OUTPUT to Drop
22:00:41 Setting OUTPUT to Accept State
22:00:41 Received cmds: #168
22:00:41 Start processing next state
22:00:41 Total commamds: #168
22:00:43 command 'iptables -A afwall-reject -j REJECT' exited with status 1
Output:
iptables: No chain/target/match by that name.
22:00:49 Using applySavedIptablesRules
22:00:49 Setting OUTPUT to Drop
22:00:49 Setting OUTPUT to Accept State
22:00:49 Setting OUTPUT to Drop
22:00:49 Setting OUTPUT to Accept State
22:00:49 Received cmds: #168
22:00:49 Start processing next state
22:00:49 Total commamds: #168
22:00:50 command 'iptables -A afwall-reject -j REJECT' exited with status 1
Output:
iptables: No chain/target/match by that name.
22:01:16 Received cmds: #1
22:01:16 Start processing next state
22:01:16 Total commamds: #1
22:01:17 Received cmds: #1
22:01:17 Start processing next state
22:01:17 Total commamds: #1
22:01:17 Received cmds: #1
22:01:17 Start processing next state
22:01:17 Total commamds: #1
22:01:22 State of rootShellREADY
22:01:22 State of rootShellREADY
22:03:52 Now assuming NO connection (all interfaces down)
22:03:52 Selected Profile: AFWallProfile1
22:03:52 Using fastApply
22:03:52 Setting OUTPUT chain to DROP
22:03:52 No ipaddress found for LAN
22:03:52 Setting OUTPUT chain to ACCEPT
22:03:52 Setting OUTPUT chain to DROP
22:03:52 No ipaddress found for LAN
22:03:52 Setting OUTPUT chain to ACCEPT
22:03:52 Received cmds: #24
22:03:52 Start processing next state
22:03:52 Total commamds: #24
22:03:52 Using applySavedIptablesRules
22:03:52 Setting OUTPUT to Drop
22:03:52 No ipaddress found for LAN
22:03:52 Setting OUTPUT to Accept State
22:03:52 Setting OUTPUT to Drop
22:03:52 No ipaddress found for LAN
22:03:52 Setting OUTPUT to Accept State
22:03:52 Received cmds: #166
22:03:52 command '/data/user/0/dev.ukanth.ufirewall/app_bin/ip6tables -F afwall-3g-postcustom' exited with status 1
Output:
ip6tables: No chain/target/match by that name.
22:03:52 Start processing next state
22:03:52 Total commamds: #166
22:03:53 CONNECTIVITY_CHANGE: applySavedIptablesRules() returned an error
22:03:53 Received cmds: #6
22:03:53 command 'iptables -A afwall-reject -j REJECT' exited with status 1
Output:
iptables: No chain/target/match by that name.
22:03:53 Start processing next state
22:03:53 Total commamds: #6
22:03:55 isWifiApEnabled is false
22:03:55 Now assuming wifi connection
22:03:55 IPv4 LAN netmask on wlan0: 192.168.1.47/24
22:03:55 IPv6 LAN netmask on wlan0: fe80::c2ee:fbff:fe27:f866/64
22:03:55 Selected Profile: AFWallProfile1
22:03:55 Using fastApply
22:03:55 Setting OUTPUT chain to DROP
22:03:55 Setting OUTPUT chain to ACCEPT
22:03:55 Setting OUTPUT chain to DROP
22:03:55 Setting OUTPUT chain to ACCEPT
22:03:55 Received cmds: #26
22:03:55 Start processing next state
22:03:55 Total commamds: #26
22:03:55 Using applySavedIptablesRules
22:03:55 Setting OUTPUT to Drop
22:03:55 Setting OUTPUT to Accept State
22:03:55 Setting OUTPUT to Drop
22:03:55 Setting OUTPUT to Accept State
22:03:55 Received cmds: #168
22:03:55 command '/data/user/0/dev.ukanth.ufirewall/app_bin/ip6tables -F afwall-3g-postcustom' exited with status 1
Output:
ip6tables: No chain/target/match by that name.
22:03:55 Start processing next state
22:03:55 Total commamds: #168
22:03:56 CONNECTIVITY_CHANGE: applySavedIptablesRules() returned an error
22:03:56 Received cmds: #6
22:03:56 command 'iptables -A afwall-reject -j REJECT' exited with status 1
Output:
iptables: No chain/target/match by that name.
22:03:56 Start processing next state
22:03:56 Total commamds: #6
22:03:57 isWifiApEnabled is false
22:03:57 Now assuming 3G connection (non-tethered)
22:03:57 IPv4 LAN netmask on wlan0: 192.168.1.47/24
22:03:57 IPv6 LAN netmask on wlan0: fe80::c2ee:fbff:fe27:f866/64
22:03:57 Selected Profile: AFWallProfile1
22:03:57 Using fastApply
22:03:57 Setting OUTPUT chain to DROP
22:03:57 Setting OUTPUT chain to ACCEPT
22:03:57 Setting OUTPUT chain to DROP
22:03:57 Setting OUTPUT chain to ACCEPT
22:03:57 Received cmds: #26
22:03:57 Start processing next state
22:03:57 Total commamds: #26
22:03:57 State of rootShellBUSY
22:03:57 Forcefully changing the state BUSY
22:03:58 isWifiApEnabled is false
22:03:58 CONNECTIVITY_CHANGE: interface state has not changed, ignoring
22:03:58 Using applySavedIptablesRules
22:03:58 Setting OUTPUT to Drop
22:03:58 Setting OUTPUT to Accept State
22:03:58 Setting OUTPUT to Drop
22:03:58 Setting OUTPUT to Accept State
22:03:58 Received cmds: #168
22:03:58 Start processing next state
22:03:58 Total commamds: #168
22:03:58 command '/data/user/0/dev.ukanth.ufirewall/app_bin/ip6tables -F afwall-3g-postcustom' exited with status 1
Output:
ip6tables: No chain/target/match by that name.
22:03:58 State of rootShellREADY
22:03:58 Received cmds: #1
22:03:58 Start processing next state
22:03:58 Total commamds: #1
22:03:58 Selected Profile: AFWallProfile1
22:03:59 isWifiApEnabled is false
22:03:59 Now assuming wifi connection
22:03:59 IPv4 LAN netmask on wlan0: 192.168.1.47/24
22:03:59 IPv6 LAN netmask on wlan0: fe80::c2ee:fbff:fe27:f866/64
22:03:59 Selected Profile: AFWallProfile1
22:03:59 Using fastApply
22:03:59 Setting OUTPUT chain to DROP
22:03:59 Setting OUTPUT chain to ACCEPT
22:03:59 Setting OUTPUT chain to DROP
22:03:59 Setting OUTPUT chain to ACCEPT
22:03:59 Received cmds: #26
22:03:59 Start processing next state
22:03:59 Total commamds: #26
22:03:59 isWifiApEnabled is false
22:03:59 CONNECTIVITY_CHANGE: interface state has not changed, ignoring
22:04:00 Using applySavedIptablesRules
22:04:00 Setting OUTPUT to Drop
22:04:00 Setting OUTPUT to Accept State
22:04:00 Setting OUTPUT to Drop
22:04:00 Setting OUTPUT to Accept State
22:04:00 Received cmds: #168
22:04:00 command '/data/user/0/dev.ukanth.ufirewall/app_bin/ip6tables -F afwall-3g-postcustom' exited with status 1
Output:
ip6tables: No chain/target/match by that name.
22:04:00 Start processing next state
22:04:00 Total commamds: #168
22:04:00 State of rootShellBUSY
22:04:00 Forcefully changing the state BUSY
22:04:01 State of rootShellREADY
22:04:01 CONNECTIVITY_CHANGE: applySavedIptablesRules() returned an error
22:04:01 Received cmds: #6
22:04:01 Start processing next state
22:04:01 Total commamds: #6
22:04:01 command 'iptables -A afwall-reject -j REJECT' exited with status 1
Output:
iptables: No chain/target/match by that name.
22:04:02 Received cmds: #34
22:04:02 Start processing next state
22:04:02 Total commamds: #34
22:04:02 CONNECTIVITY_CHANGE: applySavedIptablesRules() returned an error
22:04:02 Received cmds: #6
22:04:02 Start processing next state
22:04:02 Total commamds: #6
22:04:02 command 'iptables -A afwall-reject -j REJECT' exited with status 1
Output:
iptables: No chain/target/match by that name.
22:04:03 command '/data/user/0/dev.ukanth.ufirewall/app_bin/ip6tables -F afwall' exited with status 1
Output:
ip6tables: No chain/target/match by that name.
22:04:05 State of rootShellREADY
22:04:07 isWifiApEnabled is false
22:04:07 Now assuming 3G connection (non-tethered)
22:04:07 IPv4 LAN netmask on wlan0: 192.168.1.47/24
22:04:07 IPv6 LAN netmask on wlan0: fe80::c2ee:fbff:fe27:f866/64
22:04:07 Selected Profile: AFWallProfile1
22:04:07 Using applySavedIptablesRules
22:04:07 Setting OUTPUT to Drop
22:04:07 Setting OUTPUT to Accept State
22:04:07 Setting OUTPUT to Drop
22:04:07 Setting OUTPUT to Accept State
22:04:07 Received cmds: #168
22:04:07 Start processing next state
22:04:07 Total commamds: #168
22:04:07 isWifiApEnabled is false
22:04:07 CONNECTIVITY_CHANGE: interface state has not changed, ignoring
22:04:07 command 'iptables -N afwall-3g' exited with status 4, retrying (attempt 1/5)
22:04:08 Using applySavedIptablesRules
22:04:08 Setting OUTPUT to Drop
22:04:08 Setting OUTPUT to Accept State
22:04:08 Setting OUTPUT to Drop
22:04:08 Setting OUTPUT to Accept State
22:04:08 Received cmds: #168
22:04:08 command 'iptables -A afwall-reject -j REJECT' exited with status 1
Output:
iptables: No chain/target/match by that name.
22:04:08 Start processing next state
22:04:08 Total commamds: #168
22:04:09 CONNECTIVITY_CHANGE: applySavedIptablesRules() returned an error
22:04:09 Received cmds: #6
22:04:09 command 'iptables -A afwall-reject -j REJECT' exited with status 1
Output:
iptables: No chain/target/match by that name.
22:04:09 Start processing next state
22:04:09 Total commamds: #6
22:04:11 Received cmds: #1
22:04:11 Start processing next state
22:04:11 Total commamds: #1
22:04:11 Selected Profile: AFWallProfile1
22:04:12 isWifiApEnabled is false
22:04:12 Now assuming wifi connection
22:04:12 IPv4 LAN netmask on wlan0: 192.168.1.47/24
22:04:12 IPv6 LAN netmask on wlan0: fe80::c2ee:fbff:fe27:f866/64
22:04:12 Selected Profile: AFWallProfile1
22:04:12 Using fastApply
22:04:12 Setting OUTPUT chain to DROP
22:04:12 Setting OUTPUT chain to ACCEPT
22:04:12 Setting OUTPUT chain to DROP
22:04:12 Setting OUTPUT chain to ACCEPT
22:04:12 Received cmds: #26
22:04:12 Start processing next state
22:04:12 Total commamds: #26
22:04:12 isWifiApEnabled is false
22:04:12 CONNECTIVITY_CHANGE: interface state has not changed, ignoring
22:04:12 Using applySavedIptablesRules
22:04:12 Setting OUTPUT to Drop
22:04:12 Setting OUTPUT to Accept State
22:04:12 Setting OUTPUT to Drop
22:04:12 Setting OUTPUT to Accept State
22:04:12 Received cmds: #168
22:04:12 command '/data/user/0/dev.ukanth.ufirewall/app_bin/ip6tables -F afwall-3g-postcustom' exited with status 1
Output:
ip6tables: No chain/target/match by that name.
22:04:12 Start processing next state
22:04:12 Total commamds: #168
22:04:13 Received cmds: #34
22:04:13 State of rootShellBUSY
22:04:13 Forcefully changing the state BUSY
22:04:13 Start processing next state
22:04:13 Total commamds: #34
22:04:14 command 'iptables -D OUTPUT -j afwall' exited with status 1
Output:
iptables: No chain/target/match by that name.
22:04:14 State of rootShellREADY
22:04:14 CONNECTIVITY_CHANGE: applySavedIptablesRules() returned an error
22:04:14 Received cmds: #6
22:04:14 Start processing next state
22:04:14 Total commamds: #6
22:04:14 command 'iptables -A afwall-reject -j REJECT' exited with status 1
Output:
iptables: No chain/target/match by that name.
22:04:17 Received cmds: #5
22:04:17 Start processing next state
22:04:17 Total commamds: #5
22:04:17 State of rootShellBUSY
22:04:17 Forcefully changing the state BUSY
22:04:18 State of rootShellREADY
22:04:19 Selected Profile: AFWallProfile1
22:05:02 Selected Profile: AFWallProfile1
22:05:05 Received cmds: #1
22:05:05 Start processing next state
22:05:05 Total commamds: #1
22:05:05 Received cmds: #1
22:05:05 Start processing next state
22:05:05 Total commamds: #1
22:05:05 Received cmds: #1
22:05:05 Start processing next state
22:05:05 Total commamds: #1
Then, Julius, can you also get iptables -L
for all tables? Thanks
(Hint: Use CLI via adb or such)
-- Ildar Mulyukov, child of God
email: ildar.mulyukov@gmail.com matrix: @ildar:matrix.org GoogleTalk: ildar.mulyukov@gmail.com blog: http://johan-notes.blogspot.com/
Or iptables -S ( that will help identify the root cause)
got hit by the same problem. after a reboot everything works fine for some time logcat & iptables -S output attached logcat.txt iptables.txt
hope it helps
Same problem here. On my z3 omnirom 8.1 it is working fine. On the HTC one (m7) AICP android 8.1 same error about owner. Does this iptable rule need a specific kernel flag ? (Am a rom builder)
Logcat:
--------- beginning of main
06-24 13:21:57.772 316 439 D audio_hw_primary: out_set_parameters: enter: usecase(1: low-latency-playback) kvpairs: routing=2
06-24 13:21:57.775 316 797 D audio_hw_primary: start_output_stream: enter: stream(0xb2073740)usecase(1: low-latency-playback) devices(0x2)
06-24 13:21:57.775 316 797 D audio_hw_primary: select_devices: out_snd_device(2: speaker) in_snd_device(0: )
06-24 13:21:57.775 316 797 I msm8960_platform: platform_send_audio_calibration: sending audio calibration for snd_device(2) acdb_id(15)
06-24 13:21:57.776 316 797 I tfa9887 : tfa9887_power: Set amplifier power to 1
06-24 13:21:57.776 316 797 D audio_route: Apply path: speaker
06-24 13:21:57.776 316 797 D audio_route: Apply path: low-latency-playback speaker
06-24 13:21:57.777 316 797 D audio_hw_primary: select_devices: done
06-24 13:21:57.910 14813 14866 W Adreno-EGL: <qeglDrvAPI_eglGetConfigAttrib:607>: EGL_BAD_ATTRIBUTE
06-24 13:21:57.924 14813 14866 D vndksupport: Loading /vendor/lib/hw/gralloc.msm8960.so from current namespace instead of sphal namespace.
06-24 13:21:57.947 14813 14813 I zygote : Deoptimizing void me.zhanghai.android.materialprogressbar.BaseIndeterminateProgressDrawable.draw(android.graphics.Canvas) due to JIT inline cache
06-24 13:21:58.203 14813 14866 D OpenGLRenderer: endAllActiveAnimators on 0x898f9400 (MenuPopupWindow$MenuDropDownListView) with handle 0x88edaf30
06-24 13:21:58.203 14813 14813 E Looper : Error removing epoll events for fd 107: Operation not permitted
06-24 13:21:58.756 15065 15065 D AndroidRuntime: >>>>>> START com.android.internal.os.RuntimeInit uid 0 <<<<<<
06-24 13:21:58.772 15065 15065 W /system/bin/app_process: Could not reserve sentinel fault page
06-24 13:21:59.047 15065 15065 I /system/bin/app_process: The ClassLoaderContext is a special shared library.
06-24 13:21:59.100 15065 15065 W /system/bin/app_process: !bang JNI is deprecated. Switch to @FastNative for void android.media.AudioTrack.native_flush()
06-24 13:21:59.100 15065 15065 W /system/bin/app_process: !bang JNI is deprecated. Switch to @FastNative for int android.media.AudioTrack.native_write_byte(byte[], int, int, int, boolean)
06-24 13:21:59.100 15065 15065 W /system/bin/app_process: !bang JNI is deprecated. Switch to @FastNative for int android.media.AudioTrack.native_write_native_bytes(java.lang.Object, int, int, int, boolean)
06-24 13:21:59.100 15065 15065 W /system/bin/app_process: !bang JNI is deprecated. Switch to @FastNative for int android.media.AudioTrack.native_write_short(short[], int, int, int, boolean)
06-24 13:21:59.100 15065 15065 W /system/bin/app_process: !bang JNI is deprecated. Switch to @FastNative for int android.media.AudioTrack.native_write_float(float[], int, int, int, boolean)
06-24 13:21:59.126 15065 15065 D AndroidRuntime: Calling main entry com.android.commands.am.Am
06-24 13:21:59.151 15065 15065 D AndroidRuntime: Shutting down VM
06-24 13:21:59.212 14813 15058 W zygote : Long monitor contention with owner Thread-4 (15059) at int libcore.io.Linux.readBytes(java.io.FileDescriptor, java.lang.Object, int, int)(Linux.java:-2) waiters=0 in void java.lang.UNIXProcess$ProcessPipeInputStream.processExited() for 1.204s
06-24 13:21:59.214 14813 14893 I AFWall : Using applySavedIptablesRules
06-24 13:21:59.216 14813 14893 I AFWall : Setting OUTPUT to Drop
06-24 13:21:59.220 12503 14932 W Adreno-EGL: <qeglDrvAPI_eglGetConfigAttrib:607>: EGL_BAD_ATTRIBUTE
06-24 13:21:59.227 12503 14932 D vndksupport: Loading /vendor/lib/hw/gralloc.msm8960.so from current namespace instead of sphal namespace.
06-24 13:21:59.233 472 811 I WifiService: getWifiApEnabledState uid=10091
06-24 13:21:59.233 14813 14893 D AFWall : isWifiApEnabled is false
06-24 13:21:59.250 14813 14893 I AFWall : No ipaddress found for LAN
06-24 13:21:59.254 14813 14893 I AFWall : Setting OUTPUT to Accept State
06-24 13:21:59.277 14813 14893 I AFWall : Received cmds: #88
06-24 13:21:59.278 14813 14893 D AFWall : Starting root shell...
06-24 13:21:59.394 14813 15098 D AFWall : Root shell is open
06-24 13:21:59.394 14813 15098 I AFWall : Start processing next state
06-24 13:21:59.394 14813 15098 I AFWall : Total commamds: #88
06-24 13:22:00.404 14813 15097 I AFWall : command 'iptables -A afwall-wifi-postcustom -m owner --uid-owner 1014 -j RETURN' exited with status 1
06-24 13:22:00.404 14813 15097 I AFWall : Output:
06-24 13:22:00.404 14813 15097 I AFWall : iptables: No chain/target/match by that name.
06-24 13:22:00.431 14813 14813 E Looper : Error removing epoll events for fd 122: Operation not permitted
06-24 13:22:00.937 316 439 D audio_hw_primary: out_standby: enter: stream (0xb2073740) usecase(1: low-latency-playback)
06-24 13:22:00.982 316 439 I tfa9887 : tfa9887_power: Set amplifier power to 0
--------- beginning of system
06-24 13:22:01.206 472 472 W WindowManager: removeWindowToken: Attempted to remove non-existing token: android.os.Binder@76e263d
06-24 13:22:01.235 12503 12503 E Looper : Error removing epoll events for fd 42: Operation not permitted
06-24 13:22:01.251 305 305 D SurfaceFlinger: duplicate layer name: changing Toast to Toast#1
06-24 13:22:01.276 14813 14866 W Adreno-EGL: <qeglDrvAPI_eglGetConfigAttrib:607>: EGL_BAD_ATTRIBUTE
06-24 13:22:01.277 14813 14866 D vndksupport: Loading /vendor/lib/hw/gralloc.msm8960.so from current namespace instead of sphal namespace.
nailyk@nailyk :) % adb shell /tmp
m7:/ $ su
m7:/ # ps -A | grep 1014
1|m7:/ # iptables -A afwall-wifi-postcustom -m owner --uid-owner 1014 -j RETURN
iptables: No chain/target/match by that name.
1|m7:/ # iptables -A afwall-wifi-postcustom -j RETURN
m7:/ #
Nothing relevant into dmesg.
(About iptables dumps you could use iptables-save
to ensure everything is displayed)
iptables.set.txt
m7:/ # strace iptables -A afwall-wifi-postcustom -m owner --uid-owner 1036 -j RETURN
execve("/system/bin/iptables", ["iptables", "-A", "afwall-wifi-postcustom", "-m", "owner", "--uid-owner", "1036", "-j", "RETURN"], 0xbec3d810 /* 22 vars */) = 0
set_tls(0xab6b94f4, 0xab6b7e44, 0xab5e3260, 0, 0xbebed714) = 0
mmap2(NULL, 20480, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xab5de000
madvise(0xab5de000, 20480, MADV_MERGEABLE) = 0
prctl(PR_SET_VMA, PR_SET_VMA_ANON_NAME, 0xab5de000, 20480, "bionic TLS guard") = 0
mprotect(0xab5df000, 12288, PROT_READ|PROT_WRITE) = 0
prctl(PR_SET_VMA, PR_SET_VMA_ANON_NAME, 0xab5df000, 12288, "bionic TLS") = 0
set_tid_address(0xab6b94ac) = 16548
faccessat(AT_FDCWD, "/dev/urandom", R_OK) = 0
futex(0xab6b70ec, FUTEX_WAKE_PRIVATE, 2147483647) = 0
getrandom(0xbebed4b8, 40, GRND_NONBLOCK) = -1 ENOSYS (Function not implemented)
openat(AT_FDCWD, "/dev/urandom", O_RDONLY|O_LARGEFILE|O_NOFOLLOW|O_CLOEXEC) = 3
fstat64(3, {st_mode=S_IFCHR|0666, st_rdev=makedev(1, 9), ...}) = 0
ioctl(1, RNDGETENTCNT, 0xbebed424) = -1 EINVAL (Invalid argument)
close(1) = 0
writev(2, [{iov_base="getentropy failed", iov_len=17}, {iov_base="\n", iov_len=1}], 2getentropy failed
) = 18
socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 1
connect(1, {sa_family=AF_UNIX, sun_path="/dev/socket/logdw"}, 110) = 0
clock_gettime(CLOCK_REALTIME, {tv_sec=1529840683, tv_nsec=380882385}) = 0
writev(1, [{iov_base="\0", iov_len=1}, {iov_base="\244@", iov_len=2}, {iov_base="+\204/[\321\315\263\26", iov_len=8}, {iov_base="\7", iov_len=1}, {iov_base="libc\0", iov_len=5}, {iov_base="getentropy failed\0", iov_len=18}], 6) = 35
close(1) = 0
getpid() = 16548
gettid() = 16548
rt_sigprocmask(SIG_SETMASK, [HUP INT QUIT ILL TRAP BUS FPE KILL USR1 SEGV USR2 PIPE ALRM TERM STKFLT CHLD CONT STOP TSTP TTIN TTOU URG XCPU XFSZ VTALRM PROF WINCH IO PWR SYS RTMIN], [], 8) = 0
tgkill(16548, 16548, SIGABRT) = 0
--- SIGABRT {si_signo=SIGABRT, si_code=SI_TKILL, si_pid=16548, si_uid=0} ---
+++ killed by SIGABRT +++
ioctl(1, RNDGETENTCNT, 0xbebed424) = -1 EINVAL (Invalid argument)
AFAICT since 8.0 ioctl are handled different way, and every access need to be specifically allowed.
Am in permissive mode and there is no denial displayed into logs. It could be a matching neverallowxperm
rule but not sure as the previous error is ENOSYS
.
From what I see here is that all have another program using iptables and iptables is looked to allow only one use at a time this also explains the the not always working problems this could have to do with a change in /system/netd/server/BandwidthController.cpp since the extra rules are coming from there
There is any solution?? I am using dirty unicorns 12.5 with magsik and encryption, and get the same error "iptables: No chain/target/match by that name."
I tried on AEx 5.7,5.4,5.5 , omni-rom
Is data saver enabled on your devices ?
On me device not
I'm on android 9.0 (pie) now and the error message does not appear anymore. it looks like it's working fine but it does not. afwall is enabled and some rules are set to block inet access for apps. result: half of the apps are offline while the other half is still getting internet access.... gapps for instance. afwall is not reliable anymore if your on android version > 7.1.2
There is any other way to block inet access for apps. Maybe manually apply iptables?
Netguard doesn't work for me..
I tried again with the both Alpah (1 and 2) versions 3.0.0, And both command work without error in terminal:
BUT got again "error applying iptables" on afwall app..
i just tried the updated Afwall+ (donate) version 3.0.0 from the playstore on my phone running android-9.0.0_r10 but unfortunatly the "Error applying iptable rules" is still there. will post logs as soon as i have time.
I seem to have the same problem on Android 7.1.2 (Build No. "aosp_nozomi-userdebug 7.1.2 N2G48H eng.aosp.20180308.110046 test keys", build b04 from here ). Like @nailyk-fr I get the following on the adb shell:
$ iptables -A afwall-wifi-postcustom -m owner --uid-owner 1014 -j RETURN iptables: No chain/target/match by that name.
and it works if owner is left out.
Sorry for not updating this thread for a long time. But with lineageos/omnirom I do not have the issue. However I issue it with AICP and some stock roms. May it be a busybox related problem ?
@vinjana . it could be kernel issue. Try switching different kernel.
I tried now the b03 build from here of Android 7.1.2 and it works without problems. According to the changelogs a kernel update to ~"AOSP 8.1 work from Xperia S" happened for version b04.
I hope that helps.
Started getting a similar problem after installing the latest update 3.5.0. The app is unable to apply the rules, after the counter go to ~50-60 (out of 283) it shows the error message, then followed by "success" message few seconds later. Android 11, Nokia 8.3.
Try to switch the iptables binary from system to built-in and try.
I saw this suggestion before, tried, makes no difference. I think the problem is really issue #1206 .
Hello, i just switched to android 8.1 and i'm getting an error while activating the firewall. Whenever i press activate firewall it starts counting the rules and then responds with "Error applying iptable rules"