Is there a way to disable the outgoing connection to a special ip ? This server is owned by google and i want disable the connection
2 Likes
There is a beta iptables app for Android out there and several firewalls. I wonder if one of them might be employed to block that?
Firewalls I have tested, but havenât found a way to block a secial IP
The beta iptables app I havenât seen/tested.
If your phone is rooted, use AFWall+ from F-Droid. Here are some âcustom scriptsâ that I use to keep Google out:
$IPTABLES -A âafwallâ -d 172.217.10.0/16 -j REJECT
$IPTABLES -A âafwallâ -d 216.58.192.0/19 -j REJECT
$IPTABLES -A âafwallâ -d 108.177.0.0/17 -j REJECT
$IPTABLES -A âafwallâ -d 173.194.0.0/16 -j REJECT
The first one of them includes the IP-address that you want to block.
2 Likes
I have tried, but the scripts wonât work. After setup the rules i canât enable AFWall anymore
These are working on my phone, I just compared them again. I too have experienced somtimes, that AFWall+ could not be reenabled after some changes. I donât know the reason for this, but I suspect, that there might have been some invisible special character in a custom script. So you could try to copy the scrips from the browser first to an editor and make sure, that especially at the the end of each line there ist only a regular break and nothing else. And also try if a reboot after that helps. Good luck!
Iâm just trying only the first one. I have not much knowledge about ip snd ip tables. What does the value after the slash mean? The 16 in first line?
It defines the length of the net mask (and so the range of the network address which stands in front - and a /16 range is quite long - lots of IPs assigned to GoogleâŚ). You may search for network address and subnet or for an IP subnet calculator and type in 16 as mask length to learn more.
1 Like
Should be 172.217.0.0/16 or 172.217.10.0/24 
For the reference, AFWall+ FAQ : https://github.com/ukanth/afwall/wiki/FAQ
2 Likes
Thank you for pointing to the superfluous â1â in the address!
whois.com says: âCIDR: 172.217.0.0/16â.
Can there be any adverse side effects if the actual range is smaller than the one given in the script?
It depends on iptable behaviour ⌠May correct it, ignore it, crash ! Not easy to predict with an Android build 
donât get it running. everytime Iâm adding a second IP range, all connections are blocked and I have to remove AFWall+ and install it again with only one range.
I have tried to look into the file /system/bin/iptables, but itâs no text file.
I really donât know how to setup the IPâs. The HowTo/FAQâs I donât understand 
I think I have to learn more about this network stuff
I have started AFWall+ again with fresh install and going to âSet custom scriptâ
adding 1 rule
after âapplyâ and starting firewall I get a shot message, thatthere is a error on custom rules but firewwall is working and internet connection of browser works to
Adding second rule
Iâm getting the same error twice when enabling firewall but enabling wonât work. On no internet connections are available til I remove AFWall+ complete
Touch the yellow underlined âhierâ. Itâs a link that takes you to ukanths explanations. See especially âSome examplesâ. The first one with the path to your iptables is missing in your screenshot.
If Iâm not mistaken thereâs a typo in the first script line.
There must be a space between the â24â and the â-jâ but in the Screenshot I canât identify that spaceâŚ
EDIT: Apart from that the second rule doesnât give sense. If the network address is 172.217.20.0 then the mask length should be 24 (or longer) - although then the two rules still donât include the IP address from your first postâŚ
If you ONLY want to block the IP of your first post then the rule is
$IPTABLES -A âafwallâ -d 172.217.18.78/32 -j REJECT
I have touch it 100 times and the link is dead
Edit: sorry, the dead link is/was because of AFWall has blocked evrything.
The link is pointed to the howto whichbI donât understand
There is a space
$IPTABLES -A âafwallâ -d 172.217.0.0/24 -j REJECT
Thatâs very strange. In your Screenshot I absolutely canât see it. Thereâs only for sure one in the second line (between the 16 and the -j:
I have just copy and paste the line from above
and Iâm getting the error, but firewall is activated and is blocking everything.so i have to disable the firewall
Do you mean the line
$IPTABLES -A âafwallâ -d 172.217.18.78/32 -j REJECT
Including the $ sign at the beginning? (Iâd forgotten it at the first)
If yes then Iâm sorry, I canât help. I can âcorrectâ the IP addresses but Iâm not an Afwall+ expert⌠