Want disable outgoing connection to special ip

Is there a way to disable the outgoing connection to a special ip ? This server is owned by google and i want disable the connection


There is a beta iptables app for Android out there and several firewalls. I wonder if one of them might be employed to block that?

Firewalls I have tested, but haven’t found a way to block a secial IP
The beta iptables app I haven’t seen/tested.

If your phone is rooted, use AFWall+ from F-Droid. Here are some “custom scripts” that I use to keep Google out:
$IPTABLES -A “afwall” -d -j REJECT
$IPTABLES -A “afwall” -d -j REJECT
$IPTABLES -A “afwall” -d -j REJECT
$IPTABLES -A “afwall” -d -j REJECT

The first one of them includes the IP-address that you want to block.


I have tried, but the scripts won’t work. After setup the rules i can’t enable AFWall anymore

These are working on my phone, I just compared them again. I too have experienced somtimes, that AFWall+ could not be reenabled after some changes. I don’t know the reason for this, but I suspect, that there might have been some invisible special character in a custom script. So you could try to copy the scrips from the browser first to an editor and make sure, that especially at the the end of each line there ist only a regular break and nothing else. And also try if a reboot after that helps. Good luck!

I’m just trying only the first one. I have not much knowledge about ip snd ip tables. What does the value after the slash mean? The 16 in first line?

It defines the length of the net mask (and so the range of the network address which stands in front - and a /16 range is quite long - lots of IPs assigned to Google…). You may search for network address and subnet or for an IP subnet calculator and type in 16 as mask length to learn more.

1 Like

Should be or :wink:

For the reference, AFWall+ FAQ : https://github.com/ukanth/afwall/wiki/FAQ


Thank you for pointing to the superfluous “1” in the address!

whois.com says: “CIDR:”.

Can there be any adverse side effects if the actual range is smaller than the one given in the script?

It depends on iptable behaviour … May correct it, ignore it, crash ! Not easy to predict with an Android build :thinking:

don’t get it running. everytime I’m adding a second IP range, all connections are blocked and I have to remove AFWall+ and install it again with only one range.
I have tried to look into the file /system/bin/iptables, but it’s no text file.

I really don’t know how to setup the IP’s. The HowTo/FAQ’s I don’t understand :confused: I think I have to learn more about this network stuff

I have started AFWall+ again with fresh install and going to ‘Set custom script’

adding 1 rule

after ‘apply’ and starting firewall I get a shot message, thatthere is a error on custom rules but firewwall is working and internet connection of browser works to

Adding second rule

I’m getting the same error twice when enabling firewall but enabling won’t work. On no internet connections are available til I remove AFWall+ complete

Touch the yellow underlined “hier”. It’s a link that takes you to ukanths explanations. See especially “Some examples”. The first one with the path to your iptables is missing in your screenshot.

If I’m not mistaken there’s a typo in the first script line.
There must be a space between the “24” and the “-j” but in the Screenshot I can’t identify that space…

EDIT: Apart from that the second rule doesn’t give sense. If the network address is then the mask length should be 24 (or longer) - although then the two rules still don’t include the IP address from your first post…
If you ONLY want to block the IP of your first post then the rule is

$IPTABLES -A “afwall” -d -j REJECT

I have touch it 100 times and the link is dead
Edit: sorry, the dead link is/was because of AFWall has blocked evrything.

The link is pointed to the howto whichbI don’t understand

There is a space
$IPTABLES -A “afwall” -d -j REJECT

That’s very strange. In your Screenshot I absolutely can’t see it. There’s only for sure one in the second line (between the 16 and the -j:

I have just copy and paste the line from above
and I’m getting the error, but firewall is activated and is blocking everything.so i have to disable the firewall

Do you mean the line

$IPTABLES -A “afwall” -d -j REJECT

Including the $ sign at the beginning? (I’d forgotten it at the first)
If yes then I’m sorry, I can’t help. I can “correct” the IP addresses but I’m not an Afwall+ expert… :grin: