Want disable outgoing connection to special ip

I copied this line. …

That “hier” link should take you to https://github.com/ukanth/afwall/wiki/CustomScripts where the first example looks like this:

# Necessary at the beginning of each script!
OEM_SCRIPT_PATH=/system/bin/oem-iptables-init.sh (optional)
IP6TABLES=/system/bin/ip6tables
IPTABLES=/system/bin/iptables

# Now add your own rules...

It seems to me that the path to your iptables is missing an you have to put it before the first script.

Ah, ok, I never have used that script beginning. I’m always only sdding the $IPTABLES … lines.
As I have written, this wiki is such worst and i have read it several times and onky.have had questikn marks in.my eys.

It’s a very unconfortable app.Adding all this in the smal line on a smal screen is bad. Why is there no text file where I can erite down the rules ? Creating it on pc, transfer it to the phone and AFWall will use it.
But why doing sonething easy when there is akso a hard way :weary:
But that’s an other case.

Will try tommorw the whole scrpit. The path in.the script is ok, i have checked

To edit scripts in AFWall+ hold your phone in landscape mode and use Simple Keyboard from F-Droid. That way you can gain a little more space. And yes, copy and past do work for me.

Ok, I give up. That’s my input and still getting an error and all connections are blocked

I have just found a much better firewall: NoRoot Firewall. It shows you All internet connection and you can decide blocking or not. It has 1 tracker . That’s bad, but i hope it want work in e :smiley:

I just installed it after reading your last post :grinning:
So far so good …
Hopefully the tracker is just crash report, as stated.

Soneone has told me, that google trackers are needing ply services. So with microG or on my phone without microG the google tracker shouldn’t work. But i don’t know for sure. A e developer has told me, that some trackers really neefing play services, but not all

I’ve put a script in /data/bin (firewall.sh)


chmod the file to 755 chmod 755 firewall.sh.
Make sure filetype is UNIX, not DOS.

Call it in Afwall+

BTW i don’t use the latest Afwall because it gives me error “error purging rules”, the previos version works fine.

NoRoot app is in … NoRoot’s apps list, so we may block it :smirk:
I’ve blocked MicroG on my phone, so far every app I’ve tried is working fine …

Problem with no-root firewall’s is they all are local vpn based, then you can’t use another vpn, right?

That’s right.
But they often offer a simplified user interface, simple enough for an average user (as myself) wich don’t need VPN.

All my internet connections are running thru protonVPN via OpenWrt router.

Use the protonVPN app won’t work with NRF

No way, I have tried with this script as you have written. But Netmonitor shows me still the IP.
I think the issue is the IPv6 translation

script.sh

NetMonitor Overview

IP’s

Ha, if the DNS lookup results in an IPv6 address then blocking the IPv4 address obviously isn’t gonna help. Also, services can change IP address every now and then, sometimes more frequently when failovers happen or the service gets swapped to a new cluster… We really need a solution where one enters hostnames and the FW/blocker deals with the translation to IP address and updates it every now and then.
Is AFWall the only solution that doesn’t use the VPN slot?

TrackerControl is checking/blocking everything what going through the local VPN