[5.0+][ROOT][3.5.3] AFWall+ IPTables Firewall [28 JUN 2022]
source link: https://forum.xda-developers.com/t/5-0-root-3-5-3-afwall-iptables-firewall-28-jun-2022.1957231/page-325#post-87271193
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
[5.0+][ROOT][3.5.3] AFWall+ IPTables Firewall [28 JUN 2022]
Anything you need me to check/change to help debug this?
Reactions: 白い熊
forgive my noob question. Which app should i tick at the lsposed ui for afwall+? is it system framework or any other?
you just check system framework, however you used to have to select download manager also but since I don't use the xposed module anymore (ukanth deprecated it in latest releases) I would just wait for him to push a new one out, but you should be good with system framework and download manager (unless someone else can chime in here)
Reactions: TiTiB
Try after flashing magisk, in twrp reboot back to system and then install magisk again. Hope this works.There seems to be no chance to get 24.2+ (which got a rewrite and the developers mentioned, that it may not work on all devices) working. I flashed 25.1 in TWRP but Magisk Manager 25.1 says it's not installed and I also don't have root access in other apps. Flashing 24.1 in TWRP and all apps except AfWall are working fine again. Maybe I could check 24.3 again.
AfWall 3.5.2 worked fine on the same device on LineageOS 14.1 (7.1.2) and Magisk 24.1.
EDIT: Magisk 24.3 also doesn't work.
If i check the option to show work profile and or dual apps in afwall, none app show up, just a blank screen and sometimes a fc.
AFWall+ is an improved version of DroidWall(front-end application for the powerful iptables Linux firewall).(...)
Features- Supports 5.x to 12.x(...)
Is and how is it possible that it works in android 12.1 on older devices as described in LineageOS Changelog 26:
Let’s talk about legacy devices…
Bad news lies ahead, sadly. I know many of you were expecting the usual myriad of legacy devices to surprise you with a 19 release, but at the moment they won’t be.This is due to AOSP’s removal of iptables in favor of eBPF. This is a newer, much more efficient kernel side implementation.
The issue lies in the fact that only devices with Linux kernel 4.9 or newer have the needed capabilities to make use of eBPF. Usually, these things can be backported to older kernel versions, but at the moment, even something as close to version 4.9 as 4.4 proved challenging due to the sheer number of commits and structure changes in BPF’s introduction. Those of you on a 4.4 kernel, fear not, a backport has been created, but for devices using kernel versions 3.18 and below, this may be the end of the road. If you become aware of a functional backport, or create one yourself, feel free to let us know via devrel(at)lineageos.org!
Additionally, iptables can’t be restored in any meaningful way, which makes things all the harder. At the moment, with some hacky workarounds (that we won’t be merging, as they break packet filtering, etc.) legacy devices can boot, but until a proper workaround/backport of BPF is brought to older kernel versions, don’t expect legacy devices to ship LineageOS 19.
Reactions: Uluru25
Try after flashing magisk, in twrp reboot back to system and then install magisk again. Hope this works.
Thanks, but it also doesn't work. Still on Magisk 24.1.
Is and how is it possible that it works in android 12.1 on older devices as described in LineageOS Changelog 26:Let’s talk about legacy devices…
Bad news lies ahead, sadly. I know many of you were expecting the usual myriad of legacy devices to surprise you with a 19 release, but at the moment they won’t be.
This is due to AOSP’s removal of iptables in favor of eBPF. This is a newer, much more efficient kernel side implementation.
The issue lies in the fact that only devices with Linux kernel 4.9 or newer have the needed capabilities to make use of eBPF. Usually, these things can be backported to older kernel versions, but at the moment, even something as close to version 4.9 as 4.4 proved challenging due to the sheer number of commits and structure changes in BPF’s introduction. Those of you on a 4.4 kernel, fear not, a backport has been created, but for devices using kernel versions 3.18 and below, this may be the end of the road. If you become aware of a functional backport, or create one yourself, feel free to let us know via devrel(at)lineageos.org!
Additionally, iptables can’t be restored in any meaningful way, which makes things all the harder. At the moment, with some hacky workarounds (that we won’t be merging, as they break packet filtering, etc.) legacy devices can boot, but until a proper workaround/backport of BPF is brought to older kernel versions, don’t expect legacy devices to ship LineageOS 19.
... are there really many guys using kernel versions 3.18 and below???
... are there really many guys using kernel versions 3.18 and below???
Don't you think there is quite a bit of Lineage 19.1 unofficial for devices with older kernel?
Google Nexus 7 flox made by followmsi
Nexus 6 shamu made by rootfan
HTC One M8 made by tarkzim
Samsung Galaxy S2 i9100 made by rINanDO
Samsung Galaxy Note 2 made by html6405
Samsung Galaxy S3 i9305 made by html6405
Samsung Galaxy S4 i9505 made by side
Samsung Galaxy Note 3 n9005 made by html6405
Samsung Galaxy S4 i9506 made by Khalvat
Samsung Galaxy S5 g900f made by Khalvat
Sony Xperia Z C6603 yuga made by tarkzim
Sony Xperia Z3+ e6553 ivy made by tarkzim
... are there really many guys using kernel versions 3.18 and below???
Yes, here. Galaxy Note 8.0.
Don't you think there is quite a bit of Lineage 19.1 unofficial for devices with older kernel?
Google Nexus 7 flox made by followmsi
Nexus 6 shamu made by rootfan
HTC One M8 made by tarkzim
Samsung Galaxy S2 i9100 made by rINanDO
Samsung Galaxy Note 2 made by html6405
Samsung Galaxy S3 i9305 made by html6405
Samsung Galaxy S4 i9505 made by side
Samsung Galaxy Note 3 n9005 made by html6405
Samsung Galaxy S4 i9506 made by Khalvat
Samsung Galaxy S5 g900f made by Khalvat
Sony Xperia Z C6603 yuga made by tarkzim
Sony Xperia Z3+ e6553 ivy made by tarkzim
Sorry, I fail to see the issue: why the need to always be on the latest? If there is no one to release an updated kernel for your device, then stay on your stable/tried and tested older ROM. If it works, what else do you need? If really desperate for the latest eye-candy, get a newer device 
Sorry, I fail to see the issue: why the need to always be on the latest? If there is no one to release an updated kernel for your device, then stay on your stable/tried and tested older ROM. If it works, what else do you need? If really desperate for the latest eye-candy, get a newer device
Perhaps awkwardly, because in a sentence ending with a colon, but in post #6489 I asked a question. Did you notice?
Perhaps awkwardly, because in a sentence ending with a colon, but in post #6489 I asked a question. Did you notice?
Those unofficial maintainers should get their kernels together, IMHO.
Those unofficial maintainers should get their kernels together, IMHO.
So you think that these great guys, who spend a lot of time for getting LOS working on legacy devices and give them a new life, should develop a working kernel or spend some extra time and knowledge?
And BTW because you were asking why the latest:
1. Android 12L has some optimizations for tablets and also other new useful features compared to older versions
2. old Roms are often not maintained anymore and are getting no security or bug fixes anymore, especially when the developer is the same
3. sometimes you don't have a selection of good roms
4. some apps don't get updates on old Android versions like 7.1.2 anymore
Reactions: ze7zez
nutzfreelance
Senior Member
i just dont feel safe knows bad apps could be using download manager behind my back ( and all the apps that still use download manager which should just be removed from android)
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK