How to configure an Android firewall to mimic Network Lock ?

[dschubba 0]

Hello,

 

I've recently installed OpenVPN for Android (the open-source recommended choice) but I'm concerned about different issues.

For instance, this app doesn't autostart at boot / reboot but has to be manually started.

BTW Android uses wifi's previous state after reboot : when Wifi was "on" our real IP is visible until OpenVPN is manually started.

When it crashes (it happens with the latest version) our real IP gets exposed too.

 

I wonder if it could be possible to configure a firewall (AfWall+ or Droidwall) to block all the traffic excepting the one which transits through OpenVPN for both Wifi and data (3G/4G) ?

 

These two apps are using iptables but I don't know how to write the custom rules matching my requirements. The help and knowledge of some computer savvy members would be appreciated. If it works we could maybe create a tutorial for the "How to" section of this forum ?

 

I've collected several articles regarding Android and iptables but I've no idea how I could adapt all this for AirVPN .ovpn default config file (Europe).

 

https://android.stackexchange.com/questions/14455/how-can-i-block-the-traffic-outside-the-vpn-even-if-the-vpn-is-down

https://github.com/ukanth/afwall/wiki/Apps-leak-private-user-data-during-boot

https://blog.torproject.org/blog/mission-impossible-hardening-android-security-and-privacy

https://droidvpn.com/page/stopping-leaks-with-droidwall-when-using-droidvpn-8/

https://airvpn.org/faq/software_lock/

 

Any idea ?

 

Thanks 

[Reso 19]

Sorry can't help with the firewall. On OpenVPN not starting after a reboot, are you sure you've ticked connect on boot in your OpenVPN settings and also selected the VPN used on boot?

Sent from my SM-T580 using Tapatalk

[BSoD 4]

Hi, you can actually set-up afwall+ to only allow a VPN connection for specific apps. Go to preferences and choose Rules/connectivity.

Choose there the VPN control checkbox. There should have appeared an extra column to allow/block network access.

I hope this helps a bit.

 

Sent from my Pixel XL using Tapatalk

[dschubba 0]

On OpenVPN not starting after a reboot, are you sure you've ticked connect on boot in your OpenVPN settings and also selected the VPN used on boot?

 

Hi !

I'm using Marshmallow 6.0.1. I've already ticked those boxes but OpenVPN doesn't autostart at boot / reboot. I've reinstalled the app, cleared its cache, disabled power saving and it never worked. Does it work on your device ?

 

Hi, you can actually set-up afwall+ to only allow a VPN connection for specific apps. Go to preferences and choose Rules/connectivity.

Choose there the VPN control checkbox. There should have appeared an extra column to allow/block network access.

I hope this helps a bit.

 

Thanks for the advice. I'll give it a try.

[Reso 19]

 

On OpenVPN not starting after a reboot, are you sure you've ticked connect on boot in your OpenVPN settings and also selected the VPN used on boot?

Hi !

I'm using Marshmallow 6.0.1. I've already ticked those boxes but OpenVPN doesn't autostart at boot / reboot. I've reinstalled the app, cleared its cache, disabled power saving and it never worked. Does it work on your device ?

Hi, you can actually set-up afwall+ to only allow a VPN connection for specific apps. Go to preferences and choose Rules/connectivity.

Choose there the VPN control checkbox. There should have appeared an extra column to allow/block network access.

I hope this helps a bit.

Thanks for the advice. I'll give it a try.

Yes. Works fine on my phone (Samsung Galaxy S7) and Tablet (Samsung Galaxy Tab A).

 

Sent from my SM-T580 using Tapatalk