Does AFWall work on Android 12 and greater since Google removed iptables?

[ioogithub]

It is my understanding the Google has removed iptables from ASOP in Android 12 in favor of a new firewall: eBPF.

Since afwall works with iptables, if iptables is gone, does afwall work with Android 12 or will this app die at Android 11.

Are there any plans to adapt afwall to eBPF such as the built-in LineageOS firewall has done?

Here are three links describing the change:

https://xiaomiui.net/lineageos-19-update-released-22826/
Iptables replaced with eBPF & legacy devices dropped The AOSP code now includes an ePBF (Extended Berkeley Packet Filter) loader and library, which loads eBPF programs at boot to extend the functionality of the kernel. Due to this, iptables has been deprecated in the LineageOS 19 update...

https://fossbytes.com/lineageos-19-released/
...Wondering why? This is mainly because Google has dropped the support of iptables in favor of eBFF.

https://laptrinhx.com/lineageos-19-based-on-android-12-is-now-officially-available-2316059766/
...Furthermore, you can’t restore iptables in the AOSP codebase without breaking things.

[howyay]

While I can't say conclusively for when using "System iptables" option, AFWall seem to function normally when using "Built-in iptables" option for iptables binary.

[alfureu]

My only problem with Afwall and Android 12 (LineageOS 19.1) is that it does not distinguish between normal and work apps anymore. Whenever AFWall is enabled, it also blocks all the Work Profile apps. I know it is an "experimental" feature, but would be lovely to see a fix.

[ukanth]

I tested it on emulator and it works.

[alfureu]

it does work if you do not have a work profile, I agree. AfWall does not work with work profile enabled on Android 12

[ukanth]

@DOFfactory , that's fixed in the latest beta (yet to be released on playstore)

[Humorist2601]

@ukanth Using the latest beta on Android 12.1, I have encountered some problems regarding Work Profile Apps

• If I refresh the app list it gets stuck on "Retrieving App List" Dialog
• All apps are shown two times, one time normally and one time with the (M) suffix regardless of whether I have the app in the work profile or not
• Swiping away Afwall from Recents screen closes it completly (like forceclose)

I have attached the crashlog for last issue

FATAL EXCEPTION: main
Process: dev.ukanth.ufirewall, PID: 17094
java.lang.RuntimeException: Unable to start service dev.ukanth.ufirewall.service.LogService@f659e81 with Intent { act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10000000 pkg=dev.ukanth.ufirewall cmp=dev.ukanth.ufirewall/.MainActivity }: java.lang.IllegalArgumentException: dev.ukanth.ufirewall: Targeting S+ (version 31 and above) requires that one of FLAG_IMMUTABLE or FLAG_MUTABLE be specified when creating a PendingIntent.
Strongly consider using FLAG_IMMUTABLE, only use FLAG_MUTABLE if some functionality depends on the PendingIntent being mutable, e.g. if it needs to be used with inline replies or bubbles.
at android.app.ActivityThread.handleServiceArgs(ActivityThread.java:4724)
at android.app.ActivityThread.access$2000(ActivityThread.java:256)
at android.app.ActivityThread$H.handleMessage(ActivityThread.java:2129)
at android.os.Handler.dispatchMessage(Handler.java:106)
at android.os.Looper.loopOnce(Looper.java:201)
at android.os.Looper.loop(Looper.java:288)
at android.app.ActivityThread.main(ActivityThread.java:7870)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:550)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1003)
Caused by: java.lang.IllegalArgumentException: dev.ukanth.ufirewall: Targeting S+ (version 31 and above) requires that one of FLAG_IMMUTABLE or FLAG_MUTABLE be specified when creating a PendingIntent.
Strongly consider using FLAG_IMMUTABLE, only use FLAG_MUTABLE if some functionality depends on the PendingIntent being mutable, e.g. if it needs to be used with inline replies or bubbles.
at android.app.PendingIntent.checkFlags(PendingIntent.java:375)
at android.app.PendingIntent.buildServicePendingIntent(PendingIntent.java:724)
at android.app.PendingIntent.getService(PendingIntent.java:686)
at dev.ukanth.ufirewall.service.LogService.onTaskRemoved(LogService.java:357)
at android.app.ActivityThread.handleServiceArgs(ActivityThread.java:4708)
... 9 more

[alfureu]

which beta are you talking about?

[ukanth]

#1249 (comment)

[alfureu]

I can confirm the same error as @TheHawaiianKoala. The retrieving gets stuck, and also the app crashes often

[ukanth]

Thanks. Kindly share the logcat. Otherwise I can't fix.

[Humorist2601]

There is nothing out of the usual in the Logcat except the following line

command 'iptables -A afwall-3g-home -m owner --uid-owner 0:999999999 -j afwall-reject -w 1' exited with status 4, retrying (attempt 1/10)