AFWall+ clears/erases the dmesg ring buffer every second, erasing valuable kernel log info #991
Comments
|
JFHC #834 |
|
I have started working on this. This behaviour only exist for kernel which does not have NFLOG chain. All modern kernel's ship with NFLOG chain. Anyway I will fix this. |
|
@ukanth I'm on AOSP Extended Pie, Xiaomi Redmi Note 4 (mido). Previously everything worked perfectly. I don't know exactly which release broke this a few weeks/months back. My kernel is built with both But Is the decision between |
|
Duplicate/related to #1002 |
AFWall+ v3.1.0 on an old Samsung S5 Snapdragon (klte?) running Android 7.1/LinageOS 14 is erasing the dmesg kernel ring buffer every one second if the log service is enabled.
This is something malware does to hide itself. I spent hours tracking down which app on this device was malware.
Interestingly, I have this same version of AFWall+ installed on three other devices and they do not appear to be exhibiting this behavior. There may be something specific about the app configuration or a combination of other factors which induce this undesirable behavior.
It's also noteworthy that toggling off the "Turn on log service" checkbox in preferences on this device does not take effect until the next system boot. This toggle will immediately activate the bad behavior, but not disable it. I am also under the impression that killing the AFWall+ service and uninstalling it (along with every other 3rd party app on the system) won't stop it until a reboot either.
Unfortunately I don't have time to dig deeper into this right now. If/when I get time to do that I'll come back and update this bug with more information. I hope to be able to play around with it next week.
The text was updated successfully, but these errors were encountered: