Related
Hi guys, I'm looking for a way to block internet access for individual apps on my Home & Work wifi networks only, but not on other wifi networks and 3G...
I'm on 4.4.2 KK and usuing AppOps + Android fiewall, but non of these apps do what I need... Android fiewall for example allows blocking app from Wifi and no matter where...
if you know some app that allows this kind of thing, please let me know,
THANKS
I think you might have to use a combo. Something like this:
https://play.google.com/store/apps/details?id=com.googlecode.droidwall.free
+
https://play.google.com/store/apps/details?id=net.dinglisch.android.taskerm
+
https://play.google.com/store/apps/details?id=com.intangibleobject.securesettings.plugin
I believe there are some newer Tasker type apps that are free, but dunno about something like the Secure Settings plug-in. Now, I've never set anything up like this, so am only providing this as one possible method that I have not tested.
Ok thanks, I'll check Tasker, my friends recommended about this one long time ago...
about the way DroidWall is fine, but I'm using Android firewall which is based on DroidWall but is better...
10X
Xposed app firewall.
This app is an firewall for the installed apps. Only apps with permission "android.permission.INTERNET" are
shown. IPv4 and IPv6 are supported together with TCP and UDP. You could configure outgoing and incomming
connections independent from each other.
The rules could be applied for each network: W-Lan, local network, mobile, roaming, unknown.
Logging is configurable for incomming/outgoing and allowed/denied connections.
Colors:
Blue: Template is used.
Yellow: Custom settings.
Green: The app is trusted.
Red: The app is blocked.
Features:
No iptables required, the kernel doesn't need to support it.
The firewall is active when Android starts, no startup data leak.
The rules are always active, no re-apply on connection change is needed.
Limitiation:
Host names in the log file are PTR entries.
Works only for Android (Java), not the native (Linux) part
Donation:
No self-promotion in the app.
You could trust or block an app (Menu/ActionBar)
You could use a template for not configured apps
Additional (experimental) networks: Bluetooth, WiMAX, Ethernet
Tasker support, per App
You support this app and further development!
Permissions:
ACCESS_SUPERUSER: apply iptables rules
This app does not connect itself to any websites or hosts!
Important:
This app needs the Xposed Framework. The framework requires root access for installation. Don't forget to enable the module in Xposed. You can grab it here: Xposed Installer
Website: http://tinyurl.com/l5bpv23
Play Store: http://tinyurl.com/ome2pvc
Xposed Repository: http://tinyurl.com/ksc6plz
Changelog: http://tinyurl.com/n8gsqja
Why this app? No firewall for Xposed exists yet
Translation:
You could find here a interface to translate the english strings: http://tinyurl.com/okycacj
A free account of www.oneskyapp.com is required to edit. Additional, please attach your email address or send it via PM
Insane.. I was looking for something like this about 12 hours ago.. its almost like you read my mind and made it just for me!.
I like your style. Nice and simple and keeping it in line with your others.
Sent from my GT-I9300 using Tapatalk
Downloading now.
Sent from my SCH-I535 using XDA Premium 4 mobile app
shivadow said:
Insane.. I was looking for something like this about 12 hours ago.. its almost like you read my mind and made it just for me!.
I like your style. Nice and simple and keeping it in line with your others.
Sent from my GT-I9300 using Tapatalk
Click to expand...
Click to collapse
Maybe you head me thinking loud 6 weeks after starting this app: "i will release today, if there are still error, i'll fix them later"
Am I correct in assuming this is not open source?
I got a question about incoming/outgoing connections, maybe somone else want to know:
Incoming connections are used by less than 1% of all apps. This is used if the app is a "server", like BubbleUPnP. So most time incoming conections could be blocked, i think for mobile network 100%.
An outgoing connection is like a phone call: You call someone (outgoing connection), and can talk (send "data") and hear (receive "data")
Wifi Internet and Network:
If you want to control eg your local tv-receiver, xbmc device or avm router (with FreetzMobil), only connections to the local network are required. This prevents app to send data to the internet.
The "local network" are all "private" IPv4 and IPv6, they will not be forwarded by internet routers. Additionally, if you use "public" IPs they are local if it is in the same subnet as a ip of your device. Uncommon for IPv4 usage, but public IPv6 are the common usage (public IPv6 for every device)
an0n981 said:
Am I correct in assuming this is not open source?
Click to expand...
Click to collapse
As usual i send source only to people i know
I took this mod for a quick test drive, a little feedback:
-Is it not possible to restrict kernel?
-Could it be that apps that use native libraries to connect to the internet cannot be restricted? Firefox and Mega (both use native libraries) were able to connect even when completely restricted.
Also a little cosmetic issue com.android.process.gapps showed completely green at all times. However restrictions were applied properly
an0n981 said:
I took this mod for a quick test drive, a little feedback:
-Is it not possible to restrict kernel?
-Could it be that apps that use native libraries to connect to the internet cannot be restricted? Firefox and Mega (both use native libraries) were able to connect even when completely restricted.
Also a little cosmetic issue com.android.process.gapps showed completely green at all times. However restrictions were applied properly
Click to expand...
Click to collapse
Yes, see OP: "Limitiation: ... no native binaries." This is because the design of Xposed
Isn't it "com.google.process.gapps"? Onyl this one app has the wrong colors? Has it a green dot for "trusted app"? What did you configured for it?
Yes I meant com.google....
I set it from template to custom, blocked everything, however in the app overview it still showed as all green. When it was restricted GCM was blocked and the log showed blocked connections to mtalk.google.com:5228. Then I unrestricted outgoing mobile and wifi and GCM was available and the log correctly showed allowed connections but the colors in the app overview didn't change
Version 1.0.1 uploaded
- fix "incoming" thx @w0rinal
- also an error related to coloring, @an0n981 can you check if it fixes your problem? Toggling options could be required
defim said:
- also an error related to coloring, @an0n981 can you check if it fixes your problem? Toggling options could be required
Click to expand...
Click to collapse
Sorry the bug is still present
Also 1 more questions. Do you see any problem running this along side AFWall?
The bug affects any app that starts end ends with <>. <android.media> and <org.mozilla.firefox.sharedid> also always revert back to displaying completely green once the app is reloaded
an0n981 said:
Also 1 more questions. Do you see any problem running this along side AFWall?
Click to expand...
Click to collapse
No, should work without problems. The one created iptables rules other hooks the connection methods - if one fails, the other does it
an0n981 said:
The bug affects any app that starts end ends with <>. <android.media> and <org.mozilla.firefox.sharedid> also always revert back to displaying completely green once the app is reloaded
Click to expand...
Click to collapse
The "<>" entries are not real apps (.apks) with a package name, they are uids. At app start i load all installed apps with internet-permission and hide apps which are no more installed / have not any longer the permissions -> the uid items are not in the list of installed apps (obviously)
Will be fixed in next release
EDIT: Uploaded
This is awesome ?
A few questions:
- is there a way to edit template? I couldn't find it anywhere in settings- am I missing something?
- Can you add multiple selection? For example, someone has lots of apps and wants to block roaming to them etc. etc. without having to change it manually for each app.
- filtering or sorting apps? perhaps something simple like the way afwall , or a more thorough filter like XPrivacy has?
Sent from my Nexus 5 using Tapatalk
defim said:
The "<>" entries are not real apps (.apks) with a package name, they are uids. At app start i load all installed apps with internet-permission and hide apps which are no more installed / have not any longer the permissions -> the uid items are not in the list of installed apps (obviously)
Will be fixed in next release
EDIT: Uploaded
Click to expand...
Click to collapse
Confirmed fixed
jaibar said:
This is awesome ?
A few questions:
- is there a way to edit template? I couldn't find it anywhere in settings- am I missing something?
- Can you add multiple selection? For example, someone has lots of apps and wants to block roaming to them etc. etc. without having to change it manually for each app.
- filtering or sorting apps? perhaps something simple like the way afwall , or a more thorough filter like XPrivacy has?
Sent from my Nexus 5 using Tapatalk
Click to expand...
Click to collapse
The template is used for all "blue" apps, which where are not configured by user. Modifying template is part of the donator options (see OP).
Btw, next planned feature: detection of VPN connections
defim said:
The template is used for all "blue" apps, which where are not configured by user. Modifying template is part of the donator options (see OP).
Btw, next planned feature: detection of VPN connections
Click to expand...
Click to collapse
Nice feature !
I dry tested this app (i.e. not checked in the Xposed module on my device) and already saw that the VPN was missing. Now I use AFWall+ which is good and has more profiles. I block all Google apps with it with a 'limited internet' profile and every time I download something from Play, I load another profile which allows 'Google Play services' and 'Google Play store' internet connection and after download/update I revert to 'Limited internet'.
On my Mac I have 'Little Snitch' firewall which has the ability to let it prompt for certain apps which I don't want to be connected permanently (such as the Mac App Store), but only when I do e.g. an OSX update. In that case I let it prompt and say 'only this time'.
A similar approach on LightingWall should be very welcome. E.g. a notification that the Play store wants to connect with internet and when one wants to download / update an app, say 'only this time' and not permanently.
mermaidkiller said:
Nice feature !
I dry tested this app (i.e. not checked in the Xposed module on my device) and already saw that the VPN was missing. Now I use AFWall+ which is good and has more profiles. I block all Google apps with it with a 'limited internet' profile and every time I download something from Play, I load another profile which allows 'Google Play services' and 'Google Play store' internet connection and after download/update I revert to 'Limited internet'.
On my Mac I have 'Little Snitch' firewall which has the ability to let it prompt for certain apps which I don't want to be connected permanently (such as the Mac App Store), but only when I do e.g. an OSX update. In that case I let it prompt and say 'only this time'.
A similar approach on LightingWall should be very welcome. E.g. a notification that the Play store wants to connect with internet and when one wants to download / update an app, say 'only this time' and not permanently.
Click to expand...
Click to collapse
Xprivacy implements a similar thing, allowing the user to be informed when one of the restrictions are asking for access of that permission, including internet permissions(no distiction between lan or vpn), i would also welcome an on demand prompt feature for this app, its one faeture i wished afwall had, but believe it cant because of the nature of iptables i believe,
Saying that im also kinda worried that this might conflict, two apps essentially fighting for control to "pause" the system, hope im wrong, maybe if the two devs of the two respective apps co-orporated in implementation,it might be resolved, if there is an issue, i dont know........... but im getting ahead of myself here, defim has not even stated that he'll implement this, still, no harm in discussing possibilities, slim or not
@banderos101 @mermaidkillerIf you want to be informed if an app is allowed or denied to access some hosts, you could get it with Tasker. Just with a simple message box or more enhanced things Tasker can do. It should not be a problem using this app wiht Xprivacy, AFwal etc. If you block a connection with one app, it could be that the others can't see/log it. This depends on the order of the apps, An iptables firewall should be the last the connection is passing.
A per host filter is not planned, if you want to stop connection to some (tracking, malwar, adware) hosts a hosts file filter could be used, like my UnbelovedHosts
defim said:
As usual i send source only to people i know
Click to expand...
Click to collapse
Too big a risk to take for security software like this. Post your work up on Github under a reasonable license.
I'm not seeing a big advantage over the GPL AFWall+ anyway.
i see there is already ssh server available if you copy a key back into the device
but i can see good features like VPN and Hotspot are missing
i can see that vpn could be hard if not in RW mode
and hot spot just needs ap-hotspot installing
is there a way of seeing what apps are going to be available ?
a lot of handy tools on the droid which are missing from here that could be added and probably already available
nmap
virt-manager
to name a few, but handy for system admins to work on remote servers etc ...
wayneward said:
i see there is already ssh server available if you copy a key back into the device
but i can see good features like VPN and Hotspot are missing
i can see that vpn could be hard if not in RW mode
and hot spot just needs ap-hotspot installing
Click to expand...
Click to collapse
Feel free to file a bug at https://bugs.launchpad.net/ubuntu/+source/ubuntu-system-settings.
wayneward said:
is there a way of seeing what apps are going to be available ?
a lot of handy tools on the droid which are missing from here that could be added and probably already available
nmap
virt-manager
to name a few, but handy for system admins to work on remote servers etc ...
Click to expand...
Click to collapse
What do you mean by "what apps are going to be available"? You'll never know what 3rd party devs will do.
However, these things won't be doable by 3rd party apps due to Ubuntu's apparmor security policies. These would have to be implemented in the system settings or as some system service as well.
wayneward said:
i see there is already ssh server available if you copy a key back into the device
but i can see good features like VPN and Hotspot are missing
i can see that vpn could be hard if not in RW mode
and hot spot just needs ap-hotspot installing
is there a way of seeing what apps are going to be available ?
a lot of handy tools on the droid which are missing from here that could be added and probably already available
nmap
virt-manager
to name a few, but handy for system admins to work on remote servers etc ...
Click to expand...
Click to collapse
https://wiki.ubuntu.com/Touch/ReleaseNotes :good:
The following network features are not yet included in the Developer Preview:
Advanced Settings (e.g. Hidden SSIDs, Manual IP, VPN…)
Hot Spot/Tethering
@Geeks Empire Those release notes are quite outdates. Hidden SSIDs, for example, have been there for ages now.
Sent from my awesome Ubuntu Touch device using the Forum Browser app
First off: If this kind of request is not allowed on XDA, or if I have this is posted in the wrong area, or if there are any other problems I haven't thought of, please let me know and/or delete this thread!
I would like to request that someone with the skills and know how please make a very small modification to a free android app for me... I know a little bit about coding, but I don't have the know how to decompile, edit, and recompile and android apk, but I know enough about coding to know that the actual change I would like to make should be fairly quick and easy to do.
The apps (two actual, since there is one phone and one tablet version), (SlingPlayer Free for Phones) and (SlingPlayer Free for Tablets), is a video streaming app for a device called a Slingbox which hooks up to your home cable box to allow streaming of all your home cable TV channels. The app has a feature built into it that allows you to check a box in the settings to limit the bandwidth used over mobile cellular internet connection to 1024 kbps so that it doesn't burn through all your mobile data really fast.
Basically what I want, is the exact same option but for limiting bandwidth over WIFI connection (by adding another check box to the settings, or even just making the current check box apply to both cellular and wifi if thats easier).
The reason being, is that when I use the app on my wifi only tablet via Mobile Hotspot from my phone, it sees the connection as wifi (of course) which allows it to stream at full speed which burns through my data way too fast, while not really providing any noticeable difference in streaming quality. I know there are apps out there that allow you to limit bandwidth at a system wide level, or even on a per app basis, but I've tried almost all of them and for whatever reason they just don't work as intended and cause the video stream to get choppy and buffer all the time. The cellular bandwidth limiting built into the app doesn't ever do that when enabled.
Also, just is case anyone is curious, I actually do own the paid version of the phone app (which I bought at a price of $29.99 back when it originally launch on Android! It's only $14.99 now). I'm only asking for a modified version on the free app because, though I'm not 100% sure on this, it just seems wrong to ask someone to hack and modify a high priced paid app, even though you'd be adding a feature, not removing anything... And I have also contacted the makers of this app repeatedly asking for this feature to be added, amount other things and bugs I'd found in the app, and they refuse to even respond, so I can't get any help out of them. Been trying for almost three years now.
I may be able to make a small donation to the person that adds this feature for me, if desired (and/or if allowed?)
Have you tried contacting the author of this app? What he said?
Wysłane z mojego SM-G935F przy użyciu Tapatalka
This device caught my eye recently (Kyocera KY-01L):
https://uncrate.com/kyocera-ky-01l-card-phone/
Points of interest:
* Android-based
* e-paper display
* ultra compact
Personally I feel Kyocera made a huge mistake by not including the Play Store, or at least including an e-Reader application. A pocket-sized e-Reader that is also my phone just sounds awesome in theory (although the 380mAh battery might prove otherwise in reality...)
Since I use Hangouts and Hangouts Dialer for all my communications, I can't really use this unless I can get gApps installed.
Does anyone have experience hacking Kyocera phones? How difficult would it be to get root, TWRP, and gApps working on this thing?
I googled that phone and found your post. Most intriguing idea, but overpriced imho. I would like to test my developer skills on that but without adb or at least apk installer its useless
Android is not fully compatible (out-of-the-box) with e-ink and screen sizes under 3", unless it's heavily modified. Which is not worth the investmet, considering the target market. And even if Android were adapted, many apps wouldn't run anyway. They wrapped a layer around it to run essentials services. Note that there is a real browser though.
KY-01L Information
So i bought one of these myself out of curiosity and here's what i've found:
ADB can be enabled from the phones settings (the option is called "switch usb debugging") once it's enabled you can sideload APK's
APK's cannot be installed on the phone itself, when doing so you get the message than unknown sources are not enabled however as kyocera have modified the security settings there is no way to enable this afaik
The apps use AOSP icons and have some normal screens present which can be accessed with an activity launcher
When using installed apps the E-ink screen switches to a high refresh rate mode at random and the only way to get it back to normal is to launch cardphonehome (the default launcher)
The phone won't connect to any UK networks (i've only tried vodaphone and EE sims in it)
Bluetooth media audio seems to be removed entirely, even when sideloading a music player
The stock keyboard uses a 9 key input for text, you can sideload something like gboard but i haven't found the option to set it as the default input method
If you intend to buy one then i would suggest looking on YAJ proxy sites like buyee as they tend to go for ~£160.
Apps i'd recommend sideloading:
Activity launcher - lets you get into hidden menus and back into the stock launcher
Stealth music player - Plays music through the phones earpiece, can also enable the earpiece for use with audio from other apps
i'd also suggest lowering the DPI as some apps may be cramped
Dialer codes
*#*#4636#*#* - Android Testing menu
*#*#3878#*#* - Qualcomm FTM menu
*#*#225#*#* - Calendar info
Update: i've noticed the soc that CPUZ is reporting conflicts what others have said, ADB's CPU info command reports it as a wear 2100
I'm really curious if/how an ebook reading app would work on this. Did you try that out?
I'm considering buying a used one to try out as an ultra portable ebook reader.
eldritchgreene said:
I'm really curious if/how an ebook reading app would work on this. Did you try that out?
I'm considering buying a used one to try out as an ultra portable ebook reader.
Click to expand...
Click to collapse
I tried the kindle app, Whenever it's opened it spams an error saying something about not being able to download image files for a few minutes, after that it works fine.
Phone density is set to 210 and kindle text size is on default
Harry99710 said:
I tried the kindle app, Whenever it's opened it spams an error saying something about not being able to download image files for a few minutes, after that it works fine.
Phone density is set to 210 and kindle text size is on default
Click to expand...
Click to collapse
Amazing. Thank you so much Harry, this is great. I'm going to give my experiment a go!
any idea how to make it connect to EU 3g/4g ?
I have the Light Phone 2 which is very similar. I was able to root it and sideload apps on it. Harry is it possible to send over APKs from your Kyocera Card phone so I can test them on the light phone?
kennethashley said:
I have the Light Phone 2 which is very similar. I was able to root it and sideload apps on it. Harry is it possible to send over APKs from your Kyocera Card phone so I can test them on the light phone?
Click to expand...
Click to collapse
You can try, i used apkextractor to extract them but they won't install on another device and trying to install them on the card phone itself gives an error saying the package is corrupt
Nothing in that last post seems to have uploaded
Screenshots - https://imgur.com/a/Z8uCQ1t
APK's https://drive.google.com/file/d/11Qf0EB1I0IhmodnkINQFAdS7uBvtV785/view?usp=sharing
Harry99710 said:
Nothing in that last post seems to have uploaded
Screenshots - https://imgur.com/a/Z8uCQ1t
APK's https://drive.google.com/file/d/11Qf0EB1I0IhmodnkINQFAdS7uBvtV785/view?usp=sharing
Click to expand...
Click to collapse
Yea you are right I can't get the APKs installed.
paulmmm said:
any idea how to make it connect to EU 3g/4g ?
Click to expand...
Click to collapse
nobody ?
paulmmm said:
nobody ?
Click to expand...
Click to collapse
root it
Derek163 said:
root it
Click to expand...
Click to collapse
ill try and come back with results
Hi
First of all, I appreciate the above information where I could find customizing about KY-01L. I was able to install Gmail, Chrome, Line lite, Gboard, and other utilities into my KY-01L!
To be honest, it was quite a stressful process to load apk`s and configure them a number of times.
The first step, I installed the Square Home launcher (https://play.google.com/store/apps/details?id=com.ss.squarehome2&hl=en&gl=us) and the Quickshortcut maker (https://play.google.com/store/apps/details?id=com.sika524.android.quickshortcut&hl=en&gl=us) that I am able to configure 10 times easier (Maybe some similar types of the app should work). the default setting of KY-01L is not able to configure app by the screen that is how it is designed by Kyocera.
After setting those 2 apps, I can configure launcher/shortcut in the home menu.
My KY-01L is not stable yet... still need to minor adjustments of configuration but it works what I was expected.
Kaz_SP1200 said:
Hi
First of all, I appreciate the above information where I could find customizing about KY-01L. I was able to install Gmail, Chrome, Line lite, Gboard, and other utilities into my KY-01L!
To be honest, it was quite a stressful process to load apk`s and configure them a number of times.
The first step, I installed the Square Home launcher (https://play.google.com/store/apps/details?id=com.ss.squarehome2&hl=en&gl=us) and the Quickshortcut maker (https://play.google.com/store/apps/details?id=com.sika524.android.quickshortcut&hl=en&gl=us) that I am able to configure 10 times easier (Maybe some similar types of the app should work). the default setting of KY-01L is not able to configure app by the screen that is how it is designed by Kyocera.
After setting those 2 apps, I can configure launcher/shortcut in the home menu.
My KY-01L is not stable yet... still need to minor adjustments of configuration but it works what I was expected.
Click to expand...
Click to collapse
Hi there,
Can you explain how you managed to connect it to the network? The one I have is SIM unlocked, I can see available networks but it won't connect. The X.... symbol is displayed in the status bar ("Out of service area") but I am quite sure that the frequencies match.
cheeseus said:
Hi there,
Can you explain how you managed to connect it to the network? The one I have is SIM unlocked, I can see available networks but it won't connect. The X.... symbol is displayed in the status bar ("Out of service area") but I am quite sure that the frequencies match.
Click to expand...
Click to collapse
Hi
I am using NTT Docomo carrier (in Japan) which is the preferred carrier for the KY-01L. KY-01L has limited bandwidth using LTE bands of 2.0GHz and 800MHz only. You would better check with your SIM carrier that uses those bandwidths or not.
Kaz_SP1200 said:
Hi
I am using NTT Docomo carrier (in Japan) which is the preferred carrier for the KY-01L. KY-01L has limited bandwidth using LTE bands of 2.0GHz and 800MHz only. You would better check with your SIM carrier that uses those bandwidths or not.
Click to expand...
Click to collapse
Thanks for replying!
Well, it seems that my carrier doesn't offer the exact same frequencies. 3G is at 2100 MHz (B1) and LTE is at 2100 MHz (B1) and 1800 MHz (B3).
Too limited, indeed. I've been using Docomo and SoftBank and AU phones for over fifteen years now and they all worked but not this one
Kaz_SP1200 said:
Hi
First of all, I appreciate the above information where I could find customizing about KY-01L. I was able to install Gmail, Chrome, Line lite, Gboard, and other utilities into my KY-01L!
To be honest, it was quite a stressful process to load apk`s and configure them a number of times.
The first step, I installed the Square Home launcher (https://play.google.com/store/apps/details?id=com.ss.squarehome2&hl=en&gl=us) and the Quickshortcut maker (https://play.google.com/store/apps/details?id=com.sika524.android.quickshortcut&hl=en&gl=us) that I am able to configure 10 times easier (Maybe some similar types of the app should work). the default setting of KY-01L is not able to configure app by the screen that is how it is designed by Kyocera.
After setting those 2 apps, I can configure launcher/shortcut in the home menu.
My KY-01L is not stable yet... still need to minor adjustments of configuration but it works what I was expected.
Click to expand...
Click to collapse
Hi I just ordered my KY-01L off ebay, and looking forward to doing what you're doing!
My question is - after you installed all these things (Square Home Launcher, Quick shortcut maker, Gmail, Chrome, Line lite, Gboard and other utilities), does the battery drain faster even when idle? If so, how much faster vs the vanilla version.
And what other utilities were you able to install on the KY-01L? Music player? Kindle? Youtube? Just curious to see what works...
Lastly, was the Square Home Launcher the only launcher that works? Or there were others that work but this is your preference.
Thanks!