[ISSUE] “Error applying iptables rules” 30% of cases when Add Delay is selected #1353
Comments
|
Hi! Should I try to fix as suggested above (fix: options -w1 -W1 to iptables for Android 11+) ? How am I supposed to apply -w1 -W1 options using the app? p.s. I forgot to mention that the "add delay" option didn't change anything in this case |
|
Same Problem here, If Afwall work. It seems not working permanently.It seems a bit random bit sometims no Internet connection is possible. Exporting rules also not worked so I had to remove and downgrade AFWall and recreate all rules. |
|
running into the same problems:
Ruuning LOS20 on Fairphone 3+, rooted with Magisk. |
|
The app has several bugs, I am running my own branch The -w1 -W1 is a code change in the app that I diagnosed and completed. Once the right answer is known, coding the fix is quick. -w1 -W1 are options to the iptables command available in Android since 11, and they allow iptables to retry concurrency collisions rather than doing retries outside the executable. For some reason multiple threads do the iptables and the parallelism design is bad. This is why rules apply fails in 30% of cases whether with or without AddDelay. When anything fails, AFWall+ goes to a default which is blocking almost anything I also fixed some crashes that also leads to block everything 3.5.3 is simply not reliable, but that is what people use. AFWall+ is only game in town |
|
And you must use Active Rules or there is no VPN control If you only want to control wi-fi and wan, Active Rules can be cleared, and fewer rules applications happen that may fail and cause block-all state |
|
The fix for AFWall+ bad state is to Apply Rules again Unless the last shown thing was a toaster “Rules applied with success” AFWall+ is in a bad state |
Hello. Is it possible to test your build with new changes? If everything works, it might be great to send a pull request. |
Describe the bug
Due to inadequate parallelism code, iptables commands are delayed several seconds causes “Error applying iptables rules”
— fix: options -w1 -W1 to iptables for Android 11+
— retire Android less than 11, since those devices have unsupported swelling batteries anyway
— or fix the non-wait code, I didn’t bother
I would HIGHLY RECOMMEND to always use Add Delay and retire all pre-Android 11 devices
Firewall Logs
Please get the log from Menu -> Show Rules -> (menu) Export to storage and attach it here
Smartphone (please complete the following information):
Pixel 3/6/Samsung all
Additional context
There are two threads doing iptables but each collision waits 1 s: check man iptables to understand how its concurrency is supposed to work
The text was updated successfully, but these errors were encountered: