What are the iptables rules for blocking outgoing traffic other than proxy (proxydroid) on rooted Android 10+?

P

plr2022-03-30 13:31:07

Android

plr, 2022-03-30 13:31:07

On the smartphone, proxies are used through ProxyDroid, but they do not take over all the traffic, the real ip is fired, in particular via WebRTC.

The solution I see is to prohibit all outgoing traffic, except for ip:port proxy servers (several). On the virtual android, I checked by prohibiting any traffic, except for the proxy - the necessary applications work for me.

The ban should not apply to DNS, NTP protocols.

It is required to write scripts for init.d setting rules - but my competence is not enough, please help.

The VPN option is not suitable.

If you need it personally, then in telegram @odnokasanie

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

AlexVWill, 2022-03-30
@AlexVWill

deny all outgoing traffic

sudo iptables -t filter -A INPUT -p tcp -s 123.123.123.123/32 --dport 1111 -j ACCEPT
sudo iptables -t filter -A OUTPUT -p tcp -s 123.123.123.123/32 --dport 1111 -j ACCEPT
sudo iptables -P INPUT DROP
sudo iptables -P OUTPUT DROP

all incoming and outgoing will be blocked, except for packets to 123.123.123.123 through 1111
only this is some kind of paranoia, it might be easier not to install an application that sends something incomprehensible somewhere, because of which "the real ip is fired, in particular via WebRTC.". ..
And although you said that a VPN is not suitable, this would be the most reasonable option, because. on a VPN server, you can configure all this much richer.