I have OnePlus 7 Pro that I successfully flashed with LineageOS 21 with MicroG. Do you have some interesting apps or ideas to take advantage of it? I thought of some Magisk modules. Maybe someone is more experience than me! This is the spare smartphone, the main one is GrapheneOS, so I don’t mind breaking stuff.

  • Mikelius
    link
    fedilink
    arrow-up
    7
    ·
    6 months ago
    1. AFWall+ firewall to allow list apps to internet using your preferred method (e.g. VPN, wifi, data, etc)
    2. PcapDroid to help monitor and analyze packets, or to just confirm things aren’t communicating unexpectedly
    3. AdAway if you’re not using your own dedicated dns over a permanent VPN connection

    If not all 3 of these, AFWall is probably the best to go with. Having a way to not only block Apps, but also define your own custom firewall rules is very powerful. For example, I redirect all DNS requests to my own DNS with a custom rule (for apps, like Termux, using hardcoded DNS lookups instead of what the phone is set to)

    • PsyhackologicalOP
      link
      fedilink
      arrow-up
      4
      ·
      6 months ago

      So you’re suggesting more “network” control. I like it.

      AFWall+

      I use NetGuard, but I don’t see any benefits from having root in it.

      PcapDroid

      Hmm, interesting, I think the closest thing that I use now is TrackerControl.

      AdAway

      I’m using my VPN “socket” with TrackerControl.

      define your own custom firewall rules is very powerful

      Yeah, and also easy to mess up connections so they no longer work properly. 😆

      I redirect all DNS requests to my own DNS with a custom rule (for apps, like Termux, using hardcoded DNS lookups instead of what the phone is set to)

      That seems cool. For now, I’m using Mullvad’s public DNS service. See their dns-blocklists.

      I also know App Manager, and I’m using it and with root it with ease blocks any necessary trackers and other things. Have you tried it?

      • Mikelius
        link
        fedilink
        arrow-up
        1
        ·
        6 months ago

        I’ll have to check out TrackerControl, that’s a new one to me!

        I have seen app manager but currently use AppOps. I didn’t recommend AppOps above because I’m not sure it’s still supported or not, and it’s also not really Foss. It’s treated me well over the years, but I’m definitely interested in finding a better alternative. The last time I checked app manager, it wasn’t as good… But maybe that’s changed as it’s been several years now so I think I might be due for looking at it again!

        My wireguard connection on my phone connects to my home network to an pi hosting my internal VPN… But the network is completely covered by a mullvad VPN through opnsense. I’ve got pihole setup using the mullvad anti-trackkng private DNS. With this setup, the only real need I have for root on my phone is because I do some pretty low level automation on it through crond and some backups of core app data that I’d really hate to lose… And the complex firewall rules lol.

    • sunzu@kbin.run
      link
      fedilink
      arrow-up
      1
      ·
      6 months ago

      How do you make AFwall and vpn working together, when i tried it said one or the other.

      • Mikelius
        link
        fedilink
        arrow-up
        2
        ·
        6 months ago

        This is where rooting the phone is required. I use wireguard without root and have AFWall granted with root at bootup so it doesn’t require acting as a VPN