Log Service process does not start

[CapitalF]

AFWall+ v3.6.0. I am an advanced long-time user with multiple devices running AFW+. The device is a new Pixel 8 running LineageOS 21/Android 14.

The Log Service is not starting on this device. I verified via "cat /proc/net/netfilter/nfnetlink_log" and "ps auxw | grep nflog". The nflog process is not running like on my other devices.

When I logcat, I see lines showing that the Log Service is supposed to be started, but nothing actually happens. There are no warnings or errors that I can see.

04-14 00:22:08.951 I/AFWall  ( 4450): Starting Log Service: /data/user/0/dev.ukanth.ufirewall/app_bin/nflog  40 for LogTarget: NFLOG
04-14 00:22:09.019 I/AFWall  ( 4450): Staring log watcher
04-14 00:22:09.021 I/AFWall  ( 4450): Starting Log Service: /data/user/0/dev.ukanth.ufirewall/app_bin/nflog  40 for LogTarget: NFLOG
04-14 00:22:09.021 I/AFWall  ( 4450): Staring log watcher

This is a freshly installed device, so the configuration is pretty basic.

[CapitalF]

Here's a quick tip you might want to add to your FAQ or troubleshooting:

Since the Log Service isn't listening to the nflog link/socket, I can attach tcpdump to it!

tcpdump -i nflog:$(iptables-save | egrep "afwall.* NFLOG " | awk '{print $(NF)}') -n

I only wish tcpdump could output the PID of the owner process for each packet. Sadly there is no such feature.

[kai-row]

I have also the issue that AFWall+ v3.6.0 does not log anymore on a plain 64 bit device like pixel 8.
What I found out, is that the external binaries like iptables, nflog etc are 32 bit binaries which cannot be executed on the pixel 8.
I also found that the current beta branch seems to have some fixes done for arm64 binary support. See here main...beta.
So I thought I would have to compile it. I tried that first with the main branch not containing the fixes and that compiled just fine with android studio. Anyway when I try to compile the beta branch, it fails with the following errors:

Seems there is still an issue with the code and I don't know how to fix it.

[kai-row]

Hi, further investigation revealed that the external binaries are pre compiled by using NDK as outlined in the docs for compiling them. When cloning the afwall repository these precompiled files are stored under afwall/app/src/main/res/raw.
I was using a debian bookworm with my compile try above. The gcc compiler there is the most recent one and failing for compiling the external binaries under the folder afwall/external. To not wait for the fix of the general available afwall app I downloaded a Jessie VM for virualbox from osboxes.org (Debian-8.11_64bit.vdi) and installed the required tools like build-essentials,autoconf, automake, and libtool on that VM via a the first debian DVD iso image (debian-8.11.0-amd64-DVD-1.iso) I found for Jessie (It is that old that a normal "apt install" is failing, as the resources on the debian servers are not available anymore. Hence you need to mount the iso image within the VM). For the NDK I installed the zip file android-ndk-r10e-linux-x86_64.zip under /opt.
After cloning the beta archive for afwall, I tried to compile the binaries under afwall/external by simply issuing make. This failed for iptables. As I am only interested in the arm64 binary for nflog I changed the variable "PER_ARCH_TARGETS := iptables busybox nflog" to " PER_ARCH_TARGETS := nflog" in the Makefile under external/. This worked out and compiled ok. The resulting binary nflog_arm64 can be found under the afwall/app/src/main/res/raw folder. I transferred that to my phone and installed it as a replacement for the /data/data/dev.ukanth.ufirewall/app_bin/nflog file. Make sure that the file is renamed from nflog_arm64 to nflog and that permissions are set correctly (chmod 755 nflog).
For me that worked out and now the log functionality also works for me on my pixel 8 phone.

[akronym0]

This worked out and compiled ok. The resulting binary nflog_arm64 can be found under the afwall/app/src/main/res/raw folder. I transferred that to my phone and installed it as a replacement for the /data/data/dev.ukanth.ufirewall/app_bin/nflog file. Make sure that the file is renamed from nflog_arm64 to nflog and that permissions are set correctly (chmod 755 nflog). For me that worked out and now the log functionality also works for me on my pixel 8 phone.

@kai-row Great work. We would appreciate it if you could share your nflog 64-bit binary via a link or so.

[kai-row]

Following a link where you can download the compliled binary: https://s-he.net/android/nflog_arm64.gz

[akronym0]

Following a link where you can download the compliled binary: https://s-he.net/android/nflog_arm64.gz

Thank you! I really appreciate this!

I just was about to post my instructions how to compile nflog ... Haha (I should have waited an hour longer, I guess).

All credit goes to @kai-row !

---

Install Podman (or Docker) on Ubuntu first ... This will install gcc 4.8. (Couldn't find a working image with gcc 4.7 ...)

> podman run -it --name gcc48-container ubuntu:trusty /bin/bash



apt update
sudo apt install build-essential wget git unzip autoconf make libnetfilter-conntrack-dev libtool
mkdir -p /opt/ndk
cd /opt/ndk
wget https://dl.google.com/android/repository/android-ndk-r10e-linux-x86_64.zip
unzip android-ndk-r10e-linux-x86_64.zip 
export NDK=/opt/ndk/android-ndk-r10e
cd

git clone https://github.com/ukanth/afwall.git
cd afwall
git checkout beta
export NDK_PROJECT_PATH=$(pwd)

vi external/Makefile .... find line with PER_ARCH_TARGETS and change it to:
PER_ARCH_TARGETS := nflog

make -C external NDK=$NDK
ls app/src/main/res/raw/

[Fry-kun]

So to clarify, the main issue here is that the binaries are still not available in /app/src/main/res/raw?
I added configs for building them, but no idea how/when they actually get built.

aside: since this app has root access, I'd be very careful about trusting someone else's binary builds..
Hope the maintainer [re]builds the binaries soon.