Connecting to service in different subnet blocked

[cmonty14]

Hi, I have an app (Pi-hole Droid) that must connect to a different subnet (192.168.100.0/24). The mobile is connected to subnet 192.168.1.0/24.

When AFWall+ is enabled the connection is blocked. This is a screenshot that shows the protocol with blocked connection TCP 192.168.100.249:80

In AFWall+ configuration I have enabled LAN for AppID: -11 and AppID: 10153.

Therefore I was expecting that connection is not blocked.

Can you please advise how to fix this?

THX

[Flunkyball]

Hi,

I want to give this topic a push since I am in the same boat.

Issue:

• When giving an app the "LAN" permission it is only able to access the local subnet where the wifi interface of the phone resides in.

Expected behavior:

• If an app has "LAN" permission it should be able to access all reachable local subnets as defined in RFC 1597. (10.0.0.0/8,172.16.0.0/12,192.168.0.0/16)

Purpose:

• As mentioned by @cmonty14 there is a good chance that in security aware households several subnets exist to e.g. separate ItO from client wifi networks etc. but access through certain ports, ips, proxies must be possible.

Proposed solution: a) Redefine the idea if the "LAN" permission accordingly. b) Introduce a new permission flag "ALL LAN" to cover the use case.

Since option b) would preserve the current users logic and is my favorite.

Thx for looking into it.