afwall icon indicating copy to clipboard operation
afwall copied to clipboard
verified publisher icon ukanth

[ISSUE] 4.0: App allowed to connect and works fine, but log shows app as denied

Open akronym0 opened this issue 1 month ago • 1 comments

I allowed Firefox (ticked all three boxes for LAN, WiFi, mobile). I allowed Linux Kernel but only for LAN (ticked only one box). Firefox did not have any connection issues and opened websites just fine.

But in the log I get two "denied" entries, one for "Unknown -100" and one for "Firefox 10275" (pretty much the same time stamp +/-1s). In the Firefox log I can see the IP addresses related to the website I opened with Firefox, and pretty much the same IP addresses appear in the "Unknown -100" log.

If I completely allow the Linux Kernel (ticked all three boxes), there won't be any denied log entries for Firefox and Unknown.

Firewall Logs

10275 is Firefox

https://sharetext.io/2202fd2a

Tested with AFWall Donate.

akronym0 avatar Nov 08 '25 10:11 akronym0

This is because some network functions delegated to the kernel do not work this way. Hit this with a lot of apps. If kernel would be compromised afwall couldn't help in any way?

xcalc avatar Nov 15 '25 20:11 xcalc

I don't think that it the case. It works fine in AFWall +3.x. This is just a regression.

akronym0 avatar Dec 15 '25 13:12 akronym0