本来有个类似防火墙的功能需要实现,就花了点时间参考了下Droidwall。360的流量控制也是内嵌了Droidwall,有想做这方面的可以研究下这个的源代码。
它在v1.5.3 版本中增加了
Added support for custom scripts. See CustomScripts
for more details,可以添加一些iptables规则,达到屏蔽网站地址的效果。
项目地址:https://code.google.com/p/droidwall/
源代码下载地址:http://droidwall.googlecode.com/svn/
此应用需要有root权限的手机,我安装的版本v1.5.6 效果图
关于CustomScripts
具体的使用方法,翻译的不是很准确,用的google翻译,看懂意思就行。
Droidwall customscripts 写道
Adding custom rules
If you want to add custom iptables rules, just use the $IPTABLES shell variable to call iptables.
The following iptables chains can be used to add custom rules:
droidwall - This is the main DroidWall chain. All OUTPUT packets
will pass through it. It is therefore the perfect place if you want to
add rules that apply to any interface.
droidwall-3g - This chain
will only receive OUTPUT packets for the cellular network interface (no
matter if it is 2G,3G,4G, etc).
droidwall-wifi - This chain will only receive OUTPUT packets for the Wi-Fi interface.
droidwall-reject - This chain should be used as a target when you
want to reject and log a packet. When the logging is disabled, this is
exactly the same as the built-in REJECT target
Please note that
all those chains are guaranteed to be cleared before the custom script
is executed, so you don't need to worry about rules cleanup on your
script IF you are using those chains.
If you use any chain not listed
above, then you need to manually purge it BEFORE adding your custom
rules (otherwise the rules will be duplicated every time they are
applied). On this case, you will also need to manually purge you rules
when the firewall is disabled, by defining a custom shutdown script
IMPORTANT:
Never manually purge the OUTPUT chain - this will cause DroidWall rules
to be ignored. Use the 'droidwall' chain instead
Examples
始终允许连接到192.168.0.1,无论是界面
# Always allow connections to 192.168.0.1, no matter the interface
$IPTABLES -A droidwall --destination 192.168.0.1 -j RETURN
允许所有连接到本地网络的Wi-Fi(192.168.0.XXX)
# Allow all connections to the local network (192.168.0.XXX) on Wi-fi
$IPTABLES -A droidwall-wifi --destination 192.168.0.0/24 -j RETURN
阻止所有连接的TCP端口80(HTTP)
# Block all connections in the TCP port 80 (http)
$IPTABLES -A droidwall -p TCP --destination-port 80 -j droidwall-reject
封锁HTTP连接,但只对蜂窝界面
# Block HTTP connections, but only on cellular interface
$IPTABLES -A droidwall-3g -p TCP --destination-port 80 -j droidwall-reject
如果你想DroidWall报告规则的失败,你必须手动“退出”的脚本错误。例如:
If you want DroidWall to report failures on your rules, you must manually "exit" from the script on error. E.g.:
尝试运用我的自订规则,但报告任何失败(中止)
# Try to apply my custom rule, but report any failure (and abort)
$IPTABLES -A droidwall --destination 192.168.0.1 -j RETURN || exit
尝试申请另一个自定义的规则,但忽略任何错误
# Try to apply another custom rule, but ignore any errors on it
$IPTABLES -A droidwall -p TCP --destination-port 80 -j droidwall-reject
Loading scripts from files
Big
scripts can be quite hard to edit in the "Set custom script" screen, so
it may be a good idea to put your script in a file, then load it from
there.
To do that, just use the "." (dot) shell command in the "Set
custom script" dialog to load your script from an external file. E.g.:
. /path/to/script.sh
This will cause your script file to be loaded and executed every time the rules are applied.
You can even have multiple scripts executed in sequence...
. /path/to/load-modules.sh
. /path/to/myrules.sh
. /path/to/myscript.sh
However,
please note that this can create a serious security breach on your
device, since the script will be always executed as root! You must place
your script where other applications will not be able to modify it (the
sdcard is NOT a good place).
大脚本编辑在“设置自定义脚本”屏幕是十分困难的,因此它可能是一个好主意,把你的脚本文件,然后从那里加载。
要做到这一点,只需使用“.” (点)在“设置自定义脚本”对话框,从外部文件加载脚本的shell命令。例如:
. /path/to/script.sh
这将导致您的脚本文件被加载并执行每一个规则的应用。
你甚至可以有多个顺序执行脚本....
. /path/to/load-modules.sh
. /path/to/myrules.sh
. /path/to/myscript.sh
- 大小: 86 KB
- 大小: 98 KB
- 大小: 96.1 KB
- 大小: 57.4 KB
分享到:
相关推荐
安卓Android源码——DroidWall手机防火墙.zip
android 流量防火墙droidwall源码.rar
Android应用源码结合droidwall防火墙的流量监控Android应用源码结合droidwall防火墙的流量监控
android网络防火墙 droidwall源码
一个类似于 Linux 下的 iptables 的 Android 手机防火墙软件,允许你限制某些应用访问数据网络,包括 2G/3G 以及 Wi-Fi。
Droid Wall是Android平台上一款强大的防火墙前端软件,与iptables配套使用,让你从此开着gprs不烧钱,如果你没有不限流量包月,那么它必然会被明智的你安装到手机里,这个不到40kb软件的伟大之处在于让你来决定哪些...
Android 手机防火墙源码(DroidWall)
Android应用源码开发Demo,主要用于毕业设计学习。
Android手机防火墙源码DroidWall.zip
一个流量监控的小项目源码,项目结合了droidwall防火墙,主要功能是分程序gprs和wifi流量实时监控、防火墙、流量排行,本项目依赖appcompat_v7_2库,已经一起打包了
Android 手机防火墙源码(DroidWall).rar
Droid Wall - Android Firewall 是一个类似于 Linux 下的 iptables 的 Android 手机防火墙软件,允许你限制某些应用访问数据网络,包括 2G/3G 以及 Wi-Fi。
Android应用源码开发Demo,主要用于毕业设计学习。
android控制程序的网络连接
Droid Wall 3G Wi-Fi手机防火墙 APP源代码
Android程序研发源码Android 手机防火墙源码(DroidWall).rar
droidwall-master 源代码
本项目是一个流量监控的小项目源码,项目结合了droidwall防火墙,主要功能是分程序gprs和wifi流量实时监控、防火墙、流量排行,本项目依赖appcompat_v7_2库,已经一起打包了,导入的时候两个项目一起导入就会自动...