droidwall.sh
# !/system/bin/sh IPTABLES= iptables BUSYBOX = busybox GREP = grep ECHO = echo # Try to find busybox if /data/data/com.example.my_android_wall/app_bin/busybox_g1 --help >/dev/null 2>/dev/ null ; then BUSYBOX =/data/data/com.example.my_android_wall/app_bin/ busybox_g1 GREP = " $BUSYBOX grep " ECHO = " $BUSYBOX echo " elif busybox --help >/dev/null 2>/dev/ null ; then BUSYBOX = busybox elif /system/xbin/busybox --help >/dev/null 2>/dev/ null ; then BUSYBOX =/system/xbin/ busybox elif /system/bin/busybox --help >/dev/null 2>/dev/ null ; then BUSYBOX =/system/bin/ busybox fi # Try to find grep if ! $ECHO 1 | $GREP -q 1 >/dev/null 2>/dev/ null ; then if $ECHO 1 | $BUSYBOX grep -q 1 >/dev/null 2>/dev/ null ; then GREP = " $BUSYBOX grep " fi # Grep is absolutely required if ! $ECHO 1 | $GREP -q 1 >/dev/null 2>/dev/ null ; then $ECHO The grep command is required. DroidWall will not work. exit 1 fi fi # Try to find iptables # Added if iptables binary already in system then use it, if not use implemented one if ! command -v iptables &> /dev/ null; then if /data/data/com.example.my_android_wall/app_bin/iptables_armv5 --version >/dev/null 2>/dev/ null ; then IPTABLES =/data/data/com.example.my_android_wall/app_bin/ iptables_armv5 fi fi $IPTABLES --version || exit 1 # Create the droidwall chains if necessary $IPTABLES -L droidwall >/dev/null 2>/dev/null || $IPTABLES --new droidwall || exit 2 $IPTABLES -L droidwall-3g >/dev/null 2>/dev/null || $IPTABLES --new droidwall-3g || exit 3 $IPTABLES -L droidwall-wifi >/dev/null 2>/dev/null || $IPTABLES --new droidwall-wifi || exit 4 $IPTABLES -L droidwall-reject >/dev/null 2>/dev/null || $IPTABLES --new droidwall-reject || exit 5 # Add droidwall chain to OUTPUT chain if necessary $IPTABLES -L OUTPUT | $GREP -q droidwall || $IPTABLES -A OUTPUT -j droidwall || exit 6 # Flush existing rules $IPTABLES -F droidwall || exit 7 $IPTABLES -F droidwall-3g || exit 8 $IPTABLES -F droidwall-wifi || exit 9 $IPTABLES -F droidwall-reject || exit 10 # Create the reject rule (log disabled) $IPTABLES -A droidwall-reject -j REJECT || exit 11 # Main rules (per interface) $IPTABLES -A droidwall -o rmnet+ -j droidwall-3g || exit $IPTABLES -A droidwall -o pdp+ -j droidwall-3g || exit $IPTABLES -A droidwall -o ppp+ -j droidwall-3g || exit $IPTABLES -A droidwall -o uwbr+ -j droidwall-3g || exit $IPTABLES -A droidwall -o wimax+ -j droidwall-3g || exit $IPTABLES -A droidwall -o vsnet+ -j droidwall-3g || exit $IPTABLES -A droidwall -o ccmni+ -j droidwall-3g || exit $IPTABLES -A droidwall -o usb+ -j droidwall-3g || exit $IPTABLES -A droidwall -o tiwlan+ -j droidwall-wifi || exit $IPTABLES -A droidwall -o wlan+ -j droidwall-wifi || exit $IPTABLES -A droidwall -o eth+ -j droidwall-wifi || exit $IPTABLES -A droidwall -o ra+ -j droidwall-wifi || exit # Filtering rules $IPTABLES -A droidwall-3g -m owner --uid-owner 10079 -j droidwall-reject || exit $IPTABLES -A droidwall-wifi -m owner --uid-owner 10079 -j droidwall-reject || exit exit
iptables -N[X] demo
iptables -A[D] demo -j REJECT -m owner --uid-owner u0_a74
iptables -A[D] OUTPUT -j demo
?
更多文章、技術交流、商務合作、聯系博主
微信掃碼或搜索:z360901061

微信掃一掃加我為好友
QQ號聯系: 360901061
您的支持是博主寫作最大的動力,如果您喜歡我的文章,感覺我的文章對您有幫助,請用微信掃描下面二維碼支持博主2元、5元、10元、20元等您想捐的金額吧,狠狠點擊下面給點支持吧,站長非常感激您!手機微信長按不能支付解決辦法:請將微信支付二維碼保存到相冊,切換到微信,然后點擊微信右上角掃一掃功能,選擇支付二維碼完成支付。
【本文對您有幫助就好】元
