Connection Rules

App traffic is managed through connections established by apps. You can set up allowing, blocking, or redirecting rules for connections with specified IP addresses and ports for every app installed on the device.

Connection rules are displayed on the Rules tab of the Application screen, as well as on the All rules screen.

Connections

General information on each connection is shown on the Connection screen (see Figure 30). To go to this screen, do one of the following:

On the Active apps screen, tap the expand icon to the left of the name of an app and then tap a connection row.

In the Firewall log:

When events are grouped by date: tap a connection row.

When events are grouped by app name: expand the list of app connections by tapping the expand icon to the left of the name of an app and then tap a connection row.

In an application log: expand the list of app connections by tapping the expand icon to the right of an event date and then tap a connection row.

fw_connection_zoom47

Figure 30. Connection screen

The Connection screen contains the following information:

connection address and port;

host name (if available);

amount of incoming and outgoing traffic received or transmitted by the connection;

connection status;

connection rule;

app that established the connection;

date and time;

connection type;

protocol.

To copy a connection address

1.Tap and hold the connection row. You will enter the copying mode. The address will be highlighted in gray.

2.Tap the copy icon in the top-right corner of the screen. The address will be copied to the clipboard.

To exit the copying mode, tap the close icon in the top-left corner.

Connection rules

Creating rules

To create a new connection rule

1.For connections without rules:

On the Connection screen, tap the add_circle icon to the right of the Rule section.

On the Active apps screen, expand the list of established connections and tap the add_circle icon to the right of the connection address.

For any connection:

On the Application screen, open the Rules tab and tap the add icon in the bottom-right corner of the screen.

2.On the next screen, select the rule type:

connection_allowed allowing,

connection_blocked blocking,

connection_redirected redirecting.

3.Check the IP address/host name. If the address is not specified, enter a valid IP address (in the a.b.c.d format for IPv4 addresses or [a:b:c:d:e:f:g:h] for IPv6), an IP address range (in the a1.b1.c1.d1-a2.b2.c2.d2 or [a1:b1:c1:d1:e1:f1:g1:h1]-[a2:b2:c2:d2:e2:f2:g2:h2] format), or a network (in the a.b.c.0/n format, where n is a number from 1 to 32). If you are creating a redirecting rule, enter the redirection address in the field below. You can specify a host name instead of an address.

4.Tap More for the additional Protocol setting to choose a network protocol for the connection.

5.Tap the save icon to save the changes.

Icons of apps with set connection rules are marked with the rule icon.

Viewing rules

To view connection rules

For an individual app:

Go to the Application screen and open the Rules tab.

The tab contains the list of all rules set for the app, in the order of their execution.

For all apps:

1.On the main Firewall screen, tap More on the All apps section card.

2.On the All apps screen, tap Menu men and select All rules.

The All rules screen contains the list of all connection rules grouped by the name of the app (or app group) that established the connection. Apps are sorted in alphabetical order. To expand the list of rules of an app, tap the expand icon to the left of the app (app group) name. App rules are listed in the order of their execution.

To change the order of rule execution

Tap and hold the move_rule icon next to the rule you want to move, then drag the rule to the desired position on the list.

To search through all app rules

Tap the search icon in the bottom-right corner of the All rules screen and enter your query in the search field at the bottom of the screen.

App rules can be stored on the device for the specified period of time after the app is deleted if the corresponding setting is enabled.

Editing rules

To edit an existing rule

1.Do one of the following:

On the Connection screen, tap the edit_rule icon to the right of the rule.

On the Active apps screen, tap the expand icon to the left of the name of an app and then tap the edit_rule icon next to the connection with the rule you want to change.

On the Application screen, open the Rules tab and tap the rule row.

On the All rules screen, tap the expand icon to the left of the name of an app and then tap the rule row.

2.Make changes.

3.Tap the save icon to save the changes.

Deleting rules

To delete a rule

On the rule editing screen:

1.Tap Delete rule.

2.On your next step, tap Delete.

On the Rules tab or the All rules screen:

1.Swipe the rule left and tap the delete_black icon.

2.On your next step, tap Delete.

To delete all rules for a certain app

1.On the Application screen, tap Menu men in the top-right corner and select Clear.

2.On your next step, select the App rules check box. Tap Clear.

To delete all rules for all apps

1.On the All rules screen, tap Menu men and select Clear.

2.Tap Clear.

Importing and exporting rules

You can export rule lists to a file in the internal device memory. This allows you to import them from the file later (for example, in case you reinstall Dr.Web or use it on another device).

To export rules to a file

For an individual app:

1.On the Rules tab of the Application screen, tap Menu men in the top-right corner and select Export rules.

2.Tap OK.

For all apps:

1.On the All rules screen, tap Menu men in the top-right corner and select Export rules.

2.Tap OK.

Rules are exported to the DrWeb_Firewall_Rules_<app_name>.hsts file if these are app-specific rules, or the DrWeb_Firewall_Rules_ALL.hsts file if these are the rules for all apps. The file is saved in the Internal storage/Android/data/com.drweb/files/ folder.

warning_green

On devices with Android 11.0 or later, the file is saved in Download/DrWeb.

To import rules from a file

For an individual app:

1.On the Rules tab of the Application screen, tap Menu men in the top-right corner and select Import rules.

2.Locate the file with rules in the file tree and tap it.

For all apps:

1.On the All rules screen, tap Menu men in the top-right corner and select Import rules.

2.Locate the file with rules in the file tree and tap it.

Block all connections not allowed by the rules

You can block all connections except for those allowed by rules for an app by selecting the corresponding check box on the app settings screen.