Connection Rules
App traffic is managed through connections established by apps. You can set up allowing, blocking, or redirecting rules for connections with specified IP addresses and ports for every app installed on the device. Connection rules are displayed on the Rules tab of the screen, as well as on the All rules screen. General information on each connection is shown on the screen (see Figure 30). To go to this screen, do one of the following: •On the Active apps screen, tap the icon to the left of the name of an app and then tap a connection row. •In the Firewall log: ▫When events are grouped by date: tap a connection row. ▫When events are grouped by app name: expand the list of app connections by tapping the icon to the left of the name of an app and then tap a connection row. •In an application log: expand the list of app connections by tapping the icon to the right of an event date and then tap a connection row. Figure 30. Connection screen The screen contains the following information: •connection address and port; •host name (if available); •amount of incoming and outgoing traffic received or transmitted by the connection; •connection status; •connection rule; •app that established the connection; •date and time; •connection type; •protocol. To copy a connection address 1.Tap and hold the connection row. You will enter the copying mode. The address will be highlighted in gray. 2.Tap the icon in the top-right corner of the screen. The address will be copied to the clipboard. To exit the copying mode, tap the icon in the top-left corner. Connection rules Creating rules To create a new connection rule 1.For connections without rules: •On the screen, tap the icon to the right of the section. •On the screen, expand the list of established connections and tap the icon to the right of the connection address. For any connection: •On the screen, open the tab and tap the icon in the bottom-right corner of the screen. 2.On the next screen, select the rule type: • allowing, • blocking, • redirecting. 3.Check the IP address/host name. If the address is not specified, enter a valid IP address (in the a.b.c.d format for IPv4 addresses or [a:b:c:d:e:f:g:h] for IPv6), an IP address range (in the a1.b1.c1.d1-a2.b2.c2.d2 or [a1:b1:c1:d1:e1:f1:g1:h1]-[a2:b2:c2:d2:e2:f2:g2:h2] format), or a network (in the a.b.c.0/n format, where n is a number from 1 to 32). If you are creating a redirecting rule, enter the redirection address in the field below. You can specify a host name instead of an address. 4.Tap for the additional setting to choose a network protocol for the connection. 5.Tap the icon to save the changes. Icons of apps with set connection rules are marked with the icon. Viewing rules To view connection rules ▫Go to the screen and open the tab. The tab contains the list of all rules set for the app, in the order of their execution. 1.On the main Firewall screen, tap on the section card. 2.On the screen, tap and select . The screen contains the list of all connection rules grouped by the name of the app (or app group) that established the connection. Apps are sorted in alphabetical order. To expand the list of rules of an app, tap the icon to the left of the app (app group) name. App rules are listed in the order of their execution. To change the order of rule execution •Tap and hold the icon next to the rule you want to move, then drag the rule to the desired position on the list. •Tap the icon in the bottom-right corner of the screen and enter your query in the search field at the bottom of the screen. App rules can be stored on the device for the specified period of time after the app is deleted if the corresponding setting is enabled. Editing rules To edit an existing rule 1.Do one of the following: •On the screen, tap the icon to the right of the rule. •On the screen, tap the icon to the left of the name of an app and then tap the icon next to the connection with the rule you want to change. •On the screen, open the tab and tap the rule row. •On the screen, tap the icon to the left of the name of an app and then tap the rule row. 2.Make changes. 3.Tap the icon to save the changes. Deleting rules To delete a rule •On the rule editing screen: 1.Tap . 2.On your next step, tap . •On the tab or the screen: 1.Swipe the rule left and tap the icon. 2.On your next step, tap . To delete all rules for a certain app 1.On the screen, tap in the top-right corner and select . 2.On your next step, select the check box. Tap . To delete all rules for all apps 1.On the screen, tap and select . 2.Tap . Importing and exporting rules You can export rule lists to a file in the internal device memory. This allows you to import them from the file later (for example, in case you reinstall Dr.Web or use it on another device). To export rules to a file •For an individual app: 1.On the tab of the screen, tap in the top-right corner and select . 2.Tap . •For all apps: 1.On the screen, tap in the top-right corner and select . 2.Tap . Rules are exported to the DrWeb_Firewall_Rules_<app_name>.hsts file if these are app-specific rules, or the DrWeb_Firewall_Rules_ALL.hsts file if these are the rules for all apps. The file is saved in the Internal storage/Android/data/com.drweb/files/ folder.
To import rules from a file •For an individual app: 1.On the tab of the screen, tap in the top-right corner and select . 2.Locate the file with rules in the file tree and tap it. •For all apps: 1.On the screen, tap in the top-right corner and select . 2.Locate the file with rules in the file tree and tap it. Block all connections not allowed by the rules You can block all connections except for those allowed by rules for an app by selecting the corresponding check box on the app settings screen. |