Orbot for Android is disabling firewall, then Orbot disconnecting
|Target version:||v14 - April Anons|
In case of using Orbot with any other firewall on Android, then Orbot disconnecting (by long press on Stop button), it is disable ANY other firewall filtering. Peoples will be think, that they have firewall protection, but never - Orbot disable it.
It's a bug with working with linux iptables. Then Orbot stopping, it clear OUTPUT filter tables, fully clear, and delete rules, which redirecting packets to other firewall chains.
How to fix. Then Orbot start, it must to create all it's filtering rules in separate iptables chain, and put into OUTPUT chain, only reference, for redirecting packets to his chain. And then Orbot stopping, it may flush only chain, which was created by Orbot, and delete only one rule in OUTPUT filter chain (possibly not delete - not problem, if it will be flush chain with his filtering rules).
The rule into filter OUTPUT chain, Orboot, must be place as the first rule in this chain. In such case, the packets from programs, which is not intercepting by Orboot, will be travel normally to firewall, and filtered according to over firewall rule. This will be increase security. And also defence from security problems, in case, if Orbot stopped. In such case, the packets from programs, which must be defence by TOR, will be blocked by firewall.
But now, in case, if Orbot stopping, the packets is continue to forwarding directly to the net, because Orbot disable all other firewalls by flushing OUTPUT chain, then Orbot shutting down.