I wonder how much of the total phone traffic does Blokada block?
I mean - is internal Android “Google” traffic also blocked? Does it go through VPN by default, or there is some traffic that pass next to it?
I mean - when I connect via LTE - is there any additional traffic going from my phone to the world except neccessary BTS/cellular communication? Is there a way to completly lock out the phone internet access via Blokada?
I imagine that the devs can offer a more complete answer, but I’ll give this a shot. AFAIK, Blokada (and DNS-based ad-blocking applications in general) chiefly filter traffic through managing DNS requests (normally, this is port 53 for http, and port 443 for https). In addition, when using one of the DoH resolvers supported by Blokada, DNS activity should be taking place over port 443 exclusively (including traffic that would normally occur on port 53). There can be limitations to this though, as some applications do ship with their own DNS resolvers baked in, but this is a rarity.
If we’re talking about traffic outside of the aforementioned ports (e.g. eMail, Torrent, and FTP applications), then Blokada does not normally interact with such traffic. If you’re looking to filter traffic based on IP address or something more expansive, then iptables-based solutions like AFWall and more in-depth applications like NetGuard, will help on that front. It should also be noted that those applications will likely consume more resources than Blokada.
TLDR: Blokada mainly filters traffic that is commonly generated by browsing the web, though there are a few more solutions available if you would like to filter traffic based on IP addresses and such, which will usually be more resource-intensive.
Thank you for the explaination! That insight helped me to go further with my research and I found out that ie NetGuard would be better for my needs than Blokada. BUT! Still, without rooting the phone it is not possible to block all the data incoming/outgoing from the phone, since some of them are maintained by separate connection by Google Play Service. That probably means that you cannot have proper VPN, since some of the traffic will always bypass it. Not very nice of them.
I don’t think you’ll be able to achieve the fine grained control over all network activity that you get with root, though I believe that you’ll still have a notable amount of flexibility with a firewall like NetGuard in the mix. Personally, I use Blokada on my non-rooted Android device, which mostly stays at home, and my main phone is rooted (so I simply use the hosts file on that one). Regardless, I find myself just blocking domain names or disabling network access for specific applications altogether, on both devices, and I rarely see the need to block IP addresses or ranges. The latter is something I really only do for devices that function as web or media servers, where it makes sense to block thousands of ranges and hundreds of thousands of individual addresses. If I was meticulously managing IPSets and IPTables rules on Android like I do on my home server, I’d probably go insane. That being said, yes, it is certainly not very nice of Google and others in the mobile OS business to lock down our machines to the degree which they do.
1 Like
This topic was automatically closed after 7 days. New replies are no longer allowed.