Asterisk for the firewall

[vvep]

Thanks for developing PCAPdroid, I love it!

I have a suggestion: It would be greater if we could use an asterisk (*) in the firewall rules. The asterisk allows for the creation of more general rules that match multiple IP addresses, ports, or domains, rather than targeting them individually.

Here’s how it could work, example:

• 202.*.*.*:* matches any IP address starting with 202 and any port.
• 202.81.*.*:3728 matches any IP address in the 202.81.x.x range, specifically for port 3728.
• *.net:* matches any domain ending in .net on any port.
• poopsquish.net:* matches the specific domain poopsquish.net on any port.
• *.googleusercontent.com:* matches any subdomain under googleusercontent.com on any port.
• *.cdn.coolwebsite.com:433 matches any subdomain under cdn.coolwebsite.com on port 433.
• etc

The asterisk simplifies the rule by allowing a broad range of addresses and ports to be specified in a single entry, making the firewall configuration more flexible and efficient.

[emanuele-f]

Hello,
Thanks for bringing this point.

While having full expressivity like in these examples would be great, this has to cope with implementation specifics and performance considerations.

For subnet matching, there is an open request in #365

For subdomain matching, currently the logic is already "wildcard" in most cases, here is the specification from the user manual:

Blocking a second-level domain like example.org will cause all of its subdomains to be blocked (e.g. some.example.org and img.example.org). This only applies to second-level domains, so blocking another.example.org will not block yet.another.example.org.

For rules having both domains/ip addresses and ports, I don't see much use cases for that. The firewall feature is mainly meant for privacy and in this context blocking ports seems too low level.

If you have other use-cases in mind let me know