- Start AdAway and go to the Menu.
- Select “Log DNS Requests”
- Click ‘TCPDUMP IS NOT RUNNING!’
- Wait until it shows ‘TCPDUMP IS RUNNING!’
- (Whitelist only): Go to the main screen and click the button to ‘Disable Adaway’.
- Open the App you wish to monitor for a while. Click around on things and use the application as you normally would.
- Go back to AdAway / Menu / Log DNS Requests and select ‘OPEN LOG FILE’.
- There you look for suspicious hostnames.
- REMOVE ADS (Blacklist): Try to block some of them by adding them to your Blacklist from that screen (long press a hostname), reapply AdAway and restart your Android device.
- FIX APPS THAT AREN’T WORKING (Whitelist): Look for some of the hosts the app will try to connect to and add to your Whitelist to allow it. (Keep in mind this will allow ANY app to connect to that URL to pull ads.)
- (Whitelist only): Re-apply Adaway to see if your whitelist additions worked. Remember if you see a bunch of similar host names like ‘a.adserver.com’, ‘b.adserver.com’, ‘c.adserver.com’; you can just add one of them to your whitelist, long press on it to edit. Then change to ‘*.adserver.com’ to whitelist that whole domain.
If you are not getting any logs showing up then the TCPDump process could be getting killed by SELinux enforcing policy.
How to Log DNS Requests using Adaway