- dotTech - http://dottech.org -

[Android] Best free Internet firewall

You (probably) have a firewall on your PC, but you don’t think you need a firewall for your phone. I will give you two reasons why you may want to reconsider:

Note I am being very specific in mentioning Internet firewall because there are other types of “firewalls” for Android, such as call/message blocking firewalls [2]. I don’t want there to be any confusion: This article is discussing app(s) that block Internet access, nothing more nothing less. Other articles [2] discuss call/message blockers.

This article is part of our Best Free Android Apps [3] repository. Feel free to drop by [3] when you have time!

Table of Contents

Best Free Internet Firewall

App Name: DroidWall [6] [7]

Note: dotTech has written a full review [8] on DroidWall.

Developer: Rodrigo ZR

Download Size: 257 KB

Version Reviewed: v1.5.1

Requires: Android 1.5 and up, and a rooted phone

Pros

Cons

Discussion

DroidWall is a brilliant firewall app for Android. It works by using a native Linux feature (Android is essentially a Linux distribution), iptables: DroidWall adds/remove iptables’ rules as you block/unblock apps from accessing the Internet. Essentially DroidWall is just a front-end to access iptables, which do all the heavy lifting.

Although being a “front-end” may have negative connotations, there are advantages to making use of a native Linux feature instead of reinventing the wheel. First and foremost, DroidWall does not stay on continuously in the background. When you block/unlock apps from accessing the Internet, DroidWall writes the rules to iptables and its job is done. Since DroidWall does not stay on and does not do work in the background, it does not waste battery life. Secondly, DroidWall is secure. By using a native Linux feature, there is a sense of certainty that apps won’t be able to bypass DroidWall blockage. Thirdly, DroidWall works for everything. With DroidWall you can block Internet access for user installed apps, system/bloatware apps, and even the Linux kernel itself. Lastly, DroidWall won’t make your phone unstable. Sure, depending on what they used the Internet for, some apps may not work without Internet access. However, generally speaking DroidWall will not make your phone unstable because it doesn’t do anything except modify iptables’ rules.

On the flip side, however, using iptables requires DroidWall to have root access. So users who do not have rooted phones will not be able to use DroidWall.

Using DroidWall is very easy. When you first run DroidWall, it starts off disabled and in White List mode. (White List mode blocks everything from accessing the Internet and you have to explicitly give access to whatever app you want to have access.) To enable DroidWall you have to press the menu key on your phone and tap the “Firewall disabled” button to enable the firewall; you will have to grant DroidWall root access at this point if you have not already. To switch to Black List mode tap at the top where it says “Mode: White list (allow selected)” and a menu will popup where you can select black list from. (Black List mode allows all apps to access the Internet and you have to specifically block apps that you don’t want to have access.) To start blocking (or unblocking, depending on which mode you are in), simply check the checkbox next to the name of the apps. You can block/unblock Internet access over just Wifi, just the phone network (i.e. 2G/3G/4G), or both. If you want to block/unblock Internet access for all apps, there is an option for that; if you want to block/unblock Internet access for all rooted apps, there is an option for that also. Once you have selected which apps you want to block/unblock, press the menu key and tap “Apply rules”. If you have not granted DroidWall root access yet, you will have to now. Whenever you want to modify DroidWall settings, simply repeat this same process. Be sure to always apply rules whenever you make changes or the changes may not be saved.

Really the only complaint I have against DroidWall is that it doesn’t support profiles. By profiles I mean different settings that users can switch between easily. For the average user, not having profiles won’t be a big deal. However, for people that travel it is a big deal. For example, when at home someone may only want to block Internet access for specific apps. However, when abroad they may want to block Internet access for all apps (to not incur unnecessary charges) and only allow specific apps. If DroidWall had profiles, it would be easy to flip between these profiles depending on when a user is at home or abroad; but as it stands, users has to re-customize the settings whenever they travel.

Alternatives