I am one of those people that likes to control what programs on my computer access the Internet. Indeed, I had friends over a couple of weeks ago and one of the comments a friend of mine kept making is “you have your computer locked down so much it hardly works”. When I got my Android phone, it was somewhat of a semi-culture shock with 3 out of 4 apps requesting Internet access privileges and me being powerless to stop them, aside from not installing the apps at all. So imagine my joy when I discovered DroidWall, a firewall for Android phones.
Image Credit: frostnova 
What is DroidWall?
On your Windows PC a firewall typically constitutes a program that is running all the time, controlling access to your computer. DroidWall is not like that. On Linux (yes, Android is essentially a Linux distro) the idea of a “firewall” is manipulating Linux’s iptables; that is to say, creating rules in the iptables to block certain programs – or apps, in the case of an Android phone – from accessing the Internet. That is how DroidWall works. It isn’t an always-on-program like the the firewalls you find in Windows. Rather, with DroidWall users select which apps to block (or allow, depending on which mode you are running it in), apply the rules, and you are finished. You only need to run DroidWall whenever you want to change the rules.
Why use DroidWall?
One of the most obvious uses of DroidWall is to prevent apps from unnecessarily using data. Some people, in fact many people now thanks to tiered data plans and soft-caps on “unlimited” plans, have a limit to how much data they can use per month. DroidWall is an easy way to prevent apps from wasting that quota.
Another reason is to block ads: If an app cannot access the Internet, it cannot display ads. However, if you are looking to block ads, you are better off going with AdFree Android  because it works a lot better in blocking ads; with DroidWall users won’t be able to block ads from apps that need Internet access to be used.
Lastly, and my personal favorite, is simply to block apps from accessing the Internet. It seems like every app and their grandmother wants “full Internet access”. Most of the time this access is to display ads; but other times it is not. I, for one, use my phone for many personal things. I am not comfortable with giving every app Internet access for no good reason. If an app needs Internet access to function, fine it can have it; if it doesn’t (like many games don’t need Internet access to work properly), then see no reason to give it Internet access. On a similar note, I block apps from Internet access if I don’t agree with what permissions they request. For example, Barcode Scanner  is a brilliant barcode scanning app. (I use it mostly for QR codes.) The app requests various different permissions, two of which are accessing my personal information (browser’s history and bookmarks, and my contact data) and Internet. Although the developer explains why the app requests contacts data – and the app is probably non-malicious – I just don’t feel comfortable with it having access to my contacts data nor my browsing history. By blocking Barcode Scanner’s Internet access, I feel reassured that even though it can access my contacts data and browsing history, it cannot do anything with it.
DroidWall operates in two modes: “White list” and “Black list”. In White list mode all apps are blocked from accessing the Internet and users must specifically give apps permission to access the Internet:
In Black list mode all apps are allowed to access the Internet and users must specifically block apps from accessing the Internet:
The mode can be changed by tapping on the mode line at the top and selecting what mode you want to be in:
By default DroidWall is in White list mode; users who want Black list mode must manually change it to that. Also note by default DroidWall comes in disabled – users must manually enable DroidWall after installing it:
(Tap the Settings key on your phone to bring up the menu shown in the above screenshot. You will be asked to give DroidWall root access.)
Once you have decided which mode you want – and you have enabled DroidWall – simply check the boxes next to the apps you want to allow/disallow (depending on what mode you are in). As you can see from the above screenshots, you can selectively block access from WiFi or phone data, or both. (Take note that the program shows “3G” for phone data but it should work with 2G/4G data also; however I don’t know for sure.) Once you have marked the apps you want, tap Save rules…
…and the rules will be applied.
As I already mentioned, because of the way Linux works, DroidWall need not be running all the time. DroidWall simply changes rules in the iptables as you tell it to and that is that: You never have to run DroidWall again, unless you want to change the rules.
Whenever you want to go back and modify Internet access for apps, simply run DroidWall, change whatever you want to change, and tap Save rules to apply the new rules.
Logging, Rules, and Password Protection
DroidWall can log specific instances when it blocks access to apps, show the explicit rules it creates, and password protect itself so people without the password cannot change the program settings:
(The menu shown in the above screenshot can be access via Settings -> More.)
Take note that logging must first be manually enabled via Settings -> Log disabled.
Conclusion and Download Links
I think I am in love. With DroidWall. I honestly feel this is an absolute must-have program for all Android phones. Highly recommended. I only wish a similar program is created to control other aspects of phones that apps request, like making phone calls and sending SMS.
To grab DroidWall, search the Android Marketplace for “DroidWall”, use your barcode scanner on the QR code found below, or load up this page on your Android phone and click on the following links:
Version reviewed: v1.4.6
Price: $0 – Free
Download size: 268 KB