You (probably) have a firewall on your PC, but you don’t think you need a firewall for your phone. I will give you two reasons why you may want to reconsider:
- Every app and its grandmother wants to be able to access the Internet nowadays (typically for ads, but sometimes for other things like syncing). This doesn’t bode well when cell phone service companies are continually increasing the cost of wireless smartphone Internet, either by lower the cap on our monthly data allowance for postpaid customers or making data packages more expensive for prepaid customers. Having a tool that directly controls which apps access the Internet allows users to stem the usage/wastage of precious bandwidth.
- On Android there are three main app permissions users should be wary of when installing apps: The ability to send SMS/MMS, the ability to make outgoing calls, and the ability to access the Internet. The first two are easy ways for malicious apps to make quick money by messaging/calling “premium” numbers that cost $349,857,345 per minute/text. The latter permission is typically used by apps to display ads, but is also a medium for malicious apps to ship out your private data. However, if an app doesn’t have Internet access, no matter how malicious it is your data is (usually) safe. (If you are looking for an ad-blocker, see AdFree Android .) Seeing how every other app wants Internet access privileges, it goes without saying many users would appreciate a way to block apps’ Internet access. That is where an Internet firewall comes into play.
Note I am being very specific in mentioning Internet firewall because there are other types of “firewalls” for Android, such as call/message blocking firewalls . I don’t want there to be any confusion: This article is discussing app(s) that block Internet access, nothing more nothing less. Other articles  discuss call/message blockers.
Table of Contents
App Name: DroidWall  
Note: dotTech has written a full review  on DroidWall.
Developer: Rodrigo ZR
Download Size: 257 KB
Version Reviewed: v1.5.1
Requires: Android 1.5 and up, and a rooted phone
- Allows users to block app Internet access for apps over just WiFi, just the phone network, or both.
- Works in two modes: “White list” and “Black list” mode.
- “White list” blocks all apps from accessing the Internet and users have to specifically give apps access to the Internet.
- “Black list” allows all apps to access the Internet and users have to specifically block apps from accessing the Internet.
- Can password protect itself so only the person with password can make changes.
- Has the ability to log whenever apps are denied Internet access.
- Supports app2sd.
- Very easy to use.
- Requires root.
- Lacks the ability to have “profiles”.
DroidWall is a brilliant firewall app for Android. It works by using a native Linux feature (Android is essentially a Linux distribution), iptables: DroidWall adds/remove iptables’ rules as you block/unblock apps from accessing the Internet. Essentially DroidWall is just a front-end to access iptables, which do all the heavy lifting.
Although being a “front-end” may have negative connotations, there are advantages to making use of a native Linux feature instead of reinventing the wheel. First and foremost, DroidWall does not stay on continuously in the background. When you block/unlock apps from accessing the Internet, DroidWall writes the rules to iptables and its job is done. Since DroidWall does not stay on and does not do work in the background, it does not waste battery life. Secondly, DroidWall is secure. By using a native Linux feature, there is a sense of certainty that apps won’t be able to bypass DroidWall blockage. Thirdly, DroidWall works for everything. With DroidWall you can block Internet access for user installed apps, system/bloatware apps, and even the Linux kernel itself. Lastly, DroidWall won’t make your phone unstable. Sure, depending on what they used the Internet for, some apps may not work without Internet access. However, generally speaking DroidWall will not make your phone unstable because it doesn’t do anything except modify iptables’ rules.
On the flip side, however, using iptables requires DroidWall to have root access. So users who do not have rooted phones will not be able to use DroidWall.
Using DroidWall is very easy. When you first run DroidWall, it starts off disabled and in White List mode. (White List mode blocks everything from accessing the Internet and you have to explicitly give access to whatever app you want to have access.) To enable DroidWall you have to press the menu key on your phone and tap the “Firewall disabled” button to enable the firewall; you will have to grant DroidWall root access at this point if you have not already. To switch to Black List mode tap at the top where it says “Mode: White list (allow selected)” and a menu will popup where you can select black list from. (Black List mode allows all apps to access the Internet and you have to specifically block apps that you don’t want to have access.) To start blocking (or unblocking, depending on which mode you are in), simply check the checkbox next to the name of the apps. You can block/unblock Internet access over just Wifi, just the phone network (i.e. 2G/3G/4G), or both. If you want to block/unblock Internet access for all apps, there is an option for that; if you want to block/unblock Internet access for all rooted apps, there is an option for that also. Once you have selected which apps you want to block/unblock, press the menu key and tap “Apply rules”. If you have not granted DroidWall root access yet, you will have to now. Whenever you want to modify DroidWall settings, simply repeat this same process. Be sure to always apply rules whenever you make changes or the changes may not be saved.
Really the only complaint I have against DroidWall is that it doesn’t support profiles. By profiles I mean different settings that users can switch between easily. For the average user, not having profiles won’t be a big deal. However, for people that travel it is a big deal. For example, when at home someone may only want to block Internet access for specific apps. However, when abroad they may want to block Internet access for all apps (to not incur unnecessary charges) and only allow specific apps. If DroidWall had profiles, it would be easy to flip between these profiles depending on when a user is at home or abroad; but as it stands, users has to re-customize the settings whenever they travel.
- HiSurfing  [Root required]