This app was mentioned in 118 comments, with an average of 4.05 upvotes
https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall
Block everything by default, only allow things that you know need it. It also has a log option for when you can't work out why something doesn't work, you can see blocked packets and where it was trying to connect to.
For people who will be replying... if you don't care enough about your privacy to start doing something about it, then you don't get to complain.
You'd be surprised how much your phone is not only talking to Google, but other services.
Edit: Disconnect is basically a VPN with filtered content. Meh. I'd rather filter my own content with firewall, host file, and some custom iptables, opendns using setprop commands.
A good alternative for NetGuard is AFWall (requires root, but it's also on F-Droid and more established than NetGuard):
https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall&hl=en
https://f-droid.org/repository/browse/?fdid=dev.ukanth.ufirewall
If you have root, AFWall+ lets you whitelist (!) services for lan access, wifi access and mobile data access.
The popular choice is AdAway for hosts file blocking - and the hosts file is read only without root.
Personally I also use AFWall - a firewall application to restrict internet access by application and Lucky Patcher which has some automated routines to patch ads out of applications. These both also require root.
One plus 8 pro
If u don't have those settings, can also use a firewall
If your phone isn't rooted (Netguard)
Make sure to disable all analytics and share data options in gboard settings
> Is there a root required firewall which does what I actually want?
AFWall+ worked well when I used rooted phones. Easy to use too.
If you can install a custom mod and aren't on project fi, try cyanogenmod. It has this feature built in to the app ops.
If not, I suggest AFWall+. It let's you restrict data on WiFi, mobile, and even local network.
Yeah, it's AFWall+ I've been loving using it, I use a VPN frequently so all the other firewalls weren't an option for me. It does require root to work though.
Al di là che dovrai risolvere assieme a Wind, o meglio dovranno essere loro a ridarti i soldi c'è solo una parziale soluzione per impedire ulteriori addebiti, installare app quali AFWall+ bloccando TUTTE le app/servizi su rete mobile. (serve root per l'app linkata)
edit: questa non ha bisogno del root ma non l'ho mai provata.
The thing I found to be most impactful, which I don't really see mentioned, is installing a quality firewall (I use AFWall+) to prevent network access for any apps that don't need it. The good ones require root.
DroidWall has been deprecated for years. Use AFWall+ (F-Droid link) instead, it's an actively developed fork of DroidWall.
Everyone should do this regardless. AFWall+ is a powerful FOSS firewall available on F-droid and Google Play Store. I have mine set to whitelist only, so nothing can access the internet unless I give it explicit permission, even if it's running as root.
You should take a look at AFWall+. It allows you to block or allow internet access on a per-app basis and set rules based on the connection type (Wi-Fi, Roaming, etc.); it also works as a Tasker plug-in.
Root it, install afwall. (Or install a firewall that acts like a VPN, those don't require root, but they're not as good).
It should be on by default, but as long as you have root, it's not hard to set up. Install, it defaults to DROP all the traffic. Explicitly enable the apps that need internet. (Check the logs if anything seems broken, they say which app is trying to access the internet and what IP addresses/ports it's trying).
It's not like google has anything against the firewall, they allow it in the google play store. (https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall).
(Also, the agreement with the media companies was probably "If you don't prevent rooted devices from accessing our content, you're not getting it". Google could have taken the high road and basically not have started the movie store or w/e it's called, but they probably wanted to make a service that 90% of people wanted to use)
What you can easily restrict is the Background Data - i.e. it will stop CH from prefetching ads while it is not in the foreground. However due to the gameplay, you keep it in the foreground for long periods of time, and then the background data restriction will not apply.
I use AFWall+ on my rooted phone, allowing me to completely disconnect CH from mobile data. Unfortunately this also restricts the clan feature, of course.
There is just one firewall i know and that is AFWall+ I would not use anything else.
https://f-droid.org/repository/browse/?fdid=dev.ukanth.ufirewall https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall&hl=en
I highly recommend to use an app like AFWall+ to block any internet access of apps you don't want to be able to do anything online. I also would do a backup of Quickpic with something like Titanium Backup and not update to the newest version of Quickpic if you don't trust them. AFWall+ is also great for people who want control data usage of their phone which is very useful if you have limited mobile bandwidth or don't want it to be used without your knowledge.
(Looks like you like Opera Max, so this is another way, if anyone is interested): Since you're rooted, you could look into using AFWall+. (You have to join the beta program to get the latest version.) This app lets you control which app connects to the internet (via WiFi or cellular) and for more advanced IPtables rules too. Works great.
GBoard definitely has internet access because just like you said, I can't search GIFs or stickers anymore after blocking internet access for it.
You could block it using a VPN based firewall like NetGuard: https://f-droid.org/en/packages/eu.faircode.netguard/
I'm rooted, so I just use AFWall+: https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall
This plug-in can check daily data usage. Just use a Tick profile to link a task to check data used.
After that, if data over limit then use one of the solutions below to block internet access for Play Store and GMS.
either:-
1) AFWall+ (Root)
- It has Tasker integration, uses ip-tables to block internet as per profile set which means it doesn't create vpn so no loss of net speed)
OR
2) Tasker's native [Network Access] action
- Uses vpn to block internet access for specific apps and net speed is affected
Here you go, AFWall+. You need root for this app to work. Also read up the app's instructions as it starts in a whitelist only mode and it blocks all apps. You need to manually switch it to blacklist mode.
I have seen people mention this app here earlier.
https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall
Just try if this helps. Else, Tasker! To cut off mobile data when the specified apps are currently in use.
Using pm disable is actually really bad for several reasons.. One, it uninstalls updates to the Play store and can prevent licensing to verify. If an app sees Play is disabled, it can go trial mode. It's also not very practical, as you will get it flurry itself with updates the second you update it.
The reason how it can start itself is because it's a system app and is backed by Google Play Services. It's a whitelisted app to Android system, so can kinda work despite your best wants.
Titanium freezes the app by essentially nuking it's main thread and background services. It's similar to disabling it, but it retains all the updates and config data.
The best way to kill Play store off, is deny it internet access. This has been an age old trick of mine for years. Same for Google Play Services. Ban them both from internet and they literally only do what is essential. Since you're rooted, check out AFWall+ to do just this.
That's all good advice, I would also include a firewall like: https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall
I don't use gapps also, google is no better that xiaomi. That's why a I love roms like lineageos, where I can really decide what I want in my phone.
I use AFWall on my kids tablets. It requires root, but it lets me give them access to PBS Kids, Disney, NickJr and Netflix while keeping them from web browsers, the play store, etc.
I feel like calling android a rootkit is really stretching the definition. (ignoring the facebook rootkit which... It's buggy, shitty, slow as fuck, spyware. It's not a rootkit).
I mean, I get it, words have emotion attached to them beyond their meanings. When Sony, the company looking to nanny state the world went and boldly innovated in malware, the emotion of that act feels comparable to all the smartphone manufacturers colluding with facebook to forcibly spy on their customers.
I just object to that style of discourse.
anyway. You CAN remove these with root (though it's bullshit you need root to do this). And rooting lets you install stuff like AFwall https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall&hl=en_CA . You do have to wipe your phone to enable root however :(.
https://android.stackexchange.com/questions/6851/uninstall-apps-locked-by-phone-vendor
It's nothing super complicated. I use this:https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall&hl=en_US
And my openVPN.
Inside of AFwall+ I made four profiles, one that blocks everything. One that allows only maps/waze, telegram and a couple other messaging programs. Stuff I want to run over data goes here as well.
Another that only allows apps to go through a VPN. But this one only checks if you're on vpn or not - wifi and mobile data settings are ignored. So If you have an app blacklisted from mobile data, but authorized by VPN it'll connect when the vpn is active - even if you're on data.
And the last was pretty much those same apps, but on the general wifi/data.
There was a long list of apps I just didn't allow to have access to data period. Games, ad driven junk, etc. Also anything I was test driving.
I'd use Tasker to swap between them - have it check the connection status and toggle to the appropriate AFwall+ set of rules accordingly. If I was at home it'd kick off my vpn and flip me over to the "at home" list.
If I was on wifi that wasn't my home SSID, it'd flip to the vpn only set of rules and then start openvpn with my default connection.
Worked pretty well. I've upgraded my ROM since then and learned that since AFWall+ blocks things by UID and those are different on this install I will have to reconfigure everything.
If you have xposed installed AFWall+ also has a module for that. Gives it more control. I was just rooted though.
Nice one, thanks didn't know that.
Don't forget XPrivacyLua and AFWall+ both freaking usefull when combined.
Any decent firewall app could handle that task.
Rooted: AFWall+
unrooted: AdClear VPN Firewall/ad-blocker
> The source code coming from the apps on that site have no such thing.
Why did you delete your comment with the sketchy AF link, and where the heck is the source code on that site? I could not find it, and none of the links on the page when I looked actually worked.
> The ads can be removed with an adblock
Definitely, using something like AFWall+ would be a reasonable thing to suggest. Recommending a hacked copy of an app, esp. when said app contains heavy crypto and has no automated update mechanism (cause Google Play can't update it) is how a situation where malware and patched vulnerabilities persist for years after an app is sideloaded.
TL;DR: Don't sideload apps, use Google Play or F-Droid. Anything else is insecure and likely malware.
Are you here to rant or ask for help? Can't tell.
If you want help:
I'm not aware of any booster apps, though if you want you can try using firewall apps. Grant internet access to only those apps who need it. If you are rooted try AFWall+ and if not rooted try NetGuard - no root firewall
AF firewall does this. You can individually mark which applications have no internet access. Only catch is it needs root.
This one doesn't need root, but I haven't tried it. It claims to also have the ability to individually block internet access to apps.
If neither work, try another firewall app in the play store.
My Nexus 6 is rooted and I've had no issues at all with any of Fi's features. WiFi Calling works, the carrier switching does too, as well as the Fi VPN.
Since you're rooted, if you'd like to reduce your data usage as much as possible, I recommend using AFWall+ if you're not already. This one doesn't interfere with Fi's VPN service since it's running in the background and not using an Always On VPN, unlike most other data-blocking apps for non-root users, such as NetGuard
Completely optional, of course.
I root mainly because I frequently roaming internationally (within the EU), and with root I can use AFWall, which lets me chose which apps can use data while roaming and which don't.
Losing that would cost me tens of Euros per month.
Here's a list of mentioned root apps and Xposed modules with descriptions, I'll be updating the list.
Root
AdAway: block ads using hosts file
AFWall+: restrict apps from accessing access your data networks
Amplify: save battery by controlling how often and how long your device can wake up
Autostarts: disable unwanted app autostarts
BetterBatteryStats: find apps causing battery drain and measure the effect of corrective actions
BusyBox / Pro: BusyBox installer and uninstaller
Cerberus: anti-theft with control through Cerberus' website and SMS, automatic alerts, and more
CF.lumen: adapt screen color based on time or custom configuration
cSploit: network analysis and penetration suite
Custom Quick Settings: add app links, web links, and custom toggles to your quick settings
Doze Settings Editor: edit settings or parameters which affect the operation of Doze
FlashFire: flash firmware packages without custom recovery
Flashify: flash boot.img, recovery.img, and zip files without needing to go to recovery
Greenify / Donation Package: identify and hibernate misbehaving apps when you're not using them
Kernel Auditor: manage kernel parameters (alternative: EX Kernel Manager)
Layers Manager: manage Layers on compatible ROMs
LiveBoot: boot animation that shows you logcat and dmesg outputs on-screen as they happen
Lucky Patcher: remove ads, modify apps permissions, backup/restore apps, bypass premium app license verification, and more
Material Terminal: Terminal Emulator for Android but uses material design
MultiROM Manager: install or update MultiROM and its recovery and kernels (device specific XDA threads in the description)
SCR Screen Recorder: record your screen and system audio
Secure Settings: plugin for Locale/Tasker that adds more features
Simple Reboot: adds reboot, recovery, bootloader, soft reboot, and safe mode to your power menu
Solid Explorer File Manager: file explorer and cloud manager (alternative: Root Explorer)
Textdroider DPI: change DPI settings
Titanium Backup / PRO: backup, restore, freeze apps and more (alternative: oandbackup)
ViPER4Android: audio enhancement
Wakelock Detector / FULL PACK: detect battery draining apps using wakelock usage history
WiFi Key Recovery: recovery passwords for networks you've connected to
WifiKill: disable internet connection for devices on your network, for Android 4.x
Xposed: framework for modules that customize/add Android functions
Xposed Modules
Android N-ify: framework for modules that customize/add Android functions): adds Android N features to LP and MM
DirectAPKInstall: install APKs without enabling "unknown sources"
Flast Style Colored Keyboard: change Google and Swype keyboard colors, change colors per app with PRO
GravityBox KK / LP / MM: tweaks for vanilla AOSP ROMs
MinMinGuard: block ads inside apps and remove blank space left by ads
No Lock Home: bypass lockscreen when connected to your trusted WiFi AP
XInsta: download Instagram photos and videos
XNotifications: control notifications behavior in many aspects
XPrivacy: restrict what data apps can access by feeding apps no data or fake data
https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall
But would be nice if it was built in the system. Definitely.
This is the one I have been using for the last few years. Very good. https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall The trick is you need to root your device.
As /u/Buttholehemorrhage ^^(yikes!) says, this is Facebook Graph, which is how apps and websites communicate with Facebook, both for ad reasons and for user data. A LOT of apps will be using this API.
>Is there a way to see what app called it?
There are ways, but they aren't necessarily "easy". You~~'d likely~~ don't need a rooted phone, ^(~~but I'm not certain on this and if there is a way without root, support probably varies by Android version~~) ~~and then~~ but if you have one, you can monitor the sockets on your phone using a number of tools, including command line tools from Busybox or an application firewall like AFWall+.
Edit: It would seem that NoRoot Firewall and NetGuard might be able to support filtering by app without having a rooted phone. You can block Graph from there.
>which apps you're using to protect your privacy?
AFWall+
- (root required) firewall app
AdAway - (root required) HOSTS file manager, can block tracker servers
Wi-Fi Privacy Police - prevents your smartphone or tablet from leaking privacy sensitive information via Wi-Fi networks. (Was on the Google Play store, but I just found out that it has been removed there.)
AppOpsXposed - (root required) app permission manager, for Android versions that don't have one
<strong>AdAway</strong> (root required) - an ad blocker that uses the hosts file (not on Play Store; link brings you to F-Droid)
<strong>AFWall+</strong> (root required) - restrict which applications are permitted to access your data networks (2G/3G and/or Wi-Fi and while in roaming). Also you can control traffic within LAN or while connected through VPN. [F-Droid link]
<strong>K-9 Mail</strong> - e-mail client supporting multiple accounts, POP3, IMAP and Push IMAP [F-Droid link]
<strong>FreeOTP</strong> - two-factor authentication (2FA) application for systems utilizing one-time password protocols (OTP) [F-Droid link]
<strong>OpenKeychain</strong> - encrypt files and communications with OpenPGP [F-Droid link]
AFWall might be what you're looking for
Any firewall app can block other apps from Internet access. A decent ad-blocker can stop ads to apps that need Internet access.
I don't like that it's using data for texts, either. I've had a few instances where I don't have any data, and find myself unable to send or receive any texts. Plus, I tend to block data usage with AFWall+, and blocking the data-hungry (on my phone at least) Google Play Services, Google Account Manager and Google Services Framework also prevents Hangouts from receiving messages, while Messenger (and any other texting app) still receives them regardless.
One thing that I'd really love to see that would make me reconsider is if incoming messages via Project Fi are registered as actual SMS by the system, meaning apps that are designed to respond to those fire off like normal. This means things like Google Now being able to read you your last text message, the conversation coming up in the Contacts app, Tasker and Touchless Chat being able to auto-respond, etc etc.
Also, sometimes I send text messages via Touchless Chat and Tasker, and they both send them in the background, making them send as regular SMS messages and therefore they don't sync. It'd be pretty nice that if you've integrated into Hangouts, any and all SMS requests are intercepted by the system and sent via Project Fi rather than the cell network, that way they sync across devices.
If Project Fi integration behaved that way, I'd go back to it immediately and wouldn't care about the data usage, never looking back to regular texting apps :P
Are you rooted?
If so (iptables):
If not (local VPN):
AFWall+, though it requires root
It's pretty easy get an app like https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall&hl=en&gl=US
Then block everything you don't need.
I just use afwall+ ATM for essentially this purpose. No Netflix, YouTube or music over 3g on accident for me
It requires root, but, easiest way is with https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall
AFWall+ kind of does this, I believe. But it tends to break things when I block certain apps from having network access.
Firewall apps:
Afwall+ (requires root)
Note that I have only tried Afwall+ and I have never tried creating custom rules with it. I used just to allow/deny apps internet access. YMMV.
Network monitor:
Network Log (requires root)
Edit:Added some apps
I used to have a h815 running LineageOS until one day it bootlooped itself to death thanks to the hardware fault. Looks like Lineage don't maintain the official h815 builds anymore so even though you could install it you'd be left with unpatched vulnerabilities.
Rooting actually makes your device less secure as you basically defeat the sandbox that prevents changes the system partition. If you install (intentionally or unintentionally) an app that manages to exploit privilege escalation then it has free reign over your device. Even if the apps you use with root permission are "safe" they can mess up the integrity of the system partition.
Seeing as you have root access I'd consider AFWall+ a good choice. Also get a system app remover and delete bloatware/unused apps from your device (take a backup before doing this though). A safer option is to keep the apps but deny their network access with AFWall+. Use F-Droid/Yalp as a replacement for Google Play.
AFWall+, it is available through the Play Market and on F-Droid.
On a rooted phone you could restrict mobile data access of your apps with a firewall like AfWall+.
Have you checked out AfWall+ GSTORE / GHUB / FDROID
Or
NetGuard Dev Site ?
I havent had any experience with AFWall+, since I can't figure out how to root this damn phone, but I keep hearing people on forums/etc being very happy with it.
I have used NetGuard, and the level of specificity it can get to is overwhelming. Right on the main screen/list o' apps, it will (when configured to do so) alert you every time an app makes a connection to or from a new host and log it all. It even can output pcap files for use later on.
Only if rooted. https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall is the easiest way, unless you want to create IPTables yourself.
Some android OEMs have this setting like one plus or xiaomi
If not then you can use something like this
AFWall is a good option, You can allow some apps to connect and block everything else including future installed apps.
Donate version if you want to support the developer.
This option has been around for like a decade of you have root with the AfWall+ app. AFWall+ (Android Firewall +) - https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall
Actually rooting and using tools/apps like AFWall+ and LuaXprivacy (must be installed via EdXposed or Riru), can be extremely beneficial when used properly. The ability to block Ads/Trackers with AdAway (which can all be accomplished Systemlessly thanks to Magisk. Couple such tools with OpenVPN and F-Droid. Combine all that or use none. The sheer ability to create an encrypted backup image with TWRP alone accomplishes a level of privacy, in my opinion, that cannot be achieved without root. In many cases root can be removed after replacing the factory recovery. So at the very least you could go for a temporary root if only to have a protected backup. At least that way if you're device gets compromised at some place like an airport or from law enforcement you can always wipe the device either prior to (hopefully) or after such an encounter.
Use a firewall to block all the request from this app. AFWall+ would do the trick
You could use a firewall app to prevent it from accessing WiFi or cellular Internet.
It's harder to advice properly as you forgot to state your Android version/rooted/xposed?
Can't really advise on Netguard as it uses a VPN so a big no-no.
Whilst I believe Tasker can natively block per app internet access, you may find it easier using a firewall with Tasker integration such as AFWall+
Else, you can restrict notifications with AutoNotification
Else, you can play with Notification Channels in Tasker.
Else, you can completely disable apps with Tasker integrated apps like Ice Box or natively in Taskers Run Shell pm disable com.package.name
Else, other solutions to try.
Root:
Non-root:
I've tried all 4 and they're all competent enough to do what you want. AFWall+ and NoRoot Data Firewall are the easiest to use. NetGuard is the least intuitive.
AOSP mit root um die Firewall und den Werbeblocker zu betreiben. Rest mach ich mit der brain.apk, living on the edge.
So its the same as AFWall+ for rooted phones?
Or, root your phone and install AFWALL and control which apps have internet access.
If you are rooted there are firewall apps that can do exactly that.
https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall
I use https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall
It works stunningly well.
If you are rooted, you can use AFWall+ to restrict mobile data for the app.
You need to be rooted and use a firewall like Afwall
AFWall+
https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall&hl=en
Anyone concerned about QP should already have it.
afwall+ (needs root) https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall&hl=en
Depending upon how you configure your smart phone. (AFwall+)
Developer of AFWall+ and Micopacks
AFWall+ -> iptables based firewall -https://play.google.com/store/apps/details?id=dev.ukanth.ufirewall
Micopacks -> Manage your icon packs easily https://play.google.com/store/apps/details?id=dev.ukanth.iconmanager
I don't see that it's really up for debate, it is unequivocally spyware. The word has no meaning if it doesn't apply to software which sends back information on you without your permission.
Fortunately for me, there exist options to deal with it. Both on the internet and on my cell phone.