This app was mentioned in
with an average of
DroidWall was last updated in 2011. Use the successor AFWall+ instead which is also available on F-Droid.
Block everything by default, only allow things that you know need it. It also has a log option for when you can't work out why something doesn't work, you can see blocked packets and where it was trying to connect to.
For people who will be replying... if you don't care enough about your privacy to start doing something about it, then you don't get to complain.
You'd be surprised how much your phone is not only talking to Google, but other services.
Edit: Disconnect is basically a VPN with filtered content. Meh. I'd rather filter my own content with firewall, host file, and some custom iptables, opendns using setprop commands.
A good alternative for NetGuard is AFWall (requires root, but it's also on F-Droid and more established than NetGuard):
If you have root, AFWall+ lets you whitelist (!) services for lan access, wifi access and mobile data access.
-Source on Github
-Link on Playstore
The popular choice is AdAway for hosts file blocking - and the hosts file is read only without root.
Personally I also use AFWall - a firewall application to restrict internet access by application and Lucky Patcher which has some automated routines to patch ads out of applications. These both also require root.
> Is there a root required firewall which does what I actually want?
AFWall+ worked well when I used rooted phones. Easy to use too.
If you can install a custom mod and aren't on project fi, try cyanogenmod. It has this feature built in to the app ops.
If not, I suggest AFWall+. It let's you restrict data on WiFi, mobile, and even local network.
Al di là che dovrai risolvere assieme a Wind, o meglio dovranno essere loro a ridarti i soldi c'è solo una parziale soluzione per impedire ulteriori addebiti, installare app quali AFWall+ bloccando TUTTE le app/servizi su rete mobile. (serve root per l'app linkata)
edit: questa non ha bisogno del root ma non l'ho mai provata.
The thing I found to be most impactful, which I don't really see mentioned, is installing a quality firewall (I use AFWall+) to prevent network access for any apps that don't need it. The good ones require root.
DroidWall has been deprecated for years. Use AFWall+ (F-Droid link) instead, it's an actively developed fork of DroidWall.
Everyone should do this regardless. AFWall+ is a powerful FOSS firewall available on F-droid and Google Play Store. I have mine set to whitelist only, so nothing can access the internet unless I give it explicit permission, even if it's running as root.
AFWall if you're rooted, NetGuard if you're not.
You should take a look at AFWall+. It allows you to block or allow internet access on a per-app basis and set rules based on the connection type (Wi-Fi, Roaming, etc.); it also works as a Tasker plug-in.
Root it, install afwall. (Or install a firewall that acts like a VPN, those don't require root, but they're not as good).
It should be on by default, but as long as you have root, it's not hard to set up. Install, it defaults to DROP all the traffic. Explicitly enable the apps that need internet. (Check the logs if anything seems broken, they say which app is trying to access the internet and what IP addresses/ports it's trying).
It's not like google has anything against the firewall, they allow it in the google play store. ([link]).
(Also, the agreement with the media companies was probably "If you don't prevent rooted devices from accessing our content, you're not getting it". Google could have taken the high road and basically not have started the movie store or w/e it's called, but they probably wanted to make a service that 90% of people wanted to use)
What you can easily restrict is the Background Data - i.e. it will stop CH from prefetching ads while it is not in the foreground. However due to the gameplay, you keep it in the foreground for long periods of time, and then the background data restriction will not apply.
I use AFWall+ on my rooted phone, allowing me to completely disconnect CH from mobile data. Unfortunately this also restricts the clan feature, of course.
There is just one firewall i know and that is AFWall+
I would not use anything else.
I highly recommend to use an app like AFWall+ to block any internet access of apps you don't want to be able to do anything online.
I also would do a backup of Quickpic with something like Titanium Backup and not update to the newest version of Quickpic if you don't trust them.
AFWall+ is also great for people who want control data usage of their phone which is very useful if you have limited mobile bandwidth or don't want it to be used without your knowledge.
(Looks like you like Opera Max, so this is another way, if anyone is interested):
Since you're rooted, you could look into using AFWall+. (You have to join the beta program to get the latest version.) This app lets you control which app connects to the internet (via WiFi or cellular) and for more advanced IPtables rules too. Works great.
That's all good advice, I would also include a firewall like:
I don't use gapps also, google is no better that xiaomi.
That's why a I love roms like lineageos, where I can really decide what I want in my phone.
I use AFWall on my kids tablets. It requires root, but it lets me give them access to PBS Kids, Disney, NickJr and Netflix while keeping them from web browsers, the play store, etc.
I feel like calling android a rootkit is really stretching the definition. (ignoring the facebook rootkit which... It's buggy, shitty, slow as fuck, spyware. It's not a rootkit).
I mean, I get it, words have emotion attached to them beyond their meanings. When Sony, the company looking to nanny state the world went and boldly innovated in malware, the emotion of that act feels comparable to all the smartphone manufacturers colluding with facebook to forcibly spy on their customers.
I just object to that style of discourse.
anyway. You CAN remove these with root (though it's bullshit you need root to do this). And rooting lets you install stuff like AFwall [link] . You do have to wipe your phone to enable root however :(.
It's nothing super complicated. I use this:[link]
And my openVPN.
Inside of AFwall+ I made four profiles, one that blocks everything. One that allows only maps/waze, telegram and a couple other messaging programs. Stuff I want to run over data goes here as well.
Another that only allows apps to go through a VPN. But this one only checks if you're on vpn or not - wifi and mobile data settings are ignored. So If you have an app blacklisted from mobile data, but authorized by VPN it'll connect when the vpn is active - even if you're on data.
And the last was pretty much those same apps, but on the general wifi/data.
There was a long list of apps I just didn't allow to have access to data period. Games, ad driven junk, etc. Also anything I was test driving.
I'd use Tasker to swap between them - have it check the connection status and toggle to the appropriate AFwall+ set of rules accordingly. If I was at home it'd kick off my vpn and flip me over to the "at home" list.
If I was on wifi that wasn't my home SSID, it'd flip to the vpn only set of rules and then start openvpn with my default connection.
Worked pretty well. I've upgraded my ROM since then and learned that since AFWall+ blocks things by UID and those are different on this install I will have to reconfigure everything.
If you have xposed installed AFWall+ also has a module for that. Gives it more control. I was just rooted though.
Nice one, thanks didn't know that.
Don't forget XPrivacyLua and AFWall+ both freaking usefull when combined.
Any decent firewall app could handle that task.
unrooted: AdClear VPN Firewall/ad-blocker
> The source code coming from the apps on that site have no such thing.
Why did you delete your comment with the sketchy AF link, and where the heck is the source code on that site? I could not find it, and none of the links on the page when I looked actually worked.
> The ads can be removed with an adblock
Definitely, using something like AFWall+ would be a reasonable thing to suggest. Recommending a hacked copy of an app, esp. when said app contains heavy crypto and has no automated update mechanism (cause Google Play can't update it) is how a situation where malware and patched vulnerabilities persist for years after an app is sideloaded.
TL;DR: Don't sideload apps, use Google Play or F-Droid. Anything else is insecure and likely malware.
Thats called firewall.
Afwall+ needs root but netguard does not.
Are you here to rant or ask for help? Can't tell.
If you want help:
I'm not aware of any booster apps, though if you want you can try using firewall apps. Grant internet access to only those apps who need it.
If you are rooted try AFWall+ and if not rooted try NetGuard - no root firewall
AF firewall does this. You can individually mark which applications have no internet access. Only catch is it needs root.
This one doesn't need root, but I haven't tried it. It claims to also have the ability to individually block internet access to apps.
If neither work, try another firewall app in the play store.
My Nexus 6 is rooted and I've had no issues at all with any of Fi's features. WiFi Calling works, the carrier switching does too, as well as the Fi VPN.
Since you're rooted, if you'd like to reduce your data usage as much as possible, I recommend using AFWall+ if you're not already. This one doesn't interfere with Fi's VPN service since it's running in the background and not using an Always On VPN, unlike most other data-blocking apps for non-root users, such as NetGuard
Completely optional, of course.
I root mainly because I frequently roaming internationally (within the EU), and with root I can use AFWall, which lets me chose which apps can use data while roaming and which don't.
Losing that would cost me tens of Euros per month.
Here's a list of mentioned root apps and Xposed modules with descriptions, I'll be updating the list.
AdAway: block ads using hosts file
AFWall+: restrict apps from accessing access your data networks
Amplify: save battery by controlling how often and how long your device can wake up
Autostarts: disable unwanted app autostarts
BetterBatteryStats: find apps causing battery drain and measure the effect of corrective actions
BusyBox / Pro: BusyBox installer and uninstaller
Cerberus: anti-theft with control through Cerberus' website and SMS, automatic alerts, and more
CF.lumen: adapt screen color based on time or custom configuration
cSploit: network analysis and penetration suite
Custom Quick Settings: add app links, web links, and custom toggles to your quick settings
Doze Settings Editor: edit settings or parameters which affect the operation of Doze
FlashFire: flash firmware packages without custom recovery
Flashify: flash boot.img, recovery.img, and zip files without needing to go to recovery
Greenify / Donation Package: identify and hibernate misbehaving apps when you're not using them
Kernel Auditor: manage kernel parameters
EX Kernel Manager)
Layers Manager: manage Layers on compatible ROMs
LiveBoot: boot animation that shows you logcat and dmesg outputs on-screen as they happen
Lucky Patcher: remove ads, modify apps permissions, backup/restore apps, bypass premium app license verification, and more
Material Terminal: Terminal Emulator for Android but uses material design
MultiROM Manager: install or update MultiROM and its recovery and kernels (device specific XDA threads in the description)
SCR Screen Recorder: record your screen and system audio
Secure Settings: plugin for Locale/Tasker that adds more features
Simple Reboot: adds reboot, recovery, bootloader, soft reboot, and safe mode to your power menu
Solid Explorer File Manager: file explorer and cloud manager (alternative: Root Explorer)
Textdroider DPI: change DPI settings
Titanium Backup / PRO: backup, restore, freeze apps and more (alternative: oandbackup)
ViPER4Android: audio enhancement
Wakelock Detector / FULL PACK: detect battery draining apps using wakelock usage history
WiFi Key Recovery: recovery passwords for networks you've connected to
WifiKill: disable internet connection for devices on your network, for Android 4.x
Xposed: framework for modules that customize/add Android functions
Android N-ify: framework for modules that customize/add Android functions): adds Android N features to LP and MM
DirectAPKInstall: install APKs without enabling "unknown sources"
Flast Style Colored Keyboard: change Google and Swype keyboard colors, change colors per app with PRO
GravityBox KK / LP / MM: tweaks for vanilla AOSP ROMs
MinMinGuard: block ads inside apps and remove blank space left by ads
No Lock Home: bypass lockscreen when connected to your trusted WiFi AP
XInsta: download Instagram photos and videos
XNotifications: control notifications behavior in many aspects
XPrivacy: restrict what data apps can access by feeding apps no data or fake data
But would be nice if it was built in the system. Definitely.
This is the one I have been using for the last few years. Very good. [link] The trick is you need to root your device.
As /u/Buttholehemorrhage ^^(yikes!) says, this is Facebook Graph, which is how apps and websites communicate with Facebook, both for ad reasons and for user data. A LOT of apps will be using this API.
>Is there a way to see what app called it?
There are ways, but they aren't necessarily "easy". You~~'d likely~~ don't need a rooted phone, ^(~~but I'm not certain on this and if there is a way without root, support probably varies by Android version~~) ~~and then~~ but if you have one, you can monitor the sockets on your phone using a number of tools, including command line tools from Busybox or an application firewall like AFWall+.
Edit: It would seem that NoRoot Firewall and NetGuard might be able to support filtering by app without having a rooted phone. You can block Graph from there.
>which apps you're using to protect your privacy?
- (root required) firewall app
AdAway - (root required) HOSTS file manager, can block tracker servers
Wi-Fi Privacy Police - prevents your smartphone or tablet from leaking privacy sensitive information via Wi-Fi networks. (Was on the Google Play store, but I just found out that it has been removed there.)
AppOpsXposed - (root required) app permission manager, for Android versions that don't have one
<strong>AdAway</strong> (root required) - an ad blocker that uses the hosts file (not on Play Store; link brings you to F-Droid)
<strong>AFWall+</strong> (root required) - restrict which applications are permitted to access your data networks (2G/3G and/or Wi-Fi and while in roaming). Also you can control traffic within LAN or while connected through VPN. [F-Droid link]
<strong>K-9 Mail</strong> - e-mail client supporting multiple accounts, POP3, IMAP and Push IMAP [F-Droid link]
<strong>FreeOTP</strong> - two-factor authentication (2FA) application for systems utilizing one-time password protocols (OTP) [F-Droid link]
<strong>OpenKeychain</strong> - encrypt files and communications with OpenPGP [F-Droid link]
AFWall might be what you're looking for
Any firewall app can block other apps from Internet access. A decent ad-blocker can stop ads to apps that need Internet access.
I don't like that it's using data for texts, either. I've had a few instances where I don't have any data, and find myself unable to send or receive any texts. Plus, I tend to block data usage with AFWall+, and blocking the data-hungry (on my phone at least) Google Play Services, Google Account Manager and Google Services Framework also prevents Hangouts from receiving messages, while Messenger (and any other texting app) still receives them regardless.
One thing that I'd really love to see that would make me reconsider is if incoming messages via Project Fi are registered as actual SMS by the system, meaning apps that are designed to respond to those fire off like normal. This means things like Google Now being able to read you your last text message, the conversation coming up in the Contacts app, Tasker and Touchless Chat being able to auto-respond, etc etc.
Also, sometimes I send text messages via Touchless Chat and Tasker, and they both send them in the background, making them send as regular SMS messages and therefore they don't sync. It'd be pretty nice that if you've integrated into Hangouts, any and all SMS requests are intercepted by the system and sent via Project Fi rather than the cell network, that way they sync across devices.
If Project Fi integration behaved that way, I'd go back to it immediately and wouldn't care about the data usage, never looking back to regular texting apps :P
Are you rooted?
If so (iptables):
If not (local VPN):
AFWall+, though it requires root
I just use afwall+ ATM for essentially this purpose. No Netflix, YouTube or music over 3g on accident for me
AFWall+ kind of does this, I believe. But it tends to break things when I block certain apps from having network access.
Afwall+ (requires root)
Note that I have only tried Afwall+ and I have never tried creating custom rules with it. I used just to allow/deny apps internet access. YMMV.
Network Log (requires root)
Edit:Added some apps
I used to have a h815 running LineageOS until one day it bootlooped itself to death thanks to the hardware fault. Looks like Lineage don't maintain the official h815 builds anymore so even though you could install it you'd be left with unpatched vulnerabilities.
Rooting actually makes your device less secure as you basically defeat the sandbox that prevents changes the system partition. If you install (intentionally or unintentionally) an app that manages to exploit privilege escalation then it has free reign over your device. Even if the apps you use with root permission are "safe" they can mess up the integrity of the system partition.
Seeing as you have root access I'd consider AFWall+ a good choice. Also get a system app remover and delete bloatware/unused apps from your device (take a backup before doing this though). A safer option is to keep the apps but deny their network access with AFWall+. Use F-Droid/Yalp as a replacement for Google Play.
AdAway y AfWall y listo. Eso sí, necesitás root.
De todas formas quería la versión full de Chronus.
AFWall+, it is available through the Play Market and on F-Droid.
On a rooted phone you could restrict mobile data access of your apps with a firewall like AfWall+.
You could use a firewall app to prevent it from accessing WiFi or cellular Internet.
It's harder to advice properly as you forgot to state your Android version/rooted/xposed?
Can't really advise on Netguard as it uses a VPN so a big no-no.
Whilst I believe Tasker can natively block per app internet access, you may find it easier using a firewall with Tasker integration such as AFWall+
Else, you can restrict notifications with AutoNotification
Else, you can play with Notification Channels in Tasker.
Else, you can completely disable apps with Tasker integrated apps like Ice Box or natively in Taskers Run Shell pm disable com.package.name
Else, other solutions to try.
I've tried all 4 and they're all competent enough to do what you want. AFWall+ and NoRoot Data Firewall are the easiest to use. NetGuard is the least intuitive.
AOSP mit root um die Firewall und den Werbeblocker zu betreiben. Rest mach ich mit der brain.apk, living on the edge.
So its the same as AFWall+ for rooted phones?
Link for the lazy.
Or, root your phone and install AFWALL and control which apps have internet access.
If you are rooted there are firewall apps that can do exactly that.
Look into firewalls like afwall+ (root) or netguard (no root) and if it needs internet access then xprivacy (root).
I use [link]
It works stunningly well.
If you are rooted, you can use AFWall+ to restrict mobile data for the app.
You need to be rooted and use a firewall like Afwall
Anyone concerned about QP should already have it.
afwall+ (needs root)
Depending upon how you configure your smart phone. (AFwall+)
Developer of AFWall+ and Micopacks
AFWall+ -> iptables based firewall -[link]
Micopacks -> Manage your icon packs easily
I don't see that it's really up for debate, it is unequivocally spyware. The word has no meaning if it doesn't apply to software which sends back information on you without your permission.
Fortunately for me, there exist options to deal with it. Both on the internet and on my cell phone.