• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

[5.0+][ROOT][3.5.2] AFWall+ IPTables Firewall [16 May 2021]

Search This thread

ukanth

Recognized Developer
Nov 30, 2010
1,528
5,271
Nexus 7 (2013)
OnePlus X
Welcome to official support page for AFWall+

Disclaimer - As Usual. I'll not take any responsible if something goes wrong when using AFWall+

Introduction
AFWall+ is an improved version of DroidWall(front-end application for the powerful iptables Linux firewall). It allows you to restrict which applications are permitted to access your data networks (2G/3G/4G/LTE and/or Wi-Fi and while in roaming).Since the original author of Droidwall
discontinued the project, I decided to keep the app instead of Avast Firewall. I'll continue to add more features as I can.


Features
- Supports 5.x to 11.x
- Import/Export Rules to external storage
- Search Applications
- Multiple Profiles with custom names
- Tasker/Locale support
- Select All/None/Invert/Clear applications with single click
- Revamped Rules/Logs Viewer with copy/export to external storage
- Ability to view the network interfaces
- Highlight system applications with custom color
- Notify on new installations
- Ability to hide application icons( faster loading )
- Use LockPattern for application protection.
- Show/Hide application ID.
- Roaming Control for 3G/Edge
- VPN Control
- LAN Control
- Tether Control
- IPV6 Control
- Tor Control
- Choose able languages
- Choose able iptables/busybox binary
- Supports MIPS/x86/ARM
- DNS Hostname

Changelog - See third Post
Current Version - 3.5.2

To get Unlocker without Google services - Please follow the instructions here

AFWall+ BETA Program
1) AFWall+ opt-in for beta program
2) Install AFWall+ and If you have any issues, just send email from (Menu -> Firewall Rules - > Send error report)

Source Code/Wiki/FAQ
AFWall+ is an free & opensource application
Github
Log an issue
Frequently Asked Questions
Many Thanks to @CHEF-KOCH

Translations
Translations - Please help me with translations in your language.
http://crowdin.net/project/afwall

Thanks To/Credits
- German translations by [email protected] & [email protected] & [email protected]
- French translations by [email protected] & [email protected]
- Russian translations by [email protected] & YaroslavKa78
- Spanish translations by [email protected]
- Dutch translations by [email protected]
- Japanese translation by [email protected]
- Ukrainian translation by [email protected]
- Slovenian translation by bunga [email protected]
- Chinese Simplified translation by [email protected]
- Polish translations by tst,Piotr [email protected]
- Swedish translations by [email protected]
- Greek Translations by [email protected]
- Portuguese translations by [email protected]
- Chinese Traditional by [email protected]
- Chinese Simplified by wuwufei,tianchaoren @ crowdin
- Italian translations by [email protected]
- Romanian tranlations by [email protected]
- Czech translations by Syk3s

Cheers,
ukanth

XDA:DevDB Information
AFWall+ [ IPTables Firewall ], App for the Android General

Contributors
ukanth
Source Code: https://github.com/ukanth/afwall


Version Information
Status:
Stable
Current Stable Version: 3.4.0
Stable Release Date: 2020-02-09
Current Beta Version: 3.5.0-BETA1
Beta Release Date: 2020-09-05

Created 2013-12-03
Last Updated 2020-09-05
 

Attachments

  • logs.jpg
    logs.jpg
    59.5 KB · Views: 41,322
  • main.jpg
    main.jpg
    80.1 KB · Views: 42,219
  • menu.jpg
    menu.jpg
    65.1 KB · Views: 40,792
  • mode.jpg
    mode.jpg
    54.3 KB · Views: 38,791
  • preferences.jpg
    preferences.jpg
    78.8 KB · Views: 38,413
  • Profile.jpg
    Profile.jpg
    71.9 KB · Views: 37,186
  • rules.jpg
    rules.jpg
    99.7 KB · Views: 37,077
  • search.jpg
    search.jpg
    83.4 KB · Views: 35,507
  • 20140117_082541.jpg
    20140117_082541.jpg
    33.5 KB · Views: 34,162
Last edited:

ukanth

Recognized Developer
Nov 30, 2010
1,528
5,271
Nexus 7 (2013)
OnePlus X
Version 3.0.1

* Fix: Status toggle widget 1x1
* Fix: Ability to hide ongoing notification (Stop firewall and restart to hide after disable it in preferences)
* Fix: Firewall error notification on oreo and above
* Security: Tile toggle checks for password
* User reported crashes
* Updated translations

Previous version 3.0.0

Features:
* Better support for nougat/oreo and pie.
* Firewall toggle tile
* Adaptive Icons
* Notification channels
* Tor support

Bugs:
* General bug fixes and crash reports.
* Language selection bug
* Filter selection bug
* Compatible with magisk 17.x
* Better handling of background process
* Drops support for 4.x devices
* Update languages
* Updated libraries

Complete Changelog

 
Last edited:

ukanth

Recognized Developer
Nov 30, 2010
1,528
5,271
Nexus 7 (2013)
OnePlus X
Great, I have been waiting for someone to take over and update best firewall for our phones. Anything that we should now about this release in particular?

Sent from my HTC Sensation Z710e using Tapatalk 2


Thanks for feedback... I've updated the second post for changelog.
Please check the same.


Sent from my HTC Desire
 

vault1965

Senior Member
Dec 13, 2010
515
115
Bergamo
Samsung Galaxy S20 FE
It works fine, but highlights in red makes it difficult to read. Maybe it would be better just to have red font for system apps without highlight. Of course, this is only cosmetics. Will post further as I use it now as main firewall.

Sent from my HTC Sensation Z710e using Tapatalk 2
 

CHEF-KOCH

Senior Member
Jan 2, 2012
451
236
here are some fr

Hey, very good app. I like apps that doesn't consume much resources on my devices and that's why i prefer this app here.

Here are some feature requests, i know the list is pretty big but most of them are important:

* translation support (e.g. to translate the app into german)
* google play store support (when the app are nearly "final")
* saving/loading profiles
* select all / select none / invert selection
* backup and restore rules (the most important point for me)
* IPv6 support (also vey important)
* Tasker/Locale Integration
* Orbot (Tor) support (because of some problems to connect into it)
* an Option for SSL/TLS only connection
* tablet interface support
* special rules for VPN



Here are some bugs or problems i found (some of theme are small and easy to fix i think)
* Apps can bypass droidwalls whitelist if started before droidwall upon boot
* On Jelly Bean the user interface looks different (a picture above explain it better), maybe remove the black background and the red one, and make it so that only the text have different colors and not the background
* The Widget needs to much space, the icon takes 4x1 for me (see screenshot)
* The notification about new apps only show one, but if you install right after that another app nothing was shown up
* In the help dialog there is an google code link, seems that that link does not work maybe you change this to the github repro

Thank you for that great app!
 

Attachments

  • Screenshot_2012-10-27-13-18-23.jpg
    Screenshot_2012-10-27-13-18-23.jpg
    34.2 KB · Views: 12,143
  • Screenshot_2012-10-27-13-39-31.jpg
    Screenshot_2012-10-27-13-39-31.jpg
    30.4 KB · Views: 11,805

ukanth

Recognized Developer
Nov 30, 2010
1,528
5,271
Nexus 7 (2013)
OnePlus X
Thanks for the list.I fixed the following issue, please get the latest apk ( fixed along with vault1965 issue) . I've been using DroidWall for last 2 years and most of the issues that you reported was in my mind.

I'll set up the github with issue tracker, so that we can track the progress better.

"On Jelly Bean the user interface looks different (a picture above explain it better), maybe remove the black background and the red one, and make it so that only the text have different colors and not the background"
 

crancker

Senior Member
Sep 29, 2012
81
28
great

Omg this is so cool. I was looking for a great firewall application since I switched from MIUI to Cm10 on my defy. Keep up the good work. :)
 

gogyly

Senior Member
May 5, 2012
588
199
Kraljevo
Hi, just downloaded your app. Im glad that someone work on this perfect firewall. Will try it and see whats new. Couse my beta miui have no working firewall. Cheers
Edit : i' got constant fc on v1.01.

Sent from my LG-P350 using xda premium
 
Last edited:

mx828

Senior Member
Sep 29, 2012
61
9
Running cm10 nightly and it only force closes on me. Even after i uninstalled droidwall and reinstalled your apk. Looks very promising hope the problem is fixed and thanx for the app. :)
 

Top Liked Posts

  • There are no posts matching your filters.
  • 3
    I am using the build-in VPN with IPsec XAUTH PSK to communicate with my FritzBox Modem/Router. In fact I just want to access all services as I would be at home, especially my mediathek and live TV apps (Zapp, MTCast, ZDF mediathek ....).
    And I do have the AFWall. Without that it seems I don't have problems. But with active AFWall it is strange.
    As stated before I use for rules LAN, WIFI and 4G. LAN only for apps that should be controlled inside my network (as Heater, who don't have to access to outer world).
    For a comparison I set my terminal so that I can ping the address and than used same setting for my TV app. But that doesn't work.
    First and most important question: Do I need the VPN setting in AFWall if I don't want other rules than lets say WIFI?
    What happens If I once set rules in VPN setting and disabled that again? Does the rules keep active and will just not displayed?
    As far as I'm aware, in Android VPN is global. So once you establish a VPN connection, everything has to go through it.

    In AFWall+, you need to enable your VPN app for wifi or mobile access, and you need to enable the apps for VPN access that you want to be able to connect through the tunnel, regardless of how the tunnel is connected.
    3
    Sorry, I totally do not understand what you want to tell me. Could you explain it another way?

    Is it now possible to allow/block inbound/outbound connections per app or not?

    By "items", do you mean other apps?

    I want to block outbound connections (unwanted tracking my data) from certain apps (e.g. Weather app) but allow inbound (weather data).
    What you want doesn't exactly work the way you think.

    A weather app (for example) that receives weather data from the internet doesn't just leave an open port waiting for an inbound connection with weather data. The weather data server would have no way of knowing the app is waiting for the data, and no way of knowing where to send it.
    The way it usually works is that the app either subscribes with the server first or simply polls the server for data at defined intervals. Both methods require that an outbound connection from the app to the server be established before data is received.

    AFWall is designed to block outbound connections only.

    When you block an app in afwall (either by leaving the app unselected in whitelist/allow selected mode, or by having the app selected in blacklist/block selected mode), the result is that the app is unable to establish an outbound connection, which in most cases means that there is also no way for an outside entity to know where the app may be listening for an inbound connection, so no inbound connection will occur. (this of course does not protect you from an attacker enumerating open ports on your device and exploiting a vulnerable app with an open port).

    Note that android os itself (depending on rom and version) may have it's own protections against unauthorized inbound and/or outbound connections, regardless of afwall installation.
    2
    It depends :), why do you use VPN and how routing table is configured and what do you want to reach.
    Do you want to access your home computer? Do you want access internet from your mobile device via your home router? Which VPN software do you use and what is your goal? I use VPN, bit can't aswer your question yet. Describe more your situation.
    1
    If the developer sends me the apk, I guess I can't update it via f-droid, right?
    Then I would have to manually check for updates because there is no auto update checker/reminder?
    No, these are two different apks.
    You can install the main apk from F-Droid and get it updated from there. For the paid version you receive a second apk (AFWall+ Unlock Key) from the developer which turns your installed apk into the donation version.
    1
    Yes, I even already installed LSPosed and was ready to go for XPrivacyLUA (I have used the old XPrivacy before) when I read this from the GrapheneOS lead developer:


    Source: Reddit

    Now I'm in doubt if there is any sense in using it.. :/
    Could be right, but 99 % (even less) is better than 0 % effectiveness. With the combination of 1) AfWall, 2) where ever possible using an FOSS app from f-droid and 3) restricting the apps with XPrivacyLua I feel much safer than if ignoring these measures. As mentioned, I *feel* safer, maybe I am wrong.
  • 386
    Welcome to official support page for AFWall+

    Disclaimer - As Usual. I'll not take any responsible if something goes wrong when using AFWall+

    Introduction
    AFWall+ is an improved version of DroidWall(front-end application for the powerful iptables Linux firewall). It allows you to restrict which applications are permitted to access your data networks (2G/3G/4G/LTE and/or Wi-Fi and while in roaming).Since the original author of Droidwall
    discontinued the project, I decided to keep the app instead of Avast Firewall. I'll continue to add more features as I can.


    Features
    - Supports 5.x to 11.x
    - Import/Export Rules to external storage
    - Search Applications
    - Multiple Profiles with custom names
    - Tasker/Locale support
    - Select All/None/Invert/Clear applications with single click
    - Revamped Rules/Logs Viewer with copy/export to external storage
    - Ability to view the network interfaces
    - Highlight system applications with custom color
    - Notify on new installations
    - Ability to hide application icons( faster loading )
    - Use LockPattern for application protection.
    - Show/Hide application ID.
    - Roaming Control for 3G/Edge
    - VPN Control
    - LAN Control
    - Tether Control
    - IPV6 Control
    - Tor Control
    - Choose able languages
    - Choose able iptables/busybox binary
    - Supports MIPS/x86/ARM
    - DNS Hostname

    Changelog - See third Post
    Current Version - 3.5.2

    To get Unlocker without Google services - Please follow the instructions here

    AFWall+ BETA Program
    1) AFWall+ opt-in for beta program
    2) Install AFWall+ and If you have any issues, just send email from (Menu -> Firewall Rules - > Send error report)

    Source Code/Wiki/FAQ
    AFWall+ is an free & opensource application
    Github
    Log an issue
    Frequently Asked Questions
    Many Thanks to @CHEF-KOCH

    Translations
    Translations - Please help me with translations in your language.
    http://crowdin.net/project/afwall

    Thanks To/Credits
    - German translations by [email protected] & [email protected] & [email protected]
    - French translations by [email protected] & [email protected]
    - Russian translations by [email protected] & YaroslavKa78
    - Spanish translations by [email protected]
    - Dutch translations by [email protected]
    - Japanese translation by [email protected]
    - Ukrainian translation by [email protected]
    - Slovenian translation by bunga [email protected]
    - Chinese Simplified translation by [email protected]
    - Polish translations by tst,Piotr [email protected]
    - Swedish translations by [email protected]
    - Greek Translations by [email protected]
    - Portuguese translations by [email protected]
    - Chinese Traditional by [email protected]
    - Chinese Simplified by wuwufei,tianchaoren @ crowdin
    - Italian translations by [email protected]
    - Romanian tranlations by [email protected]
    - Czech translations by Syk3s

    Cheers,
    ukanth

    XDA:DevDB Information
    AFWall+ [ IPTables Firewall ], App for the Android General

    Contributors
    ukanth
    Source Code: https://github.com/ukanth/afwall


    Version Information
    Status:
    Stable
    Current Stable Version: 3.4.0
    Stable Release Date: 2020-02-09
    Current Beta Version: 3.5.0-BETA1
    Beta Release Date: 2020-09-05

    Created 2013-12-03
    Last Updated 2020-09-05
    70
    Version 3.0.1

    * Fix: Status toggle widget 1x1
    * Fix: Ability to hide ongoing notification (Stop firewall and restart to hide after disable it in preferences)
    * Fix: Firewall error notification on oreo and above
    * Security: Tile toggle checks for password
    * User reported crashes
    * Updated translations

    Previous version 3.0.0

    Features:
    * Better support for nougat/oreo and pie.
    * Firewall toggle tile
    * Adaptive Icons
    * Notification channels
    * Tor support

    Bugs:
    * General bug fixes and crash reports.
    * Language selection bug
    * Filter selection bug
    * Compatible with magisk 17.x
    * Better handling of background process
    * Drops support for 4.x devices
    * Update languages
    * Updated libraries

    Complete Changelog

    41
    Hello All,

    After careful analysis and testing, I decided not to rewrite the way rules are being applied due to lot of under hood changes required. Instead added few enhancements. Now applying rules from menu will show how many rules are getting applied with progress status. Also when adding/removing few rules , it will apply only those related rules instead of full apply.

    Also fixed couple of bugs and enhancements. You can get the full changelog from https://github.com/ukanth/afwall/blob/beta/Changelog.md

    This is BETA Version which is not released on playstore. I have been using this for past week and it's stable. But there might be bugs which I haven't encountered. Please test it and report it in case of any issues.

    Also I have been following XPrivacy thread on the decision by it's author. Just as FYI, I might fix it for my own usage when I update to nougat, I will share it here if anybody uses it here.

    BETA Link - https://www.dropbox.com/s/isvi413qyx6vb4d/AFWall+ 2.9.7-BETA-TESTER.apk?dl=0
    40
    Hello everyone,

    I have released 3.0.0 stable on playstore today. It's been a crazy month so far. After going through lot of dilemma of whether to support the existing afwall or write a new one from scratch, finally able to pull myself and release stable version of afwall with lots of bug fixes and new features along with pie support. Since I don't do full time Android development, it was hard to keep track of what's going on with sdk level changes.

    Thank you all for your support in AFWall+ development. Without your support it would simply not possible to pull through this.

    I will be out for couple of days ( taking off to spend time with my family ) and hopefully will be able to reply to questions once back.

    Thanks again and have a great day.
    35
    Hello everyone,

    I have released stable version of 3.1.0 to playstore and github. Its live on playstore. You can find the changelog along with md5/sha here

    https://github.com/ukanth/afwall/releases/tag/v3.1.0

    Thank you all for your continuous support in AFWall+ development.