[APP][6.0+] NetGuard - No-root firewall

What are you mainly using NetGuard for?

  • Reducing data usage

    Votes: 407 31.1%
  • Saving battery

    Votes: 281 21.5%
  • Increasing privacy

    Votes: 686 52.4%
  • Blocking ads

    Votes: 852 65.1%

  • Total voters
    1,308

M66B

Recognized Developer
Aug 1, 2010
23,175
47,455
263


NetGuard provides simple and advanced ways to block access to the internet - no root required.
Applications and addresses can individually be allowed or denied access to your Wi-Fi and/or mobile connection.

Blocking access to the internet can help:
  • reduce your data usage
  • save your battery
  • increase your privacy

Features:
  • Simple to use
  • No root required
  • 100% open source
  • No calling home
  • No tracking or analytics
  • No advertisements
  • Actively developed and supported
  • Android 5.1 and later supported
  • IPv4/IPv6 TCP/UDP supported
  • Tethering supported
  • Optionally allow when screen on
  • Optionally block when roaming
  • Optionally block system applications
  • Optionally forward ports, also to external addresses (not available if installed from the Play store)
  • Optionally notify when an application accesses the internet
  • Optionally record network usage per application per address
  • Optionally block ads using a hosts file (not available if installed from the Play store)
  • Material design theme with light and dark theme

PRO features
  • Log all outgoing traffic; search and filter access attempts; export PCAP files to analyze traffic
  • Allow/block individual addresses per application
  • New application notifications; configure NetGuard directly from the notification
  • Display network speed graph in a status bar notification
  • Select from five additional themes in both light and dark version

There is no other no-root firewall, except for clones, offering all these features.

This XDA thread is about using the latest version of NetGuard.
Off topic comments are allowed as long they are related to NetGuard and are in the general interest of the followers of this thread.

Discussion of purchases is not allowed here, please contact me via here instead.

NetGuard is being maintained and supported, but new features won't be added anymore.

For ad blocking, see here. Ad blocking is provide "as-is".

More information on Github:

Downloads:

Screenshots:



For more screenshots, see here.






XDA:DevDB Information
NetGuard, App for all devices (see above for details)

Contributors
M66B
Source Code: https://github.com/M66B/NetGuard/


Version Information
Status: Stable

Created 2015-10-25
Last Updated 2020-03-11
 
Last edited:

pulser_g2

Admin Emeritus / Senior Recognized Developer
Nov 27, 2009
19,538
11,594
113
So what the best setting... Use the pic U posted as a reference

Sent from my SAMSUNG-SM-N920A using Tapatalk
There's no "best" - this is subjective.

You have a list of apps, and you can choose whether or not to allow an app access to the Internet over WiFi or Mobile data.

Whether or not you want to let an app access the Internet is up to you.
 
  • Like
Reactions: 1977theone

pulser_g2

Admin Emeritus / Senior Recognized Developer
Nov 27, 2009
19,538
11,594
113
Is it (technically) possible to add "on-demand" feature ?
Maybe something close to how LBE works ... Yes/No/Don't ask again
Suggestion...
Not on a granular, per-app basis, at least right now.

NetGuard for Android works by creating a VPN service at system level. Based on your choices in the allow/deny screen, NetGuard will set up VPN rules for which apps are forced through the "VPN". The "VPN" isn't a real VPN; rather, it just sinkholes the traffic to nowhere.

The limitation here is that when creating these rules, we can only set which applications' traffic enters the VPN. We can't granularly control which requests or hosts they can talk to, on a per-app basis. It would be possible to set "for all apps" a whitelist/blacklist of IP addresses, but this would be quite different, and would likely be less useful as a firewall, and more useful as simply an "ad blocker".

The VPN interface doesn't tell us which app is trying to access the internet though - we need to set it up before-hand. There are ways to tell, but Google (or a careful OEM) could easily block those with SELinux policy updates, and the goal here is to try to get all the functionality we need without any kind of root access.
 

Primokorn

Recognized Contributor / Themer
Nov 17, 2012
11,407
7,668
253
Nice app for non rooted users.
I've just created an issue on Github though.

French translation done.

I'll try to create an icon this weekend if I have free time. Let me know if you want a specific color,... etc.
 

M66B

Recognized Developer
Aug 1, 2010
23,175
47,455
263
Nice app for non rooted users.
I've just created an issue on Github though.

French translation done.

I'll try to create an icon this weekend if I have free time. Let me know if you want a specific color,... etc.
The problem you have reported is probably caused by a broken VPN implementation in your ROM. I will look into it later this week more detailed.

I like to keep the current colors, realizing not everybody will like them, but I know from experience I can't make everybody happy anyway.

Thanks for your translation!