Firewall Software for Android ?

  • Be sure to checkout “Tips & Tricks”
    Dear Guest Visitor → Once you register and log-in:

    This forum does not automatically send notices of new content. So if, for example, you would like to be notified by mail when Steve posts an update to his blog (or of any other specific activity anywhere else), you need to tell the system what to “Watch” for you. Please checkout the “Tips & Tricks” page for details about that... and other tips!

    /Steve.
  • Larger Font Styles
    Guest:

    Just a quick heads-up that I've implemented larger font variants of our forum's light and dark page styles. You can select the style of your choice by scrolling to the footer of any page here. This might be more comfortable (it is for me) for those with high-resolution displays where the standard fonts, while permitting a lot of text to fit on the screen, might be uncomfortably small.

    (You can permanently dismiss this notification with the “X” at the upper right.)

    /Steve.

Intuit

Active member
Dec 27, 2020
34
7
Coming from Windows Mobile, I am completely new to Android. (busy stripping OEM crap out of my new phone now)

Anyway, my question is, do you have experience with firewall products that perform like these?
That means, an ability to review logs and tailor rules without stupid restrictions.

I've had some experience with other Windows products that literally ignore and/or rewrite rules on errant assumptions such as, users won't know what they're doing or/and don't want to block their own phone-home traffic. Nothing annoys me more than products like those.

Thanks.
 
Last edited:

Intuit

Active member
Dec 27, 2020
34
7
Interesting; thanks. I'll have to learn IPTables. (been putting that off for awhile LoL) Ooh... look'n it up now https://app.itpro.tv/course/linux-xk0004/filtering-trafficiptables ...

1613848721265.png
 

pmikep

Well-known member
Dec 26, 2020
57
8
I should have added that, in order to use AFWall+, you have to be rooted. (I kinda assume that everyone in this forum roots their Android phones.)

There is a non-root firewall that I use on my (yikes) Tracfone. But it's not very good in that it won't stop google from spying on you.
 

Intuit

Active member
Dec 27, 2020
34
7
I should have added that, in order to use AFWall+, you have to be rooted. (I kinda assume that everyone in this forum roots their Android phones.)

There is a non-root firewall that I use on my (yikes) Tracfone. But it's not very good in that it won't stop google from spying on you.
Thanks for the additional info. @Barry Wallis is right. 😄 Still in the process of answering a few million questions LoL.

First thing I do with any computer from HP/Dell/Asus/Toshiba is use PnPUtil to export the drivers from the OEM O/S, format the partition, (not the drive,) go directly to Microsoft and load a fresh O/S from a bootable Flash drive. There are literally zero risks/consequences from doing this and the time required is minimal. Looking to find out whether it's possible/practical to do the same with the phone... export the OEM drivers, wipe it and install an O/S directly from Google and whether there are any risks/consequences? (not buying an expensive Pixel phone)

Not entirely firm on what it means to run rooted or how it differs from jailbreak. Obviously have more access to the file and operating system. I suspect jailbreak just refers to an ability to run unsigned apps from outside Google's App Store.
I'd imagine one can sideload unsigned code in developer mode but I guess the phone leaves developer mode the minute it's restarted; at which point those apps won't run?
The sites often discuss rooting as if it's permanent. Looking to answer whether that's necessarily the case?

Does rooted simply mean that you're running an unsigned bootloader and/or kernel?
Is it correct to say that apps running on a rooted phone won't necessarily have any more access than those on one that isn't rooted?
A rooted phone will still be able to auto-update?
 

pmikep

Well-known member
Dec 26, 2020
57
8
AFAIK, "rooting" is to Android what "jail breaking" is to Apple. The term root here comes from the Unix world, since Android is very Unix-like. (As in, "I got root.")

Some apps, like AFWall and File Managers (and an aeronautical EFB that I use) have access to "locked" files when you're rooted. So, for example, with a root-File Manager, you can go into the guts of Android and remove Google apps that Google never wanted you to be able to remove. And I - with aid from my EFB maker - can go in and hack image files to change the color/size of my ownship airplane symbol.

As for updating after rooting - sometimes yes, more often no. When they update, they tend to unroot. And then you have to go thru the root process again.

Or they can hang/freeze.

The usual path here is to install a custom ROM and update it, instead of OEM OS.

https://forum.xda-developers.com is your friend here.
 

PHolder

Well-known member
Sep 16, 2020
550
2
268
Ontario, Canada
Android isn't just like Unix, it IS Linux, just with a Java based phone UI on top. For example, on my Nexus 6P, long out of support, and stuck on Android 8, in the "About phone" page it says Android version 8.1.0 Kernel Version 3.10.73-g309d642 (gcc version 4.9.x-google 20140827(prerelease) (GCC) ) android-build@abfarm909 #1 Thu Oct 11 19:39:39 UTC 2018

That's a hella version, but that means it's based on Linux kernel 3.10.73. (For now... Google is working on their next project named Fuchsia. https://www.forbes.com/sites/barryc...roid-replacement-fuchsia-moves-a-step-closer/ )

Anyway, rooting the phone means enabling code to be able to run as root. This is a benefit, and a danger. I would NOT root my phone, because it gives the opportunity to malware to get root too.
 

pmikep

Well-known member
Dec 26, 2020
57
8
FWIW, the root app that I use always asks for Permission to grant root to apps.

I suppose malware could get around it. But, so far, none that have been reported.

In my mind, Google is a bigger threat, and is spying.

But like flying and jumping out of airplanes, ya' gotta weigh the pro's and con's. (No real pro's for jumping out of planes. But considering that the con's are very low for a static line jump, was worth doing.)
 

LikesCookies

Brian Tillman
Sep 23, 2020
14
3
I should have added that, in order to use AFWall+, you have to be rooted. (I kinda assume that everyone in this forum roots their Android phones.)

There is a non-root firewall that I use on my (yikes) Tracfone. But it's not very good in that it won't stop google from spying on you.
I've never rooted my Android phones. Don't understand why I'd want to. My wife and I both use Tracfone - she has a Galaxy A51 and I have a Pixel 4a. Each of us pays less that $20/month for our service.
 

MichaelRSorg

Well-known member
Nov 1, 2020
46
6
RouterSecurity.org
I suggest turning on Private DNS (an Android system configuration setting somewhere in the Networking section) and using NextDNS with it. You will need to setup a free account at nextdns.io. NextDNS has optional logs and you can also setup white and black lists for domains where the default behavior is not what you want. And, they defend against CNAME cloaking.

The NextDNS logs are on their website, for logs on the Android device itself, I suggest Intra, a DNS app from Google. It can be configured to use NextDNS.