By default Android allows all connections of all your applications to the Internet without imposing limitations. This, although at first glance seems practical (for example, we should not worry about granting explicit access to certain applications or opening ports for the connection) also has many disadvantages since, for example, any application will connect to its own servers and will that does not interest us for certain reasons.
There are many applications that work as a firewall or firewall for Android, some free and others for payment. In this tutorial we are going to talk about AFwall +, a firewall for our free Android device, without advertising and open source.
The first thing we should do is download the application from the Play Store . It is also available in other app stores such as F-Droid, an application store specially designed to offer only free open source applications for Android.
Once downloaded and installed, we execute it. We will request Root permissions (since the ip tables are protected by the system), we grant it and we will see the main window of the program.
We can highlight 3 parts in this window:
- Title: the top part of the window.
- Mode: just below title.
- Applications: the largest part of the window.
The first thing we must adjust is the “Mode” section. We can select a whitelist (block all applications and allow only selected ones) or a blacklist (all connections are allowed except those selected).
The best option is to select the blacklist, that is, allow access to the Internet to all applications except those that we want to block manually. The white list, although it offers a greater privacy, can give problems with Android since if we prevent access to the Internet to certain modules we can cause instability in the system.
We select the blacklist and it is time to choose the applications that we will block and what we will allow.
We can see 3 frames in each application. Each one is used to block the Internet connection of a certain network (Wi-Fi, Data, Roaming).
- The first square will block the connections of the marked applications in Wi-Fi networks within a LAN
- The second box will block the connections of the applications in a Wi-Fi network.
- The third box will block the connections through the data network.
The only thing we must do next is to select the applications that we do not want to connect to the Internet through these interfaces, for example, games can block them so they do not connect from the data network (and not consume traffic in a useless way ) and allow other applications that only connect through the data network instead of the Wi-Fi network.
If we select all the boxes the application will be completely blocked and will not generate any traffic in the network.
Once the applications have been selected, the only thing left is to activate the firewall. Open the menu and select “Enable Firewall”. Automatically apply the specified rules to the firewall of our Android device and from the next reboot of the device these rules will take effect.