How to install and use AFWall+ Android firewall

Do you know who your phone is communicating with? It's not just sending and receiving emails and text messages like you think.

Research has shown that Android devices, when not in use, still contact Google about 900 times a day, and most of the apps you install record information about your daily usage habits.

Firewalls can help you limit this problem, one of the best Android firewall apps is AFWall+.

What is AFWall+?

AFWall+ is a free, open-source firewall for rooted Android devices. It gives you full control over which apps can connect to the Internet and which connections they use. You can download AFWall+ from the Play Store .

When running for the first time, AFWall+ will ask for root access. Without root, the firewall will not be able to function.

AFWall+ User Guide

The application that needs to access the Internet will be displayed with an icon on the left and a name on the right, with 3 empty columns in the middle. By default, these columns will be a list of LAN, Wi-Fi and mobile network connections. This allows you to choose the connection type for any application.

First, let's set some options to unlock the full features of AFWall+. To see all the options, tap on the 3 dots icon in the right corner to open the main menu, tap on Preferences and choose as you like.

User interface options

To easily differentiate between core, system, and user apps, tap Show filters . Select Show UID for apps to see the unique identifiers for your apps. By selecting Confirm AFWall+ disable , the submenu also lets you enable a warning if AFWall+ is disabled as a security measure.

Rules/Connections

Here you can enable additional connection controls for roaming, LAN, VPN, tethering, and Tor by checking each option. It's best not to change the iptables chain settings unless you're familiar with them.

Log

Click Turn on log service . This option is useful when you want to check if AFWall+ is working or if there are any errors. Click Enable show toasts to receive notifications whenever the connection is blocked.

Security

You can set a password, passcode, or fingerprint lock to prevent malicious apps or others from breaking into your firewall. Enable stealth mode to hide your passcode when you enter it, and specify the maximum number of passcode attempts before the app locks itself.

Experiment

Experimental options give you more precise control:

• Startup delay will be useful when AFWall+ doesn't work after reboot.
• During startup, some apps may upload data before AFWall+ sets the rules. Select Fix startup data leak to allow AFWall+ to block this issue.
• If multiple people use your device, select Enable multi-user support to enable AFWall+ for other accounts.
• Tools like Shelter will allow you to create Sandbox apps or run cloned versions.
• Select Dual apps support to enable connection control for cloned apps in addition to the main version.
• There are some apps that may require a LAN connection like Samba or AirDroid. Select Enable inbound connections if you are having trouble connecting between the network and the device.

File

AFWall+ allows you to configure profiles with custom app connections for use in different scenarios. For example, you can set up a specific profile to use when tethering your device to use as a hotspot. Additionally, you can set up profiles to allow or block all apps when enabled.

How to Prevent Android Apps from Connecting to the Internet

On the AFWall+ home screen, you'll see a few new features.

On the connection controls section, there is a filter option that allows you to view all applications or show only error, system or user applications. This option is suitable for defining blocking policies and for troubleshooting.

Additionally, the connection bar also displays controls like roaming, VPN, Bluetooth, or USB.

By default, AFWall+ will block everything and only allow the apps you choose to use the connection. However, you can easily toggle the Allow selected and Block selected options by tapping the three-line icon .

To allow an application to connect to the Internet, check all the connection boxes you want to access.

How to enable firewall

Once you have set some rules, you can save and enable the Android firewall.

Select the three dots icon in the right corner, click Save > Enable firewall . You will receive a message confirming that the firewall has been enabled. This does not require a reboot. You can change the settings at any time and click Apply to apply the rules.

Tools to troubleshoot application errors

AFWall+ offers a lot of ways to manage apps beyond filters and options.

If you select the three-line icon, you can choose to list apps by name, install or update date, or by UID.

If you want to allow all applications to use only one type of connection or block all, click on the connection icon to get the menu as shown below, here check or uncheck to adjust the connection status of the applications in the column.

Click the circular settings icon at the end of the connection bar to reverse the status of all applications in any connection column.

Another feature allows you to copy configuration from one column to another.

What should be blocked?

So what should you block to keep your device working properly?

Depending on your needs, AFWall+ can help you block everything except apps that have a “legitimate” reason to access the Internet, such as web browsers, email, or messaging apps. However, for everyday use, this setting can seem a bit overwhelming.

Most users should allow network access for Google Play services, downloads, media storage, or Download manager.