Android Application Firewall: DroidWall

Written 13 years ago by Mike Cardwell

If you have an Android phone and have installed more than a couple of apps on it, you should be able to relate to the following issue. You find an app which sounds interesting, you attempt to install it, and in the privileges list, it says it requires network access. You wonder to yourself, why on earth would this app need access to the Internet in order to work? You’ve then got to make a judgement call. You either install the app and hope the privilege isn’t abused, or you go without. I recently found an application which removes this problem.

The application is named DroidWall and it requires a rooted Android phone to work. When you open the app, it gives you a list of all the installed applications which have been given network privileges, and it lets you pick and choose which of them are allowed to make outgoing network connections. Not only does it do that, but it lets you specify different preferences for wifi and 3g! Perhaps you have a limited amount of 3g data on your phone contract, and you have an app which you only want to be able to use wifi?

Under the hood, it just uses netfilter/iptables. An application firewall is possible because each Android app runs under its own uid. Iptables has a module named “owner” which lets you specify per-uid rules for outgoing connections. Basically, the app requires network privileges to be installed, it thinks it has them, but when it tries to use them it fails to connect. Apps have to deal with this scenario already anyway; it’s not uncommon for an app to try to connect to a server on the Internet and fail due to network problems. An app can’t distinguish between a network connectivity problem, and DroidWall blocking it.

I don’t usually write about phone apps for the sake of it, but this one caught my attention. I can’t imagine that anyone with a rooted Android phone who knows of the existance of this app, would choose not to install it. I suspect that a number of people would be willing to root their phones purely so they can use this app.

Linux Firewalls: Attack Detection & Response with Iptables, PSAD, and FWSNORT

Want to leave a tip?BitcoinMoneroZcashPaypalYou can follow this Blog using RSS. To read more, visit my blog index.