Clone this wiki locally
Welcome to the AFWall+ Wiki!
AFWall+ is an Android open source firewall client, focused on making it easier to work with iptables. It keeps track of your mobile broadband usage and can block internet access to selected apps to avoid exceeding your data usage.
Before you ask anything please take a look first into our official FAQ. A general discussion platform can be found here on XDA-Developers. Use our GitHub platform only for issue reports, see here how-to do this - or pull requests.
We are not responsible for any external content mentioned here on this Wiki! Due the mass of Chrome/Chromium security complications read also this and this, our Wiki is focused on browsing with Firefox (mobile), please do not ask anything how to secure/harden Chrome/Chromium or any mod of this Browser which use the same engine. Thanks!
- Not working on
- Important Information
- Similar firewall solutions
- Making Donations
- Wiki cloning
Your contributions and suggestions are heartily♥ welcome. (✿◕‿◕)
Additional thanks goes out to our top contributors & developers, listed over here.
Enjoy and profit. Contribute to the project with pull requests!
AFWall+ needs the following to run at his best:
- The Android 4.x OS (ICS/API level 15, NDK 10) or a higher version.
- Your device must be rooted.
- BusyBox and IPtables (also included as binary in AFWall+ for Kernel/ROM's without it!)
- The Kernel/ROM must have init.d support (for external custom script and data leakage fix)!
- The Kernel must have NETFILTER/CONFIG_NETFILTER enabled (
adb pull /proc/config.gz- Once you unzip it, you can search for e.g. NETFILTER). AFWall+ normally check's it automatically if your Kernel does have support for it or not.
Not working on
Since Android supports over 11k devices it's impossible for AFWall+ to work on all of them. The community (YOU) must help in this case with a quality bug report to possible add the missing thing to your version/device to get it working, besides this we not supporting special Android version like:
- If you've not installed AFWall+ from the official stores like F-Droid or Google Play Store you may need to temporarily enable "Unknown sources" in your settings if that's disabled.
- Make a current settings backup (optional) - it will be saved under
- Download the latest release from Google Play Store, GitHub or F-Droid.
- Delete any previous version of the AFWall+ app, an upgrade from an existent installation is also possible.
- Delete/Restore any remnant application/setting(s) directory from
- Install the latest available version.
- Restore your settings backup.
Before you submit any issue report via the integrated AFWall+ option - or here on GitHub, you maybe first read the following stuff which possible solve your problems questions.
- Our official FAQ helps to solve the most known problems and questions.
- Our official issue tracker here on GitHub, please always make a search before you open another ticket.
- Changelog describes changes in each new version of AFWall+.
- CustomScripts for advanced users only. Some questions about working with IPTables script(s) might be answered over there, it also contains some predefined scripts templates and examples you can use.
- Apps leak user privacy data during boot contains background information about how to solve the 'Data leakage' during boot problem.
- Android kernel traffic contains background information about the Android OS & Kernel generated traffic.
Which system apps can I block? contains background information about which (system-)apps are blockable and which should better not been blocked.
Got an error message?
- Error codes may help you to understand the error messages.
Found a bug?
Want compile AFWall+ yourself?
- All you need to know about compiling AFWall+
- All you need to know about compiling busybox
- All you need to know about compiling iptables
- All you need to know about debugging
Some useful tricks:
(Optional and not only AFWall+ specific)
TCP security under Linux:
- TCP security may help to protect you against some known attacks.
Kernel Security under Linux:
- Kernel security hardening the Kernel to maximum security (POC + WIP).
Phone code "cheats":
- Phone codes secrets contain some useful codes for viewing e.g. MAC address.
Similar firewall solutions
A quick overview of other Android firewalls and a short explanation how they're working is explained over our Similar Firewall solutions page.
Donations are optional and we don't want you to feel pressured to send money! But everything may helps to improve the product - and of course it's always a good motivation! It can be done directly on Google Play Store or just look at F-Droid repository for more donations options.
If you like to donate something without getting extra candy like the donating .apk, you can simply do this over here:
Feel free to fork/clone our Wiki, but remember to give proper credits where it belongs.
git clone https://github.com/ukanth/afwall.wiki.git.
It's now very easy to stay up-to-date by subscribing latest changes via Browser live feeds:
# The available feeds are: https://github.com/ukanth/afwall/commits/beta.atom (latest) https://github.com/ukanth/afwall/commits/HEAD.atom https://github.com/ukanth/afwall/commits/donate.atom https://github.com/ukanth/afwall/commits/master.atom or https://github.com/ukanth/afwall/commits/<TAG or BRANCHES>.atom
Copyright (c) 2012-2016 Umakanthan Chandran alias ukanth. All rights reserved.
AFWall+ is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your discretion) any later version.
AFWall+ is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
You should have received a copy of the GNU General Public License along with AFWall+. If not, see https://www.gnu.org/licenses/.