orWall

Force apps to use Tor

Force selected applications through Orbot while preventing unchecked applications to have network access.

In short, orWall will add special iptables rules in order to redirect traffic for applications through Tor; it will also add required rules in order to block traffic for other apps. The redirection is based on the application user id. Each android application runs as a dedicated user, and iptables has support for traffic filtering based on the process owner, meaning it's really easy and pretty safe to do this kind of thing on an Android device.

The application works in two stages: first, an init-script will block all incoming and outgoing traffic. This should prevent leaks, knowing Android sends stuff before you can even access the device. Second stage comes once the device is fully booted: orWall itself takes the lead on the firewall, and add required rules in order to allow Orbot traffic, and redirect selected application to Orbot TransPort.

Limitations: init-script works only on Android <= 4.4.x

Conflict: all other firewall application such as AFWall, DroidWall, etc

Donate

Packages

Although APK downloads are available below to give you the choice, you should be aware that by installing that way you will not receive update notifications and it's a less secure way to download. We recommend that you install the F-Droid client and use that.

Download F-Droid
  • Version 1.2.0 (40) - Added on 2016-08-04

    This version requires Android ? or newer.

    It is built and signed by F-Droid, and guaranteed to correspond to this source tarball.

    Permissions
    • run at startup
      Allows the app to have itself started as soon as the system has finished booting. This can make it take longer to start the phone and allow the app to slow down the overall phone by always running.
    • android.permission.ACCESS_SUPERUSER
    • view network connections
      Allows the app to view information about network connections such as which networks exist and are connected.
    • view Wi-Fi connections
      Allows the app to view information about Wi-Fi networking, such as whether Wi-Fi is enabled and name of connected Wi-Fi devices.
    • have full network access
      Allows the app to create network sockets and use custom network protocols. The browser and other applications provide means to send data to the internet, so this permission is not required to send data to the internet.

    Download APK 1.4 MiB PGP Signature

  • Version 1.1.0 (38) - Added on 2016-07-15

    This version requires Android ? or newer.

    It is built and signed by F-Droid, and guaranteed to correspond to this source tarball.

    Permissions
    • run at startup
      Allows the app to have itself started as soon as the system has finished booting. This can make it take longer to start the phone and allow the app to slow down the overall phone by always running.
    • android.permission.ACCESS_SUPERUSER
    • view network connections
      Allows the app to view information about network connections such as which networks exist and are connected.
    • view Wi-Fi connections
      Allows the app to view information about Wi-Fi networking, such as whether Wi-Fi is enabled and name of connected Wi-Fi devices.

    Download APK 3.2 MiB PGP Signature