HoneyBadger Firewall

Honeybadger Firewall

The HoneyBadger Firewall uses IPTables to help you eliminate unwanted data usage, fight against malware, and even block adds!

Honeybadger Firewall provides the following features:
– Block/Allow specified applications
– Block/Allow specified IP addresses or domain names
– Block/Allow can be specified for WiFi or Cell network traffic
– Automatically generate rules to block known malicious sites from an online database. You can do this manually by pressing a button, or choose an automatic daily update.
– View log of all network traffic, including whether it was blocked or allowed.
– Export and Import rules from CSV file. This allows you to backup and restore rules or keep all your devices up to date with the same rules.
– Firewall can be enabled or disabled quickly and easily.

Source code is located here. Feel free to contribute (just create a GitHub account and fork the project)!

Apk download is available here:

Get it on Google Play

If you have any questions, comments, or suggestions leave a comment below!

48 thoughts on “HoneyBadger Firewall”

    1. Hey i downloaded HoneyBadger 4.5 and tried to block applications. But still applications were able to access the internet. I found out that the rules (only app blocking rules) wr nt inserted into iptables. I think there is issues with the execution of script for the app blocking rules.

  1. Hi!
    I have downloaded your firewall, and I have some difficulties trying to start. It just seems. It forces to close. I got Samsung galaxy s3 with Android 4.0.4, rooted, latest busy box, granted su rights, with latest su, offcourse 🙂

    1. Thanks for bringing this to my attention. Apparently with Android 4.0 Google removed support for an operation the app was using. There will be a fairly major update coming out by the end of the week, and I’ll fix this as part of the update. Sorry for the inconvenience 🙂

  2. app opens now corectly :),
    ok, but… here is another situation 🙁
    when i forbid some app to connect to the internet trough gprs and wifi, after i apply action, the same app just connect to its source. Firewall doesnt block it from connecting to the internet.

  3. Does this firewall work for all types of wireless devices to protect against walware? For example, can it be used for a wireless scanning device or is it just meant for phones and Android devices?

  4. not working on galaxy s2 4.0.4,try to block the “angry bird space ” with this app,at first everything seems fine,but it’s not working anymore after awhile.(reboot and re-apply blocked apps doesn’t help)

    1. Can you give more detail? When you say everything seems fine at first, what is happening, and when you say it stops working, what exactly stops working?

        1. Hmm… That’s odd. Can you verify that there is a rule in IPTables blocking the app? To do this, get the app’s UID from the app list (the number in parenthesis), go to settings, press the “View Rules” button, and check for the UID in the “APPS” chain.

          If there isn’t a rule there, then there is probably an issue with the app, but if the rule is there, then there is probably an issue with iptables or it’s interaction with the phone’s operating system (which I wouldn’t be able to fix).

          1. see the raw iptables rules,
            there are
            chain input(policy accept 0 packets,0 bytes)
            pkts bytes target prot opt in out source destination

            but no “app chian”

          2. Ok, that means that nothing is getting sent to iptables. I’m going to speculate that this is due to superuser. Go into your superuser app and ensure that Honeybadger is listed under “allow.”

  5. this app isnt visible in lbe privacy guard 1.2
    dolphin browser doesnt show in honey badger.
    it wont block anything, i have busybox installed, had one popup before busybox, none after, troubleshooting link?
    n does this need device id enabled? moduel dependant? ones not to freeze?
    running 2.3.5
    soo wanting to run this

    1. I’m not really familiar with LBE privacy guard, but I think it only shows apps that request certain permissions, and Honeybadger doesn’t request any of those.

      I’m not sure why Dolphin isn’t showing for you; it shows up for me. If you installed it after you installed Honeybadger, try refreshing the apps list (menu>”refresh apps list”), exiting the app (using the back button not the home button) and reopening, or restarting the device.

      As to why it’s not blocking anything, I can’t be sure without more information. Go to menu>settings>view rules and tell me what you see there. If what is listed is only about 6 lines, go into your superuser app and verify that Honeybadger is listed as allowed.

  6. May want to revise “Feel free to contribute (just create a GitHub account and fork the project)!” – from reading the link, a fork in git creates a ‘sub-branch’ (?). Thus pulling in upstream requests. And pull requests. However, if not familiar with git, fork’ing usually means (as you know), cloning the project and setting up a competing version. Which would be counter-intuitive to the context of the sentence – contributing back.

  7. Could you add a couple of buttons to the apps tab, or have the wi-fi and carrier data icons do double duty? I do not have a data plan, nor am I interested in one. Clicking the carrier icon could bring up a un/select all prompt to just check / clear all that column of boxes.

    I can think of various scenarios where, for example, one might deny all carrier data traffic, except for a favoured few – and this double duty would facilitate that.

  8. When I click view rules, nothing happens. (Well, ‘View Rules’ scrolls.) An activity indicator, or ‘no rules’ would give feedback. [I have no manual rules entered. I didn’t expect to see anything. But I have no way to know that the view rules process is complete. It would probably be reasonable to see the rules added via download ips – perhaps greyed out.]

    Same thing on add rules / download ips – I ended up downloading multiple times as I did not know it was doing anything. (Wasn’t sure my fat fingers successfully hit the button.)

    Settings / view rules will cause the app to crash / timeout / Android thinks its hung – it takes that long for my Samsung Captivate Glide to finish output to ‘iptables –list’. Increase timeout or tee to screen while collecting stdout would be useful.

    With ips downloaded, get many errors at ‘iptables –list’. Can send stderr/out – please advise.

    Some uninstall instructions / assurances / disable instructions would be useful:

    e.g. My ‘Samba Filesharing’ app is no longer working. I don’t really suspect HB, but would like to turn HB off temporarily to prove it. (i.e. Assure myself I haven’t firewalled SMB off from working.) An on/off function in HB would be useful.

    Similarly, beside ‘download ips’ should be ‘clear downloaded ips’.

    I have seen elsewhere (perhaps not with HB) that uninstalling the firewall with iptables added to will leave those iptable changes in place. Uninstall instructions / assurances of returning to stock iptables settings would be useful / reassuring.

    * Adding a blurb to google play description / elsewhere might be useful – blocking via firewall / iptables should be orders of magnitude faster than something like adaway.

    1. I finally got around to completing the updates, and implemented most of your suggestions. For details see my most recent post.

      Thanks again for the feedback!

  9. There’s another fork at play store called ‘Android Firewall’ by the author jtschohl. Perhaps it would be useful to commit to just one project to support progress?

    1. This is actually a completely separate program from Droidwall. Both use iptables, but the source code is completely separate. HB has several features not found in Droidwall, such as creating rules based on a downloaded list of know malicious IPs and exporting/importing rules.

      Thanks for the interest, though!

  10. Hello. I have a question: In settings there is an option to set default behavior. If I choose forbid all, how can I then allow access to a specific application? If it is not possible, it would be useful to have a white (allow) list. Thanks.

    1. Intended behavior is that apps that aren’t checked under the apps tag won’t be blocked when that setting is selected. Apparently there is a bug currently preventing this from working properly. I should have it fixed by the end of this weekend. Sorry about the bug, and thanks for bringing it to my attention.

  11. Here’s hoping for continued development…
    Since I don’t know how long ago, HB will no longer detect BusyBox installed on the device. STEricson busybox 1.20.2 is not detected at all. Busybox Installer versions 1.19 and 1.20 come up as “Not installed” in HB. 1.18 comes back as wget being broken. Would love to see a fix or a workaround.

      1. Thank you.

        Please let me know if you need any additional details or testing performed. I can possibly link to ADB to check functions at some point if it becomes a need.

        Extra info:
        Devices in question are an HTC One M7 Google Play Custom ROM 4.4.2 and a Samsung Galaxy Tab 4 8.0 Stock ROM Rooted 4.4.2 (KNOX disabled)

  12. Yes, i too have HB not detecting my version of BusyBox, What file can i edit to correct this or work around can you provide?

  13. My best guess is that whatever version of busybox you all are using dropped support for wget. This should be fixable by installing a working copy of busybox with the APK. I’m pretty sure I can get that out by the end of the weak. If either of you would be willing to beta test the update, please let me know.

    1. It turns out that everything is actually working fine when you’re getting that message, but the site I was using for a test (Google due to small size) contains the words “not found,” thus resulting in a false failure. I should be pushing the fix tomorrow.

      1. Never underestimate the power of odd things to go wrong. Great catch. Looking forward to happier app and thank you for your wonderful work!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.