fixed double adding of iptables rules, and proper clearing
This commit is contained in:
parent
b90483f65b
commit
2b3164ef6c
|
@ -58,7 +58,7 @@ import android.util.Log;
|
||||||
public class TorService extends Service implements TorServiceConstants, TorConstants, Runnable, EventHandler
|
public class TorService extends Service implements TorServiceConstants, TorConstants, Runnable, EventHandler
|
||||||
{
|
{
|
||||||
|
|
||||||
public static boolean ENABLE_DEBUG_LOG = true;
|
public static boolean ENABLE_DEBUG_LOG = false;
|
||||||
|
|
||||||
private static int currentStatus = STATUS_OFF;
|
private static int currentStatus = STATUS_OFF;
|
||||||
|
|
||||||
|
@ -89,7 +89,6 @@ public class TorService extends Service implements TorServiceConstants, TorConst
|
||||||
private File fileObfsProxy;
|
private File fileObfsProxy;
|
||||||
|
|
||||||
private TorTransProxy mTransProxy;
|
private TorTransProxy mTransProxy;
|
||||||
private boolean mTransProxyAll = false;
|
|
||||||
|
|
||||||
public static void logMessage(String msg)
|
public static void logMessage(String msg)
|
||||||
{
|
{
|
||||||
|
@ -313,6 +312,10 @@ public class TorService extends Service implements TorServiceConstants, TorConst
|
||||||
{
|
{
|
||||||
currentStatus = STATUS_OFF;
|
currentStatus = STATUS_OFF;
|
||||||
|
|
||||||
|
SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this);
|
||||||
|
|
||||||
|
boolean hasRoot = prefs.getBoolean(PREF_HAS_ROOT,false);
|
||||||
|
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
killTorProcess ();
|
killTorProcess ();
|
||||||
|
@ -326,6 +329,7 @@ public class TorService extends Service implements TorServiceConstants, TorConst
|
||||||
|
|
||||||
sendCallbackStatusMessage(getString(R.string.status_disabled));
|
sendCallbackStatusMessage(getString(R.string.status_disabled));
|
||||||
|
|
||||||
|
if (hasRoot)
|
||||||
disableTransparentProxy();
|
disableTransparentProxy();
|
||||||
}
|
}
|
||||||
catch (Exception e)
|
catch (Exception e)
|
||||||
|
@ -583,6 +587,12 @@ public class TorService extends Service implements TorServiceConstants, TorConst
|
||||||
ENABLE_DEBUG_LOG = prefs.getBoolean("pref_enable_logging",false);
|
ENABLE_DEBUG_LOG = prefs.getBoolean("pref_enable_logging",false);
|
||||||
Log.i(TAG,"debug logging:" + ENABLE_DEBUG_LOG);
|
Log.i(TAG,"debug logging:" + ENABLE_DEBUG_LOG);
|
||||||
|
|
||||||
|
boolean hasRoot = prefs.getBoolean(PREF_HAS_ROOT,false);
|
||||||
|
boolean enableTransparentProxy = prefs.getBoolean("pref_transparent", false);
|
||||||
|
boolean transProxyAll = prefs.getBoolean("pref_transparent_all", false);
|
||||||
|
boolean transProxyTethering = prefs.getBoolean("pref_transparent_tethering", false);
|
||||||
|
|
||||||
|
|
||||||
currentStatus = STATUS_CONNECTING;
|
currentStatus = STATUS_CONNECTING;
|
||||||
|
|
||||||
logNotice(getString(R.string.status_starting_up));
|
logNotice(getString(R.string.status_starting_up));
|
||||||
|
@ -593,10 +603,12 @@ public class TorService extends Service implements TorServiceConstants, TorConst
|
||||||
|
|
||||||
try {
|
try {
|
||||||
|
|
||||||
enableTransparentProxy();
|
|
||||||
runTorShellCmd();
|
runTorShellCmd();
|
||||||
runPrivoxyShellCmd();
|
runPrivoxyShellCmd();
|
||||||
|
|
||||||
|
if (hasRoot && enableTransparentProxy)
|
||||||
|
enableTransparentProxy(transProxyAll, transProxyTethering);
|
||||||
|
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
logException("Unable to start Tor: " + e.getMessage(),e);
|
logException("Unable to start Tor: " + e.getMessage(),e);
|
||||||
sendCallbackStatusMessage(getString(R.string.unable_to_start_tor) + ' ' + e.getMessage());
|
sendCallbackStatusMessage(getString(R.string.unable_to_start_tor) + ' ' + e.getMessage());
|
||||||
|
@ -611,47 +623,20 @@ public class TorService extends Service implements TorServiceConstants, TorConst
|
||||||
*
|
*
|
||||||
* the idea is that if Tor is off then transproxy is off
|
* the idea is that if Tor is off then transproxy is off
|
||||||
*/
|
*/
|
||||||
private boolean enableTransparentProxy () throws Exception
|
private boolean enableTransparentProxy (boolean proxyAll, boolean enableTether) throws Exception
|
||||||
{
|
{
|
||||||
SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this);
|
|
||||||
|
|
||||||
boolean hasRoot = prefs.getBoolean(PREF_HAS_ROOT,false);
|
|
||||||
boolean enableTransparentProxy = prefs.getBoolean("pref_transparent", false);
|
|
||||||
|
|
||||||
if (mTransProxy == null)
|
if (mTransProxy == null)
|
||||||
mTransProxy = new TorTransProxy();
|
mTransProxy = new TorTransProxy();
|
||||||
|
|
||||||
if (hasRoot && enableTransparentProxy)
|
TorService.logMessage ("Transparent Proxying: enabling...");
|
||||||
{
|
|
||||||
|
|
||||||
mTransProxyAll = prefs.getBoolean("pref_transparent_all", false);
|
|
||||||
boolean transProxyTethering = prefs.getBoolean("pref_transparent_tethering", false);
|
|
||||||
|
|
||||||
TorService.logMessage ("Transparent Proxying: " + enableTransparentProxy);
|
|
||||||
|
|
||||||
//String portProxyList = prefs.getString("pref_port_list", "");
|
|
||||||
|
|
||||||
|
|
||||||
//TODO: Find a nice place for the next (commented) line
|
//TODO: Find a nice place for the next (commented) line
|
||||||
//TorTransProxy.setDNSProxying();
|
//TorTransProxy.setDNSProxying();
|
||||||
|
|
||||||
int code = 0; // Default state is "okay"
|
int code = 0; // Default state is "okay"
|
||||||
/*
|
|
||||||
if(transProxyPortFallback)
|
if(proxyAll)
|
||||||
{
|
|
||||||
showToolbarNotification(getString(R.string.setting_up_port_based_transparent_proxying_), TRANSPROXY_NOTIFY_ID, R.drawable.ic_stat_notify, -1);
|
|
||||||
StringTokenizer st = new StringTokenizer(portProxyList, ",");
|
|
||||||
int status = code;
|
|
||||||
while (st.hasMoreTokens())
|
|
||||||
{
|
|
||||||
status = mTransProxy.setTransparentProxyingByPort(this, Integer.parseInt(st.nextToken()));
|
|
||||||
if(status != 0)
|
|
||||||
code = status;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{*/
|
|
||||||
if(mTransProxyAll)
|
|
||||||
{
|
{
|
||||||
showToolbarNotification(getString(R.string.setting_up_full_transparent_proxying_), TRANSPROXY_NOTIFY_ID, R.drawable.ic_stat_notify, -1);
|
showToolbarNotification(getString(R.string.setting_up_full_transparent_proxying_), TRANSPROXY_NOTIFY_ID, R.drawable.ic_stat_notify, -1);
|
||||||
|
|
||||||
|
@ -664,7 +649,6 @@ public class TorService extends Service implements TorServiceConstants, TorConst
|
||||||
code = mTransProxy.setTransparentProxyingByApp(this,AppManager.getApps(this));
|
code = mTransProxy.setTransparentProxyingByApp(this,AppManager.getApps(this));
|
||||||
}
|
}
|
||||||
|
|
||||||
//}
|
|
||||||
|
|
||||||
TorService.logMessage ("TorTransProxy resp code: " + code);
|
TorService.logMessage ("TorTransProxy resp code: " + code);
|
||||||
|
|
||||||
|
@ -672,7 +656,7 @@ public class TorService extends Service implements TorServiceConstants, TorConst
|
||||||
{
|
{
|
||||||
showToolbarNotification(getString(R.string.transparent_proxying_enabled), TRANSPROXY_NOTIFY_ID, R.drawable.ic_stat_notify, -1);
|
showToolbarNotification(getString(R.string.transparent_proxying_enabled), TRANSPROXY_NOTIFY_ID, R.drawable.ic_stat_notify, -1);
|
||||||
|
|
||||||
if (transProxyTethering)
|
if (enableTether)
|
||||||
{
|
{
|
||||||
showToolbarNotification(getString(R.string.transproxy_enabled_for_tethering_), TRANSPROXY_NOTIFY_ID, R.drawable.ic_stat_notify, -1);
|
showToolbarNotification(getString(R.string.transproxy_enabled_for_tethering_), TRANSPROXY_NOTIFY_ID, R.drawable.ic_stat_notify, -1);
|
||||||
|
|
||||||
|
@ -687,9 +671,6 @@ public class TorService extends Service implements TorServiceConstants, TorConst
|
||||||
}
|
}
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
|
||||||
else
|
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -700,31 +681,23 @@ public class TorService extends Service implements TorServiceConstants, TorConst
|
||||||
*/
|
*/
|
||||||
private boolean disableTransparentProxy () throws Exception
|
private boolean disableTransparentProxy () throws Exception
|
||||||
{
|
{
|
||||||
SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this);
|
|
||||||
|
|
||||||
boolean hasRoot = prefs.getBoolean(PREF_HAS_ROOT,false);
|
TorService.logMessage ("Transparent Proxying: disabling...");
|
||||||
boolean enableTransparentProxy = prefs.getBoolean("pref_transparent", false);
|
|
||||||
|
|
||||||
if (hasRoot && enableTransparentProxy)
|
|
||||||
{
|
|
||||||
|
|
||||||
TorService.logMessage ("Clearing TransProxy rules");
|
|
||||||
|
|
||||||
if (mTransProxy == null)
|
if (mTransProxy == null)
|
||||||
mTransProxy = new TorTransProxy();
|
mTransProxy = new TorTransProxy();
|
||||||
|
|
||||||
if (mTransProxyAll)
|
// if (transProxyAll)
|
||||||
mTransProxy.clearTransparentProxyingAll(this);
|
mTransProxy.clearTransparentProxyingAll(this);
|
||||||
else
|
// else
|
||||||
mTransProxy.clearTransparentProxyingByApp(this,AppManager.getApps(this));
|
mTransProxy.clearTransparentProxyingByApp(this,AppManager.getApps(this));
|
||||||
|
|
||||||
showToolbarNotification(getString(R.string.transproxy_rules_cleared), TRANSPROXY_NOTIFY_ID, R.drawable.ic_stat_notify, -1);
|
|
||||||
|
|
||||||
|
|
||||||
|
//showToolbarNotification(getString(R.string.transproxy_rules_cleared), TRANSPROXY_NOTIFY_ID, R.drawable.ic_stat_notify, -1);
|
||||||
|
clearNotifications();
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
|
||||||
else
|
|
||||||
return false;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private void runTorShellCmd() throws Exception
|
private void runTorShellCmd() throws Exception
|
||||||
|
@ -1271,20 +1244,7 @@ public class TorService extends Service implements TorServiceConstants, TorConst
|
||||||
|
|
||||||
updateTorConfiguration();
|
updateTorConfiguration();
|
||||||
|
|
||||||
if (currentStatus == STATUS_ON)
|
|
||||||
{
|
|
||||||
//reset iptables rules in active mode
|
|
||||||
|
|
||||||
try
|
|
||||||
{
|
|
||||||
disableTransparentProxy();
|
|
||||||
enableTransparentProxy();
|
|
||||||
}
|
|
||||||
catch (Exception e)
|
|
||||||
{
|
|
||||||
logException("unable to setup transproxy",e);
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
} catch (RemoteException e) {
|
} catch (RemoteException e) {
|
||||||
|
|
|
@ -194,8 +194,16 @@ public class TorTransProxy implements TorServiceConstants {
|
||||||
|
|
||||||
// Allow everything for Tor
|
// Allow everything for Tor
|
||||||
script.append(ipTablesPath);
|
script.append(ipTablesPath);
|
||||||
script.append(" -t filter");
|
|
||||||
script.append(" -A OUTPUT");
|
script.append(" -A OUTPUT");
|
||||||
|
script.append(" -t filter");
|
||||||
|
script.append(" -m owner --uid-owner ");
|
||||||
|
script.append(torUid);
|
||||||
|
script.append(" -j ACCEPT");
|
||||||
|
script.append(" || exit\n");
|
||||||
|
|
||||||
|
script.append(ipTablesPath);
|
||||||
|
script.append(" -D OUTPUT");
|
||||||
|
script.append(" -t filter");
|
||||||
script.append(" -m owner --uid-owner ");
|
script.append(" -m owner --uid-owner ");
|
||||||
script.append(torUid);
|
script.append(torUid);
|
||||||
script.append(" -j ACCEPT");
|
script.append(" -j ACCEPT");
|
||||||
|
@ -498,6 +506,15 @@ public class TorTransProxy implements TorServiceConstants {
|
||||||
|
|
||||||
int torUid = context.getApplicationInfo().uid;
|
int torUid = context.getApplicationInfo().uid;
|
||||||
|
|
||||||
|
// Allow everything for Tor
|
||||||
|
script.append(ipTablesPath);
|
||||||
|
script.append(" -" + cmd + " OUTPUT");
|
||||||
|
script.append(" -t filter");
|
||||||
|
script.append(" -m owner --uid-owner ");
|
||||||
|
script.append(torUid);
|
||||||
|
script.append(" -j ACCEPT");
|
||||||
|
script.append(" || exit\n");
|
||||||
|
|
||||||
// Set up port redirection
|
// Set up port redirection
|
||||||
script.append(ipTablesPath);
|
script.append(ipTablesPath);
|
||||||
script.append(" -" + cmd + " OUTPUT");
|
script.append(" -" + cmd + " OUTPUT");
|
||||||
|
@ -551,14 +568,6 @@ public class TorTransProxy implements TorServiceConstants {
|
||||||
script.append(" -j ACCEPT");
|
script.append(" -j ACCEPT");
|
||||||
script.append(" || exit\n");
|
script.append(" || exit\n");
|
||||||
|
|
||||||
// Allow everything for Tor
|
|
||||||
script.append(ipTablesPath);
|
|
||||||
script.append(" -" + cmd + " OUTPUT");
|
|
||||||
script.append(" -t filter");
|
|
||||||
script.append(" -m owner --uid-owner ");
|
|
||||||
script.append(torUid);
|
|
||||||
script.append(" -j ACCEPT");
|
|
||||||
script.append(" || exit\n");
|
|
||||||
|
|
||||||
if (TorService.ENABLE_DEBUG_LOG)
|
if (TorService.ENABLE_DEBUG_LOG)
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in New Issue