updates related to motorola milestone debugging and iptables transproxy settings
svn:r22743
This commit is contained in:
parent
243ff10c48
commit
e157ecd92a
|
@ -5,7 +5,7 @@
|
||||||
|
|
||||||
<uses-permission android:name="android.permission.INTERNET" />
|
<uses-permission android:name="android.permission.INTERNET" />
|
||||||
|
|
||||||
<application android:icon="@drawable/icon" android:label="@string/app_name" android:debuggable="false">
|
<application android:icon="@drawable/icon" android:label="@string/app_name" android:debuggable="true">
|
||||||
|
|
||||||
<activity android:name=".Orbot"
|
<activity android:name=".Orbot"
|
||||||
android:theme="@android:style/Theme.NoTitleBar"
|
android:theme="@android:style/Theme.NoTitleBar"
|
||||||
|
|
|
@ -390,134 +390,7 @@ public class Orbot extends Activity implements OnClickListener, TorConstants
|
||||||
* Read in the Preferences and write then to the .torrc file
|
* Read in the Preferences and write then to the .torrc file
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
|
||||||
private void processSettingsOld ()
|
|
||||||
{
|
|
||||||
StringBuffer torrcText = new StringBuffer();
|
|
||||||
|
|
||||||
torrcText.append(TorConstants.TORRC_DEFAULT);
|
|
||||||
|
|
||||||
SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this);
|
|
||||||
|
|
||||||
boolean useBridges = prefs.getBoolean(PREF_BRIDGES_ENABLED, false);
|
|
||||||
|
|
||||||
boolean autoUpdateBridges = prefs.getBoolean(PREF_BRIDGES_UPDATED, false);
|
|
||||||
|
|
||||||
boolean becomeRelay = prefs.getBoolean(PREF_OR, false);
|
|
||||||
|
|
||||||
boolean ReachableAddresses = prefs.getBoolean(PREF_REACHABLE_ADDRESSES,false);
|
|
||||||
|
|
||||||
enableTransparentProxy = prefs.getBoolean(PREF_TRANSPARENT, false);
|
|
||||||
|
|
||||||
if (hasRoot)
|
|
||||||
{
|
|
||||||
if (enableTransparentProxy)
|
|
||||||
{
|
|
||||||
TorTransProxy.setDNSProxying();
|
|
||||||
TorTransProxy.setTransparentProxying(this, TorServiceUtils.getApps(this));
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
TorTransProxy.purgeNatIptables();
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
String bridgeList = prefs.getString(PREF_BRIDGES_LIST,"");
|
|
||||||
|
|
||||||
if (useBridges)
|
|
||||||
{
|
|
||||||
if (bridgeList == null || bridgeList.length() == 0)
|
|
||||||
{
|
|
||||||
|
|
||||||
showAlert("Bridge Error","In order to use the bridge feature, you must enter at least one bridge IP address." +
|
|
||||||
"Send an email to bridges@torproject.org with the line \"get bridges\" by itself in the body of the mail from a gmail account.");
|
|
||||||
|
|
||||||
showSettings();
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
||||||
torrcText.append("UseBridges 1");
|
|
||||||
torrcText.append('\n');
|
|
||||||
|
|
||||||
torrcText.append("UpdateBridgesFromAuthority ");
|
|
||||||
|
|
||||||
if (autoUpdateBridges)
|
|
||||||
torrcText.append("1");
|
|
||||||
else
|
|
||||||
torrcText.append("0");
|
|
||||||
|
|
||||||
torrcText.append('\n');
|
|
||||||
|
|
||||||
String bridgeDelim = "\n";
|
|
||||||
|
|
||||||
if (bridgeList.indexOf(",") != -1)
|
|
||||||
{
|
|
||||||
bridgeDelim = ",";
|
|
||||||
}
|
|
||||||
|
|
||||||
StringTokenizer st = new StringTokenizer(bridgeList,bridgeDelim);
|
|
||||||
while (st.hasMoreTokens())
|
|
||||||
{
|
|
||||||
torrcText.append("bridge ");
|
|
||||||
torrcText.append(st.nextToken());
|
|
||||||
torrcText.append('\n');
|
|
||||||
|
|
||||||
}
|
|
||||||
}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
torrcText.append("UseBridges 0");
|
|
||||||
torrcText.append('\n');
|
|
||||||
}
|
|
||||||
|
|
||||||
try
|
|
||||||
{
|
|
||||||
if (ReachableAddresses)
|
|
||||||
{
|
|
||||||
String ReachableAddressesPorts =
|
|
||||||
prefs.getString(PREF_REACHABLE_ADDRESSES_PORTS, "*:80,*:443");
|
|
||||||
torrcText.append("ReachableAddresses ");
|
|
||||||
// We should verify this and someday, the Exception will matter :-)
|
|
||||||
torrcText.append(ReachableAddressesPorts);
|
|
||||||
torrcText.append('\n');
|
|
||||||
}
|
|
||||||
}
|
|
||||||
catch (Exception e)
|
|
||||||
{
|
|
||||||
showAlert("Config Error","Your ReachableAddresses settings caused an exception!");
|
|
||||||
}
|
|
||||||
|
|
||||||
try
|
|
||||||
{
|
|
||||||
if (becomeRelay && (!useBridges) && (!ReachableAddresses))
|
|
||||||
{
|
|
||||||
int ORPort = Integer.parseInt(prefs.getString(PREF_OR_PORT, "9001"));
|
|
||||||
String nickname = prefs.getString(PREF_OR_NICKNAME, "Orbot");
|
|
||||||
|
|
||||||
torrcText.append("ORPort ");
|
|
||||||
torrcText.append(ORPort);
|
|
||||||
torrcText.append('\n');
|
|
||||||
|
|
||||||
torrcText.append("Nickname ");
|
|
||||||
torrcText.append(nickname);
|
|
||||||
torrcText.append('\n');
|
|
||||||
|
|
||||||
torrcText.append("ExitPolicy reject *:*");
|
|
||||||
torrcText.append('\n');
|
|
||||||
}
|
|
||||||
}
|
|
||||||
catch (Exception e)
|
|
||||||
{
|
|
||||||
showAlert("Uh-oh!","Your relay settings caused an exception!");
|
|
||||||
showSettings();
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
Utils.saveTextFile(TorServiceConstants.TORRC_INSTALL_PATH, torrcText.toString());
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
||||||
private void processSettings () throws RemoteException
|
private void processSettings () throws RemoteException
|
||||||
{
|
{
|
||||||
|
|
|
@ -38,7 +38,10 @@ public class TorBinaryInstaller implements TorServiceConstants {
|
||||||
boolean privoxyBinaryExists = new File(installPath + PRIVOXY_ASSET_KEY).exists();
|
boolean privoxyBinaryExists = new File(installPath + PRIVOXY_ASSET_KEY).exists();
|
||||||
Log.i(TAG,"Privoxy binary exists=" + privoxyBinaryExists);
|
Log.i(TAG,"Privoxy binary exists=" + privoxyBinaryExists);
|
||||||
|
|
||||||
if (!(torBinaryExists && privoxyBinaryExists) || force)
|
boolean iptablesBinaryExists = new File(installPath + IPTABLES_ASSET_KEY).exists();
|
||||||
|
Log.i(TAG,"IPTables binary exists=" + iptablesBinaryExists);
|
||||||
|
|
||||||
|
if (!(torBinaryExists && privoxyBinaryExists && iptablesBinaryExists) || force)
|
||||||
installFromZip ();
|
installFromZip ();
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -51,39 +54,31 @@ public class TorBinaryInstaller implements TorServiceConstants {
|
||||||
|
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
/*
|
|
||||||
String apkPath = APK_PATH;
|
|
||||||
|
|
||||||
int apkIdx = 1;
|
|
||||||
|
|
||||||
while (!new File(apkPath).exists())
|
|
||||||
{
|
|
||||||
apkPath = APK_PATH_BASE + '-' + (apkIdx++) + ".apk";
|
|
||||||
|
|
||||||
Log.i(TAG,"Could not find APK. Trying new path: " + apkPath);
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
ZipFile zip = new ZipFile(apkPath);
|
ZipFile zip = new ZipFile(apkPath);
|
||||||
|
|
||||||
ZipEntry zipen = zip.getEntry(TOR_BINARY_ZIP_KEY);
|
ZipEntry zipen = zip.getEntry(ASSETS_BASE + TOR_BINARY_ASSET_KEY);
|
||||||
streamToFile(zip.getInputStream(zipen),installPath + TOR_BINARY_ASSET_KEY);
|
streamToFile(zip.getInputStream(zipen),installPath + TOR_BINARY_ASSET_KEY);
|
||||||
|
|
||||||
zipen = zip.getEntry(TORRC_ZIP_KEY);
|
zipen = zip.getEntry(ASSETS_BASE + TORRC_ASSET_KEY);
|
||||||
streamToFile(zip.getInputStream(zipen),installPath + TORRC_ASSET_KEY);
|
streamToFile(zip.getInputStream(zipen),installPath + TORRC_ASSET_KEY);
|
||||||
|
|
||||||
zipen = zip.getEntry(PRIVOXY_ZIP_KEY);
|
zipen = zip.getEntry(ASSETS_BASE + PRIVOXY_ASSET_KEY);
|
||||||
streamToFile(zip.getInputStream(zipen),installPath + PRIVOXY_ASSET_KEY);
|
streamToFile(zip.getInputStream(zipen),installPath + PRIVOXY_ASSET_KEY);
|
||||||
|
|
||||||
zipen = zip.getEntry(PRIVOXYCONFIG_ZIP_KEY);
|
zipen = zip.getEntry(ASSETS_BASE + PRIVOXYCONFIG_ASSET_KEY);
|
||||||
streamToFile(zip.getInputStream(zipen),installPath + PRIVOXYCONFIG_ASSET_KEY);
|
streamToFile(zip.getInputStream(zipen),installPath + PRIVOXYCONFIG_ASSET_KEY);
|
||||||
|
|
||||||
|
zipen = zip.getEntry(ASSETS_BASE + PRIVOXYCONFIG_ASSET_KEY);
|
||||||
|
streamToFile(zip.getInputStream(zipen),installPath + PRIVOXYCONFIG_ASSET_KEY);
|
||||||
|
|
||||||
|
zipen = zip.getEntry(ASSETS_BASE + IPTABLES_ASSET_KEY);
|
||||||
|
streamToFile(zip.getInputStream(zipen),installPath + IPTABLES_ASSET_KEY);
|
||||||
|
|
||||||
|
|
||||||
zip.close();
|
zip.close();
|
||||||
|
|
||||||
Log.i(TAG,"SUCCESS: unzipped tor, privoxy binaries from apk");
|
Log.i(TAG,"SUCCESS: unzipped tor, privoxy, iptables binaries from apk");
|
||||||
|
|
||||||
}
|
}
|
||||||
catch (IOException ioe)
|
catch (IOException ioe)
|
||||||
|
|
|
@ -401,11 +401,13 @@ public class TorService extends Service implements TorServiceConstants, Runnable
|
||||||
|
|
||||||
torBinaryPath = appHome + TOR_BINARY_ASSET_KEY;
|
torBinaryPath = appHome + TOR_BINARY_ASSET_KEY;
|
||||||
privoxyPath = appHome + PRIVOXY_ASSET_KEY;
|
privoxyPath = appHome + PRIVOXY_ASSET_KEY;
|
||||||
|
String iptablesPath = appHome + IPTABLES_ASSET_KEY;
|
||||||
|
|
||||||
boolean torBinaryExists = new File(torBinaryPath).exists();
|
boolean torBinaryExists = new File(torBinaryPath).exists();
|
||||||
boolean privoxyBinaryExists = new File(privoxyPath).exists();
|
boolean privoxyBinaryExists = new File(privoxyPath).exists();
|
||||||
|
boolean iptablesBinaryExists = new File(iptablesPath).exists();
|
||||||
|
|
||||||
if (!(torBinaryExists && privoxyBinaryExists))
|
if (!(torBinaryExists && privoxyBinaryExists && iptablesBinaryExists))
|
||||||
{
|
{
|
||||||
killTorProcess ();
|
killTorProcess ();
|
||||||
|
|
||||||
|
@ -415,7 +417,7 @@ public class TorService extends Service implements TorServiceConstants, Runnable
|
||||||
torBinaryExists = new File(torBinaryPath).exists();
|
torBinaryExists = new File(torBinaryPath).exists();
|
||||||
privoxyBinaryExists = new File(privoxyPath).exists();
|
privoxyBinaryExists = new File(privoxyPath).exists();
|
||||||
|
|
||||||
if (torBinaryExists && privoxyBinaryExists)
|
if (torBinaryExists && privoxyBinaryExists && iptablesBinaryExists)
|
||||||
{
|
{
|
||||||
logNotice(getString(R.string.status_install_success));
|
logNotice(getString(R.string.status_install_success));
|
||||||
|
|
||||||
|
@ -429,8 +431,6 @@ public class TorService extends Service implements TorServiceConstants, Runnable
|
||||||
|
|
||||||
sendCallbackMessage(getString(R.string.status_install_fail));
|
sendCallbackMessage(getString(R.string.status_install_fail));
|
||||||
|
|
||||||
//showAlert(getString(R.string.title_error),getString(R.string.status_install_fail));
|
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -439,7 +439,9 @@ public class TorService extends Service implements TorServiceConstants, Runnable
|
||||||
{
|
{
|
||||||
logNotice("Found Tor binary: " + torBinaryPath);
|
logNotice("Found Tor binary: " + torBinaryPath);
|
||||||
|
|
||||||
logNotice("Found prvoxy binary: " + privoxyPath);
|
logNotice("Found privoxy binary: " + privoxyPath);
|
||||||
|
|
||||||
|
logNotice("Found iptables binary: " + iptablesPath);
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -453,6 +455,10 @@ public class TorService extends Service implements TorServiceConstants, Runnable
|
||||||
String[] cmd2 = {SHELL_CMD_CHMOD + ' ' + CHMOD_EXE_VALUE + ' ' + privoxyPath};
|
String[] cmd2 = {SHELL_CMD_CHMOD + ' ' + CHMOD_EXE_VALUE + ' ' + privoxyPath};
|
||||||
TorServiceUtils.doShellCommand(cmd2, log, false, true);
|
TorServiceUtils.doShellCommand(cmd2, log, false, true);
|
||||||
|
|
||||||
|
logNotice("(re)Setting permission on iptables binary");
|
||||||
|
String[] cmd3 = {SHELL_CMD_CHMOD + ' ' + CHMOD_EXE_VALUE + ' ' + iptablesPath};
|
||||||
|
TorServiceUtils.doShellCommand(cmd3, log, false, true);
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1181,15 +1187,15 @@ public class TorService extends Service implements TorServiceConstants, Runnable
|
||||||
logNotice ("TorTransProxy enabled: " + success);
|
logNotice ("TorTransProxy enabled: " + success);
|
||||||
|
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
logNotice("WARNING: Error configuring transparenty proxying: " + e.getMessage());
|
|
||||||
|
|
||||||
|
logNotice("WARNING: Error configuring transparenty proxying: " + e.getMessage());
|
||||||
Log.w(TAG, "error refreshing iptables: err=" + e.getMessage(), e);
|
Log.w(TAG, "error refreshing iptables: err=" + e.getMessage(), e);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
TorTransProxy.purgeNatIptables();
|
TorTransProxy.purgeIptables();
|
||||||
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -1197,7 +1203,7 @@ public class TorService extends Service implements TorServiceConstants, Runnable
|
||||||
{
|
{
|
||||||
if (hasRoot)
|
if (hasRoot)
|
||||||
{
|
{
|
||||||
TorTransProxy.purgeNatIptables();
|
TorTransProxy.purgeIptables();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,43 +8,28 @@ public interface TorServiceConstants {
|
||||||
|
|
||||||
public final static String TOR_APP_USERNAME = "org.torproject.android";
|
public final static String TOR_APP_USERNAME = "org.torproject.android";
|
||||||
|
|
||||||
|
public final static String ASSETS_BASE = "assets/";
|
||||||
|
|
||||||
//home directory of Android application
|
//home directory of Android application
|
||||||
// public final static String TOR_HOME = "/data/data/" + TOR_APP_USERNAME + "/";
|
|
||||||
|
|
||||||
//public final static String TOR_HOME_DATA_DIR = TOR_HOME + "data/";
|
|
||||||
|
|
||||||
//name of the tor C binary
|
//name of the tor C binary
|
||||||
public final static String TOR_BINARY_ASSET_KEY = "tor";
|
public final static String TOR_BINARY_ASSET_KEY = "tor";
|
||||||
// public final static String TOR_BINARY_INSTALL_PATH = TOR_HOME + TOR_BINARY_ASSET_KEY; //path to install the Tor binary too
|
|
||||||
public final static String TOR_BINARY_ZIP_KEY = "assets/" + TOR_BINARY_ASSET_KEY;//key of the tor binary in the Zip file
|
|
||||||
|
|
||||||
//torrc (tor config file)
|
//torrc (tor config file)
|
||||||
public final static String TORRC_ASSET_KEY = "torrc";
|
public final static String TORRC_ASSET_KEY = "torrc";
|
||||||
// public final static String TORRC_INSTALL_PATH = TOR_HOME + TORRC_ASSET_KEY; //path to install torrc to within the android app data folder
|
|
||||||
public final static String TORRC_ZIP_KEY = "assets/" + TORRC_ASSET_KEY; //key of the torrc file in the Zip file
|
|
||||||
//how to launch tor
|
//how to launch tor
|
||||||
// public final static String TOR_COMMAND_LINE_ARGS = "-f " + TORRC_INSTALL_PATH + " || exit\n";
|
// public final static String TOR_COMMAND_LINE_ARGS = "-f " + TORRC_INSTALL_PATH + " || exit\n";
|
||||||
|
|
||||||
//privoxy
|
//privoxy
|
||||||
public final static String PRIVOXY_ASSET_KEY = "privoxy";
|
public final static String PRIVOXY_ASSET_KEY = "privoxy";
|
||||||
// public final static String PRIVOXY_INSTALL_PATH = TOR_HOME + PRIVOXY_ASSET_KEY; //path to install privoxy to within the android app data folder
|
|
||||||
public final static String PRIVOXY_ZIP_KEY = "assets/" + PRIVOXY_ASSET_KEY; //key of the privoxy file in the Zip file
|
|
||||||
|
|
||||||
//privoxy.config
|
//privoxy.config
|
||||||
public final static String PRIVOXYCONFIG_ASSET_KEY = "privoxy.config";
|
public final static String PRIVOXYCONFIG_ASSET_KEY = "privoxy.config";
|
||||||
// public final static String PRIVOXYCONFIG_INSTALL_PATH = TOR_HOME + PRIVOXYCONFIG_ASSET_KEY; //path to install privoxy to within the android app data folder
|
|
||||||
public final static String PRIVOXYCONFIG_ZIP_KEY = "assets/" + PRIVOXYCONFIG_ASSET_KEY; //key of the privoxy file in the Zip file
|
|
||||||
|
|
||||||
//how to launch privoxy
|
|
||||||
// public final static String PRIVOXY_COMMAND_LINE_ARGS = ' ' + PRIVOXYCONFIG_INSTALL_PATH + " || exit\n";
|
|
||||||
|
|
||||||
//where to send the notices log
|
|
||||||
// public final static String TOR_LOG_PATH = TOR_HOME + "notices.log";
|
|
||||||
|
|
||||||
//control port cookie path
|
|
||||||
// public final static String TOR_CONTROL_AUTH_COOKIE = TOR_HOME_DATA_DIR + "control_auth_cookie";
|
|
||||||
|
|
||||||
|
|
||||||
|
//iptables key
|
||||||
|
public final static String IPTABLES_ASSET_KEY = "iptables";
|
||||||
|
|
||||||
//various console cmds
|
//various console cmds
|
||||||
public final static String SHELL_CMD_CHMOD = "chmod";
|
public final static String SHELL_CMD_CHMOD = "chmod";
|
||||||
public final static String SHELL_CMD_KILL = "kill";
|
public final static String SHELL_CMD_KILL = "kill";
|
||||||
|
|
|
@ -1,5 +1,7 @@
|
||||||
package org.torproject.android.service;
|
package org.torproject.android.service;
|
||||||
|
|
||||||
|
import java.io.File;
|
||||||
|
|
||||||
import org.torproject.android.TorifiedApp;
|
import org.torproject.android.TorifiedApp;
|
||||||
|
|
||||||
import android.content.Context;
|
import android.content.Context;
|
||||||
|
@ -9,14 +11,17 @@ public class TorTransProxy {
|
||||||
|
|
||||||
private final static String TAG = "TorTransProxy";
|
private final static String TAG = "TorTransProxy";
|
||||||
|
|
||||||
private final static String CMD_NAT_FLUSH = "iptables -t nat -F || exit\n";
|
private static String BASE_DIR = "/data/data/" + TorServiceConstants.TOR_APP_USERNAME + "/";
|
||||||
private final static String CMD_DNS_PROXYING_ADD = "iptables -t nat -A PREROUTING -p udp --dport 53 -j DNAT --to 127.0.0.1:5400 || exit\n";
|
|
||||||
|
|
||||||
//private final static String CMD_DNS_PROXYING_DELETE = "iptables -t nat -D PREROUTING -p udp --dport 53 -j DNAT --to 127.0.0.1:5400 || exit\n";
|
private final static String CMD_NAT_FLUSH = "iptables -t nat -F || exit\n";
|
||||||
// - just calling a system wide flush of iptables rules
|
private final static String CMD_FILTER_FLUSH = "iptables -t filter -F || exit\n";
|
||||||
|
|
||||||
|
private final static String CMD_DNS_PROXYING_ADD = "iptables -t nat -A PREROUTING -p udp --dport 53 -j DNAT --to 127.0.0.1:5400 || exit\n";
|
||||||
|
|
||||||
private final static String IPTABLES_ADD = " -A ";
|
private final static String IPTABLES_ADD = " -A ";
|
||||||
|
|
||||||
|
//private final static String CMD_DNS_PROXYING_DELETE = "iptables -t nat -D PREROUTING -p udp --dport 53 -j DNAT --to 127.0.0.1:5400 || exit\n";
|
||||||
|
// - just calling a system wide flush of iptables rules
|
||||||
//private final static String IPTABLES_DELETE = " -D "; //not deleting manually anymore - just calling a system wide flush of iptables rules
|
//private final static String IPTABLES_DELETE = " -D "; //not deleting manually anymore - just calling a system wide flush of iptables rules
|
||||||
// private final static String IPTABLES_DROP_ALL = " -j DROP ";
|
// private final static String IPTABLES_DROP_ALL = " -j DROP ";
|
||||||
|
|
||||||
|
@ -32,7 +37,7 @@ public class TorTransProxy {
|
||||||
try {
|
try {
|
||||||
|
|
||||||
// Run an empty script just to check root access
|
// Run an empty script just to check root access
|
||||||
String[] cmd = {"whoami"};
|
String[] cmd = {"exit 0"};
|
||||||
int exitCode = TorServiceUtils.doShellCommand(cmd, log, true, true);
|
int exitCode = TorServiceUtils.doShellCommand(cmd, log, true, true);
|
||||||
if (exitCode == 0) {
|
if (exitCode == 0) {
|
||||||
|
|
||||||
|
@ -46,13 +51,36 @@ public class TorTransProxy {
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private static String findBaseDir ()
|
||||||
|
{
|
||||||
|
String[] cmds = {"/system/bin/iptables -t nat --list"};
|
||||||
|
StringBuilder res = new StringBuilder();
|
||||||
|
|
||||||
|
int code;
|
||||||
|
try {
|
||||||
|
code = TorServiceUtils.doShellCommand(cmds, res, true, true);
|
||||||
|
|
||||||
|
|
||||||
|
if (code != 0) {
|
||||||
|
return BASE_DIR;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
return "/system/bin/";
|
||||||
|
|
||||||
|
} catch (Exception e) {
|
||||||
|
return BASE_DIR;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
}
|
||||||
public static int setDNSProxying () throws Exception
|
public static int setDNSProxying () throws Exception
|
||||||
{
|
{
|
||||||
|
String baseDir = findBaseDir();
|
||||||
|
|
||||||
final StringBuilder log = new StringBuilder();
|
final StringBuilder log = new StringBuilder();
|
||||||
int code;
|
int code;
|
||||||
|
|
||||||
String[] cmds = {CMD_DNS_PROXYING_ADD};
|
String[] cmds = {baseDir + CMD_DNS_PROXYING_ADD};
|
||||||
|
|
||||||
|
|
||||||
code = TorServiceUtils.doShellCommand(cmds, log, true, true);
|
code = TorServiceUtils.doShellCommand(cmds, log, true, true);
|
||||||
|
@ -78,15 +106,21 @@ public class TorTransProxy {
|
||||||
}
|
}
|
||||||
*/
|
*/
|
||||||
|
|
||||||
public static boolean purgeNatIptables() {
|
public static boolean purgeIptables() {
|
||||||
|
|
||||||
|
String baseDir = findBaseDir();
|
||||||
|
|
||||||
|
|
||||||
StringBuilder res = new StringBuilder();
|
StringBuilder res = new StringBuilder();
|
||||||
try {
|
try {
|
||||||
String[] cmds = {CMD_NAT_FLUSH};
|
String[] cmds = {baseDir + CMD_NAT_FLUSH, baseDir + CMD_FILTER_FLUSH};
|
||||||
int code = TorServiceUtils.doShellCommand(cmds, res, true, true);
|
int code = TorServiceUtils.doShellCommand(cmds, res, true, true);
|
||||||
if (code != 0) {
|
if (code != 0) {
|
||||||
Log.w(TAG, "error purging iptables. exit code: " + code + "\n" + res);
|
Log.w(TAG, "error purging iptables. exit code: " + code + "\n" + res);
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
return true;
|
return true;
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
Log.w(TAG,"error purging iptables: " + e);
|
Log.w(TAG,"error purging iptables: " + e);
|
||||||
|
@ -96,7 +130,9 @@ public class TorTransProxy {
|
||||||
|
|
||||||
public static boolean setTransparentProxyingByApp(Context context, TorifiedApp[] apps, boolean forceAll) throws Exception
|
public static boolean setTransparentProxyingByApp(Context context, TorifiedApp[] apps, boolean forceAll) throws Exception
|
||||||
{
|
{
|
||||||
|
|
||||||
|
String baseDir = findBaseDir();
|
||||||
|
|
||||||
String command = null;
|
String command = null;
|
||||||
|
|
||||||
command = IPTABLES_ADD; //ADD
|
command = IPTABLES_ADD; //ADD
|
||||||
|
@ -121,30 +157,49 @@ public class TorTransProxy {
|
||||||
Log.i(TAG,"enabling transproxy for app: " + apps[i].getUsername() + "(" + apps[i].getUid() + ")");
|
Log.i(TAG,"enabling transproxy for app: " + apps[i].getUsername() + "(" + apps[i].getUid() + ")");
|
||||||
|
|
||||||
//TCP
|
//TCP
|
||||||
|
script.append(baseDir);
|
||||||
script.append("iptables -t nat");
|
script.append("iptables -t nat");
|
||||||
script.append(command);
|
script.append(" -A OUTPUT -p tcp -m owner --uid-owner ");
|
||||||
script.append("OUTPUT -p tcp -m owner --uid-owner ");
|
|
||||||
script.append(apps[i].getUid());
|
script.append(apps[i].getUid());
|
||||||
script.append(" -j DNAT --to 127.0.0.1:9040");
|
// script.append(" -j DNAT --to 127.0.0.1:9040");
|
||||||
|
script.append(" -m tcp --syn -j REDIRECT --to-ports 9040");
|
||||||
script.append(" || exit\n");
|
script.append(" || exit\n");
|
||||||
|
|
||||||
//UDP
|
//UDP
|
||||||
|
script.append(baseDir);
|
||||||
script.append("iptables -t nat");
|
script.append("iptables -t nat");
|
||||||
script.append(command);
|
script.append(" -A OUTPUT -p udp -m owner --uid-owner ");
|
||||||
script.append("OUTPUT -p udp -m owner --uid-owner ");
|
|
||||||
script.append(apps[i].getUid());
|
script.append(apps[i].getUid());
|
||||||
script.append(" -j DROP"); //drop all UDP packets as Tor won't handle them
|
script.append(" --dport 53 -j REDIRECT --to-ports 5400"); //drop all UDP packets as Tor won't handle them
|
||||||
script.append(" || exit\n");
|
script.append(" || exit\n");
|
||||||
|
|
||||||
|
script.append(baseDir);
|
||||||
|
script.append("iptables -t nat");
|
||||||
|
script.append(" -A OUTPUT -m owner --uid-owner ");
|
||||||
|
script.append(apps[i].getUid());
|
||||||
|
script.append(" -j DROP"); //drop all other packets as Tor won't handle them
|
||||||
|
script.append(" || exit\n");
|
||||||
|
|
||||||
|
|
||||||
|
/*
|
||||||
|
* iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner anonymous -m tcp -j REDIRECT --to-ports 9040
|
||||||
|
iptables -t nat -A OUTPUT -p udp -m owner --uid-owner anonymous -m udp --dport 53 -j REDIRECT --to-ports 53
|
||||||
|
iptables -t filter -A OUTPUT -p tcp -m owner --uid-owner anonymous -m tcp --dport 9040 -j ACCEPT
|
||||||
|
iptables -t filter -A OUTPUT -p udp -m owner --uid-owner anonymous -m udp --dport 53 -j ACCEPT
|
||||||
|
iptables -t filter -A OUTPUT -m owner --uid-owner anonymous -j DROP
|
||||||
|
|
||||||
|
*/
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
String[] cmd = {script.toString()};
|
String[] cmd = {script.toString()};
|
||||||
|
Log.i(TAG, cmd[0]);
|
||||||
|
|
||||||
code = TorServiceUtils.doShellCommand(cmd, res, true, true);
|
code = TorServiceUtils.doShellCommand(cmd, res, true, true);
|
||||||
|
|
||||||
String msg = res.toString();
|
String msg = res.toString();
|
||||||
Log.e(TAG, msg);
|
Log.i(TAG, msg);
|
||||||
|
|
||||||
|
|
||||||
return false;
|
return false;
|
||||||
|
@ -153,9 +208,8 @@ public class TorTransProxy {
|
||||||
|
|
||||||
public static boolean setTransparentProxyingByPort(Context context, String[] ports) {
|
public static boolean setTransparentProxyingByPort(Context context, String[] ports) {
|
||||||
|
|
||||||
String command = null;
|
String baseDir = findBaseDir();
|
||||||
|
|
||||||
command = IPTABLES_ADD; //ADD
|
|
||||||
|
|
||||||
final StringBuilder script = new StringBuilder();
|
final StringBuilder script = new StringBuilder();
|
||||||
|
|
||||||
|
@ -167,6 +221,8 @@ public class TorTransProxy {
|
||||||
Log.i(TAG,"enabling transproxy for port: " + ports[i]);
|
Log.i(TAG,"enabling transproxy for port: " + ports[i]);
|
||||||
|
|
||||||
//TCP
|
//TCP
|
||||||
|
|
||||||
|
script.append(baseDir);
|
||||||
script.append("iptables -t nat");
|
script.append("iptables -t nat");
|
||||||
script.append("-A PREROUTING -p tcp --dport ");
|
script.append("-A PREROUTING -p tcp --dport ");
|
||||||
script.append(ports[i]);
|
script.append(ports[i]);
|
||||||
|
@ -174,6 +230,8 @@ public class TorTransProxy {
|
||||||
script.append(" || exit\n");
|
script.append(" || exit\n");
|
||||||
|
|
||||||
//UDP
|
//UDP
|
||||||
|
|
||||||
|
script.append(baseDir);
|
||||||
script.append("iptables -t nat");
|
script.append("iptables -t nat");
|
||||||
script.append("-A PREROUTING -p udp --dport ");
|
script.append("-A PREROUTING -p udp --dport ");
|
||||||
script.append(ports[i]);
|
script.append(ports[i]);
|
||||||
|
@ -185,7 +243,8 @@ public class TorTransProxy {
|
||||||
StringBuilder res = new StringBuilder();
|
StringBuilder res = new StringBuilder();
|
||||||
|
|
||||||
String[] cmd = {script.toString()};
|
String[] cmd = {script.toString()};
|
||||||
|
Log.i(TAG, cmd[0]);
|
||||||
|
|
||||||
code = TorServiceUtils.doShellCommand(cmd, res, true, true);
|
code = TorServiceUtils.doShellCommand(cmd, res, true, true);
|
||||||
|
|
||||||
String msg = res.toString();
|
String msg = res.toString();
|
||||||
|
|
Loading…
Reference in New Issue