.classpath

@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+	<classpathentry kind="src" path="src"/>
+	<classpathentry kind="src" path="gen"/>
+	<classpathentry kind="con" path="com.android.ide.eclipse.adt.ANDROID_FRAMEWORK"/>
+	<classpathentry kind="lib" path="libs/jtorctl.jar"/>
+	<classpathentry exported="true" kind="con" path="com.android.ide.eclipse.adt.LIBRARIES"/>
+	<classpathentry kind="output" path="bin/classes"/>
+</classpath>

.gitignore

@@ -1,68 +1,19 @@
-# auto-generated files from Android builds
-build.xml
-ant.properties
-default.properties
-proguard.cfg
-proguard-project.txt
-#
-releases
-docs
-doc
-.directory
-
-#built application files
-*.apk
-*.ap_
-
-# files for the dex VM
-*.dex
-
-# Java class files
-*.class
-
-# subdirs for generated files
-bin/
-gen/
-
-# Local configuration file (sdk path, etc)
-local.properties
-
-# Windows thumbnail db
-Thumbs.db
-
-# OSX files
-.DS_Store
-
-# Android Studio
-*.iml
-.idea/
-.gradle/
-build/
-
-#tfx
-.transifexrc
-
-/external/appcompat/bin/
-/external/appcompat/gen/
-/external/bin/
-/external/include/
-/external/*-build-stamp
-/external/lib/
-/external/privoxy/
-/external/test.c
-/external/test.h.gch
-/external/translation/
+external/bin/
+external/include/
+external/iptables.foo/
+external/iptables/
+external/jtorctl-build-stamp
+external/lib/
+external/libevent-build-stamp
+external/obfsproxy-build-stamp
+external/openssl-static-build-stamp
+external/privoxy-build-stamp
+external/privoxy/
+external/test.c
+external/test.h.gch
+external/tor-build-stamp
+external/translation/
 bin
 gen
 native
-libs/jtorctl.jar
 local.properties
-builds
-external/patches/*
-obj
-
-
-app/src/main/jniLibs/
-app/src/main/libs/
-orbotservice/src/main/libs/
-orbotservice/src/main/jniLibs/

.gitmodules

@@ -1,20 +1,18 @@
+[submodule "external/openssl-static"]
+	path = external/openssl-static
+	url = git://github.com/guardianproject/android-external-openssl-ndk-static.git
 [submodule "external/tor"]
 	path = external/tor
-	url = https://git.torproject.org/git/tor.git
-	ignore = dirty
+	url = git://git.torproject.org/git/tor.git
 [submodule "external/libevent"]
 	path = external/libevent
-	url = https://github.com/libevent/libevent.git
-	ignore = dirty
-[submodule "external/openssl"]
-	path = external/openssl
-	url = https://github.com/openssl/openssl.git
-	ignore = dirty
-[submodule "external/zstd"]
-	path = external/zstd
-	url = https://github.com/facebook/zstd.git
-	ignore = dirty
-[submodule "external/xz"]
-	path = external/xz
-	url = https://git.tukaani.org/xz.git
-	ignore = dirty
+	url = git://github.com/libevent/libevent.git
+[submodule "external/jtorctrl"]
+	path = external/jtorctrl
+	url = git://git.torproject.org/git/jtorctl
+[submodule "external/jtorctl"]
+	path = external/jtorctl
+	url = git://git.torproject.org/git/jtorctl
+[submodule "external/obfsproxy"]
+	path = external/obfsproxy
+	url = git://git.torproject.org/obfsproxy.git

.project

@@ -5,16 +5,6 @@
 	<projects>
 	</projects>
 	<buildSpec>
-		<buildCommand>
-			<name>org.eclipse.ui.externaltools.ExternalToolBuilder</name>
-			<triggers>full,incremental,</triggers>
-			<arguments>
-				<dictionary>
-					<key>LaunchConfigHandle</key>
-					<value>&lt;project&gt;/.externalToolBuilders/org.eclipse.cdt.managedbuilder.core.genmakebuilder.launch</value>
-				</dictionary>
-			</arguments>
-		</buildCommand>
 		<buildCommand>
 			<name>org.eclipse.wst.jsdt.core.javascriptValidator</name>
 			<arguments>
@@ -40,40 +30,10 @@
 			<arguments>
 			</arguments>
 		</buildCommand>
-		<buildCommand>
-			<name>org.eclipse.cdt.managedbuilder.core.ScannerConfigBuilder</name>
-			<triggers>full,incremental,</triggers>
-			<arguments>
-			</arguments>
-		</buildCommand>
 	</buildSpec>
 	<natures>
 		<nature>com.android.ide.eclipse.adt.AndroidNature</nature>
 		<nature>org.eclipse.jdt.core.javanature</nature>
 		<nature>org.eclipse.wst.jsdt.core.jsNature</nature>
-		<nature>org.eclipse.cdt.core.cnature</nature>
-		<nature>org.eclipse.cdt.core.ccnature</nature>
-		<nature>org.eclipse.cdt.managedbuilder.core.managedBuildNature</nature>
-		<nature>org.eclipse.cdt.managedbuilder.core.ScannerConfigNature</nature>
 	</natures>
-	<filteredResources>
-		<filter>
-			<id>1451443416388</id>
-			<name></name>
-			<type>30</type>
-			<matcher>
-				<id>org.eclipse.ui.ide.multiFilter</id>
-				<arguments>1.0-name-matches-false-false-external</arguments>
-			</matcher>
-		</filter>
-		<filter>
-			<id>1451443416398</id>
-			<name></name>
-			<type>26</type>
-			<matcher>
-				<id>org.eclipse.ui.ide.multiFilter</id>
-				<arguments>1.0-name-matches-false-false-jni</arguments>
-			</matcher>
-		</filter>
-	</filteredResources>
 </projectDescription>

.settings/.jsdtscope

@@ -0,0 +1,11 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+	<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.JRE_CONTAINER"/>
+	<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.WebProject">
+		<attributes>
+			<attribute name="hide" value="true"/>
+		</attributes>
+	</classpathentry>
+	<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.baseBrowserLibrary"/>
+	<classpathentry kind="output" path=""/>
+</classpath>

.settings/org.eclipse.wst.jsdt.ui.superType.container

@@ -0,0 +1 @@
+org.eclipse.wst.jsdt.launching.baseBrowserLibrary

.settings/org.eclipse.wst.jsdt.ui.superType.name

@@ -0,0 +1 @@
+Window

AUTHORS

@@ -36,9 +36,3 @@ in TorTransProxy for handling the "transproxy all" mode of operation. Before
 certain system processes were leaking traffic, and this was also detected
 by his excellent auditing.
  
-Amogh Pradeep <amoghbl1@gmail.com> submitted a patch to address an issue
-with the ongoing data transfer notification dying now and then, and is
-working on improving the notification display in general
- 
-We found a nice new power button vector set here under the CC license:
-http://vector4free.com/vector/free-vector-power-buttons/

AndroidManifest.xml

@@ -0,0 +1,78 @@
+<?xml version="1.0" encoding="utf-8"?>
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+      package="org.torproject.android" 
+      android:versionName="0.2.3.23-rc-1.0.11-RC5-test2" 
+      android:versionCode="51"
+        android:installLocation="auto"
+      >
+    <uses-permission android:name="android.permission.INTERNET" />
+ 	<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED"/>
+    <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
+ 	
+    <uses-sdk android:minSdkVersion="5" android:targetSdkVersion="15"/>
+    <application android:name=".OrbotApp" android:icon="@drawable/ic_launcher"
+     android:label="@string/app_name" 
+     android:configChanges="locale|orientation|screenSize"
+      android:theme="@style/Theme.Sherlock"
+     >
+      
+        <activity android:name=".Orbot" android:configChanges="locale|orientation|screenSize">
+            <intent-filter>
+                <action android:name="android.intent.action.MAIN" />
+                <category android:name="android.intent.category.LAUNCHER" />
+          </intent-filter>
+            <intent-filter>
+            <action android:name="android.intent.action.VIEW" />
+            <category android:name="android.intent.category.DEFAULT" />
+            <category android:name="android.intent.category.BROWSABLE" />
+        </intent-filter>
+        
+            <intent-filter>
+                <action android:name="android.intent.action.VIEW" />
+                <category android:name="android.intent.category.DEFAULT" />
+                <category android:name="android.intent.category.BROWSABLE" />
+                <data android:scheme="bridge" />
+                <data android:scheme="bridge+obfs" />
+            </intent-filter>
+        
+         <intent-filter>
+                <category android:name="android.intent.category.DEFAULT" />
+            	<action android:name="org.torproject.android.REQUEST_HS_PORT" />
+            </intent-filter>
+             <intent-filter>
+                <category android:name="android.intent.category.DEFAULT" />
+            	<action android:name="org.torproject.android.START_TOR" />
+            </intent-filter>
+        </activity>
+      	
+      	<activity android:name=".wizard.LotsaText"/>
+      	<activity android:name=".wizard.Permissions"/>
+      	<activity android:name=".wizard.TipsAndTricks"/>
+      	<activity android:name=".wizard.ConfigureTransProxy"/>
+      	<activity android:name=".wizard.ChooseLocaleWizardActivity"/>
+      	
+      	<activity android:name=".settings.SettingsPreferences"  android:label="@string/app_name"/>
+        <activity android:name=".settings.AppManager"  android:label="@string/app_name"/>
+      
+    	<service android:enabled="true"
+    		android:name=".service.TorService" 
+    		android:exported="false"
+    		>
+	            <intent-filter>
+	                <action android:name="org.torproject.android.service.ITorService" />
+	              	<action android:name="org.torproject.android.service.TOR_SERVICE" />
+            </intent-filter>
+    	</service>
+    	
+    	
+    	<receiver android:name=".OnBootReceiver">
+			<intent-filter>
+				<action	android:name="android.intent.action.BOOT_COMPLETED" />
+				<category android:name="android.intent.category.HOME" />
+			</intent-filter>
+		</receiver>
+    	
+    </application>
+    
+
+</manifest> 

BUILD

@@ -1,6 +1,5 @@
 
-This document explains how to properly build an Android package of Orbot from
-source.
+This document explains how to properly build an Android package of Orbot from source.
 
 Orbot includes, in the external directory, git repo submodules of:
 	- Tor
@@ -8,38 +7,71 @@ Orbot includes, in the external directory, git repo submodules of:
 	- LibEvent
 	- JTorControl: The Tor Control Library for Java
 
+The Orbot repo also includes the Privoxy source code of a recent stable release.
+
 Please install the following prerequisites (instructions for each follows):
 	ant: http://ant.apache.org/
-	Android Native Dev Kit or NDK (for C/C++ code):
-        http://developer.android.com/sdk/ndk/index.html
-	Android Software Dev Kit or SDK (for Java code):
-        http://developer.android.com/sdk/index.html
-	AutoMake and AutoConf tool
-	sudo apt-get install autotools-dev
-	sudo apt-get install automake
-	sudo apt-get install autogen autoconf libtool gettext-base autopoint
+	Android Native Dev Kit or NDK (for C/C++ code): http://developer.android.com/sdk/ndk/index.html
+	Android Software Dev Kit or SDK (for Java code): http://developer.android.com/sdk/index.html
 
-You will need to run the 'android' command in the SDK to install the necessary
-Android platform supports (ICS 4.x or android-15)
+You will need to run the 'android' command in the SDK to install the necessary Android platform supports (ICS 4.x or android-15)
 
-Be sure that you have all of the git submodules up-to-date:
+To begin building, from the Orbot root directory, you first need to build all external C/native dependencies:
 
-	./tor-droid-make.sh fetch
+	export NDK_BASE={PATH TO YOUR NDK INSTALL}
+	make -C external
 
-To begin building, from the Orbot root directory, it builds all submodules and
-the project.
+At this point, you'll have Tor and Privoxy binaries that can be run on an Android handset.
+You can verify the ARM binary was properly built using the following command:
 
-        ./tor-droid-make.sh build
+	file res/raw/tor
+	file res/raw/privoxy
+	
+You should see something like:
+src/or/tor: ELF 32-bit LSB executable, ARM, version 1 (SYSV), dynamically linked (uses shared libs), not stripped
+
+This isn't enough though and we'll now sew up the binary into a small package
+that will handle basic Tor controlling features.
+
+	android update project --name Orbot --target android-15 --path .
+
+#Now you need to split and copy the tor binary into res/raw. We split it into < 1M chunks
+#because some Android devices don't like resources larger than 1M.
+#split --bytes=1m $DROID_ROOT/external/tor/tor/src/or/tor res/raw/tor
 
 Now build the Android app
 
-(gradle / android studio instructions here)
+	ant release
 
-This will produce an unsigned Tor package APK.
+This will produce an unsigned Tor package in ./bin/Orbot-unsigned.apk!
 
 To produce a usable package, you'll need to sign the .apk. The basics on
 signing can be found on the Android developer site:
 
 	http://developer.android.com/guide/publishing/app-signing.html
 
+The three steps are quite simple. First, you'll generate a key. Secondly,
+you'll sign the application. Thirdly, you'll verify the the apk.
+
+Generating a signing key:
+
+	keytool -genkey -v -keystore my-release-key.keystore \
+		-alias orbots_key -keyalg RSA -validity 10000
+
+Sign the apk:
+
+	jarsigner -verbose -keystore my-release-key.keystore \
+		bin/Orbot-unsigned.apk orbots_key
+
+Verify the signature for the apk:
+
+	jarsigner -verify bin/Orbot-unsigned.apk
+	mv bin/Orbot-unsigned.apk bin/Orbot-signed-alpha.apk
+
+You can also GPG sign the apk and generate an .asc:
+
+	gpg -ab Orbot-signed-alpha.apk
+
+Now you should have a fully signed and production ready alpha release of Orbot!
+Give bin/Orbot-signed-alpha.apk an install and send us bug reports!
 

CHANGELOG

@@ -0,0 +1,185 @@
+NOTE: Specific #s below correspond to Trac tickets logged and maintained at https://trac.torproject.org/projects/tor/
+
+1.0.11
+- Tor updated to 0.2.4.4-alpha
+- libevent2 on 2.2.1-alpha
+- added data up/down speed and totals display
+- added new "Log" SlideDrawer log display 
+- added ability to copy logs by touching log (for emailing, debugging)
+- fixed iptables Android 4/Jellybean compatible binary detection
+- iptables add/delete now on specific rules; no more global FLUSHing
+- transproxy ensures that UDP is blocked properly for all or selected apps
+- wizard display is centered
+- added network connectivity monitor to set Tor's DisableNetwork value
+- fixed wizard tips apps recommendations; added DuckGo, Twitter, Firefox Proxymob
+- insure that iptables rules are only added once, and that all are cleared
+
+1.0.9
+- Tor now updated to 0.2.3.17-beta
+- Privoxy updated to 3.0.12
+- tweaked layout for smaller screens
+- fixed obfsproxy android patch build error
+- privoxy: removed lpthread library flag since Android has it built-in
+- updated strings; made notify on/off option work again
+- added background view; fixed long click;
+- removed unneeded landscape custom layout
+- updated layout for larger screens
+- updated impl of torified apps logic
+- improved wizard flow on non-root devices
+- removed gcc ssp hardening (not support on Android NDK)
+- fixed posix thread option for Privoxy
+- added docs folder and readme's
+- clarified english strings for hidden srv and proxying
+- moved Tor data directory to app_data from cache
+- fixed notification persistence handling
+- fixed relay/server mode option resolv.conf error
+- fixed app list display
+
+1.0.8 (includes 1.0.7.3 and 1.0.7.2)
+- new external/Makefile and git submodules
+- fixed tor control port cookie file path lookup related to #5305 
+- updated strings
+- adding in manual locale selection
+- added obfsproxy binary to res/raw and binary installation process
+- added new preferences to support obfsproxy bridge configuration
+- upgraded tor binary to 0.2.3.11-alpha
+
+1.0.7
+- reduced data folder size by making geoip file only installed on demand
+- added options for turning of persistent notification
+- enabled access to localhost ports for SOCKS, HTTP, etc even when transproxy is on
+- improved handling of tor and privoxy binary upgrades
+- updated openssl to 1.0.0f to address recent SSLv3 threat
+- check for root mode uses "which su" command and does not look for Superuser.apk
+- changed tor binary res/raw storage mechanism to use the "mp3" file ext trick
+
+1.0.6.1
+- small fixes to wizard UI
+- fixed "exit" problem, after running wizard
+
+1.0.6
+- updated tablet layout graphic sizing
+- stopped Orweb from being transparent proxied (not needed)
+- updated to Tor 0.2.3.7-alpha binary 
+- geoip database now included for exit/entrace node control
+- stopped iptables rule purging if transproxy is not enabled (conflicted with DroidWall and others)
+
+1.0.5.3
+- added auto-tor of wireless and usb tethering
+- integrated new setup wizard
+- moved large tor binary into split multiple 1M segments to fix for devices with 1M resource limit
+
+1.0.5.1/.2
+- small updates to layout of main screen to fit smaller screens
+- fixed preference setting of EntryNode torrc value
+
+1.0.5
+- added exit node and "StrictExitNode" preference
+- fixed tor binary installation issue related to max resource size and compression
+- updated "start on boot" code to test for proper launch event
+- updated to Tor 0.2.2.25-alpha binary
+- moved back to single notification bar id to avoid double entries
+- cleaned up progress dialog and alert handling to avoid leaky windows
+- Merged __sporkbomb's patch for how transproxy all works; now does "everything but Tor"
+- Added new toolbar notifications and alerts for displaying notifications and Tor messages
+- Removed unused Socks client code from android.net package
+- Updated wizard to show link to Gibberbot (formerly OTRchat) chat app
+- Bundled iptables 1.4.7 for ARM instead of relying on installed version
+- Fixed various issues related to iptables, transproxying for CyanogenMod7/Android 2.3.*
+- Changed how settings changed are processed through the control port (batched instead of one by one)
+- Stopped app by app flushing of iptables rules, in favor of complete flush of 'nat' and 'filter' type
+- removed useless log screen (logs can be viewed/retrieved using 'alogcat' 3rd party app)
+
+1.0.4
+- Added Russian, Persian, Arabic and other .po translations (see res/values-* folders)
+- Fixed incorrect try to clear iptables rules for non-root devices
+- Fixed bug that stopped wizard helper from showing first time
+- Added new green notification icon when Tor is connected
+- Fixed app selector layout in settings
+- Moved minSDK to 4 (Android 1.6); discontinued 1.5 support
+- Fixed log screen touch disable tor bug
+- Debugged issues around network status change causing FC/crash
+- Added "Start on Boot" option
+
+1.0.3
+- Fixed spanish language issues with settings screen
+- Cleaned up logging, and moved most of it to debug output only
+- Small changes to iptables, transproxy settings to handle iptables 1.3 and 1.4 variations
+- Added compile time variable/flag for turning on/off detailed control port output to Android stdout
+- Hidden services now support through option in settings
+- removed double apostrophes from value/strings.xml files
+
+1.0.2
+- Added "check" yes/no dialog prompt
+- Debugged iptables/transprox settings on Android 1.6 and 2.2
+- Added proxy settings help screen and fixed processSettings() NPE
+
+1.0.1
+- Found and fixed major bug in per-app trans proxying; list of apps was being cached and iptables rules were not properly updated as the user changed the selection in the list
+ 
+1.0.0 - 2010-08-10
+- Added "Proxy Settings" help screen
+- Handle potential null pointers on process settings where service not yet active 
+
+0.0.9x - 2010-08-03
+- Revised Orbot install wizard
+- Integrated Tor 0.2.2.14 and iptables 4.x binary
+- Fixed "got root" detection method 
+- Fixed Per App Torification handling so it updates on exit from Settings screen
+
+0.0.8x - 2010-07-15
+- Updated Settings & App configuration screens
+- Changed progress dialog display
+- Significant application re-arch
+- Fixed force stop crash on install
+- Integrated Tor 0.2.2.13-alpha-dev binary
+- Fixed su shell cmd error handling & root perms issue
+- #1570: Added new setup wizard on install to clarify root / non-root capabilities 
+- #1716: Per-app traffic routing prefs not persisted
+- #1509: Help window is too big for the screen on android 1.6
+- #1513: Orbot can't be told to exit <-- added 'Exit' menu option
+- #1530: Capture sh cmd stout for debugging errors <-- updated debug log screen
+- #1531: Don't loop ad infinitum in Orbot fails <-- only retries 3 times now
+- #1272: Orbot should store Tor files in the cache
+- #1273: Info should mention anonymity problems with ProxySurf
+
+0.0.5x
+- #1388: Error parsing PID from output of "ps"
+- #1277, #1278: Enabling bridges issues
+- #1279: Misleading message when initialization is finished
+- #1292: Tor version in About screen is wrong
+
+0.0.3x - 2010-03-15
+- Added Start/Stop menu item for non-touch activation
+- Improved parsing and validation of settings screen
+- UI now compatible with landscape mode (#1276)
+- Added relay support for static/publicly accessible IP devices
+
+0.0.3a - 2010-02-07
+- Integrated iptables support for transparent proxying of outbound port
+  80 and DNS
+- Privoxy is now used as HTTP Proxy server (cross-compiled to ARM)
+- New UI layout and graphics
+- Android settings screen for generated torrc file
+- Improved performance and error handling
+
+0.0.2a - 2009-11-30
+- Update user interface layout and graphics
+- Modified service launch, shutdown and handling
+- Improved event handler on Tor Control port callbacks
+- Added Help page
+
+0.0.2 - 2009-11-27
+- Major improvement to the user interface including relative layout for
+  different screens
+- New graphics resources
+- Implemented Tor Control Port using official Java library
+- Added 'clear' button to the log screen
+- Added 'save' and editable textbox for the settings screen
+- Moved screen navigation to a pop-up menu
+
+0.0.1-alpha - 2009-10-21
+- First code release
+- Major Features: Tor binary application is fully operational, UI:
+  Start/Stop Tor, View Message Log, View Settings (torrc)
+

INSTALL

@@ -0,0 +1,40 @@
+
+Orbot: Android Onion Routing Robot
+***********************************************
+Android is a freely licensed open-source application developed for the
+Android platform. It acts as a front-end to the Tor binary application,
+and also provides an HTTP Proxy for connecting web browsers and other
+HTTP client applications into the Tor SOCKS interface.
+
+*** PreReqs ***
+You need the Android Developer SDK to compile and build the APK file:
+http://developer.android.com/
+The project files including in this distribution are meant to be used
+with Eclipse: http://eclipse.org/
+
+*** How to use ***
+Currently, Orbot will work with any application that supports using
+an HTTP or SOCKS Proxy. Once you start Tor using Orbot, you can then
+point your application to HTTP port 8118 or SOCKS port 9050 on localhost
+IP 127.0.0.1.
+
+If you have root access, and a version of Android with iptables that
+supports the netfilter owner module, then Orbot can setup transparent
+proxying for any application.
+
+Finally, Firefox on Android is available, and we have released an
+add-on named ProxyMob for configuring SOCKS proxy settings for use
+with the local Tor socks proxy.
+
+** A Few Notes **
+
+To ensure you are connected to the Tor network, you should browse to
+https://check.torproject.org/
+
+The first time you activate Orbot, it may take a while to connect to
+Tor. Check the message log to ensure you are "100% Bootstrapped".
+
+***********************************************
+
+/* Copyright (c) 2009,2010,2011, Nathan Freitas, The Guardian Project
+ * http://guardianproject.info/ */

LICENSE

@@ -41,41 +41,6 @@ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-*****
-
-===============================================================================
-Orbot includes the Obfs4 pluggable transport:
-https://gitweb.torproject.org/pluggable-transports/obfs4.git
-
-Copyright (c) 2014, Yawning Angel <yawning at torproject dot org>
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-
- * Redistributions of source code must retain the above copyright notice,
-   this list of conditions and the following disclaimer.
-
- * Redistributions in binary form must reproduce the above copyright notice,
-   this list of conditions and the following disclaimer in the documentation
-   and/or other materials provided with the distribution.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
-AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
-IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
-LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-POSSIBILITY OF SUCH DAMAGE.
-===============================================================================
-
-
-*****
-
 *****
 Orbot contains a binary distribution of Privoxy (http://www.privoxy.org/)
 Copyright © 2001-2010 by Privoxy Developers <ijbswa-developers@lists.sourceforge.net>
@@ -193,32 +158,3 @@ is explicitely stated in the header of every file.
 The GPL also contains some obligations. If you distribute netfilter/iptables code
 in binary form, you have to offer the source code, too.
 ===============================================================================
-
-===============================================================================
-Orbot also includes BadVPN tun2socks: https://github.com/ambrop72/badvpn
-
-Copyright (c) 2009, Ambroz Bizjak <ambrop7@gmail.com>
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are met:
-    * Redistributions of source code must retain the above copyright
-      notice, this list of conditions and the following disclaimer.
-    * Redistributions in binary form must reproduce the above copyright
-      notice, this list of conditions and the following disclaimer in the
-      documentation and/or other materials provided with the distribution.
-    * Neither the name of the author nor the
-      names of its contributors may be used to endorse or promote products
-      derived from this software without specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
-DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
-(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
-ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
-SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-===============================================================================

README

@@ -1,28 +1,15 @@
 
-Tor Android
+Orbot: Android Onion Routing Robot
 ***********************************************
-This is a project forked from Orbot for building the tor binary for Android
+Orbot is a freely licensed open-source application developed for the
+Android platform. It acts as a front-end to the Tor binary application,
+and also provides an HTTP Proxy for connecting web browsers and other
+HTTP client applications into the Tor SOCKS interface.
 
-How to Build
 ***********************************************
-Please see: https://raw.githubusercontent.com/n8fr8/tor-android/master/BUILD
-
-How to Use via Gradle
-***********************************************
-
-Add the repository your list as shown:
-
-repositories {
-        maven { url "https://raw.githubusercontent.com/guardianproject/gpmaven/master" }
-    }
-    
-and then add the dependency, setting it to the latest version (or any version) we have made available, as a release:
-
-dependencies {
-    compile 'org.torproject:tor-android-binary:0.3.1.9'
-}
-
-
+Orbot is a component of the Guardian Project, an effort to develop
+a secure, anonymous smartphone for use by human rights activists, journalists
+and others around the world. Learn more: https://guardianproject.info/
 
 ***********************************************
 Tor protects your privacy on the internet by hiding the connection
@@ -34,3 +21,7 @@ Tor Frequently Asked Questions:
         https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ
         https://www.torproject.org/faq.html.en
 
+***********************************************
+
+/* Copyright (c) 2009-2012, Nathan Freitas, The Guardian Project
+ * https://guardianproject.info/ */

add-proguard-release.xml

@@ -0,0 +1,46 @@
+<!-- Proguard Properties -->
+<property name="obfuscate.dir" value="obf" />
+<property name="obfuscate.absolute.dir" location="${obfuscate.dir}" />
+<property name="android-jar-preobfuscate" value="${obfuscate.absolute.dir}/original.jar" />
+<property name="android-jar-postobfuscate" value="${obfuscate.absolute.dir}/postobf.jar" />
+<property name="out.dex.input.absolute.dir" value="${android-jar-postobfuscate}" />
+
+<!-- replaces the post-compile step from ant_rules_r3 -->
+<target name="-post-compile" depends="-dex-obfuscate,-dex-no-obfuscate">
+</target>
+
+<target name="-dex-no-obfuscate" unless="build.mode.release">
+  <mkdir dir="${obfuscate.absolute.dir}" />
+  <jar basedir="${out.dir}/classes" destfile="${android-jar-postobfuscate}" />
+</target>
+
+<!-- Converts this project's .class files into .dex files -->
+<target name="-dex-obfuscate" if="build.mode.release">
+  <property name="proguard-jar" value="${proguard.dir}/proguard.jar" />
+  <property name="proguard-conf.dir" value="" />
+  <property name="proguard-conf.absolute.dir" location="${proguard-conf.dir}" />
+  <property name="proguard-conf" value="${proguard-conf.absolute.dir}/procfg.txt" />
+  <path id="fullclasspath">
+    <path refid="android.target.classpath"/>
+    <pathelement path="${external.libs.dir}"/>
+  </path>
+  <property name="libraryjarpath" refid="fullclasspath"/> 
+  <!-- Add Proguard Task -->
+  <taskdef resource="proguard/ant/task.properties" classpath="${proguard-jar}" />
+
+  <mkdir dir="${obfuscate.absolute.dir}" />
+  <delete file="${android-jar-preobfuscate}"/>
+  <delete file="${android-jar-postobfuscate}"/>
+  <jar basedir="${out.classes.dir}" destfile="${android-jar-preobfuscate}" />
+  <proguard>
+    @${proguard-conf}
+    -injars ${android-jar-preobfuscate}
+    -outjars ${android-jar-postobfuscate}
+    -libraryjars ${libraryjarpath}
+    -dump ${obfuscate.absolute.dir}/dump.txt
+    -printseeds ${obfuscate.absolute.dir}/seeds.txt
+    -printusage ${obfuscate.absolute.dir}/usage.txt
+    -printmapping ${obfuscate.absolute.dir}/mapping.txt
+  </proguard>
+</target>
+

bcdroid.manifest

@@ -0,0 +1,3 @@
+Manifest-Version: 1.0
+Sealed: true
+

build.gradle

@@ -1,17 +0,0 @@
-// Top-level build file where you can add configuration options common to all sub-projects/modules.
-buildscript {
-    repositories {
-        google()
-        jcenter()
-    }
-    dependencies {
-        classpath 'com.android.tools.build:gradle:3.2.0'
-    }
-}
-
-allprojects {
-    repositories {
-        google()
-        jcenter()
-    }
-}

build.xml

@@ -0,0 +1,83 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project name="Orbot" default="help">
+
+    <!-- The local.properties file is created and updated by the 'android' tool.
+         It contains the path to the SDK. It should *NOT* be checked into
+         Version Control Systems. -->
+    <property file="local.properties" />
+
+    <!-- The ant.properties file can be created by you. It is only edited by the
+         'android' tool to add properties to it.
+         This is the place to change some Ant specific build properties.
+         Here are some properties you may want to change/update:
+
+         source.dir
+             The name of the source directory. Default is 'src'.
+         out.dir
+             The name of the output directory. Default is 'bin'.
+
+         For other overridable properties, look at the beginning of the rules
+         files in the SDK, at tools/ant/build.xml
+
+         Properties related to the SDK location or the project target should
+         be updated using the 'android' tool with the 'update' action.
+
+         This file is an integral part of the build system for your
+         application and should be checked into Version Control Systems.
+
+         -->
+    <property file="ant.properties" />
+
+    <!-- The project.properties file is created and updated by the 'android'
+         tool, as well as ADT.
+
+         This contains project specific properties such as project target, and library
+         dependencies. Lower level build properties are stored in ant.properties
+         (or in .classpath for Eclipse projects).
+
+         This file is an integral part of the build system for your
+         application and should be checked into Version Control Systems. -->
+    <loadproperties srcFile="project.properties" />
+
+    <!-- quick check on sdk.dir -->
+    <fail
+            message="sdk.dir is missing. Make sure to generate local.properties using 'android update project' or to inject it through an env var"
+            unless="sdk.dir"
+    />
+
+    <!--
+        Import per project custom build rules if present at the root of the project.
+        This is the place to put custom intermediary targets such as:
+            -pre-build
+            -pre-compile
+            -post-compile (This is typically used for code obfuscation.
+                           Compiled code location: ${out.classes.absolute.dir}
+                           If this is not done in place, override ${out.dex.input.absolute.dir})
+            -post-package
+            -post-build
+            -pre-clean
+    -->
+    <import file="custom_rules.xml" optional="true" />
+
+    <!-- Import the actual build file.
+
+         To customize existing targets, there are two options:
+         - Customize only one target:
+             - copy/paste the target into this file, *before* the
+               <import> task.
+             - customize it to your needs.
+         - Customize the whole content of build.xml
+             - copy/paste the content of the rules files (minus the top node)
+               into this file, replacing the <import> task.
+             - customize to your needs.
+
+         ***********************
+         ****** IMPORTANT ******
+         ***********************
+         In all cases you must update the value of version-tag below to read 'custom' instead of an integer,
+         in order to avoid having your file be overridden by tools such as "android update project"
+    -->
+    <!-- version-tag: 1 -->
+    <import file="${sdk.dir}/tools/ant/build.xml" />
+
+</project>

docs/GSoC.txt

@@ -0,0 +1,45 @@
+GSoC Plan 
+=========
+
+A tl;dr version 
+---------------
+I will be improving the Orbot UI/UX, and adding several features such as data statistics and also
+implementing the TorCheck API. I plan on extending the ORLib library and also creating an ORLib enabled 
+app as a sort of primer for other third party apps to follow
+
+The full version
+----------------
+
+Orbot UI/UX
+===========
+At the moment, the Orbot UI/UX is clustered and not very intuitive. I plan on improving the existing 
+elements of the UI and also add a variety of new features such as
+
+* A new Set – up Wizard ( which checks for iptables )
+* Changes to the preferences ( should be made to follow the Android guidelines)
+
+Orbot Core app work
+===================
+At the moment, Orbot displays a successful connection without actually checking the connection. This is a 
+pressing issue, because the user is not notified if the set-up has failed, unless he/she manually checks 
+the torcheck web service. This should be made automatic by making using of the TorCheck API. Also, Orbot 
+should be configured to show more information about the data being transmitted such as -
+
+* Amount of data transferred
+* Quality of the connection
+* Number of circuits connected
+
+ORLib
+=====
+Currently, ORLib is very minimal at the moment, both in term of features and support/documentation. ORLib 
+is very critical to the use of Orbot as it provides transparent proxying on non-rooted devices ( A major 
+chunk of android phones are un-rooted). I intend to -
+
+* Improve the existing library by adding additional features
+    * Check for existing of Orbot
+    * Check status of connection to Tor
+    * Provide option to start Orbot via intent
+* Request hidden service by port, and get return hidden service .onion address
+* Create an ORLib enabled “Twitter, Status.net or other micro blogging Client” – A sort of primer for 
+  third-party apps
+* Improve the documentation

docs/WALKTHROUGH

@@ -0,0 +1,90 @@
+
+.
+└── org
+    └── torproject
+        └── android
+            ├── AppManager.java
+                    //this is what helps us track the app-by-app torification
+                    //and gets the app name, icon, etc for display - we have some problems here
+                    //in normalizing the icon on the list label
+                    //some of this code came originally from DroidWall project (yay open source)
+                    
+            ├── boot
+            │   └── OnbootBroadcastReceiver.java 
+                        //i think this is a dup now and should be removed
+            
+            ├── HiddenServiceManager.java
+                        //empty! but at some point i thought it would be good to aggregate HS functions here
+            
+            ├── OnBootReceiver.java
+                        //this is the class registered in AndroidManifest.xml to handle Onboot events
+                        //to start Orbot/Tor when the device boots if the user has elected to do so - what kind of permissions does this require?
+                        //                 <uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED"/>
+                        // BTW, this shows up as a fairly unintrusive type perm request now in Android / in older versions (1.6 and earlier)
+                        // it was reported "as read / monitor phone state" and paranoid Tor-types didn't like the idea of it
+                        // in 1.6+ it has a much better UX in terms of having a more granular permisions around boot since it is a very
+                        // common request - ah , that's awesome, i think i remember seeing sth of this sorts when i was going through the guardianproject mailing list. iirc this is something ioerror wanted
+                        
+            
+            ├── Orbot.java
+                    //our wonderful main activity!
+            
+            ├── ProcessSettingsAsyncTask.java
+                    //this was just added in 1.0.5.x, but it was meant to help stop the UI blocking while processing settings and prefs
+                    //it uses the AsyncTask feature of Android, which seems to work pretty well
+                    //for this type of non-time critical function you just want to happen in the background at some point soon-ish
+            
+            ├── SettingsPreferences.java
+                    // Settings activity that loads the res/xml/preferences.xml resource up 
+                    // has some custom event handlng, onActivityResult callback result code's as well
+                    // basically meant to tell Orbot activity if critical settings have been modified and whether
+                    // those new settings should be applied (like iptables/transproxy changes)
+                    
+            ├── TorConstants.java
+                    // globals! well, constants! but yeah, just a place to put values we use a lot
+            
+            ├── TorifiedApp.java
+                    // object to store a single app's metadata for display in UI and for transproxy process
+            
+            ├── Utils.java
+                    // random methods that can be useful, a.k.a. another place to put stuff
+            
+            ├── WizardActivity.java
+                    // our original attempt at wizard activity that didn't get far
+            
+            └── WizardHelper.java
+                    // the helper class that manages the dialog based wizard
+            
+            ├── service //okay the Service subpackage!
+            
+            │   ├── Api.java
+                    //this is more code taken from DroidWall, that needs to be cleaned up and paired down to just what we need it for
+                    //this is related to 1.0.5.x changes with how we bundle and install our C binaries (tor, privoxy and iptables)
+            
+            │   ├── ITorService.aidl
+                    // the android remote interface definition file; 
+                    // this is the remote interface which the Orbot activity gets a reference to
+                    // and that in the TorService is instantiated as the "binder"
+            
+            │   ├── ITorServiceCallback.aidl
+                    // this is the callback interface that the Orbot activity instantiates, and passes
+                    // to the ITorService; reverse of ITorService in a sense
+            
+            │   ├── TorBinaryInstaller.java
+                    // this handles installation of binaries; uses Api.java; // tied into Wizard as well
+            
+            │   ├── TorServiceConstants.java
+                    // reusable constants for just the Service package
+            
+            │   ├── TorService.java
+                    // the main might powerful service class; Orbot and TorService are the front and backends of this whole app
+                    // should run as a remote service, but the manifest doesn't seem to indicate that at the moment
+             
+            │   ├── TorServiceUtils.java
+                    //utility methods for the service; specificaly check for root and tools for finding processID of background binaries
+            
+            │   └── TorTransProxy.java
+            // all the code for iptables transproxying management
+                                
+            
+            

external/Makefile

@@ -5,245 +5,142 @@
 # on Debian or Ubuntu
 
 ### these modify the calling shell
+# point pkg-config to the .pc files generated from these builds
+export PKG_CONFIG_PATH=$(LOCAL)/lib/pkgconfig
 # workaround for cross-compiling bug in autoconf
 export ac_cv_func_malloc_0_nonnull=yes
 export ac_cv_func_setpgrp_void=yes
 
-EXTERNAL_ROOT := $(shell pwd)
+CWD = $(shell pwd)
+PROJECT_ROOT = $(CWD)/..
+EXTERNAL_ROOT = $(CWD)
 
-DEBUG ?= 0
+# Android NDK setup:
+NDK_BASE ?= /usr/local/android-ndk
+NDK_PLATFORM_LEVEL ?= 8
+NDK_TOOLCHAIN_VERSION=4.6
+NDK_SYSROOT=$(NDK_BASE)/platforms/android-$(NDK_PLATFORM_LEVEL)/arch-arm
+NDK_UNAME=`uname -s | tr '[A-Z]' '[a-z]'`
+#NDK_TOOLCHAIN=$(NDK_BASE)/toolchains/arm-linux-androideabi-4.4.3/prebuilt/$(NDK_UNAME)-x86
+NDK_TOOLCHAIN=$(NDK_BASE)/toolchains/arm-linux-androideabi-4.6/prebuilt/$(NDK_UNAME)-x86
 
-# No-op command.
-NOOP = true
+# to use the real HOST tag, you need the latest libtool files:
+# http://stackoverflow.com/questions/4594736/configure-does-not-recognize-androideabi
+#HOST := arm-none-linux-gnueabi
+HOST := arm-linux-androideabi
 
-# Android now has 64-bit and 32-bit versions of the NDK for GNU/Linux.  We
-# assume that the build platform uses the appropriate version, otherwise the
-# user building this will have to manually set NDK_PROCESSOR or NDK_TOOLCHAIN.
-CPU := $(shell uname -m)
-ifeq ($(CPU),x86_64)
- NDK_PROCESSOR=x86_64
-else
- NDK_PROCESSOR=x86
-endif
+# install root for built files
+DESTDIR = $(EXTERNAL_ROOT)
+# TODO try adding the Android-style /data/app.name here
+prefix = 
+LOCAL := $(DESTDIR)$(prefix)
 
-# Android NDK setup
-ANDROID_NDK_HOME ?= /opt/android-ndk
-ANDROID_NDK ?= $(ANDROID_NDK_HOME)
-NDK_PLATFORM_LEVEL ?= 16
-NDK_TOOLCHAIN_VERSION=4.9
-APP_ABI ?= armeabi
-NDK_ABI ?= $(APP_ABI)
+export PATH := ${PATH}:$(NDK_TOOLCHAIN)/bin:$(LOCAL)/bin
 
-# PIEFLAGS for SDK 16/Android L must be set to -fPIE -pie, but can override for earlier targets 
-PIEFLAGS ?= -fPIE -pie
+CC := $(NDK_TOOLCHAIN)/bin/arm-linux-androideabi-gcc --sysroot=$(NDK_SYSROOT)
+CXX := $(NDK_TOOLCHAIN)/bin/arm-linux-androideabi-g++
+CPP := $(NDK_TOOLCHAIN)/bin/arm-linux-androideabi-cpp
+LD := $(NDK_TOOLCHAIN)/bin/arm-linux-androideabi-ld
+AR := $(NDK_TOOLCHAIN)/bin/arm-linux-androideabi-ar
+RANLIB := $(NDK_TOOLCHAIN)/bin/arm-linux-androideabi-ranlib
+STRIP := $(NDK_TOOLCHAIN)/bin/arm-linux-androideabi-strip \
+	--strip-unneeded -R .note -R .comment
 
-ifneq ($(filter arm%, $(APP_ABI)),)
-  NDK_ABI := arm
-endif
-ifneq ($(filter arm64%, $(APP_ABI)),)
- NDK_ABI := arm64
-endif
+CFLAGS = -DANDROID -I$(LOCAL) -I$(LOCAL)/include -I$(NDK_SYSROOT)/usr/include
+LDFLAGS = -L$(LOCAL) -L$(LOCAL)/lib -L$(NDK_SYSROOT)/usr/lib
 
-NDK_SYSROOT=$(ANDROID_NDK_HOME)/platforms/android-$(NDK_PLATFORM_LEVEL)/arch-$(NDK_ABI)
-NDK_UNAME := $(shell uname -s | tr '[A-Z]' '[a-z]')
-ifneq ($(filter mips%, $(NDK_ABI)),)
- HOST := $(NDK_ABI)el-linux-android
-endif
-ifneq ($(filter arm64, $(NDK_ABI)),)
- HOST := aarch64-linux-android
-endif
-ifneq ($(filter arm, $(NDK_ABI)),)
- HOST := arm-linux-androideabi
-endif
-ifneq ($(filter x86, $(NDK_ABI)),)
- HOST := i686-linux-android
-endif
-ifneq ($(filter x86_64, $(NDK_ABI)),)
- HOST := x86_64-linux-android
-endif
-
-NDK_TOOLCHAIN := $(HOST)-$(NDK_TOOLCHAIN_VERSION)
-ifneq ($(filter x86%, $(NDK_ABI)),)
- NDK_TOOLCHAIN := $(NDK_ABI)-$(NDK_TOOLCHAIN_VERSION)
-endif
-NDK_TOOLCHAIN_BASE=$(ANDROID_NDK_HOME)/toolchains/$(NDK_TOOLCHAIN)/prebuilt/$(NDK_UNAME)-$(NDK_PROCESSOR)
-
-# include Android's build flags
-TARGET_ARCH_ABI = $(APP_ABI)
-#include $(ANDROID_NDK_HOME)/toolchains/$(NDK_TOOLCHAIN)/setup.mk
-
-CC := $(NDK_TOOLCHAIN_BASE)/bin/$(HOST)-gcc --sysroot=$(NDK_SYSROOT)
-CXX := $(NDK_TOOLCHAIN_BASE)/bin/$(HOST)-g++ --sysroot=$(NDK_SYSROOT)
-CPP := $(NDK_TOOLCHAIN_BASE)/bin/$(HOST)-cpp --sysroot=$(NDK_SYSROOT)
-LD := $(NDK_TOOLCHAIN_BASE)/bin/$(HOST)-ld
-AR := $(NDK_TOOLCHAIN_BASE)/bin/$(HOST)-ar
-RANLIB := $(NDK_TOOLCHAIN_BASE)/bin/$(HOST)-ranlib
-
-ifeq ($(DEBUG), 1)
-	STRIP := $(NOOP)
-else
-	STRIP := $(NDK_TOOLCHAIN_BASE)/bin/$(HOST)-strip --strip-unneeded -R .note -R .comment --strip-debug
-endif
-
-
-CFLAGS = -DANDROID $(TARGET_CFLAGS) $(PIEFLAGS)
-LDFLAGS = -llog $(TARGET_LDFLAGS) $(PIEFLAGS)
-
-# change 'release' to 'debug' for unoptimized debug builds
-ifeq ($(APP_ABI),armeabi-v7a)
-	CFLAGS += $(TARGET_arm_release_CFLAGS)
-endif
-ifeq ($(APP_ABI),armeabi)
-	CFLAGS += $(TARGET_thumb_release_CFLAGS)
-endif
-
-
-
-.PHONY = clean showsetup \
-	assets assets-clean \
-	openssl-static openssl-static-clean \
-	libevent libevent-clean \
-	lzma lzma-clean \
-	zstd zstd-clean \
-	tor tor-clean
+# build as small as possible, mostly useful for static binaries
+CFLAGS += -fdata-sections -ffunction-sections -Os
+LDFLAGS += -Wl,--gc-sections
 
 all: assets
 
 #------------------------------------------------------------------------------#
-# openssl
+# openssl-static
 
-# Disable rc4 cipher for 64-bit archs, to avoid this link error for tor:
-# external/lib/libcrypto.a(e_rc4_hmac_md5.o):e_rc4_hmac_md5.c:function rc4_hmac_md5_cipher: error: undefined reference to 'rc4_md5_enc'
-OPENSSL_CONF_FLAG=
-ifneq ($(findstring 64, $(NDK_ABI)),)
- OPENSSL_CONF_FLAG+=no-rc4
-endif
+openssl-static/obj/local/armeabi/libcrypto.a:
+	cd openssl-static && \
+		ndk-build
 
-# OpenSSL's 'make depend' fails if _MIPS_SZLONG is not set:
-ifneq ($(filter mips%, $(NDK_ABI)),)
- ifneq ($(findstring 64, $(NDK_ABI)),)
-  OPENSSL_CONF_FLAG+=-D_MIPS_SZLONG=64
- else
-  OPENSSL_CONF_FLAG+=-D_MIPS_SZLONG=32 -D__MIPSEL__
- endif
-endif
-lib/libcrypto.a:
-	cd openssl && \
-		./Configure android -D__ANDROID_API__=$(NDK_PLATFORM_LEVEL) -DL_ENDIAN $(OPENSSL_CONF_FLAG) && \
-		make CC="$(CC)" ANDROID_DEV=$(NDK_SYSROOT)/usr depend && \
-		make CC="$(CC)" ANDROID_DEV=$(NDK_SYSROOT)/usr build_libs
+openssl-static/obj/local/armeabi/libssl.a:
+	cp config.sub openssl-static
+	cp config.guess openssl-static
+	cd openssl-static && \
+		ndk-build
 
-lib/libssl.a:
-	cp config.sub openssl
-	cp config.guess openssl
-	cd openssl && \
-		./Configure android -D__ANDROID_API__=$(NDK_PLATFORM_LEVEL) -DL_ENDIAN $(OPENSSL_CONF_FLAG) && \
-		make CC="$(CC)" ANDROID_DEV=$(NDK_SYSROOT)/usr depend && \
-		make CC="$(CC)" ANDROID_DEV=$(NDK_SYSROOT)/usr build_libs
+openssl-static-build-stamp: openssl-static/obj/local/armeabi/libcrypto.a openssl-static/obj/local/armeabi/libssl.a
+	touch openssl-static-build-stamp
 
-openssl-build-stamp: lib/libcrypto.a lib/libssl.a
-	touch openssl-build-stamp
-
-openssl: openssl-build-stamp
+openssl-static: openssl-static-build-stamp
 	test -d lib || mkdir lib
 	test -d include || mkdir include
 	test -d include/openssl || mkdir include/openssl
-	cp openssl/libcrypto.a lib/libcrypto.a
-	cp openssl/libssl.a lib/libssl.a
-	cp openssl/include/openssl/* include/openssl
+	cp openssl-static/obj/local/armeabi/libcrypto.a lib
+	cp openssl-static/obj/local/armeabi/libssl.a lib
+	cp openssl-static/include/openssl/* include/openssl
 
-openssl-clean:
-	-rm openssl-build-stamp
+openssl-static-clean:
+	-cd openssl-static && \
+		ndk-build clean
+	-rm openssl-static-build-stamp
 	-rm lib/libcrypto.a
 	-rm lib/libssl.a
-	-cd openssl && \
+	-cd openssl-static && \
 		git clean -fdx
 
 #------------------------------------------------------------------------------#
 # libevent
 
 libevent/Makefile:
-	sed -i 's@\(SUBDIRS = . include\) sample test@\1@' libevent/Makefile.am
-	cp libevent-patch-1 libevent
-	-cd libevent && \
-	 	patch -N -p1 --reject-file=- < libevent-patch-1
-	##sed -i 's@\(AC_OUTPUT(Makefile include/Makefile\) test/Makefile sample/Makefile)@\1)@' libevent/configure.in
 	cd libevent && ./autogen.sh
 	cp config.sub libevent
 	cp config.guess libevent
 	cd libevent && \
-		CC="$(CC)" AR="$(AR)" RANLIB=$(RANLIB) CFLAGS="$(CFLAGS) -I$(EXTERNAL_ROOT)/include" LDFLAGS="$(LDFLAGS)" \
+ 		CC="$(CC)" AR="$(AR)" RANLIB=$(RANLIB) CFLAGS="$(CFLAGS) -I$(EXTERNAL_ROOT)/include" LDFLAGS="$(LDFLAGS)" \
 			./configure \
 				--host=$(HOST) \
 				--disable-shared
 
 libevent-build-stamp: libevent/Makefile
-	$(MAKE) -C libevent ./include/event2/event-config.h all-am
+	$(MAKE) -C libevent
 	touch libevent-build-stamp
 
-libevent: openssl libevent-build-stamp
+libevent: openssl-static libevent-build-stamp
 	test -d lib || mkdir lib
 	test -d include || mkdir include
 	cp libevent/.libs/libevent.a lib
-	cp -R libevent/include/event2 include
+	cp -R libevent/include/* include
 
 libevent-clean:
-	-rm -f include/event2
+	-rm -f include/*.h
 	-rm -f lib/libevent.a
 	-rm -f libevent-build-stamp
 	-cd libevent && \
 		git clean -fdx
+
 #------------------------------------------------------------------------------#
-# lzma
+# iptables
 
-xz/Makefile:
-	cd xz && ./autogen.sh
-	cp config.sub xz
-	cp config.guess xz
-	cd xz && \
-		 CC="$(CC)" CXX="$(CXX)" PKG_CONFIG_PATH="$(EXTERNAL_ROOT)/lib/pkgconfig" AR="$(AR)" RANLIB="$(RANLIB)" CFLAGS="$(CFLAGS) -std=c99" LDFLAGS="$(LDFLAGS)"  \
-		./configure  --host=$(HOST) --disable-shared --enable-static --disable-doc --disable-xz --disable-xzdec --disable-lzmadec --disable-lzmainfo --disable-lzma-links --disable-scripts --prefix=$(EXTERNAL_ROOT)
+iptables/Makefile:
+	cd iptables && ./autogen.sh
+	cp config.sub iptables
+	cp config.guess iptables
+	cd iptables && \
+ 		CC="$(CC)" AR="$(AR)" RANLIB=$(RANLIB) CFLAGS="$(CFLAGS) -DNO_SHARED_LIBS -DXTABLES_INTERNAL -DIPTABLES_VERSION=\"1.4.10\" =-DXTABLES_VERSION=\"1.4.10\" # -DIPT_LIB_DIR=\"$(IPT_LIBDIR)\" -DXTABLES_LIBDIR -I$(EXTERNAL_ROOT)/include" LDFLAGS="$(LDFLAGS)" \
+			./configure \
+				--host=$(HOST) \
+				--disable-shared
 
-lzma: lzma-build-stamp
-	$(MAKE) -C xz install
+iptables-build-stamp: iptables/Makefile
+	$(MAKE) -C iptables 
+	touch iptables-build-stamp
 
-lzma-build-stamp: xz/Makefile
-	touch lzma-build-stamp
+iptables: iptables-build-stamp
 
-lzma-clean:
-	-rm -rf include/lzma
-	-rm -f include/lzma.h
-	-rm -f lib/liblzma.a
-	-rm -f lib/liblzma.la
-	-rm -f lzma-build-stamp
-	-cd xz && \
-		git clean -fdx
-#------------------------------------------------------------------------------#
-# zstd
+iptables-clean:
+	-rm -f iptables-build-stamp
+	-cd iptables
 
-zstd: zstd-build-stamp
-	$(MAKE) -C zstd/lib CC="$(CC)" CXX="$(CXX)" AR="$(AR)" RANLIB="$(RANLIB)" CFLAGS="$(CFLAGS)"  LDFLAGS="$(LDFLAGS)" PREFIX="$(EXTERNAL_ROOT)" libzstd.a-mt 
-	$(MAKE) -C zstd/lib CC="$(CC)" CXX="$(CXX)" AR="$(AR)" RANLIB="$(RANLIB)" CFLAGS="$(CFLAGS)"  LDFLAGS="$(LDFLAGS)" PREFIX="$(EXTERNAL_ROOT)" libzstd.pc 
-	test -d lib || mkdir lib
-	test -d lib/pkgconfig || mkdir lib/pkgconfig
-	test -d include || mkdir include
-	cp zstd/lib/libzstd.a lib
-	cp zstd/lib/libzstd.pc lib/pkgconfig
-	cp zstd/lib/zstd.h include
-	cp zstd/lib/common/zstd_errors.h include
-	cp zstd/lib/deprecated/zbuff.h include
-	cp zstd/lib/dictBuilder/zdict.h include
-
-zstd-build-stamp:
-	touch zstd-build-stamp
-
-zstd-clean:
-	-rm -f include/zstd.h include/zstd_errors.h include/zbuff.h include/zdict.h
-	-rm -f lib/libzstd.a
-	-rm -f lib/pkgconfig/libzstd.pc
-	-rm -f zstd-build-stamp
-	-cd zstd && \
-		git clean -fdx
 #------------------------------------------------------------------------------#
 # tor
 
@@ -255,20 +152,21 @@ tor/Makefile: tor/configure
 	cp config.sub tor
 	cp config.guess tor
 	cd tor && \
-                CC="$(CC)" AR="$(AR)" RANLIB=$(RANLIB) PKG_CONFIG_PATH="$(EXTERNAL_ROOT)/lib/pkgconfig" CFLAGS="$(CFLAGS) -D_FORTIFY_SOURCE=2 -fwrapv -fno-strict-aliasing -fno-strict-overflow" LDFLAGS="$(LDFLAGS)" \
-                        LIBS="-L$(EXTERNAL_ROOT)/lib" CFLAGS="-I$(EXTERNAL_ROOT)/include -I$(EXTERNAL_ROOT)/include/event2" \
+                CC="$(CC)" AR="$(AR)" RANLIB=$(RANLIB) CFLAGS="$(CFLAGS) -D_FORTIFY_SOURCE=2 -fPIE -fwrapv -fno-strict-aliasing -fno-strict-overflow" LDFLAGS="$(LDFLAGS)" \
+                        LIBS="-L$(EXTERNAL_ROOT)/lib" CFLAGS="-I$(EXTERNAL_ROOT)/include" \
                         ./configure \
                                 --host=$(HOST) \
+                                --prefix=$(NDK_TOOLCHAIN) \
 				--disable-asciidoc \
 				--enable-static-libevent --with-libevent-dir=$(EXTERNAL_ROOT) \
 				--enable-static-openssl --with-openssl-dir=$(EXTERNAL_ROOT) \
-				--disable-linker-hardening --disable-gcc-hardening --disable-tool-name-check --disable-systemd --disable-module-dirauth
+				--disable-linker-hardening --disable-gcc-hardening 
 
 tor-build-stamp: tor/Makefile
-	$(MAKE) -C tor all-am
+	$(MAKE) -C tor 
 	touch tor-build-stamp
 
-tor: lzma zstd libevent openssl tor-build-stamp
+tor: libevent openssl-static tor-build-stamp
 	test -d bin || mkdir bin
 	cp tor/src/or/tor bin
 
@@ -277,38 +175,118 @@ tor-clean:
 	-rm -f tor-build-stamp
 	-cd tor && \
 		git clean -fdx
-	-cd tor && \
-		git reset HEAD --hard
+
 
 #------------------------------------------------------------------------------#
-#create and clean assets: FYI - tor is stored as a ZIP file with an so extension
-#in the libs directly, so it is handled like a shared library for local installation
+# obfsproxy
 
-assets: tor
-	install -d ../tor-android-binary/src/main/libs/$(APP_ABI)
-	-$(STRIP) bin/tor
-	-zip ../tor-android-binary/src/main/libs/$(APP_ABI)/tor.so bin/tor
+
+obfsproxy/Makefile: 
+	cp obfsproxy_android_no_hardening.patch obfsproxy
+	-cd obfsproxy && \
+	 	patch -N -p1 --reject-file=- < obfsproxy_android_no_hardening.patch
+	cd obfsproxy && \
+	 	./autogen.sh
+	cp config.sub obfsproxy
+	cp config.guess obfsproxy
+	cd obfsproxy && \
+                CC="$(CC)" AR="$(AR)" RANLIB=$(RANLIB) CFLAGS="$(CFLAGS) -D_FORTIFY_SOURCE=2 -fPIE -fwrapv -fno-strict-aliasing -fno-strict-overflow" LDFLAGS="$(LDFLAGS)" \
+			libevent_LIBS="-L$(EXTERNAL_ROOT)/lib -levent" libevent_CFLAGS="-I$(EXTERNAL_ROOT)/include" \
+			libcrypto_LIBS="-L$(EXTERNAL_ROOT)/lib -lcrypto" libcrypto_CFLAGS="-I$(EXTERNAL_ROOT)/include" \
+                        ./configure \
+                                --host=$(HOST) \
+                                --prefix=$(NDK_TOOLCHAIN) \
+
+obfsproxy-build-stamp: obfsproxy/Makefile
+	$(MAKE) -C obfsproxy
+	touch obfsproxy-build-stamp
+
+obfsproxy: openssl-static libevent obfsproxy-build-stamp
+	test -d bin || mkdir bin
+	cp obfsproxy/obfsproxy bin
+
+obfsproxy-clean:
+	-rm -f bin/obfsproxy
+	-rm -f obfsproxy-build-stamp
+	-cd obfsproxy && \
+		git clean -fdx
+
+#------------------------------------------------------------------------------#
+# privoxy
+
+
+privoxy/config.log:
+	tar xzvf privoxy.tar.gz
+	mv privoxy*stable privoxy
+	cp privoxy.configure.in privoxy/configure.in
+	cd privoxy && \
+	  autoheader
+	cd privoxy && \
+	  autoconf
+	cp config.sub privoxy
+	cp config.guess privoxy	
+	cd privoxy && \
+                CC="$(CC)" AR="$(AR)" RANLIB=$(RANLIB) CFLAGS="$(CFLAGS)" LDFLAGS="$(LDFLAGS)" \
+                        ./configure \
+                                --host=arm-linux-eabi --enable-pthread
+## --disable-pthread 
+
+privoxy-build-stamp: privoxy/config.log
+	$(MAKE) -C privoxy
+	touch privoxy-build-stamp
+
+privoxy: privoxy-build-stamp
+	test -d bin || mkdir bin
+	cp privoxy/privoxy bin
+
+privoxy-clean:
+	-rm -f bin/privoxy
+	-rm -f privoxy-build-stamp
+	-rm -rf privoxy
+
+#------------------------------------------------------------------------------#
+# JTorControl library
+
+jtorctl/bin/jtorctl.jar:
+	test -d jtorctl/bin || mkdir jtorctl/bin
+	cd jtorctl && \
+		javac -source 1.6 -target 1.6 net/freehaven/tor/control/TorControlConnection.java -d bin
+	cd jtorctl/bin && \
+		jar cvf jtorctl.jar *
+
+jtorctl-build-stamp: jtorctl/bin/jtorctl.jar
+	touch jtorctl-build-stamp
+
+jtorctl: jtorctl-build-stamp
+	test -d bin || mkdir bin
+	cp jtorctl/bin/jtorctl.jar bin
+	
+jtorctl-clean:
+	-rm -rf jtorctl/bin
+	-rm jtorctl-build-stamp
+
+#------------------------------------------------------------------------------#
+#create and clean assets: FYI - tor is stored as a ZIP file with an mp3 extension
+#in order to stop Android OS (older devices) from trying to compress/decompress it
+#this is related to a bug in compression of assets and resources > 1MB
+
+assets: tor privoxy jtorctl obfsproxy
+	install -d ../res/raw
+	install -d ../libs
+	install bin/privoxy ../res/raw	
+	install bin/obfsproxy ../res/raw
+	install bin/jtorctl.jar ../libs
+	cd bin && \
+		zip ../../res/raw/tor.mp3 tor
 
 assets-clean:
-	-rm ../tor-android-binary/src/main/libs/$(APP_ABI)/tor.so
+	-rm ../res/raw/tor
+	-rm ../res/raw/tor.mp3
+	-rm ../res/raw/privoxy
+	-rm ../libs/*
+	-rm ../res/raw/obfsproxy
 
 #------------------------------------------------------------------------------#
 # cleanup, cleanup, put the toys away
 
-##clean: openssl-clean libevent-clean tor-clean polipo-clean assets-clean
-clean: openssl-clean libevent-clean lzma-clean zstd-clean tor-clean
-
-#------------------------------------------------------------------------------#
-# debugging stuff
-
-showsetup:
-	@echo "NDK_TOOLCHAIN_VERSION: $(NDK_TOOLCHAIN_VERSION)"
-	@echo "NDK_TOOLCHAIN: $(NDK_TOOLCHAIN)"
-	@echo "NDK_PLATFORM_LEVEL: $(NDK_PLATFORM_LEVEL)"
-	@echo "NDK_SYSROOT: $(NDK_SYSROOT)"
-	@echo "APP_ABI: $(APP_ABI)"
-	@echo "HOST: $(HOST)"
-	@echo "CC: $(CC)"
-	@echo "LD: $(LD)"
-	@echo "CFLAGS: $(CFLAGS)"
-	@echo "LDFLAGS: $(LDFLAGS)"
+clean: openssl-static-clean libevent-clean tor-clean privoxy-clean jtorctl-clean assets-clean

external/jtorctl

@@ -0,0 +1 @@
+Subproject commit d818f4381e164273aadfcbff131da8e1a2cbc1f8

external/libevent

@@ -1 +1 @@
-Subproject commit 90ae4c5013032158bafad41279823d90eec4d206
+Subproject commit 6f2337dd0e3ec6aec54a4694f1b59e0262623d8e

external/libevent-patch-1

@@ -1,29 +0,0 @@
-For some reason arc4random_addrandom isn't present in 64-bit android archs. !
-
-diff --git a/configure.ac b/configure.ac
-index d42edd8..c511be7 100644
---- a/configure.ac
-+++ b/configure.ac
-@@ -290,7 +290,7 @@ AC_HEADER_TIME
- 
- dnl Checks for library functions.
- AC_CHECK_FUNCS([gettimeofday vasprintf fcntl clock_gettime strtok_r strsep])
--AC_CHECK_FUNCS([getnameinfo strlcpy inet_ntop inet_pton signal sigaction strtoll inet_aton pipe eventfd sendfile mmap splice arc4random arc4random_buf issetugid geteuid getegid getprotobynumber setenv unsetenv putenv sysctl])
-+AC_CHECK_FUNCS([getnameinfo strlcpy inet_ntop inet_pton signal sigaction strtoll inet_aton pipe eventfd sendfile mmap splice arc4random arc4random_buf arc4random_addrandom issetugid geteuid getegid getprotobynumber setenv unsetenv putenv sysctl])
- AC_CHECK_FUNCS([umask])
- 
- AC_CACHE_CHECK(
-diff --git a/evutil_rand.c b/evutil_rand.c
-index 284341c..97161e4 100644
---- a/evutil_rand.c
-+++ b/evutil_rand.c
-@@ -174,7 +174,9 @@ evutil_secure_rng_get_bytes(void *buf, size_t n)
- void
- evutil_secure_rng_add_bytes(const char *buf, size_t n)
- {
-+#ifdef _EVENT_HAVE_ARC4RANDOM_ADDRANDOM
- 	arc4random_addrandom((unsigned char*)buf,
- 	    n>(size_t)INT_MAX ? INT_MAX : (int)n);
-+#endif
- }
- 

external/obfsproxy

@@ -0,0 +1 @@
+Subproject commit 94ebc4c3edf1e3e5f313444e59981ac557578df5

external/obfsproxy_android_no_hardening.patch

@@ -0,0 +1,19 @@
+commit d42eec7683ce9d47fc846e511e815ec1b2950c27
+Author: n8fr8 <nathan@freitas.net>
+Date:   Fri May 4 17:32:51 2012 -0400
+
+    remove hardening for android
+
+diff --git a/configure.ac b/configure.ac
+index facd3c6..ad405ea 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -24,7 +24,7 @@ AC_CHECK_HEADERS([sys/types.h])
+ AC_CHECK_HEADERS([netinet/in.h])
+ 
+ ### Compiler Hardening ###
+-AX_ENABLE_HARDENING
++##AX_ENABLE_HARDENING
+ 
+ ### Libraries ###
+ 

external/openssl

@@ -1 +0,0 @@
-Subproject commit e71ebf275da66dfd601c92e0e80a35114c32f6f8

external/openssl-static

@@ -0,0 +1 @@
+Subproject commit 85061d07ccc04ee40f9cc66cbac86d53196d1f3f

external/tor

@@ -1 +1 @@
-Subproject commit da95b91355248ad8f3a6aa6733cc6d24915f59ce
+Subproject commit fe3b95f3596194276eac8d1644cec56263a0cf0e

external/xz

@@ -1 +0,0 @@
-Subproject commit 3d566cd519017eee1a400e7961ff14058dfaf33c

external/zstd

@@ -1 +0,0 @@
-Subproject commit f4340f46b2387bc8de7d5320c0b83bb1499933ad

gradle.properties

@@ -1,17 +0,0 @@
-## Project-wide Gradle settings.
-#
-# For more details on how to configure your build environment visit
-# http://www.gradle.org/docs/current/userguide/build_environment.html
-#
-# Specifies the JVM arguments used for the daemon process.
-# The setting is particularly useful for tweaking memory settings.
-# Default value: -Xmx10248m -XX:MaxPermSize=256m
-#
-# When configured, Gradle will run in incubating parallel mode.
-# This option should only be used with decoupled projects. More details, visit
-# http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects
-# org.gradle.parallel=true
-#Mon Jun 20 21:44:59 EDT 2016
-org.gradle.jvmargs=-Xmx2048m -XX:MaxPermSize=512m -XX:+HeapDumpOnOutOfMemoryError -Dfile.encoding=UTF-8
-android.useDeprecatedNdk=true
-aar.deployPath=/media/n8fr8/nate128/dev/repos/gpmaven

gradle/wrapper/gradle-wrapper.properties

@@ -1,6 +0,0 @@
-#Thu Oct 11 16:49:15 EDT 2018
-distributionBase=GRADLE_USER_HOME
-distributionPath=wrapper/dists
-zipStoreBase=GRADLE_USER_HOME
-zipStorePath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-4.6-all.zip

gradlew

@@ -1,172 +0,0 @@
-#!/usr/bin/env sh
-
-##############################################################################
-##
-##  Gradle start up script for UN*X
-##
-##############################################################################
-
-# Attempt to set APP_HOME
-# Resolve links: $0 may be a link
-PRG="$0"
-# Need this for relative symlinks.
-while [ -h "$PRG" ] ; do
-    ls=`ls -ld "$PRG"`
-    link=`expr "$ls" : '.*-> \(.*\)$'`
-    if expr "$link" : '/.*' > /dev/null; then
-        PRG="$link"
-    else
-        PRG=`dirname "$PRG"`"/$link"
-    fi
-done
-SAVED="`pwd`"
-cd "`dirname \"$PRG\"`/" >/dev/null
-APP_HOME="`pwd -P`"
-cd "$SAVED" >/dev/null
-
-APP_NAME="Gradle"
-APP_BASE_NAME=`basename "$0"`
-
-# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-DEFAULT_JVM_OPTS=""
-
-# Use the maximum available, or set MAX_FD != -1 to use that value.
-MAX_FD="maximum"
-
-warn () {
-    echo "$*"
-}
-
-die () {
-    echo
-    echo "$*"
-    echo
-    exit 1
-}
-
-# OS specific support (must be 'true' or 'false').
-cygwin=false
-msys=false
-darwin=false
-nonstop=false
-case "`uname`" in
-  CYGWIN* )
-    cygwin=true
-    ;;
-  Darwin* )
-    darwin=true
-    ;;
-  MINGW* )
-    msys=true
-    ;;
-  NONSTOP* )
-    nonstop=true
-    ;;
-esac
-
-CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
-
-# Determine the Java command to use to start the JVM.
-if [ -n "$JAVA_HOME" ] ; then
-    if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
-        # IBM's JDK on AIX uses strange locations for the executables
-        JAVACMD="$JAVA_HOME/jre/sh/java"
-    else
-        JAVACMD="$JAVA_HOME/bin/java"
-    fi
-    if [ ! -x "$JAVACMD" ] ; then
-        die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
-
-Please set the JAVA_HOME variable in your environment to match the
-location of your Java installation."
-    fi
-else
-    JAVACMD="java"
-    which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
-
-Please set the JAVA_HOME variable in your environment to match the
-location of your Java installation."
-fi
-
-# Increase the maximum file descriptors if we can.
-if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then
-    MAX_FD_LIMIT=`ulimit -H -n`
-    if [ $? -eq 0 ] ; then
-        if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
-            MAX_FD="$MAX_FD_LIMIT"
-        fi
-        ulimit -n $MAX_FD
-        if [ $? -ne 0 ] ; then
-            warn "Could not set maximum file descriptor limit: $MAX_FD"
-        fi
-    else
-        warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
-    fi
-fi
-
-# For Darwin, add options to specify how the application appears in the dock
-if $darwin; then
-    GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
-fi
-
-# For Cygwin, switch paths to Windows format before running java
-if $cygwin ; then
-    APP_HOME=`cygpath --path --mixed "$APP_HOME"`
-    CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
-    JAVACMD=`cygpath --unix "$JAVACMD"`
-
-    # We build the pattern for arguments to be converted via cygpath
-    ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
-    SEP=""
-    for dir in $ROOTDIRSRAW ; do
-        ROOTDIRS="$ROOTDIRS$SEP$dir"
-        SEP="|"
-    done
-    OURCYGPATTERN="(^($ROOTDIRS))"
-    # Add a user-defined pattern to the cygpath arguments
-    if [ "$GRADLE_CYGPATTERN" != "" ] ; then
-        OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
-    fi
-    # Now convert the arguments - kludge to limit ourselves to /bin/sh
-    i=0
-    for arg in "$@" ; do
-        CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
-        CHECK2=`echo "$arg"|egrep -c "^-"`                                 ### Determine if an option
-
-        if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then                    ### Added a condition
-            eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
-        else
-            eval `echo args$i`="\"$arg\""
-        fi
-        i=$((i+1))
-    done
-    case $i in
-        (0) set -- ;;
-        (1) set -- "$args0" ;;
-        (2) set -- "$args0" "$args1" ;;
-        (3) set -- "$args0" "$args1" "$args2" ;;
-        (4) set -- "$args0" "$args1" "$args2" "$args3" ;;
-        (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
-        (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
-        (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
-        (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
-        (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
-    esac
-fi
-
-# Escape application args
-save () {
-    for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done
-    echo " "
-}
-APP_ARGS=$(save "$@")
-
-# Collect all arguments for the java command, following the shell quoting and substitution rules
-eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS"
-
-# by default we should be in the correct project dir, but when run from Finder on Mac, the cwd is wrong
-if [ "$(uname)" = "Darwin" ] && [ "$HOME" = "$PWD" ]; then
-  cd "$(dirname "$0")"
-fi
-
-exec "$JAVACMD" "$@"

gradlew.bat

@@ -1,84 +0,0 @@
-@if "%DEBUG%" == "" @echo off
-@rem ##########################################################################
-@rem
-@rem  Gradle startup script for Windows
-@rem
-@rem ##########################################################################
-
-@rem Set local scope for the variables with windows NT shell
-if "%OS%"=="Windows_NT" setlocal
-
-set DIRNAME=%~dp0
-if "%DIRNAME%" == "" set DIRNAME=.
-set APP_BASE_NAME=%~n0
-set APP_HOME=%DIRNAME%
-
-@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
-set DEFAULT_JVM_OPTS=
-
-@rem Find java.exe
-if defined JAVA_HOME goto findJavaFromJavaHome
-
-set JAVA_EXE=java.exe
-%JAVA_EXE% -version >NUL 2>&1
-if "%ERRORLEVEL%" == "0" goto init
-
-echo.
-echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
-
-goto fail
-
-:findJavaFromJavaHome
-set JAVA_HOME=%JAVA_HOME:"=%
-set JAVA_EXE=%JAVA_HOME%/bin/java.exe
-
-if exist "%JAVA_EXE%" goto init
-
-echo.
-echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
-echo.
-echo Please set the JAVA_HOME variable in your environment to match the
-echo location of your Java installation.
-
-goto fail
-
-:init
-@rem Get command-line arguments, handling Windows variants
-
-if not "%OS%" == "Windows_NT" goto win9xME_args
-
-:win9xME_args
-@rem Slurp the command line arguments.
-set CMD_LINE_ARGS=
-set _SKIP=2
-
-:win9xME_args_slurp
-if "x%~1" == "x" goto execute
-
-set CMD_LINE_ARGS=%*
-
-:execute
-@rem Setup the command line
-
-set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
-
-@rem Execute Gradle
-"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS%
-
-:end
-@rem End local scope for the variables with windows NT shell
-if "%ERRORLEVEL%"=="0" goto mainEnd
-
-:fail
-rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
-rem the _cmd.exe /c_ return code!
-if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
-exit /b 1
-
-:mainEnd
-if "%OS%"=="Windows_NT" endlocal
-
-:omega

patches/UDP-block.patch

@@ -0,0 +1,243 @@
+From c2620d6939713762e30badc3ed5da981e296b742 Mon Sep 17 00:00:00 2001
+From: patch <patrickbx@gmail.com>
+Date: Mon, 23 Jul 2012 16:12:55 -0400
+Subject: [PATCH] Modified iptables rules for transproxying. UDP is now
+ blocked.  Also removed some redundant rules and reordered
+ others. I reordered by the idea that its generally easier
+ to specifically allow traffic before your reject it.
+
+---
+ .../torproject/android/service/TorTransProxy.java  |  133 ++++++++++----------
+ 1 file changed, 64 insertions(+), 69 deletions(-)
+
+diff --git a/src/org/torproject/android/service/TorTransProxy.java b/src/org/torproject/android/service/TorTransProxy.java
+index 2571123..c248a9f 100644
+--- a/src/org/torproject/android/service/TorTransProxy.java
++++ b/src/org/torproject/android/service/TorTransProxy.java
+@@ -224,6 +224,15 @@ public class TorTransProxy implements TorServiceConstants {
+ 				
+     	int torUid = context.getApplicationInfo().uid;
+ 
++		// Allow everything for Tor
++		script.append(ipTablesPath);
++		script.append(" -t filter");
++		script.append(" -A OUTPUT");
++		script.append(" -m owner --uid-owner ");
++		script.append(torUid);
++		script.append(" -j ACCEPT");
++		script.append(" || exit\n");
++
+ 		//build up array of shell cmds to execute under one root context
+ 		for (TorifiedApp tApp:apps)
+ 		{
+@@ -235,9 +244,9 @@ public class TorTransProxy implements TorServiceConstants {
+ 			{
+ 				
+ 				TorService.logMessage("enabling transproxy for app: " + tApp.getUsername() + "(" + tApp.getUid() + ")");
+-			 
+-				// Set up port redirection
+-		    	script.append(ipTablesPath);
++
++			 	// Set up port redirection
++				script.append(ipTablesPath);
+ 				script.append(" -t nat");
+ 				script.append(" -A OUTPUT -p tcp");
+ 				script.append(" ! -d 127.0.0.1"); //allow access to localhost
+@@ -251,14 +260,28 @@ public class TorTransProxy implements TorServiceConstants {
+ 				// Same for DNS
+ 				script.append(ipTablesPath);
+ 				script.append(" -t nat");
+-				script.append(" -A OUTPUT -p udp -m owner --uid-owner ");
++				script.append(" -A OUTPUT -p udp");
++				script.append(" -m owner --uid-owner ");
+ 				script.append(tApp.getUid());
+ 				script.append(" -m udp --dport "); 
+ 				script.append(STANDARD_DNS_PORT);
+ 				script.append(" -j REDIRECT --to-ports ");
+ 				script.append(TOR_DNS_PORT);
+ 				script.append(" || exit\n");
+-				
++
++				// Allow loopback
++				script.append(ipTablesPath);
++				script.append(" -t filter");
++				script.append(" -A OUTPUT");
++				script.append(" -m owner --uid-owner ");
++				script.append(tApp.getUid());
++				script.append(" -o lo");
++				script.append(" -j ACCEPT");
++				script.append(" || exit\n");
++
++				/* 	
++				//Outgoing loopback already allowed (23/7/12)
++
+ 				int[] ports = {TOR_DNS_PORT,TOR_TRANSPROXY_PORT,PORT_SOCKS,PORT_HTTP};
+ 				
+ 				for (int port : ports)
+@@ -276,53 +299,32 @@ public class TorTransProxy implements TorServiceConstants {
+ 					script.append(" -j ACCEPT");
+ 					script.append(" || exit\n");				
+ 				}
+-				
+-				// Allow loopback
++				*/
++
++				// Reject all other outbound TCP packets
+ 				script.append(ipTablesPath);
+ 				script.append(" -t filter");
+ 				script.append(" -A OUTPUT");
+ 				script.append(" -m owner --uid-owner ");
+ 				script.append(tApp.getUid());
+ 				script.append(" -p tcp");
+-				script.append(" -o lo");
+-				script.append(" -j ACCEPT");
+-				script.append(" || exit\n");
+-				
+-				// Reject DNS that is not from Tor (order is important - first matched rule counts!)
+-				script.append(ipTablesPath);
+-				script.append(" -t filter");
+-				script.append(" -A OUTPUT");
+-				script.append(" -m owner --uid-owner ");
+-				script.append(tApp.getUid());
+-				script.append(" -p udp");
+-				script.append(" --dport ");
+-				script.append(STANDARD_DNS_PORT);
+ 				script.append(" -j REJECT");
+ 				script.append(" || exit\n");
+-				
+-				// Reject all other outbound TCP packets
++
++				// Reject all other outbound UDP packets
+ 				script.append(ipTablesPath);
+ 				script.append(" -t filter");
+ 				script.append(" -A OUTPUT");
+ 				script.append(" -m owner --uid-owner ");
+ 				script.append(tApp.getUid());
+-				script.append(" -p tcp");
++				script.append(" -p udp");
+ 				script.append(" -j REJECT");
+ 				script.append(" || exit\n");
++
+ 				
+ 			}		
+ 		}			
+-		
+ 
+-		// Allow everything for Tor
+-		script.append(ipTablesPath);
+-		script.append(" -t filter");
+-		script.append(" -A OUTPUT");
+-		script.append(" -m owner --uid-owner ");
+-		script.append(torUid);
+-		script.append(" -j ACCEPT");
+-		script.append(" || exit\n");
+-		
+ 		String[] cmdAdd = {script.toString()};    	
+     		
+ 		code = TorServiceUtils.doShellCommand(cmdAdd, res, runRoot, waitFor);
+@@ -450,8 +452,8 @@ public class TorTransProxy implements TorServiceConstants {
+     	
+     	int torUid = context.getApplicationInfo().uid;
+ 
+-    	// Set up port redirection
+-    	script.append(ipTablesPath);
++		// Set up port redirection
++		script.append(ipTablesPath);
+ 		script.append(" -t nat");
+ 		script.append(" -A OUTPUT -p tcp");
+ 		script.append(" ! -d 127.0.0.1"); //allow access to localhost
+@@ -465,14 +467,36 @@ public class TorTransProxy implements TorServiceConstants {
+ 		// Same for DNS
+ 		script.append(ipTablesPath);
+ 		script.append(" -t nat");
+-		script.append(" -A OUTPUT -p udp -m owner ! --uid-owner ");
++		script.append(" -A OUTPUT -p udp");
++		script.appent(" -m owner ! --uid-owner ");
+ 		script.append(torUid);
+ 		script.append(" -m udp --dport "); 
+ 		script.append(STANDARD_DNS_PORT);
+ 		script.append(" -j REDIRECT --to-ports ");
+ 		script.append(TOR_DNS_PORT);
+ 		script.append(" || exit\n");
++
++		// Allow loopback
++		script.append(ipTablesPath);
++		script.append(" -t filter");
++		script.append(" -A OUTPUT");
++		script.append(" -o lo");
++		script.append(" -j ACCEPT");
++		script.append(" || exit\n");
+ 		
++		// Allow everything for Tor
++		script.append(ipTablesPath);
++		script.append(" -t filter");
++		script.append(" -A OUTPUT");
++		script.append(" -m owner --uid-owner ");
++		script.append(torUid);
++		script.append(" -j ACCEPT");
++		script.append(" || exit\n");
++	
++
++		/* 	
++		//Outgoing loopback already allowed (23/7/12)
++
+ 		int[] ports = {TOR_DNS_PORT,TOR_TRANSPROXY_PORT,PORT_SOCKS,PORT_HTTP};
+ 		
+ 		for (int port : ports)
+@@ -490,25 +514,8 @@ public class TorTransProxy implements TorServiceConstants {
+ 			script.append(" -j ACCEPT");
+ 			script.append(" || exit\n");
+ 		
+-		}
+-		
+-		// Allow loopback
+-		script.append(ipTablesPath);
+-		script.append(" -t filter");
+-		script.append(" -A OUTPUT");
+-		script.append(" -p tcp");
+-		script.append(" -o lo");
+-		script.append(" -j ACCEPT");
+-		script.append(" || exit\n");
++		} */
+ 		
+-		// Allow everything for Tor
+-		script.append(ipTablesPath);
+-		script.append(" -t filter");
+-		script.append(" -A OUTPUT");
+-		script.append(" -m owner --uid-owner ");
+-		script.append(torUid);
+-		script.append(" -j ACCEPT");
+-		script.append(" || exit\n");
+ 		
+ 		if (TorService.ENABLE_DEBUG_LOG)
+ 		{
+@@ -532,23 +539,11 @@ public class TorTransProxy implements TorServiceConstants {
+ 			script.append(" --log-uid");
+ 			script.append(" || exit\n");
+ 		}
+-		
+-		// Reject DNS that is not from Tor (order is important - first matched rule counts!)
+-		script.append(ipTablesPath);
+-		script.append(" -t filter");
+-		script.append(" -A OUTPUT");
+-		script.append(" -p udp");
+-		script.append(" --dport ");
+-		script.append(STANDARD_DNS_PORT);
+-		script.append(" -j REJECT");
+-		script.append(" || exit\n");
+-		
+-		// Reject all other outbound TCP packets
++			
++		// Reject all other outbound packets by default
+ 		script.append(ipTablesPath);
+ 		script.append(" -t filter");
+-		script.append(" -A OUTPUT");
+-		script.append(" -p tcp");
+-		script.append(" -j REJECT");
++		script.append(" -P OUTPUT DROP");
+ 		script.append(" || exit\n");
+ 		
+ 		String[] cmdAdd = {script.toString()};    	
+-- 
+1.7.9.5
+

patches/orbot-patch-sporkbomb-20110501/Part 1.4

@@ -0,0 +1,11 @@
+_______________________________________________
+Guardian-dev mailing list
+
+Post: Guardian-dev@lists.mayfirst.org
+List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev
+
+To Unsubscribe
+        Send email to:  Guardian-dev-unsubscribe@lists.mayfirst.org
+        Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/nathan%40guardianproject.info
+
+You are subscribed as: nathan@guardianproject.info

patches/orbot-patch-sporkbomb-20110501/orbot-real_transproxy_all-use_only_new_iptables.patch

@@ -0,0 +1,390 @@
+Index: src/org/torproject/android/service/TorService.java
+===================================================================
+--- src/org/torproject/android/service/TorService.java	(revision 24697)
++++ src/org/torproject/android/service/TorService.java	(working copy)
+@@ -710,10 +710,36 @@
+ 	
+ 	 		if (enableTransparentProxy)
+ 	 		{
+-				showAlert("Status", "Setting up transparent proxying...");
+-
+-				//TorTransProxy.setDNSProxying();
+-				int code = TorTransProxy.setTransparentProxyingByApp(this,AppManager.getApps(this),transProxyAll);
++	 			//TODO: Find a nice place for the next (commented) line
++				//TorTransProxy.setDNSProxying(); 
++				
++				int code = 0; // Default state is "okay"
++					
++				if(transProxyPortFallback)
++				{
++					showAlert("Status", "Setting up port-based transparent proxying...");
++					StringTokenizer st = new StringTokenizer(portProxyList, ",");
++					int status = code;
++					while (st.hasMoreTokens())
++					{
++						status = TorTransProxy.setTransparentProxyingByPort(this, Integer.parseInt(st.nextToken()));
++						if(status != 0)
++							code = status;
++					}
++				}
++				else
++				{
++					if(transProxyAll)
++					{
++						showAlert("Status", "Setting up full transparent proxying...");
++						code = TorTransProxy.setTransparentProxyingAll(this);
++					}
++					else
++					{
++					showAlert("Status", "Setting up app-based transparent proxying...");
++					code = TorTransProxy.setTransparentProxyingByApp(this,AppManager.getApps(this),transProxyAll);
++					}
++				}
+ 			
+ 				TorService.logMessage ("TorTransProxy resp code: " + code);
+ 				
+@@ -725,17 +751,7 @@
+ 				{
+ 					showAlert("Status", "WARNING: error starting transparent proxying!");
+ 				}
+-				
+-				//this is for Androids w/o owner module support as a circumvention only fallback
+-				if (transProxyPortFallback)
+-				{
+-					StringTokenizer st = new StringTokenizer(portProxyList, ",");
+-					
+-					while (st.hasMoreTokens())
+-						TorTransProxy.setTransparentProxyingByPort(this, Integer.parseInt(st.nextToken()));
+-					
+-				}
+-				
++			
+ 				return true;
+ 	 				
+ 	 		}
+Index: src/org/torproject/android/service/TorTransProxy.java
+===================================================================
+--- src/org/torproject/android/service/TorTransProxy.java	(revision 24697)
++++ src/org/torproject/android/service/TorTransProxy.java	(working copy)
+@@ -136,8 +136,6 @@
+ 		//redirectDNSResolvConf(); //not working yet
+ 		
+ 		String ipTablesPath = new File(context.getDir("bin", 0),"iptables").getAbsolutePath();
+-
+-		boolean ipTablesOld = false;
+ 		
+     	StringBuilder script = new StringBuilder();
+     	
+@@ -145,14 +143,12 @@
+     	int code = -1;
+     	
+     	purgeIptables(context);
+-		
+-		script = new StringBuilder();
+-		
++				
+ 		//build up array of shell cmds to execute under one root context
+ 		for (int i = 0; i < apps.length; i++)
+ 		{
+ 
+-			if (forceAll || apps[i].isTorified()) //if "Tor Everything" on or app is set to true
++			if (apps[i].isTorified()) //if app is set to true
+ 			{
+ 				
+ 				if (apps[i].getUsername().equals(TorServiceConstants.TOR_APP_USERNAME))
+@@ -170,14 +166,8 @@
+ 				script.append(" -m owner --uid-owner ");
+ 				script.append(apps[i].getUid());
+ 				script.append(" -m tcp --syn");
+-				
+-				if (ipTablesOld)
+-					script.append(" -j DNAT --to 127.0.0.1:");
+-				else
+-					script.append(" -j REDIRECT --to-ports ");
+-				
++				script.append(" -j REDIRECT --to-ports ");
+ 				script.append(TOR_TRANSPROXY_PORT);
+-				
+ 				script.append(" || exit\n");
+ 				
+ 				//DNS
+@@ -187,57 +177,37 @@
+ 				script.append(apps[i].getUid());
+ 				script.append(" -m udp --dport "); 
+ 				script.append(STANDARD_DNS_PORT);
++				script.append(" -j REDIRECT --to-ports ");
++				script.append(TOR_DNS_PORT);
++				script.append(" || exit\n");
+ 				
+-				if (ipTablesOld)
+-					script.append(" -j DNAT --to 127.0.0.1:");
+-				else
+-					script.append(" -j REDIRECT --to-ports ");
++				script.append(ipTablesPath);
++				script.append(" -t filter");
++				script.append(" -A OUTPUT -p tcp");
++				script.append(" -m owner --uid-owner ");
++				script.append(apps[i].getUid());
++				script.append(" -m tcp --dport ");
++				script.append(TOR_TRANSPROXY_PORT);
++				script.append(" -j ACCEPT");
++				script.append(" || exit\n");
+ 				
++				script.append(ipTablesPath);
++				script.append(" -t filter");
++				script.append(" -A OUTPUT -p udp");
++				script.append(" -m owner --uid-owner ");
++				script.append(apps[i].getUid());
++				script.append(" -m udp --dport ");
+ 				script.append(TOR_DNS_PORT);
+-				
++				script.append(" -j ACCEPT");
+ 				script.append(" || exit\n");
++									
++				script.append(ipTablesPath);
++				script.append(" -t filter -A OUTPUT -m owner --uid-owner ");
++				script.append(apps[i].getUid());
++				script.append(" -j DROP"); //drop all other packets as Tor won't handle them
++				script.append(" || exit\n");
+ 				
+ 				
+-				if (ipTablesOld) //for some reason this doesn't work on iptables 1.3.7
+-				{
+-					script.append(ipTablesPath);
+-					script.append(" -t nat");
+-					script.append(" -A OUTPUT -m owner --uid-owner ");
+-					script.append(apps[i].getUid());
+-					script.append(" -j DROP"); 
+-					script.append(" || exit\n");
+-				}	
+-				else
+-				{
+-					script.append(ipTablesPath);
+-					script.append(" -t filter");
+-					script.append(" -A OUTPUT -p tcp");
+-					script.append(" -m owner --uid-owner ");
+-					script.append(apps[i].getUid());
+-					script.append(" -m tcp --dport ");
+-					script.append(TOR_TRANSPROXY_PORT);
+-					script.append(" -j ACCEPT");
+-					script.append(" || exit\n");
+-					
+-					script.append(ipTablesPath);
+-					script.append(" -t filter");
+-					script.append(" -A OUTPUT -p udp");
+-					script.append(" -m owner --uid-owner ");
+-					script.append(apps[i].getUid());
+-					script.append(" -m udp --dport ");
+-					script.append(TOR_DNS_PORT);
+-					script.append(" -j ACCEPT");
+-					script.append(" || exit\n");
+-										
+-					script.append(ipTablesPath);
+-					script.append(" -t filter -A OUTPUT -m owner --uid-owner ");
+-					script.append(apps[i].getUid());
+-					script.append(" -j DROP"); //drop all other packets as Tor won't handle them
+-					script.append(" || exit\n");
+-					
+-				}
+-				
+-				
+ 			}		
+ 		}
+ 		
+@@ -260,20 +230,13 @@
+ 		
+ 		//String baseDir = context.getDir("bin",0).getAbsolutePath() + '/';
+ 		String ipTablesPath = new File(context.getDir("bin", 0),"iptables").getAbsolutePath();
+-
+-		boolean ipTablesOld = false;
+ 		
+     	StringBuilder script = new StringBuilder();
+     	
+     	StringBuilder res = new StringBuilder();
+     	int code = -1;
+-    	
+-    	String[] cmdFlush = {script.toString()};
+-		code = TorServiceUtils.doShellCommand(cmdFlush, res, true, true);
+-		//String msg = res.toString(); //get stdout from command
++    	purgeIptables(context);
+ 		
+-		script = new StringBuilder();
+-		
+ 		//TCP
+ 		//iptables -t nat -A PREROUTING -i eth0 -p tcp --dport $srcPortNumber -j REDIRECT --to-port $dstPortNumbe
+ 
+@@ -283,14 +246,8 @@
+ 		script.append(" --dport ");
+ 		script.append(port);
+ 		//script.append(" -m tcp --syn");
+-		
+-		if (ipTablesOld)
+-			script.append(" -j DNAT --to 127.0.0.1:");
+-		else
+-			script.append(" -j REDIRECT --to-ports ");
+-		
++		script.append(" -j REDIRECT --to-ports ");
+ 		script.append(TOR_TRANSPROXY_PORT);
+-		
+ 		script.append(" || exit\n");
+ 		
+ 		script.append(ipTablesPath);
+@@ -298,14 +255,8 @@
+ 		script.append(" -A OUTPUT -p udp");
+ 		script.append(" --dport ");
+ 		script.append(port);
+-		
+-		if (ipTablesOld)
+-			script.append(" -j DNAT --to 127.0.0.1:");
+-		else
+-			script.append(" -j REDIRECT --to-ports ");
+-		
++		script.append(" -j REDIRECT --to-ports ");
+ 		script.append(TOR_TRANSPROXY_PORT);
+-		
+ 		script.append(" || exit\n");
+ 		
+ 		//DNS
+@@ -314,24 +265,134 @@
+ 		script.append(" -A OUTPUT -p udp ");
+ 		script.append(" -m udp --dport "); 
+ 		script.append(STANDARD_DNS_PORT);
++		script.append(" -j REDIRECT --to-ports ");
++		script.append(TOR_DNS_PORT);
++		script.append(" || exit\n");
+ 		
+-		if (ipTablesOld)
+-			script.append(" -j DNAT --to 127.0.0.1:");
+-		else
+-			script.append(" -j REDIRECT --to-ports ");
++    	
++    	String[] cmdAdd = {script.toString()};    	
++		code = TorServiceUtils.doShellCommand(cmdAdd, res, true, true);
++		String msg = res.toString();
++		TorService.logMessage(cmdAdd[0] + ";errCode=" + code + ";resp=" + msg);
+ 		
++		return code;
++    }
++
++	public static int setTransparentProxyingAll(Context context) throws Exception {
++		boolean runRoot = true;
++    	boolean waitFor = true;
++    	
++		//android.os.Debug.waitForDebugger();
++		
++		//redirectDNSResolvConf(); //not working yet
++		
++		String ipTablesPath = new File(context.getDir("bin", 0),"iptables").getAbsolutePath();
++		
++    	StringBuilder script = new StringBuilder();
++    	
++    	StringBuilder res = new StringBuilder();
++    	int code = -1;
++    	
++    	purgeIptables(context);
++    	
++    	int torUid = context.getApplicationInfo().uid;
++
++    	// Set up port redirection
++    	script.append(ipTablesPath);
++		script.append(" -t nat");
++		script.append(" -A OUTPUT -p tcp");
++		script.append(" -m owner ! --uid-owner ");
++		script.append(torUid);
++		script.append(" -m tcp --syn");
++		script.append(" -j REDIRECT --to-ports ");
++		script.append(TOR_TRANSPROXY_PORT);
++		script.append(" || exit\n");
++		
++		// Same for DNS
++		script.append(ipTablesPath);
++		script.append(" -t nat");
++		script.append(" -A OUTPUT -p udp -m owner ! --uid-owner ");
++		script.append(torUid);
++		script.append(" -m udp --dport "); 
++		script.append(STANDARD_DNS_PORT);
++		script.append(" -j REDIRECT --to-ports ");
+ 		script.append(TOR_DNS_PORT);
++		script.append(" || exit\n");
+ 		
++		// Allow packets to localhost (contains all the port-redirected ones)
++		script.append(ipTablesPath);
++		script.append(" -t filter");
++		script.append(" -A OUTPUT");
++		script.append(" -p tcp");
++		script.append(" -d 127.0.0.1");
++		script.append(" -j ACCEPT");
+ 		script.append(" || exit\n");
+ 		
++		// Allow loopback
++		script.append(ipTablesPath);
++		script.append(" -t filter");
++		script.append(" -A OUTPUT");
++		script.append(" -p tcp");
++		script.append(" -o lo");
++		script.append(" -j ACCEPT");
++		script.append(" || exit\n");
++		
++		// Allow everything for Tor
++		script.append(ipTablesPath);
++		script.append(" -t filter");
++		script.append(" -A OUTPUT");
++		script.append(" -m owner --uid-owner ");
++		script.append(torUid);
++		script.append(" -j ACCEPT");
++		script.append(" || exit\n");
++		
++		//XXX: Comment the following rules for non-debug builds
++		script.append(ipTablesPath);
++		script.append(" -t filter");
++		script.append(" -A OUTPUT");
++		script.append(" -p udp");
++		script.append(" --dport ");
++		script.append(STANDARD_DNS_PORT);
++		script.append(" -j LOG");
++		script.append(" --log-prefix='ORBOT_DNSLEAK_PROTECTION'");
++		script.append(" --log-uid");
++		script.append(" || exit\n");
++		script.append(ipTablesPath);
++		script.append(" -t filter");
++		script.append(" -A OUTPUT");
++		script.append(" -p tcp");
++		script.append(" -j LOG");
++		script.append(" --log-prefix='ORBOT_TCPLEAK_PROTECTION'");
++		script.append(" --log-uid");
++		script.append(" || exit\n");
++		
++		
++		// Reject DNS that is not from Tor (order is important - first matched rule counts!)
++		script.append(ipTablesPath);
++		script.append(" -t filter");
++		script.append(" -A OUTPUT");
++		script.append(" -p udp");
++		script.append(" --dport ");
++		script.append(STANDARD_DNS_PORT);
++		script.append(" -j REJECT");
++		script.append(" || exit\n");
++		
++		// Reject all other outbound TCP packets
++		script.append(ipTablesPath);
++		script.append(" -t filter");
++		script.append(" -A OUTPUT");
++		script.append(" -p tcp");
++		script.append(" -j REJECT");
++		script.append(" || exit\n");
++		
++		String[] cmdAdd = {script.toString()};    	
+     	
+-    	String[] cmdAdd = {script.toString()};    	
+-		code = TorServiceUtils.doShellCommand(cmdAdd, res, true, true);
++		code = TorServiceUtils.doShellCommand(cmdAdd, res, runRoot, waitFor);
+ 		String msg = res.toString();
+ 		TorService.logMessage(cmdAdd[0] + ";errCode=" + code + ";resp=" + msg);
+ 		
+-		return code;
+-    }	
++    	return code;
++	}	
+ 	
+ 
+ }

patches/orbot-patch-sporkbomb-20110501/orbot_leak_report

@@ -0,0 +1,110 @@
+<4>[  115.319671] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=9997 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK URGP=0 UID=10035 GID=10035 
+<4>[  115.482788] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=64 TOS=0x00 PREC=0x00 TTL=64 ID=9998 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK URGP=0 UID=10035 GID=10035 
+<4>[  116.037658] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=64 TOS=0x00 PREC=0x00 TTL=64 ID=9999 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK URGP=0 UID=10035 GID=10035 
+<4>[  116.699127] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10000 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10035 GID=10035 
+<4>[  116.724517] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10001 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 UID=10035 GID=10035 
+<4>[  116.922515] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=91 TOS=0x00 PREC=0x00 TTL=64 ID=10002 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  117.330810] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10003 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  118.150726] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10004 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  118.903320] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=91 TOS=0x00 PREC=0x00 TTL=64 ID=10005 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  119.310729] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10006 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  120.130737] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10007 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  121.770690] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10008 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  122.695465] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=91 TOS=0x00 PREC=0x00 TTL=64 ID=10009 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  123.100708] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10010 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  123.920684] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10011 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  125.565673] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10012 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  128.840789] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10013 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  130.366333] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=91 TOS=0x00 PREC=0x00 TTL=64 ID=10014 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  130.785339] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10015 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  131.600799] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10016 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  132.835144] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50247 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  133.240753] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10017 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  133.410705] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50248 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  133.443481] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=261 TOS=0x00 PREC=0x00 TTL=64 ID=50249 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  134.031341] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50250 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  134.782196] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=261 TOS=0x00 PREC=0x00 TTL=64 ID=50251 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  135.360778] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50252 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  136.520782] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10018 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  136.526306] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50253 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  137.334716] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=261 TOS=0x00 PREC=0x00 TTL=64 ID=50254 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  137.915832] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50255 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  139.075378] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50256 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  140.435913] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=91 TOS=0x00 PREC=0x00 TTL=64 ID=10019 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  140.850799] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10020 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  141.395019] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50257 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  141.675140] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10021 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  142.455352] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=261 TOS=0x00 PREC=0x00 TTL=64 ID=50258 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  143.030792] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50259 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  143.310852] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10022 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  144.190734] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50260 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  146.510803] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50261 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  146.590789] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10023 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  151.150726] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50262 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  151.166290] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=91 TOS=0x00 PREC=0x00 TTL=64 ID=10024 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  151.570739] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10025 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  152.390686] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10026 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  152.694427] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=261 TOS=0x00 PREC=0x00 TTL=64 ID=50263 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  153.270721] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50264 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  154.030731] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10027 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  154.430694] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50265 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  156.750701] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50266 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  157.310699] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10028 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  160.383117] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=91 TOS=0x00 PREC=0x00 TTL=64 ID=10029 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  160.790832] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10030 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  161.390716] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50267 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  161.610717] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10031 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  163.250701] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10032 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  166.531494] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10033 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  170.670715] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50268 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  170.842285] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=91 TOS=0x00 PREC=0x00 TTL=64 ID=10034 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  171.250732] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10035 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  172.070800] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10036 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  173.309783] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=261 TOS=0x00 PREC=0x00 TTL=64 ID=50269 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  173.710784] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10037 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  173.880828] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50270 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  175.040710] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50271 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  176.990692] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10038 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  177.360687] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50272 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  181.682952] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=91 TOS=0x00 PREC=0x00 TTL=64 ID=10039 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  182.000701] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50273 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  182.090698] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10040 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  182.910797] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10041 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  184.550689] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10042 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  187.830749] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10043 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  191.280700] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50274 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  193.917053] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=91 TOS=0x00 PREC=0x00 TTL=64 ID=10044 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  194.330749] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10045 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  195.150695] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10046 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  196.790679] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10047 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  200.070709] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10048 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  201.567718] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=91 TOS=0x00 PREC=0x00 TTL=64 ID=10049 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  201.970703] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10050 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  202.790771] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10051 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  204.430816] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10052 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  207.710693] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10053 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  209.840789] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50275 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  212.362884] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=91 TOS=0x00 PREC=0x00 TTL=64 ID=10054 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  212.770812] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10055 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  213.590698] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10056 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  215.235809] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10057 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  217.285766] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=261 TOS=0x00 PREC=0x00 TTL=64 ID=50276 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  217.860687] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50277 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  218.510803] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10058 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  219.020721] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50278 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  220.840667] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.101 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=40218 DPT=80 WINDOW=0 RES=0x00 RST URGP=0 
+<4>[  220.842559] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.101 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=40218 DPT=80 WINDOW=0 RES=0x00 RST URGP=0 
+<4>[  220.844512] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.101 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=40218 DPT=80 WINDOW=0 RES=0x00 RST URGP=0 
+<4>[  221.340820] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50279 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  221.478881] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=91 TOS=0x00 PREC=0x00 TTL=64 ID=10059 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  221.890777] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10060 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  221.898010] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.101 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=40218 DPT=80 WINDOW=0 RES=0x00 RST URGP=0 
+<4>[  222.710754] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10061 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  224.350677] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10062 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  225.617523] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.101 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=40218 DPT=80 WINDOW=0 RES=0x00 RST URGP=0 
+<4>[  225.980743] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=87.238.52.70 LEN=249 TOS=0x00 PREC=0x00 TTL=64 ID=50280 DF PROTO=TCP SPT=53939 DPT=993 WINDOW=32044 RES=0x00 ACK PSH URGP=0 UID=10053 GID=10053 
+<4>[  227.630798] ORBOT_TCPLEAK_PROTECTIONIN= OUT=eth0 SRC=192.168.0.14 DST=74.125.39.139 LEN=79 TOS=0x00 PREC=0x00 TTL=64 ID=10063 DF PROTO=TCP SPT=53388 DPT=443 WINDOW=32044 RES=0x00 ACK PSH FIN URGP=0 
+<4>[  241.522155] ORBOT_TCPLEAK_PROTECTIONIN= OUT=rmnet0 SRC=46.206.239.134 DST=84.22.122.5 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=20341 DF PROTO=TCP SPT=49138 DPT=9001 WINDOW=32044 RES=0x00 ACK URGP=0 
+<4>[  241.792358] ORBOT_TCPLEAK_PROTECTIONIN= OUT=rmnet0 SRC=46.206.239.134 DST=84.22.122.5 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=49138 DPT=9001 WINDOW=32044 RES=0x00 ACK URGP=0 
+<4>[  242.362335] ORBOT_TCPLEAK_PROTECTIONIN= OUT=rmnet0 SRC=46.206.239.134 DST=84.22.122.5 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=49138 DPT=9001 WINDOW=32044 RES=0x00 ACK URGP=0 
+<4>[  243.452331] ORBOT_TCPLEAK_PROTECTIONIN= OUT=rmnet0 SRC=46.206.239.134 DST=84.22.122.5 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP SPT=49138 DPT=9001 WINDOW=32044 RES=0x00 ACK URGP=0 

patches/udptransproxyfinal.patch

@@ -0,0 +1,247 @@
+From a81741afe06ac2309b4306dedbd5a0ebf755b7e1 Mon Sep 17 00:00:00 2001
+From: patch <patrickbx@gmail.com>
+Date: Fri, 31 Aug 2012 17:25:52 -0400
+Subject: [PATCH] Addendum to the last commit on UDP transproxy rules. Trying
+ to simplfy the iptables rules didn't work out so this is a
+ minimal change from the original TorTransProxy.java file.
+ UDP is blocked and tested as working.
+
+---
+ .../torproject/android/service/TorTransProxy.java  |  144 ++++++++++++--------
+ 1 file changed, 84 insertions(+), 60 deletions(-)
+
+diff --git a/src/org/torproject/android/service/TorTransProxy.java b/src/org/torproject/android/service/TorTransProxy.java
+index c248a9f..90bdc34 100644
+--- a/src/org/torproject/android/service/TorTransProxy.java
++++ b/src/org/torproject/android/service/TorTransProxy.java
+@@ -224,15 +224,6 @@ public class TorTransProxy implements TorServiceConstants {
+ 				
+     	int torUid = context.getApplicationInfo().uid;
+ 
+-		// Allow everything for Tor
+-		script.append(ipTablesPath);
+-		script.append(" -t filter");
+-		script.append(" -A OUTPUT");
+-		script.append(" -m owner --uid-owner ");
+-		script.append(torUid);
+-		script.append(" -j ACCEPT");
+-		script.append(" || exit\n");
+-
+ 		//build up array of shell cmds to execute under one root context
+ 		for (TorifiedApp tApp:apps)
+ 		{
+@@ -244,9 +235,9 @@ public class TorTransProxy implements TorServiceConstants {
+ 			{
+ 				
+ 				TorService.logMessage("enabling transproxy for app: " + tApp.getUsername() + "(" + tApp.getUid() + ")");
+-
+-			 	// Set up port redirection
+-				script.append(ipTablesPath);
++			 
++				// Set up port redirection
++		    	script.append(ipTablesPath);
+ 				script.append(" -t nat");
+ 				script.append(" -A OUTPUT -p tcp");
+ 				script.append(" ! -d 127.0.0.1"); //allow access to localhost
+@@ -260,28 +251,14 @@ public class TorTransProxy implements TorServiceConstants {
+ 				// Same for DNS
+ 				script.append(ipTablesPath);
+ 				script.append(" -t nat");
+-				script.append(" -A OUTPUT -p udp");
+-				script.append(" -m owner --uid-owner ");
++				script.append(" -A OUTPUT -p udp -m owner --uid-owner ");
+ 				script.append(tApp.getUid());
+ 				script.append(" -m udp --dport "); 
+ 				script.append(STANDARD_DNS_PORT);
+ 				script.append(" -j REDIRECT --to-ports ");
+ 				script.append(TOR_DNS_PORT);
+ 				script.append(" || exit\n");
+-
+-				// Allow loopback
+-				script.append(ipTablesPath);
+-				script.append(" -t filter");
+-				script.append(" -A OUTPUT");
+-				script.append(" -m owner --uid-owner ");
+-				script.append(tApp.getUid());
+-				script.append(" -o lo");
+-				script.append(" -j ACCEPT");
+-				script.append(" || exit\n");
+-
+-				/* 	
+-				//Outgoing loopback already allowed (23/7/12)
+-
++				
+ 				int[] ports = {TOR_DNS_PORT,TOR_TRANSPROXY_PORT,PORT_SOCKS,PORT_HTTP};
+ 				
+ 				for (int port : ports)
+@@ -299,8 +276,30 @@ public class TorTransProxy implements TorServiceConstants {
+ 					script.append(" -j ACCEPT");
+ 					script.append(" || exit\n");				
+ 				}
+-				*/
+-
++				
++				// Allow loopback
++				script.append(ipTablesPath);
++				script.append(" -t filter");
++				script.append(" -A OUTPUT");
++				script.append(" -m owner --uid-owner ");
++				script.append(tApp.getUid());
++				script.append(" -p tcp");
++				script.append(" -o lo");
++				script.append(" -j ACCEPT");
++				script.append(" || exit\n");
++				
++				// Reject DNS that is not from Tor (order is important - first matched rule counts!)
++				script.append(ipTablesPath);
++				script.append(" -t filter");
++				script.append(" -A OUTPUT");
++				script.append(" -m owner --uid-owner ");
++				script.append(tApp.getUid());
++				script.append(" -p udp");
++				script.append(" --dport ");
++				script.append(STANDARD_DNS_PORT);
++				script.append(" -j REJECT");
++				script.append(" || exit\n");
++				
+ 				// Reject all other outbound TCP packets
+ 				script.append(ipTablesPath);
+ 				script.append(" -t filter");
+@@ -321,10 +320,19 @@ public class TorTransProxy implements TorServiceConstants {
+ 				script.append(" -j REJECT");
+ 				script.append(" || exit\n");
+ 
+-				
+ 			}		
+ 		}			
++		
+ 
++		// Allow everything for Tor
++		script.append(ipTablesPath);
++		script.append(" -t filter");
++		script.append(" -A OUTPUT");
++		script.append(" -m owner --uid-owner ");
++		script.append(torUid);
++		script.append(" -j ACCEPT");
++		script.append(" || exit\n");
++		
+ 		String[] cmdAdd = {script.toString()};    	
+     		
+ 		code = TorServiceUtils.doShellCommand(cmdAdd, res, runRoot, waitFor);
+@@ -452,8 +460,8 @@ public class TorTransProxy implements TorServiceConstants {
+     	
+     	int torUid = context.getApplicationInfo().uid;
+ 
+-		// Set up port redirection
+-		script.append(ipTablesPath);
++    	// Set up port redirection
++    	script.append(ipTablesPath);
+ 		script.append(" -t nat");
+ 		script.append(" -A OUTPUT -p tcp");
+ 		script.append(" ! -d 127.0.0.1"); //allow access to localhost
+@@ -467,36 +475,14 @@ public class TorTransProxy implements TorServiceConstants {
+ 		// Same for DNS
+ 		script.append(ipTablesPath);
+ 		script.append(" -t nat");
+-		script.append(" -A OUTPUT -p udp");
+-		script.appent(" -m owner ! --uid-owner ");
++		script.append(" -A OUTPUT -p udp -m owner ! --uid-owner ");
+ 		script.append(torUid);
+ 		script.append(" -m udp --dport "); 
+ 		script.append(STANDARD_DNS_PORT);
+ 		script.append(" -j REDIRECT --to-ports ");
+ 		script.append(TOR_DNS_PORT);
+ 		script.append(" || exit\n");
+-
+-		// Allow loopback
+-		script.append(ipTablesPath);
+-		script.append(" -t filter");
+-		script.append(" -A OUTPUT");
+-		script.append(" -o lo");
+-		script.append(" -j ACCEPT");
+-		script.append(" || exit\n");
+ 		
+-		// Allow everything for Tor
+-		script.append(ipTablesPath);
+-		script.append(" -t filter");
+-		script.append(" -A OUTPUT");
+-		script.append(" -m owner --uid-owner ");
+-		script.append(torUid);
+-		script.append(" -j ACCEPT");
+-		script.append(" || exit\n");
+-	
+-
+-		/* 	
+-		//Outgoing loopback already allowed (23/7/12)
+-
+ 		int[] ports = {TOR_DNS_PORT,TOR_TRANSPROXY_PORT,PORT_SOCKS,PORT_HTTP};
+ 		
+ 		for (int port : ports)
+@@ -514,8 +500,25 @@ public class TorTransProxy implements TorServiceConstants {
+ 			script.append(" -j ACCEPT");
+ 			script.append(" || exit\n");
+ 		
+-		} */
++		}
++		
++		// Allow loopback
++		script.append(ipTablesPath);
++		script.append(" -t filter");
++		script.append(" -A OUTPUT");
++		script.append(" -p tcp");
++		script.append(" -o lo");
++		script.append(" -j ACCEPT");
++		script.append(" || exit\n");
+ 		
++		// Allow everything for Tor
++		script.append(ipTablesPath);
++		script.append(" -t filter");
++		script.append(" -A OUTPUT");
++		script.append(" -m owner --uid-owner ");
++		script.append(torUid);
++		script.append(" -j ACCEPT");
++		script.append(" || exit\n");
+ 		
+ 		if (TorService.ENABLE_DEBUG_LOG)
+ 		{
+@@ -539,13 +542,34 @@ public class TorTransProxy implements TorServiceConstants {
+ 			script.append(" --log-uid");
+ 			script.append(" || exit\n");
+ 		}
+-			
+-		// Reject all other outbound packets by default
++		
++		// Reject DNS that is not from Tor (order is important - first matched rule counts!)
+ 		script.append(ipTablesPath);
+ 		script.append(" -t filter");
+-		script.append(" -P OUTPUT DROP");
++		script.append(" -A OUTPUT");
++		script.append(" -p udp");
++		script.append(" --dport ");
++		script.append(STANDARD_DNS_PORT);
++		script.append(" -j REJECT");
+ 		script.append(" || exit\n");
+ 		
++		// Reject all other outbound TCP packets
++		script.append(ipTablesPath);
++		script.append(" -t filter");
++		script.append(" -A OUTPUT");
++		script.append(" -p tcp");
++		script.append(" -j REJECT");
++		script.append(" || exit\n");
++
++		// Reject all other outbound UDP packets
++		script.append(ipTablesPath);
++		script.append(" -t filter");
++		script.append(" -A OUTPUT");
++		script.append(" -p udp");
++		script.append(" -j REJECT");
++		script.append(" || exit\n");
++	
++
+ 		String[] cmdAdd = {script.toString()};    	
+     	
+ 		code = TorServiceUtils.doShellCommand(cmdAdd, res, runRoot, waitFor);
+-- 
+1.7.9.5
+

patches/update_GibberBot_info/update_GibberBot_info.diff

@@ -0,0 +1,285 @@
+Index: res/values-ca/strings.xml
+===================================================================
+--- res/values-ca/strings.xml	(revision 24406)
++++ res/values-ca/strings.xml	(working copy)
+@@ -97,7 +97,7 @@
+     
+     <string name="wizard_tips_tricks">Aplicacions per a usar-se amb Orbot</string>
+     <string name="wizard_tips_msg">T\'animem a descarregar-te &amp; utilitza aplicacions que sàpiguen com connectar-se directament a Orbot. Fes clic als botons de sota per instal·lar.</string>
+-    <string name="wizard_tips_otrchat">OTRCHAT - Client de missatgeria instantània segura per a Android</string>
++    <string name="wizard_tips_otrchat">GibberBot - Client de missatgeria instantània segura per a Android</string>
+     <string name="wizard_tips_orweb">ORWEB (Només Android 1.x) - Navegador dissenyat per la privacitat &amp; per a Orbot</string>
+     <string name="wizard_tips_proxy">Coniguració de Proxy - Aprèn a configurar aplicacions per a què funcionin amb Orbot</string>
+     
+@@ -115,7 +115,7 @@
+     <string name="wizard_final">Orbot és a punt!</string>
+     <string name="wizard_final_msg">Centenars de milers de persones arreu del món utilitzen Tor per un gran ventall de raons: periodistes i blocaires, treballadors pels drets humans, agents de l\'autoritat, soldats, corporacions, ciutadans de règims opressors, i ciutadans qualssevol... I ara tu també ho pots fer!</string>
+     
+-    <string name="otrchat_apk_url">https://guardianproject.info/getgibber</string>
++    <string name="otrchat_apk_url">market://search?q=pname:info.guardianproject.otr.app.im</string>
+     <string name="orweb_apk_url">https://guardianproject.info/getorweb</string>
+     
+ <!-- END Welcome Wizard strings (DJH) -->
+Index: res/drawable/icon_otrchat.png
+===================================================================
+Cannot display: file marked as a binary type.
+svn:mime-type = application/octet-stream
+Index: res/drawable/ic_launcher_gibberbot.png
+===================================================================
+Cannot display: file marked as a binary type.
+svn:mime-type = application/octet-stream
+
+Property changes on: res/drawable/ic_launcher_gibberbot.png
+___________________________________________________________________
+Added: svn:mime-type
+   + application/octet-stream
+
+Index: res/values-fa/strings.xml
+===================================================================
+--- res/values-fa/strings.xml	(revision 24406)
++++ res/values-fa/strings.xml	(working copy)
+@@ -95,7 +95,7 @@
+     
+     <string name="wizard_tips_tricks">اپلیکیشن هایی که برای اوربات تنظیم شده اند</string>
+     <string name="wizard_tips_msg">توصیه می کنیم داون لود و فعال کنید؛ اپلیکیشن هایی را استفاده کنید که مستقیم به اوربات وصل می شوند. دکمه های زیر را فشار دهید تا نصب شود. </string>
+-    <string name="wizard_tips_otrchat">OTRCHAT - کاربر ایمن انتقال پیام فوری برای آندروید</string>
++    <string name="wizard_tips_otrchat">GibberBot - کاربر ایمن انتقال پیام فوری برای آندروید</string>
+     <string name="wizard_tips_orweb">ORWEB (فقط آندروید 1.x) - مرورگر طراحی شده برای حفظ حریم خصوصی و افزونساز اوربات</string>
+     <string name="wizard_tips_proxy">تنظیمات پروکسی - یادگیری تنظیم اپلیکیشن ها برای کار با اوربات</string>
+     
+@@ -105,7 +105,7 @@
+     <string name="wizard_final">اوربات آماده استفاده میباشد!</string>
+     <string name="wizard_final_msg">صدها هزار نفر در سراسر جهان به دلایل گوناگون از Tor استفاده می کنند: روزنامه نویسها و بلاگرها، کارکنان حقوق بشر، ماموران انتظامی، سربازان، شرکتها، شهروندان دولتهای سرکوبگر، و شهروندان عادی، و حالا شما نیز آماده استفاده از آن هستید!</string>
+     
+-    <string name="otrchat_apk_url">https://guardianproject.info/getgibber</string>
++    <string name="otrchat_apk_url">market://search?q=pname:info.guardianproject.otr.app.im</string>
+     <string name="orweb_apk_url">https://guardianproject.info/getorweb</string>
+     
+ <!-- END Welcome Wizard strings (DJH) -->
+Index: res/values-ru/strings.xml
+===================================================================
+--- res/values-ru/strings.xml	(revision 24406)
++++ res/values-ru/strings.xml	(working copy)
+@@ -95,7 +95,7 @@
+     
+     <string name="wizard_tips_tricks">Orbot-задействованные приложения</string>
+     <string name="wizard_tips_msg">Мы советуем вам скачать и использовать приложения, которые умеют работать напрямую через Orbot. Нажмите на кнопки ниже, чтобы запустить процесс установки.</string>
+-    <string name="wizard_tips_otrchat">OTRCHAT - Обезопасте обмен мгновенными сообщениями для клиентов в Android</string>
++    <string name="wizard_tips_otrchat">GibberBot - Обезопасте обмен мгновенными сообщениями для клиентов в Android</string>
+     <string name="wizard_tips_orweb">ORWEB (Только для версии Android 1.x) - Браузер, разработанный для обеспечения безопасности и для Orbot</string>
+     <string name="wizard_tips_proxy">Настройки прокси - узнайте как настроить приложения для работы с Orbot</string>
+     
+@@ -109,7 +109,7 @@
+     <string name="wizard_final">Программа Orbot готова к использованию!</string>
+     <string name="wizard_final_msg">Сотни тысяч людей по всему миру используют Tor по различным причинам: журналисты и блоггеры, активисты организаций, выступающих в защиту прав человека, судебные исполнители, солдаты, корпорации, граждане стран с репрессивным режимом, и простые люди... а теперь готовы и вы!</string>
+     
+-    <string name="otrchat_apk_url">https://guardianproject.info/getgibber</string>
++    <string name="otrchat_apk_url">market://search?q=pname:info.guardianproject.otr.app.im</string>
+     <string name="orweb_apk_url">https://guardianproject.info/getorweb</string>
+     
+ <!-- END Welcome Wizard strings (DJH) -->
+Index: res/values-de/strings.xml
+===================================================================
+--- res/values-de/strings.xml	(revision 24406)
++++ res/values-de/strings.xml	(working copy)
+@@ -97,7 +97,7 @@
+     
+     <string name="wizard_tips_tricks">Programme, für die Orbot aktiviert ist</string>
+     <string name="wizard_tips_msg">Wir raten Ihnen Programme herunterzuladen &amp; zu nutzen, die wissen, wie sie sich direkt mit Orbot verbinden. Klicken Sie zum Installieren auf den Knopf unten.</string>
+-    <string name="wizard_tips_otrchat">OTRCHAT - Ein sicheres Instant-Messaging-Programm für Android</string>
++    <string name="wizard_tips_otrchat">GibberBot - Ein sicheres Instant-Messaging-Programm für Android</string>
+     <string name="wizard_tips_orweb">ORWEB (Nur Android 1.x) - Ein für Privatsphäre &amp; Orbot entworfener Browser</string>
+     <string name="wizard_tips_proxy">Proxy-Einstellungen - Lernen Sie Anwendungen so zu konfigurieren, dass sie mit Orbot zusammenarbeiten.</string>
+     
+@@ -115,7 +115,7 @@
+     <string name="wizard_final">Orbot ist bereit!</string>
+     <string name="wizard_final_msg">Hunderttausende Menschen auf der ganzen Welt nutzen Tor aus einer Vielzahl von Gründen: Journalisten und Blogger, Menschenrechtsaktivisten, Strafverfolgungsbehörden, Soldaten, Unternehmen, Bürger repressiver Regime und ganz normale Menschen... und sind Sie ebenfalls bereit!</string>
+     
+-    <string name="otrchat_apk_url">https://guardianproject.info/getgibber</string>
++    <string name="otrchat_apk_url">market://search?q=pname:info.guardianproject.otr.app.im</string>
+     <string name="orweb_apk_url">https://guardianproject.info/getorweb</string>
+     
+ <!-- END Welcome Wizard strings (DJH) -->
+Index: res/values/strings.xml
+===================================================================
+--- res/values/strings.xml	(revision 24406)
++++ res/values/strings.xml	(working copy)
+@@ -94,7 +94,7 @@
+     
+     <string name="wizard_tips_tricks">Orbot-enabled Apps</string>
+     <string name="wizard_tips_msg">We encourage you to download &amp; use apps that know how to connect directly to Orbot. Click on the buttons below to install.</string>
+-    <string name="wizard_tips_otrchat">OTRCHAT - Secure instant messaging client for Android</string>
++    <string name="wizard_tips_otrchat">Gibberbot - Secure instant messaging client for Android</string>
+     <string name="wizard_tips_orweb">ORWEB (Android 1.x Only) - Browser designed for privacy &amp; for Orbot</string>
+     <string name="wizard_tips_proxy">Proxy Settings - Learn how to configure apps to work with Orbot</string>
+     
+@@ -108,7 +108,7 @@
+     <string name="wizard_final">Orbot is ready!</string>
+     <string name="wizard_final_msg">Hundreds of thousands of people around the world use Tor for a wide variety of reasons: journalists and bloggers, human rights workers, law enforcement officers, soldiers, corporations, citizens of repressive regimes, and just ordinary citizens... and now you are ready to, as well!</string>
+     
+-    <string name="otrchat_apk_url">https://guardianproject.info/getgibber</string>
++    <string name="otrchat_apk_url">market://search?q=pname:info.guardianproject.otr.app.im</string>
+     <string name="orweb_apk_url">https://guardianproject.info/getorweb</string>
+     
+  <!-- END Welcome Wizard strings (DJH) -->
+Index: res/values-ar/strings.xml
+===================================================================
+--- res/values-ar/strings.xml	(revision 24406)
++++ res/values-ar/strings.xml	(working copy)
+@@ -97,7 +97,7 @@
+     
+     <string name="wizard_tips_tricks">تطبيقات مهيئة لأوربوت</string>
+     <string name="wizard_tips_msg">نشجعكم على تحميل واستخدام التطبيقات التي تعرف كيفية الاتصال مباشرة بأوربوت. اضغط على الأزرار في الأسفل للتثبيت.</string>
+-    <string name="wizard_tips_otrchat">OTRCHAT - عميل التراسل الفوري الآمن للأندرويد</string>
++    <string name="wizard_tips_otrchat">GibberBot - عميل التراسل الفوري الآمن للأندرويد</string>
+     <string name="wizard_tips_orweb">ORWEB (أندرويد 1.x فقط) - متصفح مصمّم للخصوصية لأوربوت </string>
+     <string name="wizard_tips_proxy">إعدادات الوكيل - تعلم كيفية تكوين التطبيقات لتعمل مع أوربوت</string>
+     
+@@ -115,7 +115,7 @@
+     <string name="wizard_final">أوربوت جاهز!</string>
+     <string name="wizard_final_msg">مئات الآلاف من الناس في جميع أنحاء العالم يستخدمون تور لأسباب عديدة: الصحفيين والمدونين، والعاملين في مجال حقوق الإنسان، والجنود والشركات والمواطنين من الأنظمة القمعية، والمواطنين العاديين ... والآن أنت مستعد لأن تستخدمه كذلك!</string>
+     
+-    <string name="otrchat_apk_url">https://guardianproject.info/getgibber</string>
++    <string name="otrchat_apk_url">market://search?q=pname:info.guardianproject.otr.app.im</string>
+     <string name="orweb_apk_url">https://guardianproject.info/getorweb</string>
+     
+ <!-- END Welcome Wizard strings (DJH) -->
+Index: res/values-es/strings.xml
+===================================================================
+--- res/values-es/strings.xml	(revision 24406)
++++ res/values-es/strings.xml	(working copy)
+@@ -97,7 +97,7 @@
+     
+     <string name="wizard_tips_tricks">Aplicaciones activas en Orbot</string>
+     <string name="wizard_tips_msg">Le invitamos a descargar y utilizar aplicaciones que saben cómo conectarse directamente a Orbot. Haga clic en los botones a continuación para Instalar.</string>
+-    <string name="wizard_tips_otrchat">OTRCHAT - Cliente de mensajería instantánea seguro para Android</string>
++    <string name="wizard_tips_otrchat">GibberBot - Cliente de mensajería instantánea seguro para Android</string>
+     <string name="wizard_tips_orweb">ORWEB (Sólo Android 1.x) - Navegador diseñado para la privacidad y para Orbot</string>
+     <string name="wizard_tips_proxy">Configuraciones Proxy - Aprenda cómo configurar aplicaciones para que trabajen con Orbot</string>
+     
+@@ -115,7 +115,7 @@
+     <string name="wizard_final">¡Orbot está listo!</string>
+     <string name="wizard_final_msg">Cientos de miles de personas alrededor del mundo usan Tor por una amplia variedad de razones: periodistas y bloggers, trabajadores de los derechos humanos, oficiales de policía, soldados, corporaciones, ciudadanos de regímenes represivos y ciudadanos ordinarios... ¡y ahora también lo estás!</string>
+     
+-    <string name="otrchat_apk_url">https://guardianproject.info/getgibber</string>
++    <string name="otrchat_apk_url">market://search?q=pname:info.guardianproject.otr.app.im</string>
+     <string name="orweb_apk_url">https://guardianproject.info/getorweb</string>
+     
+ <!-- END Welcome Wizard strings (DJH) -->
+Index: res/values-mk/strings.xml
+===================================================================
+--- res/values-mk/strings.xml	(revision 24406)
++++ res/values-mk/strings.xml	(working copy)
+@@ -95,7 +95,7 @@
+     
+     <string name="wizard_tips_tricks">Орбот-вклучени апликации</string>
+     <string name="wizard_tips_msg">Ви препорачуваме да презимате и користите апликации кои што знаат како директно да се поврзат со Орбот. Притиснете на копчињата подолу за инсталирање.</string>
+-    <string name="wizard_tips_otrchat">OTRCHAT - Безбеден клиент за инстант-пораки за Андроид</string>
++    <string name="wizard_tips_otrchat">GibberBot - Безбеден клиент за инстант-пораки за Андроид</string>
+     <string name="wizard_tips_orweb">ORWEB (само Андроид 1.x) - Браусер дизајниран за приватност и за Орбот</string>
+     <string name="wizard_tips_proxy">Подесувања на прокси - Научете како да ги конфигурирате апликациите да работат со Орбот</string>
+     
+@@ -109,7 +109,7 @@
+     <string name="wizard_final">Орбот е спремен!</string>
+     <string name="wizard_final_msg">Стотици илјади луѓе низ целиот Свет го користат Тор од многу различни причини: новинари и блогери, борци за човекови права, полицајци, војници, корпорации, граѓани на репресивни режими, и обични граѓани... а сега и Вие сте спремин да го користите!</string>
+     
+-    <string name="otrchat_apk_url">https://guardianproject.info/getgibber</string>
++    <string name="otrchat_apk_url">market://search?q=pname:info.guardianproject.otr.app.im</string>
+     <string name="orweb_apk_url">https://guardianproject.info/getorweb</string>
+     
+ <!-- END Welcome Wizard strings (DJH) -->
+Index: res/values-nl/strings.xml
+===================================================================
+--- res/values-nl/strings.xml	(revision 24406)
++++ res/values-nl/strings.xml	(working copy)
+@@ -97,7 +97,7 @@
+     
+     <string name="wizard_tips_tricks">Orbot-beschikbare Apps</string>
+     <string name="wizard_tips_msg">We raden u aan om te apps te downloaden welke zich zich automatisch verbinden met Orbot. Klik op de buttons hier beneden om te installeren.</string>
+-    <string name="wizard_tips_otrchat">OTRCHAT - Veilige instant message programma voor Android</string>
++    <string name="wizard_tips_otrchat">GibberBot - Veilige instant message programma voor Android</string>
+     <string name="wizard_tips_orweb">ORWEB (Alleen Android 1.x) - Browser gemaakt voor privacy &amp; voor Orbot</string>
+     <string name="wizard_tips_proxy">Proxy Instellingen - Leer hoe u uw apps kunt configureren voor Orbot</string>
+     
+@@ -114,7 +114,7 @@
+     <string name="wizard_final">Orbot is klaar!</string>
+     <string name="wizard_final_msg">Honderdduizenden verschillende mensen over de wereld gebruiken Tor, zoals: journalisten, bloggers, mensen rechten medewerkers, soldaten, bedrijven, burgers met onderdrukte religies, en natuurlijk normale mensen... En nu bent u ook klaar om te gaan!</string>
+     
+-    <string name="otrchat_apk_url">https://guardianproject.info/getgibber</string>
++    <string name="otrchat_apk_url">market://search?q=pname:info.guardianproject.otr.app.im</string>
+     <string name="orweb_apk_url">https://guardianproject.info/getorweb</string>
+     
+ <!-- END Welcome Wizard strings (DJH) -->
+Index: res/values-pl/strings.xml
+===================================================================
+--- res/values-pl/strings.xml	(revision 24406)
++++ res/values-pl/strings.xml	(working copy)
+@@ -95,7 +95,7 @@
+     
+     <string name="wizard_tips_tricks">Aplikacje skonfigurowane dla Orbota</string>
+     <string name="wizard_tips_msg">Zachęcamy do pobierania i używania aplikacji, które wiedzą, jak łączyć się bezpośrednio z Orbotem. Kliknij na poniższe przyciski, by zainstalować.</string>
+-    <string name="wizard_tips_otrchat">OTRCHAT - Bezpieczny klieny rozmów dla Androida</string>
++    <string name="wizard_tips_otrchat">GibberBot - Bezpieczny klieny rozmów dla Androida</string>
+     <string name="wizard_tips_orweb">ORWEB (tylko Android 1.x) - Przeglądarka zaprojektowana do prywatności i dla Orbota</string>
+     <string name="wizard_tips_proxy">Ustawienia Proxy - NDowiedz się, jak konfiguroać aplikacje do współpracy z Orbotem</string>
+     
+@@ -109,7 +109,7 @@
+     <string name="wizard_final">Orbot jest gotowy!</string>
+     <string name="wizard_final_msg">Setki tysięcy ludzi na całym świecie używają Tora z różnych powodów: dziennikarze i blogerzy, działacze na rzecz praw człowieka, stróże prawa, żołnierze, korporacje, obywatele represyjnych reżimów i zwykli obywatele... teraz Ty też możesz!</string>
+     
+-    <string name="otrchat_apk_url">https://guardianproject.info/getgibber</string>
++    <string name="otrchat_apk_url">market://search?q=pname:info.guardianproject.otr.app.im</string>
+     <string name="orweb_apk_url">https://guardianproject.info/getorweb</string>
+     
+ <!-- END Welcome Wizard strings (DJH) -->
+Index: res/layout/layout_wizard_tips.xml
+===================================================================
+--- res/layout/layout_wizard_tips.xml	(revision 24406)
++++ res/layout/layout_wizard_tips.xml	(working copy)
+@@ -17,7 +17,7 @@
+ 		    
+ <TextView android:text="@string/wizard_tips_msg" android:layout_gravity="left"	android:textColor="#ffffff" android:id="@+id/TextView01" android:layout_width="wrap_content" android:layout_height="wrap_content"></TextView>
+ 
+-<Button android:text="@string/wizard_tips_otrchat"  android:layout_gravity="left" android:drawableLeft="@drawable/icon_otrchat"  android:layout_marginTop="10px" android:id="@+id/WizardRootButtonInstallOtrchat" android:layout_width="wrap_content" android:layout_height="wrap_content"/>
++<Button android:text="@string/wizard_tips_otrchat"  android:layout_gravity="left" android:drawableLeft="@drawable/ic_launcher_gibberbot"  android:layout_marginTop="10px" android:id="@+id/WizardRootButtonInstallOtrchat" android:layout_width="wrap_content" android:layout_height="wrap_content"/>
+ 
+ <Button android:text="@string/wizard_tips_orweb"  android:drawableLeft="@drawable/icon_orweb" android:layout_marginTop="10px" android:id="@+id/WizardRootButtonInstallOrweb" android:layout_width="wrap_content" android:layout_height="wrap_content"/>
+ 
+Index: res/values-zh/strings.xml
+===================================================================
+--- res/values-zh/strings.xml	(revision 24406)
++++ res/values-zh/strings.xml	(working copy)
+@@ -95,7 +95,7 @@
+     
+     <string name="wizard_tips_tricks">可用 Orbot 的应用程序</string>
+     <string name="wizard_tips_msg">我们建议您下载和使用能直接连接到 Orbot 的应用程序。点击以下按钮安装。</string>
+-    <string name="wizard_tips_otrchat">OTRCHAT - Android 上的安全即时消息客户端</string>
++    <string name="wizard_tips_otrchat">GibberBot - Android 上的安全即时消息客户端</string>
+     <string name="wizard_tips_orweb">ORWEB (仅 Android 1.x) - 着重隐私设计的浏览器</string>
+     <string name="wizard_tips_proxy">代理设置 - 学习如何配置应用程序使用 Orbot</string>
+     
+@@ -108,7 +108,7 @@
+     <string name="wizard_final">Orbot 已就绪！</string>
+     <string name="wizard_final_msg">数以万计的各国人们因为各种原因使用 Tor：记者、人权工作者、法律工作者、士兵、公司、迫于实际情况使用的市民，当然也有普通的市民。现在你也即将成为其中的一员！</string>
+     
+-    <string name="otrchat_apk_url">https://guardianproject.info/getgibber</string>
++    <string name="otrchat_apk_url">market://search?q=pname:info.guardianproject.otr.app.im</string>
+     <string name="orweb_apk_url">https://guardianproject.info/getorweb</string>
+     
+ <!-- END Welcome Wizard strings (DJH) -->
+Index: .classpath
+===================================================================
+--- .classpath	(revision 24406)
++++ .classpath	(working copy)
+@@ -1,9 +1,9 @@
+ <?xml version="1.0" encoding="UTF-8"?>
+ <classpath>
+-	<classpathentry kind="src" path="src"/>
+-	<classpathentry kind="src" path="gen"/>
+ 	<classpathentry kind="con" path="com.android.ide.eclipse.adt.ANDROID_FRAMEWORK"/>
+ 	<classpathentry kind="lib" path="libs/asocks.jar"/>
+ 	<classpathentry kind="lib" path="libs/jtorctrl.jar"/>
++	<classpathentry kind="src" path="src"/>
++	<classpathentry kind="src" path="gen"/>
+ 	<classpathentry kind="output" path="bin"/>
+ </classpath>

procfg.txt

@@ -0,0 +1,31 @@
+-optimizationpasses 5
+-dontusemixedcaseclassnames
+-dontskipnonpubliclibraryclasses
+-dontpreverify
+-verbose
+-optimizations !code/simplification/arithmetic,!field/*,!class/merging/*
+
+-keep public class * extends android.app.Activity
+-keep public class * extends android.app.Application
+-keep public class * extends android.app.Service
+-keep public class * extends android.content.BroadcastReceiver
+-keep public class * extends android.content.ContentProvider
+-keep public class com.android.vending.licensing.ILicensingService
+
+-keepclasseswithmembernames class * {
+    native <methods>;
+}
+
+-keepclasseswithmembernames class * {
+    public <init>(android.content.Context, android.util.AttributeSet); 
+}
+
+-keepclasseswithmembernames class * {
+    public <init>(android.content.Context, android.util.AttributeSet, int); 
+}
+
+-keepclassmembers enum * {
+    public static **[] values();
+    public static ** valueOf(java.lang.String);
+}
+

proguard-project.txt

@@ -0,0 +1,20 @@
+# To enable ProGuard in your project, edit project.properties
+# to define the proguard.config property as described in that file.
+#
+# Add project specific ProGuard rules here.
+# By default, the flags in this file are appended to flags specified
+# in ${sdk.dir}/tools/proguard/proguard-android.txt
+# You can edit the include path and order by changing the ProGuard
+# include property in project.properties.
+#
+# For more details, see
+#   http://developer.android.com/guide/developing/tools/proguard.html
+
+# Add any project specific keep options here:
+
+# If your project uses WebView with JS, uncomment the following
+# and specify the fully qualified class name to the JavaScript interface
+# class:
+#-keepclassmembers class fqcn.of.javascript.interface.for.webview {
+#   public *;
+#}

project.properties

@@ -6,8 +6,7 @@
 # To customize properties used by the Ant build system use,
 # "ant.properties", and override values to adapt the script to your
 # project structure.
-#proguard.config=${sdk.dir}/tools/proguard/proguard-android-optimize.txt:proguard-project.txt
 
 # Project target.
 target=android-16
-aar.deployPath=/media/n8fr8/nate128/dev/repos/gpmaven/
+android.library.reference.1=../ActionBarSherlock/library