http(s) proxy support (web, maps, etc) - Desire Android Development

I was sitting at a customer (yes real work) the other day without access to VPN (ports blocked) and i was roaming so daren't switch on 3g due to the extortionate costs. They did have a wireless access and required a proxy for browsing, web mail, etc. Unfortunately if you're connected to wireless you can't also turn your wifi on your laptop into an adhoc hotspot for your phone (even though ad-hoc works perfectly now) so i quickly downloaded transproxy, compiled it (i did have access to the NDK on my lappie luckily) , and set up iptables and voila, a transparent proxy was up and running and everything sprung into life on my Desire. The nice thing (as mentioned in the subject) is that this is not limited to only the browser (i.e. it's not setting the http_proxy in the SQlite db) so even my MAPS, and everything that uses comms thru port 80 came to life.
Posting this if anyone's interested. I hear the CM6 now has proxy access, but this should work for any ROM that is rooted (i.e has su installed) and has iptables support.
Basic HTTP auth is supported, NTLM is NOT SUPPORTED CURRENTLY (and may never be as i don't have a server i can test with).
UPDATE 7th MAY 2011: PLEASE READ THIS POST FIRST
PLEASE post logcat outputs while starting transproxy or it makes it hard for me to diagnose errors. Just saying it doesn't work will not help me fix it.
Version 3.08 beta
- New GUI only. Thanks lots to user fonix232
Version 3.04-3.07
- Bugfixes
Version 3.03
- Major rewrite of redsocks to support transparent proxying (no need to support tproxy binary).
Version 3.02
- Limit the forks as some complex pages may result in large number of process forks which may lead to memory depletion, slowdown in phone, crash, etc.
- Add port 5228 redirection for market auth
Version 3.01
- Split traffic for b*stard proxies that don't support port 80 connections via CONNECT method
Version 3.00
- Full transparency (currently only 80/443 forwarded)
Version 2.04
- Fixed the loss of focus bug when going from on -> off in the GUI
- Fixed the hostname resoltion bug in the Host field.
Version 2.03
- SOCKS 4a/5 support
- Fix password quoting in proxy.sh script
- Removed iptables binary due to ROM incompatabilites. Your ROM must support and have iptables binary included.
Versions 2.01/2.02
- Private testing versions only to fix bugs.
Version 2.00
- Rewrite to support (basic) proxy auth
- Disabled https as it cannot work transparently
Version 1.03
- Fix to work nexus one not having multiport module
- Included 'iptables' binary
Version 1.02
- Internal only version
Version 1.01
- Fix for broken 'su' parsing by splitting the iptables script into 2 scripts to start/stop
Version 1.0
- Broken version not working with 'su' correctly
TODO:
- Abritrary forwarding (i.e. 80,443,++++) -but the upstream proxy needs to allow those ports which it seems many b*stard proxies don't. Use a VPN for that if you can.
- NTLM support

can you please translate this for unrooted people, (i have no clue where to type this abd stuff)? does this only work for rooted devices? how much time you think you need for an apk
and does this work only in combination with a laptop or is this a standalone version ( i heard you can set up proxy when you surf next to your laptop, but without it its not possible)?

Great work! I'm so happy someone capable finally cares about the missing wifi proxy issue.
Do you think it will work on other (rooted) phones, too? I'm interested using it with my Milestone...
Looking forward to see it with a nice UI.

I get an error when do iptables
# iptables -t nat -A OUTPUT -p tcp -m multiport --dports 80,443 -j REDIRECT --to
-ports 8123
iptables -t nat -A OUTPUT -p tcp -m multiport --dports 80,443 -j REDIRECT --to-p
orts 8123
getsockopt for multiport failed strangely: No such file or directory
getsockopt for multiport failed strangely: No such file or directory
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:378
iptables: No chain/target/match by that name
#

I'm a waitin on the apk! Will solve several people problems.

magdap said:
can you please translate this for unrooted people, (i have no clue where to type this abd stuff)? does this only work for rooted devices? how much time you think you need for an apk
and does this work only in combination with a laptop or is this a standalone version ( i heard you can set up proxy when you surf next to your laptop, but without it its not possible)?
Click to expand...
Click to collapse
Unfortunately it won't work for unrooted phones since you need access to do kernel stuff like forwarding destination packets to ports 80,443 to another arbitrary port.
You don't need a laptop after you've pushed the 'tproxy' binary. You can run the commands directly from a root console on the phone.

wallla said:
Great work! I'm so happy someone capable finally cares about the missing wifi proxy issue.
Do you think it will work on other (rooted) phones, too? I'm interested using it with my Milestone...
Looking forward to see it with a nice UI.
Click to expand...
Click to collapse
Yes i don't see why it shouldn't work with other rooted phones as long as you have the iptables binary and modules (or in kernel).

iamgpc said:
I get an error when do iptables
# iptables -t nat -A OUTPUT -p tcp -m multiport --dports 80,443 -j REDIRECT --to
-ports 8123
iptables -t nat -A OUTPUT -p tcp -m multiport --dports 80,443 -j REDIRECT --to-p
orts 8123
getsockopt for multiport failed strangely: No such file or directory
getsockopt for multiport failed strangely: No such file or directory
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:378
iptables: No chain/target/match by that name
#
Click to expand...
Click to collapse
Looks like your ROM/kernel doesn't have the multiport matching netfilter builtin or as a module. SO in your case you'd need to change the command to be run for each port you're redirecting like this
Code:
iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-port 8123
iptables -t nat -A OUTPUT -p tcp --dport 443 -j REDIRECT --to-port 8123

blud7 said:
I'm a waitin on the apk! Will solve several people problems.
Click to expand...
Click to collapse
I'm a good C programmer (IMHO) but never dabbled in android programming, so it may take a while. If some developer comes up with a gui before me, please feel free. I hope i've passed on the know-how to do the raw stuff though.

Yay, somebody did something about the lack of proxy support
I'm just going to wait for it to be released in a rom (or an app), i'm too lazy and don't need it urgently.

daveba said:
Looks like your ROM/kernel doesn't have the multiport matching netfilter builtin or as a module. SO in your case you'd need to change the command to be run for each port you're redirecting like this
Code:
iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-port 8123
iptables -t nat -A OUTPUT -p tcp --dport 443 -j REDIRECT --to-port 8123
Click to expand...
Click to collapse
Thanks for your help, however i still get an error
The following is my adb shell log, is it any problem?
chmod 777 /system/bin/tproxy
# /system/bin/tproxy -s 8123 10.1.1.2 80
/system/bin/tproxy -s 8123 10.1.1.2 80
# iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-port 8123
iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-port 8123
getsockopt for multiport failed strangely: No such file or directory
getsockopt for multiport failed strangely: No such file or directory
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:378
# iptables -t nat -A OUTPUT -p tcp --dport 443 -j REDIRECT --to-port 8123
iptables -t nat -A OUTPUT -p tcp --dport 443 -j REDIRECT --to-port 8123
getsockopt for multiport failed strangely: No such file or directory
getsockopt for multiport failed strangely: No such file or directory
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:378
#

I have written a step by step guide for setting up proxy in Desire mobile...Do check it out.... its in my signature

sweetheater said:
I have written a step by step guide for setting up proxy in Desire mobile...Do check it out.... its in my signature
Click to expand...
Click to collapse
Yes that would work as well alebit with privoxy as the proxying server. tproxy is much smaller and doesn't do all the anonymizing that Orbot does. Anyhow yes i guess that should work too.
Why didn't i find that when i was looking ;-(

iamgpc said:
Thanks for your help, however i still get an error
The following is my adb shell log, is it any problem?
chmod 777 /system/bin/tproxy
# /system/bin/tproxy -s 8123 10.1.1.2 80
/system/bin/tproxy -s 8123 10.1.1.2 80
# iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-port 8123
iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-port 8123
getsockopt for multiport failed strangely: No such file or directory
getsockopt for multiport failed strangely: No such file or directory
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:378
# iptables -t nat -A OUTPUT -p tcp --dport 443 -j REDIRECT --to-port 8123
iptables -t nat -A OUTPUT -p tcp --dport 443 -j REDIRECT --to-port 8123
getsockopt for multiport failed strangely: No such file or directory
getsockopt for multiport failed strangely: No such file or directory
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:378
#
Click to expand...
Click to collapse
Hi it looks like your rom is missing iptables multiport support in the kernel. What ROM are you using ?
Maybe it supports it as a module. Does
Code:
modprobe xt_multiport
give you errors also ?

sweetheater said:
I have written a step by step guide for setting up proxy in Desire mobile...Do check it out.... its in my signature
Click to expand...
Click to collapse
Pretty cool. Thanks! But that's limited to TOR, which means if you have a company proxy in between it's still a no-go . Correct me if I'm wrong.

Similar errors showing up in Modaco r8 rom (even with single redirects), xt_multiport isn't there.

So, i just tried it with my stone.
Turns out that there's no iptables on the Milestone.
However, I made it work simply by taking iptables from the wifi-tether-project and copying it to /system/bin/ .
After executing the command for iptables I get an error-message
"FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:372".
But that's no problem as the rule is set, successfully.
Can't make a practical test yet, until in some weeks. But I'm optimistic.
Thanks so much, again.
@all other people who get the getprotobyname()-error:
try and execute iptables -t nat -L -n -v to show your config.
Maybe the rule is set anyway, like on my phone...

It's the same deal on HTC Desire with a Modaco custom ROM r8, I hadn't thought to check the rule was there after seeing the error. It is.
Can't test on the work network until next week.

How do I switch the rules off (short of rebooting)?
The obvious:
iptables -t nat -D OUTPUT -p tcp -m multiport --dport 80 -j REDIRECT --to-ports 8123
iptables -t nat -D OUTPUT -p tcp -m multiport --dport 443 -j REDIRECT --to-ports 8123
doesn't seem to work (unless iptables -t nat -L -n -v is misreporting the state)
/EDIT
Ignore that, the equally obvious
iptables -t nat --flush
does clear 'em out...

Market Download Probem
Hi,
this procedure is very interesting, in my case internet browsing and market browsing is working but not for market download and gmail.
some suggestions?
Thanks

Related

[Q] MMS question about Droid X on Cricket

So I've been tinkering with my Droid X on Cricket for the last two months. Got the FlyX rom on it. I was able to flash it right after I got it and everything works...except for MMS, which has been flaky. I have probably flashed this phone at least 10 times now and I can always get everything working except for MMS. I have the same problem with my fianceé's Droid 2 as well.
After going through APN's, PRL's, triple-checking all settings in QPST and CDMA WS, checking my account w/Cricket, etc. etc. it seems I finally narrowed it down to an autostart.sh issue.
I could be wrong but here's what happens - when I use the autostart.sh in Token's zip my MMS works perfectly every single time, the 3G icon is there but I have no internet or market or app data. When I use the autostart.sh from Whiterabbit's site then all data works perfectly except MMS.
I tried creating my own autostart.sh, incorporating parts of Token's along with the static IP from Whiterabbit but that resulted in no data and no MMS.
Here's the two files. First, the autostart.sh from Whiterabbit's site:
#!/system/bin/sh
export PATH="$PATH:/system/bin"
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -F
iptables -t nat -F
iptables -X
iptables -t nat -A OUTPUT -o ppp0 -p 6 ! -d 10.132.25.254 -j REDIRECT --to-port 1025
u2nl 10.132.25.254 8080 127.0.0.1 1025 >/dev/null 2>&1 &
sh -c "sleep 5;kill `ps|grep nk.bla.android.autostart|grep -v grep|awk '{print $2}'`" &
exit 0
And here's the autostart.sh from Token's zip:
#!/system/bin/sh
export PROXYHOST=wap.mycricket.com
export PROXYPORT=8080
#you shouldn't have to edit anything below this line
export PATH="$PATH:/system/bin"
until netcfg|grep -v DOWN|awk '{print $1}'|grep -v wlan|grep -v lo >/dev/null 2>&1 ; do sleep 1 ; done
export INTERFACE=`netcfg|grep -v DOWN|awk '{print $1}'|grep -v wlan|grep -v lo`
export PROXYIP=`ping -c 1 $PROXYHOST|grep PING|cut -d\) -f1|cut -d\( -f2`
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -F
iptables -t nat -F
iptables -X
iptables -t nat -A OUTPUT -o $INTERFACE -p tcp -d 10/8 -j ACCEPT
iptables -t nat -A OUTPUT -o $INTERFACE -p tcp -d 172.16/12 -j ACCEPT
iptables -t nat -A OUTPUT -o $INTERFACE -p tcp -d 192.168/16 -j ACCEPT
iptables -t nat -A OUTPUT -o $INTERFACE -p tcp -j REDIRECT --to-port 1025
u2nl $PROXYIP $PROXYPORT 127.0.0.1 1025 >/dev/null 2>&1 &
sh -c "sleep 5;kill `ps|grep nk.bla.android.autostart|grep -v grep|awk '{print $2}'`" >/dev/null 2>&1 &
exit 0
It is insanely frustrating to be so close to a fully functional phone. Clearly I don't know enough to be able to create a good autostart.sh file. Any suggestions?
Bump....
Should I post this in the Droid X forum?
Finally managed to create an autostart.sh file that works for me as well as my fiancee's Droid 2. PM me if anyone needs it.
Sent from my DROIDX using XDA App
Droid X Cricket MMS not working
I've been having the same problem. I'm on the android $55 plan so that my wife gets faster speed. I'm using this link below but not using the ROMS. What other settings did you use to get it working? What plan are you on and what speed are you getting?
http://forum.xda-developers.com/showthread.php?t=881883
I just saw I had a bunch of PM's from people...I figured I would get notified via email about that, but I guess I should check that.
Sorry to anyone who's been waiting a while for this autostart file, but here it is. Just remove the .zip at the end of the file name. By the way, ever since I created this autostart file my MMS worked great. until about a week ago and then it stopped working on my Droid X and Droid 2 on the same day. Some other cricket users were having the same issue but I think we've got that fixed now.
I switched both phones to the $55 Android plan and made a couple quick changes which I posted here: http://forum.xda-developers.com/showthread.php?t=1010880&page=4
Obviously using the $55 Android plan I am no longer using austostart.sh and u2nl. If you want to try this, you don't have to flash a new ROM...just do the ##PROGRAM and APN settings.
autostart.sh
Will you please send me the autostart file that you created? This is to get the mms working on the Droid X? I am having a hard time with this and is very frustrating. And may I ask what you do with the autostart file? I downloaded the program but however it does not appear in my app list, I think it is saved somewhere on my sd card......Would you mind giving me a brief explanation on how this app and this file is supposed to work or what I am supposed to do with them? my email is [email protected]. thank you so much.
-amanda
dkranes said:
Finally managed to create an autostart.sh file that works for me as well as my fiancee's Droid 2. PM me if anyone needs it.
Sent from my DROIDX using XDA App
Click to expand...
Click to collapse
Flashed DX, now no data at all!, Reflashing help...
Hello-
I'm pretty good with electronics, I had a guy remotely flash my and my hubbys Droid X, everything was fine, my data went out a week ago, his is still fine. I lost the instuctions, the guy gave me to flash it, I still have the files on my computer, can anyone tell me how to use the files??? (Like a step by step guide)
Here are the Files I have on my computer:
TCPCom6 Setup
A folder called: Root22 and Files, with these files in it...
1. adb
2. Adbwinapi
3. Adbwinusbapi
4. Apps
5. DoRoot
I also have anycut on my phone already with APNS, but did those over and nothing.
I myself haven't done this before, but if I have instructions on these files than maybe, also I still have voice and wifi, but text and data are gone.
Don't know what to do, it's driving me crazy!!
Thanks in Advance!

[Q] Internet passthrough on Ubuntu

Hi guys,
I want to use my PC running on Ubuntu 12.04 64Bit to access the internet.
Usually in Windows i use the HTC tool.
my phone is not rooted.
thanks for help
??
39 views, 0 reply !!!!
Coz maybe the ones who viewed the thread didn't know a solution hence not answered
May be someone who uses Ubuntu world know...
Most of us user windows...
Sent from a Desire S waiting for Kernel 3. WAKE UP HTC!!!!
if u hv HTC sense on ur device, just tick the INTERNET PASS THROUGH option from the notification tab
and the system will do the rest
cheers
check out screenshot below
thanks for your replies
lynxnoon : yes I'v tried to do that, it will be connected to the PC but without internet connection.
ensure the adapters (esp the wired) are updated online and then try again.
Also ensure theres is pass through connection on ur fone and then try to browse with the in-built browser.
If all these still doesnt work then u have to find out if the internet service provider alllows tethering or the modem u r using.
cheers
Rabih-Sy said:
Hi guys,
I want to use my PC running on Ubuntu 12.04 64Bit to access the internet.
Usually in Windows i use the HTC tool.
my phone is not rooted.
thanks for help
Click to expand...
Click to collapse
When I connect my phone and choose internet passthrough, the phone chooses ip address in the 192.168.99.0/24. If yours creates a different subnet you will have to change below accordingly.
I hope this solves your problem.
Edit /etc/rc.local sudo nano /etc/rc.local and add the following:
echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward > /dev/null
iptables -P FORWARD ACCEPT
iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.99.0/24
iptables -A FORWARD -i eth0 -o usb0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i usb0 -o eth0 -j ACCEPT
#forward all dns queries from usb0 to google's dns server
iptables -t nat -I PREROUTING -i usb0 -p udp --dport 53 -j DNAT --to 8.8.8.8
then at terminal type:
sudo /etc/rc.local
that will get you connectivity, but it will be short lived because htc is stupid and will disconnect if it doesn't detect the winblows htc software crap.
So you will need to fake it out. Turns out the phone is listening for htc software on port 6000 for 00 02 00 00 hex.
first you have to find the ip address of your phone (if arp doesn't work or you get command not found, you probably need to sudo arp):
phoneip=$(arp -n | grep usb0 | awk 'BEGIN {FS=" "} {print $1}')
then you tell the phone that htc software is listening:
echo -n -e "\x00\x02\x00\x00" | nc $phoneip 6000 > /dev/null
To make that automagic each time us a script. Call it htcfaker or whatever:
#!/bin/bash
while :; do
phoneip=$(arp -n | grep usb0 | awk 'BEGIN {FS=" "} {print $1}')
while [ -z $phoneip ]; do
sleep 15
phoneip=$(arp -n | grep usb0 | awk 'BEGIN {FS=" "} {print $1}')
done
echo -n -e "\x00\x02\x00\x00" | nc $phoneip 6000 > /dev/null
while [ "$phoneip" != "" ]; do
sleep 15
phoneip=$(arp -n | grep usb0 | awk 'BEGIN {FS=" "} {print $1}')
done
done
Then in your startup applications, point to that script.
Hope it helps!
I'm using unrooted HTC Sensation XE and Ubuntu 12.04 64-Bits, with these scripts Internet Pass Through works beautifully!:laugh::good:
haz3lnut said:
When I connect my phone and choose internet passthrough, the phone chooses ip address in the 192.168.99.0/24. If yours creates a different subnet you will have to change below accordingly.
I hope this solves your problem.
Edit /etc/rc.local sudo nano /etc/rc.local and add the following:
echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward > /dev/null
iptables -P FORWARD ACCEPT
iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.99.0/24
iptables -A FORWARD -i eth0 -o usb0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i usb0 -o eth0 -j ACCEPT
#forward all dns queries from usb0 to google's dns server
iptables -t nat -I PREROUTING -i usb0 -p udp --dport 53 -j DNAT --to 8.8.8.8
then at terminal type:
sudo /etc/rc.local
that will get you connectivity, but it will be short lived because htc is stupid and will disconnect if it doesn't detect the winblows htc software crap.
So you will need to fake it out. Turns out the phone is listening for htc software on port 6000 for 00 02 00 00 hex.
first you have to find the ip address of your phone (if arp doesn't work or you get command not found, you probably need to sudo arp):
phoneip=$(arp -n | grep usb0 | awk 'BEGIN {FS=" "} {print $1}')
then you tell the phone that htc software is listening:
echo -n -e "\x00\x02\x00\x00" | nc $phoneip 6000 > /dev/null
To make that automagic each time us a script. Call it htcfaker or whatever:
#!/bin/bash
while :; do
phoneip=$(arp -n | grep usb0 | awk 'BEGIN {FS=" "} {print $1}')
while [ -z $phoneip ]; do
sleep 15
phoneip=$(arp -n | grep usb0 | awk 'BEGIN {FS=" "} {print $1}')
done
echo -n -e "\x00\x02\x00\x00" | nc $phoneip 6000 > /dev/null
while [ "$phoneip" != "" ]; do
sleep 15
phoneip=$(arp -n | grep usb0 | awk 'BEGIN {FS=" "} {print $1}')
done
done
Then in your startup applications, point to that script.
Hope it helps!
Click to expand...
Click to collapse
Did anyone experienced the problem that this stopped working after a day or so?
When I plug into the phone now it just wont give a ipv4 address therefore theres nothing to re-route through the pc?
Mine still working without any problem after 2 months. I can only suggest you to check 2 things:
Ensure your /etc/rc.local file is not changed due to any Ubuntu update
You have to run the "htcfaker" script in Terminal before plugging in your phone. Do not close this Terminal until you want to disconnect.
fruity12 said:
Did anyone experienced the problem that this stopped working after a day or so?
When I plug into the phone now it just wont give a ipv4 address therefore theres nothing to re-route through the pc?
Click to expand...
Click to collapse
iptables table 'nat' not found while running sudo /etc/rc.local script
ykkhern said:
Mine still working without any problem after 2 months. I can only suggest you to check 2 things:
Ensure your /etc/rc.local file is not changed due to any Ubuntu update
You have to run the "htcfaker" script in Terminal before plugging in your phone. Do not close this Terminal until you want to disconnect.
Click to expand...
Click to collapse
I have updated /etc/rc.local file but I'm getting below error what needs to be done? I'm newbie to Linux, neverthless tried to look into many forums but couldn't get it resolved.. Please help !!
Code:
[email protected]:~$ sudo /etc/rc.local
[sudo] password for anvyal:
iptables v1.4.18: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
Please let me know if any other info needs to be provided. Thanks in advance for your help !!
anvyal said:
I have updated /etc/rc.local file but I'm getting below error what needs to be done? I'm newbie to Linux, neverthless tried to look into many forums but couldn't get it resolved.. Please help !!
Code:
[email protected]:~$ sudo /etc/rc.local
[sudo] password for anvyal:
iptables v1.4.18: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
Please let me know if any other info needs to be provided. Thanks in advance for your help !!
Click to expand...
Click to collapse
Please check the following line in your /etc/rc.local:
iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.99.0/24
You have to change the IP subnet (highlighted in red font above) to match your phone's IP address. If your phone use 192.168.1.2 for example, then you'll have to change the IP subnet to 192.168.1.0/24.
To find your phone's IP address, first connect your phone to your PC in USB Tethering mode. Then on your PC side open a Terminal and issue the command "arp" (without the quotes) which shall give you the IP address of your phone.
Good luck!:laugh:
Script update required for recent phones?
This script didn't work for me on my M8 - the Sync hex data seems to have grown, and just passing the \x00\x02\x00\x00 string caused the pass through to immediately disconnect with failure message "Either you do not have the latest version of HTC Sync Manager installed, or another phone is already using Internet pass-through on your PC".
Changing the line in the script as below fixes it:
Code:
echo -n -e "\x00\x02\x00\x00" | nc $phoneip 6000 > /dev/null
Code:
echo -n -e "\x00\x02\x00\x00\x00\x03\x00\x00\x00\x05\x00\x00" | nc $phoneip 6000 > /dev/null
I got this from vc0528.tumblr.com/post/71168788542/simulate-htc-sync-manager-via-usb-on-linux-os, which also has the alternative Perl script, which works a treat too:
Code:
#!/usr/bin/perl
use IO::Socket::INET;
#6000/tcp open X11
do{
open IN,”/proc/net/arp”; @arp=<IN>; close IN;
@d=grep ! /00:00:00:00:00:00/,grep /0x2.*usb0/,@arp;
} until($d[0]);
$_=$d[0]; s/\ .*//; chomp; print “sock:\t$_\n”;
my $sock = IO::Socket::INET->new(PeerAddr => $_ , PeerPort => 6000, Type=>SOCK_STREAM, Proto=>”tcp”) or die “Can not create socket [email protected]\n”;
print $sock “\x00\x02\x00\x00”;
print $sock “\x00\x03\x00\x00”;
print $sock “\x00\x05\x00\x00”;
close $sock;
Finally, if it helps anyone, I was wanting to set up a wifi range extender and so my IPtables was:
Code:
-A FORWARD -i wlan1 -o usb0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i usb0 -o wlan1 -j ACCEPT

[Q] Fido LTE wifi hotspot not working on CM10/AOKP

Hey, anyone have the same problem as me? I can tether using HSPA, but when doesn't work on LTE.
I've tried in Sense based roms and LTE wifi hotspot works.
Which APN are you using!? I'm on fido using ltemobile.apn and its working for me on cm10.
Sent from my One X using xda app-developers app
Yes I am... ltemobile.apn is the only APN that can access lte. Which nightly are you on? I'm on Nov 7.
Nov 7th
Sent from my One X using xda app-developers app
I'm having the same problem as you -- on Rogers though (same thing as FIDO really).
HTC One X (evita) running CM10 -- LTE enabled, tethering does not work. Switch to HSPA(+), tethering works fine.
EDIT: I *just* upgraded to cm-10.0.0 (stable) and it behaves the same.
Same here, on Rogers. Both AOKP JB M1 and CM10 Stable do not give me an LTE signal while the same SIM will give me LTE if i used my RAZR HD.
Is it the ROM? because its never been a problem about a month ago.
Deus_eps_machina said:
Same here, on Rogers. Both AOKP JB M1 and CM10 Stable do not give me an LTE signal while the same SIM will give me LTE if i used my RAZR HD.
Is it the ROM? because its never been a problem about a month ago.
Click to expand...
Click to collapse
Are you saying you don't get LTE? Does it say 4g at the top?
Q: My signal strength says 4G. Why is there no LTE?
A: E=Edge, 3G = UMTS, H = HSPA/HSPA+, 4G = LTE
area51avenger said:
Are you saying you don't get LTE? Does it say 4g at the top?
Q: My signal strength says 4G. Why is there no LTE?
A: E=Edge, 3G = UMTS, H = HSPA/HSPA+, 4G = LTE
Click to expand...
Click to collapse
it says either 3G or H. In fact it flips between the two like i have never seen.
*#*#INFO#*#* trick doesnt work (WCDMA/GSM/LTE is selected), Apn is correct (LTE is selected).
this is actually getting annoying to be honest.
I just tried a very old CM10 nightly, and it still will not work even on that. Im going to go to a Sense ROM and give that a try. Maybe its AOSP?
Edit:
This is what I don't get: Sense ROMs work fine for it. I got LTE as soon as I booted it up (Viper). Stock Android ROMs don't work for it?
thedauntlessone said:
Hey, anyone have the same problem as me? I can tether using HSPA, but when doesn't work on LTE.
I've tried in Sense based roms and LTE wifi hotspot works.
Click to expand...
Click to collapse
Same for me. I'm guessing it is an issue with the CM10 ROM. I also had the same issue with AOKP. Right now using CM10 on Rogers. When i use the ltemobile.apn access point and i'm connected to 4G then the tethering will not share data with any device connected to the tether. If i switch back to rogers-core-appl1.apn which is the original 3g/H+ then it works fine.
Hi guys, I dont have a One X, but im on Rogers with a SGS3 and I have this same problem on cm10, so im thinking this is an AOSP issue. Please let us know if anyone finds a fix. thanks ^ ^
CM10 seems to have a bug, where LTE + hotspot doesn't add the required firewall rules.
You can execute the below (as root) with LTE + hotspot on to enable the correct forwarding.
Code:
iptables -A bw_FORWARD -i !lo+
iptables -A natctrl_FORWARD -j RETURN -i rmnet+ -o wlan0 -m state --state RELATED,ESTABLISHED
iptables -A natctrl_FORWARD -j DROP -i wlan0 -o rmnet+ -m state --state INVALID
iptables -A natctrl_FORWARD -j RETURN -i wlan0 -o rmnet+
iptables -A natctrl_FORWARD -j DROP
iptables -A natctrl_nat_POSTROUTING -t nat -o rmnet+ -j MASQUERADE
super_paws said:
CM10 seems to have a bug, where LTE + hotspot doesn't add the required firewall rules.
You can execute the below (as root) with LTE + hotspot on to enable the correct forwarding.
Code:
iptables -A bw_FORWARD -i !lo+
iptables -A natctrl_FORWARD -j RETURN -i rmnet+ -o wlan0 -m state --state RELATED,ESTABLISHED
iptables -A natctrl_FORWARD -j DROP -i wlan0 -o rmnet+ -m state --state INVALID
iptables -A natctrl_FORWARD -j RETURN -i wlan0 -o rmnet+
iptables -A natctrl_FORWARD -j DROP
iptables -A natctrl_nat_POSTROUTING -t nat -o rmnet+ -j MASQUERADE
Click to expand...
Click to collapse
awesome! confirmed working.
thanks very much
Would I have to do this every time I enable hotspot or once is enough?
Sent from my SAMSUNG-SGH-I747 using xda app-developers app
Epikarus said:
Would I have to do this every time I enable hotspot or once is enough?
Sent from my SAMSUNG-SGH-I747 using xda app-developers app
Click to expand...
Click to collapse
It will stick until a reboot. Note that when these rules are in place, any traffic originating from the wireless adapter can forward out any cellular radio connection.
It's not a pretty solution, but it works for the meantime.
usb tether?
Thank you very much for this! This works flawlessly on a Nexus 4 w/ Rogers LTE. Previously I had the same problem where I could only tether when I was on HSPA+.
Question: I would want to enable USB tethering as well. I tried substituting wlan0 with usb0 as the -o value, but that didn't work. Could you give some suggestions on how this could be done? It would be great if there's a way to route both usb and wlan to rmnet, but I would be happy if I could just get the USB tethering to work. Thanks in advance!
super_paws said:
CM10 seems to have a bug, where LTE + hotspot doesn't add the required firewall rules.
You can execute the below (as root) with LTE + hotspot on to enable the correct forwarding.
Code:
iptables -A bw_FORWARD -i !lo+
iptables -A natctrl_FORWARD -j RETURN -i rmnet+ -o wlan0 -m state --state RELATED,ESTABLISHED
iptables -A natctrl_FORWARD -j DROP -i wlan0 -o rmnet+ -m state --state INVALID
iptables -A natctrl_FORWARD -j RETURN -i wlan0 -o rmnet+
iptables -A natctrl_FORWARD -j DROP
iptables -A natctrl_nat_POSTROUTING -t nat -o rmnet+ -j MASQUERADE
Click to expand...
Click to collapse
Thanks for this! However, I have no clue how to input this code. Can anyone please kindly explain how and where I can enter this code?
Thanks!
super_paws said:
CM10 seems to have a bug, where LTE + hotspot doesn't add the required firewall rules.
You can execute the below (as root) with LTE + hotspot on to enable the correct forwarding.
Code:
iptables -A bw_FORWARD -i !lo+
iptables -A natctrl_FORWARD -j RETURN -i rmnet+ -o wlan0 -m state --state RELATED,ESTABLISHED
iptables -A natctrl_FORWARD -j DROP -i wlan0 -o rmnet+ -m state --state INVALID
iptables -A natctrl_FORWARD -j RETURN -i wlan0 -o rmnet+
iptables -A natctrl_FORWARD -j DROP
iptables -A natctrl_nat_POSTROUTING -t nat -o rmnet+ -j MASQUERADE
Click to expand...
Click to collapse
mango2209 said:
Thanks for this! However, I have no clue how to input this code. Can anyone please kindly explain how and where I can enter this code?
Thanks!
Click to expand...
Click to collapse
I use SSHDroid and SSH to my phone, then execute those commands.
But you could use the Terminal app too I'm sure.
super_paws said:
CM10 seems to have a bug, where LTE + hotspot doesn't add the required firewall rules.
You can execute the below (as root) with LTE + hotspot on to enable the correct forwarding.
Code:
iptables -A bw_FORWARD -i !lo+
iptables -A natctrl_FORWARD -j RETURN -i rmnet+ -o wlan0 -m state --state RELATED,ESTABLISHED
iptables -A natctrl_FORWARD -j DROP -i wlan0 -o rmnet+ -m state --state INVALID
iptables -A natctrl_FORWARD -j RETURN -i wlan0 -o rmnet+
iptables -A natctrl_FORWARD -j DROP
iptables -A natctrl_nat_POSTROUTING -t nat -o rmnet+ -j MASQUERADE
Click to expand...
Click to collapse
Hey super_paws, I linked this post in the CM10 thread so h8rift can take a look at it. Hope you don't mind.
super_paws said:
CM10 seems to have a bug, where LTE + hotspot doesn't add the required firewall rules.
You can execute the below (as root) with LTE + hotspot on to enable the correct forwarding.
Code:
iptables -A bw_FORWARD -i !lo+
iptables -A natctrl_FORWARD -j RETURN -i rmnet+ -o wlan0 -m state --state RELATED,ESTABLISHED
iptables -A natctrl_FORWARD -j DROP -i wlan0 -o rmnet+ -m state --state INVALID
iptables -A natctrl_FORWARD -j RETURN -i wlan0 -o rmnet+
iptables -A natctrl_FORWARD -j DROP
iptables -A natctrl_nat_POSTROUTING -t nat -o rmnet+ -j MASQUERADE
Click to expand...
Click to collapse
Can you get me the output of "adb shell netcfg" once LTE is active? This should be fixable by adding the correct LTE interface ID in the overlay.
How do I delete a post? I pressed the Edit/Delete, but there doesn't seem to be a delete option and just editing the message to blank doesn't work.

Reverse tethering.. it works but no DNS!

I've a Samsung S5 with CM12.1 + FakeWifi (Xposed).
I use the following script to reverse tether with ubuntu.
Code:
#!/bin/bash
ADB="adb"
# We need root on the host to mess with networking
if [[ $(whoami) != "root" ]]; then
echo "You must be root to run this script!"
exit 1
fi;
# We need root on the device to mess with networking
$ADB -d root
# Keep NetworkManager from messing with the adapter
grep 'usb0 inet manual' /etc/network/interfaces
if [ ! $? ]; then
echo 'Configuring usb0 for manual control'
echo 'iface usb0 inet manual' >> /etc/network/interfaces
restart network-manager
fi
echo 'Setting up usb networking on device'
$ADB -d shell 'ip addr add 192.168.200.2/30 dev rndis0;\
ip link set rndis0 up; \
ip route delete default; \
ip route add default via 192.168.200.1; \
setprop net.dns1 192.168.200.1'
echo 'Setting up usb interface on the host'
ip addr flush dev usb0
ip addr add 192.168.200.1/30 dev usb0
ip link set usb0 up
# Turn off the firewall if one is active
echo 'Checking for ufw firewall'
which ufw && ufw status || ufw disable
echo 'Enabling NAT and IP Forwarding'
# Start forwarding and nat (use existing default gw)
iptables -F -t nat
iptables -A POSTROUTING -t nat -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 'Starting dnsmasq'
dnsmasq --interface=usb0 --no-dhcp-interface=usb0
echo 'Connection is active! Press any key to shutdown.'
read
echo 'Attempting to shut down reverse tethering'
killall dnsmasq
ip link set usb0 down
iptables -F -t nat
echo 0 > /proc/sys/net/ipv4/ip_forward
echo 'Disabling usb networking on host'
$ADB shell ip route delete default
echo 'Disable and re-enable Wifi to return the device to normal'
Now the problem is that if I ping a public IP it works, but if I ping or curl the corresponding domain it fails "unknown host", "could not resolve".
What the heck should I do in order to make DNS working?
Thanks a lot for your help
Tsktsk said:
I've a Samsung S5 with CM12.1 + FakeWifi (Xposed).
I use the following script to reverse tether with ubuntu.
Code:
#!/bin/bash
ADB="adb"
# We need root on the host to mess with networking
if [[ $(whoami) != "root" ]]; then
echo "You must be root to run this script!"
exit 1
fi;
# We need root on the device to mess with networking
$ADB -d root
# Keep NetworkManager from messing with the adapter
grep 'usb0 inet manual' /etc/network/interfaces
if [ ! $? ]; then
echo 'Configuring usb0 for manual control'
echo 'iface usb0 inet manual' >> /etc/network/interfaces
restart network-manager
fi
echo 'Setting up usb networking on device'
$ADB -d shell 'ip addr add 192.168.200.2/30 dev rndis0;\
ip link set rndis0 up; \
ip route delete default; \
ip route add default via 192.168.200.1; \
setprop net.dns1 192.168.200.1'
echo 'Setting up usb interface on the host'
ip addr flush dev usb0
ip addr add 192.168.200.1/30 dev usb0
ip link set usb0 up
# Turn off the firewall if one is active
echo 'Checking for ufw firewall'
which ufw && ufw status || ufw disable
echo 'Enabling NAT and IP Forwarding'
# Start forwarding and nat (use existing default gw)
iptables -F -t nat
iptables -A POSTROUTING -t nat -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 'Starting dnsmasq'
dnsmasq --interface=usb0 --no-dhcp-interface=usb0
echo 'Connection is active! Press any key to shutdown.'
read
echo 'Attempting to shut down reverse tethering'
killall dnsmasq
ip link set usb0 down
iptables -F -t nat
echo 0 > /proc/sys/net/ipv4/ip_forward
echo 'Disabling usb networking on host'
$ADB shell ip route delete default
echo 'Disable and re-enable Wifi to return the device to normal'
Now the problem is that if I ping a public IP it works, but if I ping or curl the corresponding domain it fails "unknown host", "could not resolve".
What the heck should I do in order to make DNS working?
Thanks a lot for your help
Click to expand...
Click to collapse
Hi! Unfortunately, I have no idea on how to fix these issues, but if you'd be willing to try a different reverse tethering solution, you might want to try ReverseTethering NoRoot, an app I have developed. I have opened a dedicated thread over here: http://forum.xda-developers.com/android/apps-games/app-reversetethering-noroot-t3316716
Tsktsk said:
I've a Samsung S5 with CM12.1 + FakeWifi (Xposed).
I use the following script to reverse tether with ubuntu.
Code:
#!/bin/bash
ADB="adb"
# We need root on the host to mess with networking
if [[ $(whoami) != "root" ]]; then
echo "You must be root to run this script!"
exit 1
fi;
# We need root on the device to mess with networking
$ADB -d root
# Keep NetworkManager from messing with the adapter
grep 'usb0 inet manual' /etc/network/interfaces
if [ ! $? ]; then
echo 'Configuring usb0 for manual control'
echo 'iface usb0 inet manual' >> /etc/network/interfaces
restart network-manager
fi
echo 'Setting up usb networking on device'
$ADB -d shell 'ip addr add 192.168.200.2/30 dev rndis0;\
ip link set rndis0 up; \
ip route delete default; \
ip route add default via 192.168.200.1; \
setprop net.dns1 192.168.200.1'
echo 'Setting up usb interface on the host'
ip addr flush dev usb0
ip addr add 192.168.200.1/30 dev usb0
ip link set usb0 up
# Turn off the firewall if one is active
echo 'Checking for ufw firewall'
which ufw && ufw status || ufw disable
echo 'Enabling NAT and IP Forwarding'
# Start forwarding and nat (use existing default gw)
iptables -F -t nat
iptables -A POSTROUTING -t nat -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 'Starting dnsmasq'
dnsmasq --interface=usb0 --no-dhcp-interface=usb0
echo 'Connection is active! Press any key to shutdown.'
read
echo 'Attempting to shut down reverse tethering'
killall dnsmasq
ip link set usb0 down
iptables -F -t nat
echo 0 > /proc/sys/net/ipv4/ip_forward
echo 'Disabling usb networking on host'
$ADB shell ip route delete default
echo 'Disable and re-enable Wifi to return the device to normal'
Now the problem is that if I ping a public IP it works, but if I ping or curl the corresponding domain it fails "unknown host", "could not resolve".
What the heck should I do in order to make DNS working?
Thanks a lot for your help
Click to expand...
Click to collapse
Hi did you end up resolving this issue? I have the exact same problem. Can ping any site but DNS lookup fails. Then I installed DNSsetter app which allows me to change the dns server. Now I can do DNS lookups and it resolves correctly but none of the apps do not appear to be aware of the fact that the phone is using reverse USB tethering.

[Completed] How to OUTPUT only cellular data ... [remove this one please, moved my question]

Asked this question in now in General -> Networking as per advice from user Art Vandalay
volleb said:
Goal: Only allow outgoing cellular data to specific DNS servers and a specific webserver using cellular mode on rooted android device.
Android phone #1: VkWorld F1 (Chipset. MT6580) running Android 5.1
Android phone #2: HUAWEI Y560-L01 running Android 5.1
Active interfaces on Android #1 when cellular mode is on.
Code:
lo UP 127.0.0.1/8
ccmni0 UP x.x.x.x/x
Active interfaces on Android #2 when cellular mode is on.
Code:
lo UP 127.0.0.1/8
rmnet_data0 UP x.x.x.x/x
This is my current simple iptables for testing on Android #1 and #2
Code:
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -d 8.8.8.8 -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT //DNS
-A OUTPUT -d x.x.x.x -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT //webserver
-A OUTPUT -j DROP
These iptables rules works on Android device #2 or any Android phone that has 'rmnet' interface (from my own testing).
These iptables rules DO NOT work on Android device #1 or any Android phone that has 'ccmni' interface (from my own testing)
And if I add or change in my android #1 to
Code:
-A OUTPUT -o ccmni0 -d x.x.x.x -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT
it can NOT still contact the destination ip.
However if I add this line before the last -j DROP rule it works
Code:
iptables -A OUTPUT -o ccmni0 -j ACCEPT
but this allows ccmni interface to talk freely to any website and makes my dns and webserver rule pointless.
Once again:
Devices rmnet interfaces = rules works.
Devices with ccmni interfaces = rules do not work.
Click to expand...
Click to collapse
Hi,
Try posting your query in:
> General discussion > Networking
Experts there may be able to help you.
Good luck

Categories

Resources