TUN/TAP driver for openvpn available yet? - AT&T Samsung Galaxy S II Skyrocket SGH-I727

As the subject states, non of the current roms/kernels appear to have the TUN/TAP driver to run openvpn.
Side note.. ATT pissed me off today (okay so I had it coming for tethering but still..) So, new solution is to run openvpn and force all the traffic through my openvpn gateway, this will keep ATT from spying, and also prevent them from using TTL (still speculation, but one of the methods to detect tethering)

Just out of curiosity, how did you confirm that the TUN/TAP driver was non-existant or not operating properly on the skyrocket?
I'm in the midst of doing the same ... installing openvpn. I have the server set up on my home PC and verified through another laptop off-network. But I have problems when trying to run openvpn settings. Here is what I did:
1) Copied .ovpn file, ca.crt, client1.crt, client1.key, ta.key FROM server TO /sdcard/openvpn directory on skyrocket
2) Installed busybox
3) Installed openvpn installer
4) Installed openvpn using #3
5) Installed and opened openvpn settings
6) Under "OpenVPN Settings" I checked the box saying "OpenVPN"
7) Under "OpenVPN Configurations", I selected my .ovpn file's checkbox
8) The .ovpn checkbox immediately disables and I have no openvpn
Was your approach similar?

I just checked via lsmod. I did not bother going through the process of moving my config files from my captivate to the skyrocket.
Samsung does not include the tun/tap driver in the stock kernel, so it will require a custom kernel, or at least someone to create the module with the same libraries as the stock kernel and just the tun.ko module file to copy across to our current phones.

Actually TUN/TAP is compiled directly into the stock kernel and not compiled as a module so you won't find it with lsmod. You also don't need to do an insmod to use it. I'm running openvpn just fine in tap mode.
There IS a bug in the OpenVPN Installer though that requires you to have ifconfig and route in /system/xbin/bb. It won't work if you select anything else during the openvpn install.
Here's what I did...
Install busybox to /system/xbin
Install openvpn to /system/xbin and select /system/xbin/bb as the location of ifconfig/route
adb shell or use a terminal on the device and do a su.
mount -o rw,remount /dev/block/mmcblk0p24 /system
mkdir /system/xbin/bb
cd /system/xbin/bb
ln -s ../busybox ifconfig
ln -s ../busybox route
mount -o ro,remount /dev/block/mmcblk0p24 /system
Configure and start openvpn.

Good to know.
Will try it in abit, I tried to run openvpn, but it failed on the tun driver, which is why I stopped, but I did not link bb, will give that a try when I get a chance... stupid ATT busted me for unauthorized tethering again.. so cannot get my existing openvpn config from my server yet...

gtj0:
I tried the directions you provided but with using tun and no luck. I'll try and reconfigure my openvpn server to run tap and will try agian.
jvanbrecht:
let me know if you make any progress

plarser48 said:
gtj0:
I tried the directions you provided but with using tun and no luck. I'll try and reconfigure my openvpn server to run tap and will try agian.
jvanbrecht:
let me know if you make any progress
Click to expand...
Click to collapse
I just reconfigured my server over to tun mode and it's still working fine.
Can you try running openvpn from a command line and see what errors it spits out?
I.E. openvpn --config server.ovpn
Also can you check if /dev/tun exists?
edit.....
Here's my config...
client
dev tun0
proto udp
float
remote vpn.example.com 21194
resolv-retry infinite
nobind
persist-key
persist-tun
ca vpn.example.com.ca.crt
cert zzz.crt
key zzz.key
tls-auth vpn.example.com.ta.key 1
cipher AES-256-CBC
comp-lzo
verb 4
mute 20

plarser48 said:
gtj0:
I tried the directions you provided but with using tun and no luck. I'll try and reconfigure my openvpn server to run tap and will try agian.
jvanbrecht:
let me know if you make any progress
Click to expand...
Click to collapse
I had no problems getting it to work, I borrowed my co workers usb modem to pull down my configs from my old Captivate (I use ssl-admin and store the configs with the certificates in zip format).
The problem I am having at the moment is getting tethering to work while openvpn is running.
Laptop can talk to the phone (using wifi tethering, usb tethering kills the adb session, but I suspect it would work just fine), and phone can talk to the world, but laptop will not connect to the world.
The routes are in place, I checked the sysctl options, and ip forwarding is enabled. Just no traffic will pass... it is driving me nuts... heh.

Success for me too! Not sure what was wrong. The server was always working no problem and was always able to connect directly over home wifi from laptop. But I wasn't able to connect on the Skyrocket.
But I used gtj0's config file, changed the remote ip address/port, and worked perfectly. Thanks!
jvanbrecht: I haven't tried it with tethering yet and probably won't get to until at least a few days. Hope to be able to help by trying on my phone sometime soon.
Everyone: Any idea if it is better to run tun or tap for mobile phone openvpn? Regarding tethering, do both tap and tun hide detectable elements like TTL at the IP layer?
EDIT: VPN Not Porting Properly?
Hmm. It seems I am able to connect no problem and openvpn on the phone says it's connected. But when I go to www.whatismyip.com from my phone, it still says an AT&T address. I expected with openvpn running that it should show my home server ip address no? Also, openvpn on skyrocket indicates that it is connected as 10.3.0.6. But if I try to ping 10.3.0.6 from the server I get no response. Is that expected?

plarser48 said:
Success for me too! Not sure what was wrong. The server was always working no problem and was always able to connect directly over home wifi from laptop. But I wasn't able to connect on the Skyrocket.
But I used gtj0's config file, changed the remote ip address/port, and worked perfectly. Thanks!
jvanbrecht: I haven't tried it with tethering yet and probably won't get to until at least a few days. Hope to be able to help by trying on my phone sometime soon.
Everyone: Any idea if it is better to run tun or tap for mobile phone openvpn? Regarding tethering, do both tap and tun hide detectable elements like TTL at the IP layer?
EDIT: VPN Not Porting Properly?
Hmm. It seems I am able to connect no problem and openvpn on the phone says it's connected. But when I go to www whatismyip com from my phone, it still says an AT&T address. I expected with openvpn running that it should show my home server ip address no? Also, openvpn on skyrocket indicates that it is connected as 10.3.0.6. But if I try to ping 10.3.0.6 from the server I get no response. Is that expected?
Click to expand...
Click to collapse
TAP provides a bridged connection so broadcasts on the server's network are propagated across the connection. For network-to-network connections this may be needed for things like dhcp and windows networking. For end users, this usually isn't a good thing because it eats up bandwidth. TUN, which is routed instead of bridged, is the better way to go.
My config only routes traffic destined for the server's LAN over the vpn connection so the behavior you see with whatsmyip is normal. Check openvpn's config file paramters to make the vpn the default route for all traffic.

See my other post. I included my configs.
Just add redirect-gateway option to your client configuration, or the server side client configuration in the ccd directory.
I have everything working. As for what att will see. Only an encrypted tunnel initiated from you phone to your vpn server. Ttl, ip options etc will not be visible to att.
Sent from my SAMSUNG-SGH-I727 using XDA App

Cool thanks again. I'll try updating my configs and trying again tonight. I'm sure not being able to ping across the tunnel was probably a configure issue a well.

You also need the Client to Client option enabled if you want the openvpn server to advertise routes to other vpn client devices and their associated networks. That would be another reason why you cannot ping across the tunnel if you are trying to ping another vpn device.

jvanbrecht:
I'm not seeing your config files on the board here. I'm fairly new here so maybe I'm not looking at the right place. But I didn't see an attachment.

The configs are posted in my other thread.
http://forum.xda-developers.com/showthread.php?t=1378970

Thank you. I'll try out the details in that post. If I have any questions I am going to post over there from now on because that post is more closely aligned with my goal and thus more relevant.

Related

Connect G1 to ad hoc or usb to use pc internet

Hello. I have searched the forums but can't find a solution that works for me.
I need to connect my g1 to my laptop Wi-fi connection or at least via USB using adb shell. Can someone help me. I live in a country with very expensive 3g
data and cannot afford downloading apps. Any help will be appreciated.
I have rooted G1 with JF rc33
Why not get a wireless router?
/Mats
for example at work...
Edit : Nvm just reread ur post
Just get a wireless router or use the ad hoc thing for laptops, google search it
http://www.wi-fiplanet.com/tutorials/article.php/1451421
Пробвай това: http://junefabrics.com/android/index.php
Try this: http://junefabrics.com/android/index.php
;-)
Thanks
Well, getting a wireless router just to connect my G1 from time to time seems like a waste of money to me.I have read some articles about G1 and ad hoc networks and it seems that it is not possible at this moment to connect the device to a laptop. Actually I used to connect a PPC this way but the G1 won't even detect the ad hoc network i create. Well, if there isn't any other solution I guess the wireless router will be the last resort then. About PdaNET- i think it does just the opposite - it connects your PC to the internet using your phone. Isn't there any way to reverse teether using adb shell and usb cable?
Come on, is it really impossible to reverse tether using adb shell fo rexample, cant anyone with more knowledge give a solution please.
I was looking for something else and came across this post. I decided, even though it's ANCIENT, that someone might want to do the same, so I went to Google and searched for "Reverse tether G1 android". Within 5 minutes I had the answer.
http://androidcommunity.com/forums/291099-post8.html
It does require you to do a little command-line work on the G1 itself (or through ADB on the command prompt of the computer) but it appears it can be done.
HIH.
try this
Close any program that uses internet on your PC, connect your phone, turn on USB tethering. You would see a new virtual network adapter in your PC, enable internet sharing on that adapter as described in this article(hxxp://support.microsoft.com/kb/306126). The adapter's ip address would change to 192.168.0.1 with netmask of 255.255.255.0.
Then input the following codes line by line in your phone's terminal, you could download GScript(hxxp://code.google.com/p/gscript-android/) to do the job or just save it as a .sh file with 755 permission and run it when you want.
Code:
busybox ifconfig usb0 192.168.0.2 netmask 255.255.255.0
busybox route delete default
iptables -F
iptables -F -t nat
busybox route add default gw 192.168.0.1
setprop net.dns1 8.8.8.8
setprop "net.gprs.http-proxy" ""
You would need to keep your GPRS/Edge connection on to trick programs into thinking that you have an internet connection, but all your phone's data is now routed thru your PC. Confirm this by checking if the GPRS/Edge icon on the top has those up and down arrows in it.
And to disable this, you simply turn off USB tethering and restart your GPRS/Edge connection.
OMG I just replied a post of 23rd March 2009, 09:13 PM! Don't think axlastro is needing this anymore. lol
@test1943
nice, I have been looking for this but...
how do I disable this properly?
To "restart your GPRS/Edge connection" I put my phone into airplane mode and then back to normal but it still couldn't connect to the network?? so I just rebooted and now that works.
But now my phone isn't recognized by my pc when I plug in the usb??
Any help.
oops let me take that all back. reboot, re-plugin and pc finds my phone again. tested again and it works as described.
Sweet Thanks
can this be done using root explorer?
I don't think so.
I just used gscript lite (free on the market)
I saved the stuff from test1943 in notepad as USBTether.sh, copied to my sdcard into the gscript folder.
Open gscript, push menu > add script. Click load file and select the USBTether.sh.
Made sure su was checked and clicked save.
Created a shortcut on the homescreen for this script.
1. Enabled Usb Tether
2. ran script
3. ???
4. profit.
Sleeepy2 said:
@test1943
nice, I have been looking for this but...
how do I disable this properly?
To "restart your GPRS/Edge connection" I put my phone into airplane mode and then back to normal but it still couldn't connect to the network?? so I just rebooted and now that works.
But now my phone isn't recognized by my pc when I plug in the usb??
Any help.
oops let me take that all back. reboot, re-plugin and pc finds my phone again. tested again and it works as described.
Sweet Thanks
Click to expand...
Click to collapse
The easiest way to disable this(I think we could call it reverse USB tethering) was to use an APN switch, the "APN on-off Widget" in the market seems to do the job right. Turn off USB tethering, switch off APN, then switch on and you are good to go.
And Sleeepy2, how do you mean by "not recognized by my pc", is it in storage mode or debug mode?
plumppp said:
can this be done using root explorer?
Click to expand...
Click to collapse
I think he is referring to the root explorer by Gpc, a Taiwanese. Never used that app, but judging by its description it could turn on/off APN just like the "APN on-off Widget" did.
Sleeepy2 said:
I don't think so.
I just used gscript lite (free on the market)
I saved the stuff from test1943 in notepad as USBTether.sh, copied to my sdcard into the gscript folder.
Open gscript, push menu > add script. Click load file and select the USBTether.sh.
Made sure su was checked and clicked save.
Created a shortcut on the homescreen for this script.
1. Enabled Usb Tether
2. ran script
3. ???
4. profit.
Click to expand...
Click to collapse
ok thanks, gonna give it a try now
Edit: is this step necessary? im using vista and can't seem to find it.. can i skip it?
# Log on to the client computer as Administrator or as Owner.
# Click Start, and then click Control Panel.
# Click Network and Internet Connections.
# Click Network Connections.
# Right-click Local Area Connection, and then click Properties.
# Click the General tab, click Internet Protocol (TCP/IP) in the This connection uses the following items list, and then click Properties.
# In the Internet Protocol (TCP/IP) Properties dialog box, click Obtain an IP address automatically (if it is not already selected), and then click OK.
Note You can also assign a unique static IP address in the range of 192.168.0.2 to 192.168.0.254. For example, you can assign the following static IP address, subnet mask, and default gateway:
IP Address 192.168.0.2
Subnet mask 255.255.255.0
Default gateway 192.168.0.1
plumppp said:
ok thanks, gonna give it a try now
Edit: is this step necessary? im using vista and can't seem to find it.. can i skip it?
# Log on to the client computer as Administrator or as Owner.
# Click Start, and then click Control Panel.
# Click Network and Internet Connections.
# Click Network Connections.
# Right-click Local Area Connection, and then click Properties.
# Click the General tab, click Internet Protocol (TCP/IP) in the This connection uses the following items list, and then click Properties.
# In the Internet Protocol (TCP/IP) Properties dialog box, click Obtain an IP address automatically (if it is not already selected), and then click OK.
Note You can also assign a unique static IP address in the range of 192.168.0.2 to 192.168.0.254. For example, you can assign the following static IP address, subnet mask, and default gateway:
IP Address 192.168.0.2
Subnet mask 255.255.255.0
Default gateway 192.168.0.1
Click to expand...
Click to collapse
Sorry for the confusion, that article was for XP only. Check this one for Vista: hxxp://windows.microsoft.com/en-US/windows-vista/Using-ICS-Internet-Connection-Sharing
Notice: the network adapter you'll be working on should NOT be "Local Area Connection" because that's your PC's adapter. If you should have enabled USB tethering on your phone, you should see NEW one(i.e. it was not there before you turn on tethering), in my Windows 7, it was named "Local Area Connection 2".
test1943 said:
And Sleeepy2, how do you mean by "not recognized by my pc", is it in storage mode or debug mode?
Click to expand...
Click to collapse
I mean after disabling usb tether, unplug usb, then plug it back in. The pc did nothing. Didn't recognize that I even plugged it in. Must be something that I did because it works great now.
I just need to figure out how to us gscript to enable USB Tether then I can do it all with 1 shortcut.
Then another 1 to disable USB Tether, disable apn and then re-enable apn.
test1943 said:
Sorry for the confusion, that article was for XP only. Check this one for Vista: hxxp://windows.microsoft.com/en-US/windows-vista/Using-ICS-Internet-Connection-Sharing
Notice: the network adapter you'll be working on should NOT be "Local Area Connection" because that's your PC's adapter. If you should have enabled USB tethering on your phone, you should see NEW one(i.e. it was not there before you turn on tethering), in my Windows 7, it was named "Local Area Connection 2".
Click to expand...
Click to collapse
ok thanks, gonna try this again
Edit: sorry if im beginning to become an annoyance.. but when i run the script i get "stderrr Script execution failed" "no such process network is unreachable"
Su is checked, i also removed tex. and added sh
plumppp said:
ok thanks, gonna try this again
Edit: sorry if im beginning to become an annoyance.. but when i run the script i get "stderrr Script execution failed" "no such process network is unreachable"
Su is checked, i also removed tex. and added sh
Click to expand...
Click to collapse
Please type in each line to see which line produces error. And may I ask which ROM are you using? Remember to su first.
test1943 said:
Please type in each line to see which line produces error. And may I ask which ROM are you using? Remember to su first.
Click to expand...
Click to collapse
okay thanks again, i'll do it manually one at a time. i'm using cyanogen 307 nightly
Edit: okay.. i didn't even get pass the first line lol..
i'm assuming its the rom.. when typing "busybox ifconfig usb0 192.168.0.2 netmask 255.255.255.0"
i get: [ifconfig: socket: Permission denied]
which rom are you using?
plumppp said:
okay thanks again, i'll do it manually one at a time. i'm using cyanogen 307 nightly
Edit: okay.. i didn't even get pass the first line lol..
i'm assuming its the rom.. when typing "busybox ifconfig usb0 192.168.0.2 netmask 255.255.255.0"
i get: [ifconfig: socket: Permission denied]
which rom are you using?
Click to expand...
Click to collapse
That seems to be a root problem to me, does other root-required apps work right?

Join Bluetooth PAN as client? (reverse tether)

How can I join an Android device to a Bluetooth PAN (Personal Area Network) as a client? In some areas, the only internet connection available would be to tether it through another cell phone via bluetooth PAN (other phone has no wifi).
Solutions that require rooting or config file editing are OK.
I've searched alot, but all results are about going the other way - tethering other devices through the Android.
Soundman6 said:
How can I join an Android device to a Bluetooth PAN (Personal Area Network) as a client? In some areas, the only internet connection available would be to tether it through another cell phone via bluetooth PAN (other phone has no wifi).
Solutions that require rooting or config file editing are OK.
I've searched alot, but all results are about going the other way - tethering other devices through the Android.
Click to expand...
Click to collapse
It's Linux, man, all you need is setting network config I was using reverse tethering for some time, this is my script (run on PC):
Code:
sudo pand --listen --role NAP
adb shell pand --connect XX:XX:XX:XX:XX:XX
sudo ifconfig bnep0 192.168.101.1
adb shell ifconfig bnep0 down 192.168.101.2 up
adb shell route add default gw 192.168.101.1 dev bnep0
adb shell setprop net.dns1 192.168.101.1
Of course you should omit 1st and 3rd lines.
Are you sure second phone supports PAN connections, not DUN? PAN is quite complicated for phone, because it requires full NAT.
And you will have problems with Android Market and some other apps. Internet is configured at linux level, Android OS don't know about it, so if application asks: "Do we have internet connection?", Android replies: "No". Android Market will wait for connection even if there is one.
Brut.all said:
And you will have problems with Android Market and some other apps. Internet is configured at linux level, Android OS don't know about it, so if application asks: "Do we have internet connection?", Android replies: "No". Android Market will wait for connection even if there is one.
Click to expand...
Click to collapse
I believe that is a valid concern. Anyone know how to deal with this? Thanks.
Soundman6 said:
I believe that is a valid concern. Anyone know how to deal with this? Thanks.
Click to expand...
Click to collapse
But most of the apps don't check internet status and just use it - they will work. AFAIR I couldn't use Market, GTalk and syncing feature, but Browser, Gmail and many, many more was working.
If you have any WiFi device then you could connect Android to it. Even if it doesn't share internet connection, Android OS will think, that it does (but will use BT connection configured at linux level ) - then any app should work.
At work I got a laptop with windows XP, There's a wireless network but it's EAP secured and I can't connect to it with the phone (Motorola Milestone - Android 2.1).
Did you manage to make internet work through Bluetooth PAN? I just need to use the borwser, so It's not important if market or other apps don't work.
I have android sdk with adb on my laptop and terminal emulator with busybox on my phone. I'm kind of a newbie in this so some hints would be nice. I think many people like me would be gratefull
haxxy said:
Has anybody got it working?
At work I got a laptop with windows XP, There's a wireless network but it's EAP secured and I can't connect to it with the phone (Motorola Milestone - Android 2.1).
Did you manage to make internet work through Bluetooth PAN? I just need to use the borwser, so It's not important if market or other apps don't work.
I have android sdk with adb on my laptop and terminal emulator with busybox on my phone. I'm kind of a newbie in this so some hints would be nice. I think many people like me would be gratefull
Click to expand...
Click to collapse
And my first post was about what, you think? I don't use it now, but I was reverse-tethering through BT for several months, until I bought some data plan.
Above commands should work for you, but... they will let you connect your phone to PC, but I don't know, how to share internet connection on Windows XP. AFAIR I tried to do it, but failed.
There's a bluetooth network icon. I know it's possible to share the internet connection from my ethernet to the other network cards. So this should work also with the bluetooth network.
I will try the commands and see how it goes.
haxxy said:
it's possible to share the internet connection from my ethernet to the other network cards. So this should work also with the bluetooth network.
Click to expand...
Click to collapse
Unfortunately not ;-) It is a cost of easy-clicking-configuration that Windows has - it's very limited, don't work for BT connections. I guess there is some professional software for internet sharing on Windows, but I don't know one.
Brut.all said:
Unfortunately not ;-) It is a cost of easy-clicking-configuration that Windows has - it's very limited, don't work for BT connections. I guess there is some professional software for internet sharing on Windows, but I don't know one.
Click to expand...
Click to collapse
I did this with my symbian phone. I managed to share internet to the bluetooth network, but the phone had a bluetooth PAN profile that connected to my laptop.
No! Already I have a bluetooth network set up on my Ubuntu Laptop - pand is running and there is a dhcp server monitoring the interface. What I need is not the below advice, which are commands to run on the PC, but an application / utility / instructions for enabling BLUETOOTH PAN CLIENT on Android. That is what the original question was too! Anybody?
Paul Beardsell
Brut.all said:
It's Linux, man, all you need is setting network config I was using reverse tethering for some time, this is my script (run on PC):
Code:
sudo pand --listen --role NAP
adb shell pand --connect XX:XX:XX:XX:XX:XX
sudo ifconfig bnep0 192.168.101.1
adb shell ifconfig bnep0 down 192.168.101.2 up
adb shell route add default gw 192.168.101.1 dev bnep0
adb shell setprop net.dns1 192.168.101.1
Of course you should omit 1st and 3rd lines.
Are you sure second phone supports PAN connections, not DUN? PAN is quite complicated for phone, because it requires full NAT.
Click to expand...
Click to collapse
psb777 said:
What I need is not the below advice, which are commands to run on the PC, but an application / utility / instructions for enabling BLUETOOTH PAN CLIENT on Android.
Click to expand...
Click to collapse
4 of 6 lines of my instructions were for setting Android client: connecting, setting IP, routing and DNS. And yes, they are run on Android, not on PC - I thought you will notice "adb shell" prefixes... You can also use dhcpcd instead of last 3 lines, but if you don't understand, what are you doing, you will have problems anyway.
Maybe anyone with Froyo can confirm that there's still no official option for joining a Bluetooth PAN from Android there?
@Brut.all So I guess there's currently no way to kind of telling Android there's a configured connection on Linux level?
By the way, every Mac allows the creation of a Bluetooth PAN with one click so this would be my usage scenario ;-)
This seems like it should work, and indeed I can use a similar technique from an ubuntu laptop to connect to another device, but my HTC Hero doesn't seem to have hcitool or pand installed on it. I downloaded some prebuilt binaries for them but they don't seem to be able to access the bluetooth device:
# /data/tmp/pand --role PANU --connect 00:17:83:0F:0F:C7 -n
pand[5083]: Bluetooth PAN daemon version 3.36
pand[5083]: Connecting to 00:17:83:0F:0F:C7
pand[5083]: Connect to 00:17:83:0F:0F:C7 failed. No route to host(113)
Do all versions of Android come with pand and hcitool? I'm on 1.5 although I'll be reflashing to 2.1 soon.
"find / -name pand" yields no results
trphunk said:
Do all versions of Android come with pand and hcitool? I'm on 1.5 although I'll be reflashing to 2.1 soon.
Click to expand...
Click to collapse
No, it was added by rom cookers and I don't know how they did this. I think there are missing some kernel modules or something like that.
trphunk said:
This seems like it should work, and indeed I can use a similar technique from an ubuntu laptop to connect to another device, but my HTC Hero doesn't seem to have hcitool or pand installed on it. I downloaded some prebuilt binaries for them but they don't seem to be able to access the bluetooth device:
# /data/tmp/pand --role PANU --connect 00:17:83:0F:0F:C7 -n
pand[5083]: Bluetooth PAN daemon version 3.36
pand[5083]: Connecting to 00:17:83:0F:0F:C7
pand[5083]: Connect to 00:17:83:0F:0F:C7 failed. No route to host(113)
Do all versions of Android come with pand and hcitool? I'm on 1.5 although I'll be reflashing to 2.1 soon.
"find / -name pand" yields no results
Click to expand...
Click to collapse
Brut.all said:
No, it was added by rom cookers and I don't know how they did this. I think there are missing some kernel modules or something like that.
Click to expand...
Click to collapse
Thanks, I've got the FroydVillain ROM installed now and can confirm that it comes with pand and hcitool compiled and working.
Reverse tether does seem to work, the method that's worked for me has been to use:
Code:
pand --connect <remote BT device hex address>
ifconfig bnep0 down
dhcpcd bnep0
setprop net.dns1 8.8.8.8
This allows the device to access the internet, and you can ping www . google . com and get a response etc.
However, a lot of android apps (including the built-in google apps for gmail etc) use the ConnectivityService (see source code here) to access the net, and since this method of reverse tethering doesn't change the connectivity state within this service, those apps still believe that there is no internet connection on the device.
I can't see an easy way of "tricking" the ConnectivityService as it appears to have been hard coded to only cater for WIFI and 3G connectivity. So perhaps the only way is to rewrite it.
I've found a few cases of others going through the same issues online, although I think the getMobileDataEnabled return value is a red herring:
(I'm not allowed to post links, so you will need to add http : // www to these
superuser.com/questions/188636/close-connect-android-to-internet-using-usb-tether-through-laptops-newtwork
forceclose.com/questions/2669/connect-android-to-internet-using-usb-tether-through-laptops-newtwork
Looking at the code in ConnectivityService.java it seems that apps must subscribe to this service via getInstance() and then wait for a sendConnectedBroadcast() to occur, triggering them into action (e.g. the gmail app will attempt to sync to the gmail server etc).
Anyone got any ideas for an easier route than rewriting ConnectivityService.java to add an additional connectivity type?
Edit to add:
Found another related discussion at the following site. Seems to suggest modifying the ConnectivityService is the way to go:
comments.gmane.org/gmane.comp.handhelds.android.porting/12028
Based on the posts I've seen in this thread, I'm guessing I can't use BlueTooth PAN tethering from my rooted Dinc to provide internet access to a Samsung Galaxy Tab???
So has anyone tried to Bluetooth tether a Galaxy tab with a phone?
Thanks for this thread! I just successfully Tethered both internet+gps over bluetooth from my G1 to my AdventVega tablet.
For now I am using GScript lite with the following script commands:
Code:
pand --connect {my phones BT hex address}
ifconfig bnep0 down
dhcpcd bnep0
setprop net.dns1 8.8.8.8
dhcpcd bnep0
(for some reason the first dhcpcd command always says permission denied, but the last one always works)
So...
1) Get in to car with Android phone and Vega Tablet.
2) On phone: Enable GPS/Bluetooth, click GPS2Bluetooth widget button, click WiFi Tether (configure for BT), press to start tethering.
3) On tablet: Enable Bluetooth, click Bluetooth GPS Provider, click Start, click Back or Home, click GScript Lite, click "Connect to BT-PAN" (above script)
4) Run GoogleMaps/Navigation on tablet and enjoy using your tablet as the ultimate GPS navigation system (while streaming Pandora in the background)!
I am very happy. I just wish I could make step 2 & 3 be a single click instead of so many.
NOTE: Must have "Allow mock locations" enabled in Settings->Applications->Development
NOTE2: You must pair your phone and tablet in BT settings (it will never say "connected" though, which is fine)
I tried this, but still no connection between my android phone and the other phone. Is there some other method?

[Q] OpenVPN on HTC Thunderbolt Issue

Ok. I am no newb to tinkering with the inner workings of an android device. I have also worked with VPN before too. However Android and OpenVPN have me stumped. My old router (Linksys WRT54G) worked fine with a standard VPN set up in Windows XP, and the Android device (both my old Motorola Droid and current HTC Thunderbolt) connected right up no problem. However, My new router (Linksys WRVS4400N) is terrible when it comes to VPN, and the dang thing has a built VPN application supporting IPSec. I failed passing everything through to the standard windows VPN and I failed trying to use VPNC along with a supported tun.ko file. I now have attempted OpenVPN. I am new to OpenVPN (installed on Server 2003) and took from multiple online sources to configure it all.
That was the back story, sorry for it, but I thought it was necessary to explain my situation. Now for the issue. I have successfully connected to my OpenVPN server using the following:
- OpenVPN Installer Version 0.2.3
- OpenVPN Settings Version 0.4.7
- HTC Thunderbolt supported tun.ko
- - Running insmod /system/lib/modules/tun.ko from terminal emulator using su level permissions
- OpenVPN generated config files
The issue:
- OpenVPN Settings connects to my server and displays the following: "Connected to XX.X.XXX.XXX as"
- I am new to this, but I would imagine it should give me a IP address regestered on my network.
The question:
- Is this an issue with the way OpenVPN is configured on my server or is this an issue with my phone and the way its configured to connect to OpenVPN? Anyone ever encounter this? What are steps I can take from here?
** Please note: If this thread has been placed in the wrong forum, please advise where it should be started and I will do so accordingly. Thank you.

[Q] Connect to OpenVPN + pem certificate + tap device

I want to connect my android device (nexus 7 2013) to an openvpn server which is not administrated by me, meaning I have no access on the configuration.
On my windows7-pc, I do this with the windows version of openvpn, the provided settings file for the openvpn server and the also provided pem-certificate.
Since the server uses the tap device of openvpn, alternative clients like openvpn for android by arne schwabe[1] don't work (this app doesn't support tap).
Since I don't have a private key file (*.key), I cannot generate a p12-file[2] which could be imported by the official openvpn app[3].
The pem-fileformat is compatible to *.cer and *.crt, meaning, I can simply change the file extension to "convert" them. The crt-file can be imported by the android systems (security -> import), but this doesn't help openvpn as it seems to only use it's own certificates.
Any suggestions on how to achieve a successful connection?
[1]: play.google.com/store/apps/details?id=de.blinkt.openvpn
[2]: blog.max.berger.name/2010/01/pem-fromto-p12.html
[3]: play.google.com/store/apps/details?id=net.openvpn.openvpn
wifi
i think if you have ICS_P740AV1.0.0B07 + you can't find open hot spot and if you can see you can't connect.
Try to make one hostop secured with wpa2 and try it.
k0tsompakos said:
i think if you have ICS_P740AV1.0.0B07 + you can't find open hot spot and if you can see you can't connect.
Try to make one hostop secured with wpa2 and try it.
Click to expand...
Click to collapse
Whoa, i only understand half of it
I have android 4.3 JSS15Q rooted with flo (?). I have superSU and Busybox installed. I followed the default instructions of the nexus root toolkit. My wifi is connected for sure, but it has blocked ports (which is the reason for all this). However, since I'm failing at an earlier stage, and, since it works from my pc from the same network with the same openvpn on the same ports I suppose the error is not in the network settings...
The wifi i'm connected to has wpa2+pkip etc. but I'm not sure how this is relevant...
rom
you have installed a custom rom?
you have try to enable and disable airplane mode?
you have data conenction?
k0tsompakos said:
you have installed a custom rom?
you have try to enable and disable airplane mode?
you have data conenction?
Click to expand...
Click to collapse
I have stock android rooted. I only have wifi and the connection works perfectly, I tried rebooting the device, I consider this counts as "dis/enable airplane mode". I have good wifi signal strength.
I have no issues accessing websites over port 80/443, only the blocked ports don't work. The openvpn server is reachable on port 443 (it works from my pc).
Hello,
did you ever manage to solve this? I'm looking to configure my nexus 7 2013 to connect to an OpenVPN server using TAP and it doesn't seem to be working. I'm using OpenVPN settings with certificate-based authentification. I'm able to connect to my server, however I don't get a local IP address assigned and when I browse the internet, my IP is still showing up as from the original connection instead of the VPN endpoint. Computers with windows 7 can connect to the server no-problem and all their traffic is directed to the tunnel. Any ideas for guides and walkthroughs?
Thanks. Any help is very much appreciated.

Solution to Tethering + OpenVPN issues on KitKat/4.4

I was previously using a stock rooted Nexus 4 (with 4.3) with "OpenVPN Connect" (net.openvpn.openvpn) and android built-in wifi tethering to tunnel tethered clients through the OpenVPN connection. This required some iptables modifications but worked fine.
With a stock rooted Nexus 5 (with 4.4.0) and OpenVPN Connect 1.1.12, this stopped working and that was really annoying.
Part of the issue was the one described here
But it was more complicated. It seems that there are routing table issues that I had to research a bunch.
Here are the iptables commands that I already had to run even on the Nexus 4 (with 4.3), which I got from here
Code:
iptables -t filter -F FORWARD
iptables -t nat -F POSTROUTING
iptables -t filter -I FORWARD -j ACCEPT
iptables -t nat -I POSTROUTING -j MASQUERADE
These (above) are somewhat liberal firewall rules that you may what to refine for more security.
But below are additional routing entries that I needed to add specifically for the Nexus 5 (with 4.4.0). They force tethered clients to route through the VPN, unless their traffic is a broadcast or designated for the wifi LAN. Those exceptions are required for DHCP to work on the tethered client. They assume the tethered LAN is 192.168.43.XYZ and the OpenVPN interface is tun0.
Code:
ip rule add from 192.168.43.0/24 lookup 61
ip route add default dev tun0 scope link table 61
ip route add 192.168.43.0/24 dev wlan0 scope link table 61
ip route add broadcast 255.255.255.255 dev wlan0 scope link table 61
This seems to all work best if I start OpenVPN after activating tethering, not before.
I'm not entirely clear whether this is a result of some change/bug in KitKat, or an incompatibility in "OpenVPN Connect", or both. I wonder if it would work ok with other OpenVPN clients like "OpenVPN for Android" (de.blinkt.openvpn)
Other Notes:
* Server is OpenVPN 2.3.2
* Server has this line set in its config:
Code:
push "redirect-gateway autolocal def1"
Running android 4.4.2 google stock image with SuperSU on LG Nexus 4. These routing commands worked great and allowed me to tunnel all WiFi tethered traffic through my VPN. Thanks for figuring this out it was bugging me!
Im stock 4.4.2 no root or anything just pure stock i download install openvpn from google play and imported my config files click connect then open PDAnet connect and the Ip is changed.
OK, so I'm having a bit of trouble understanding and implementing the fix for my nexus 5. I've already got WiFi tethering working through the sqlite db fix but now I can't get my connection to work when my VPN (PIA official app) is broadcasting. These commands you're sending, are they done on the phone terminal or computer and is that EXACTLY how theyre being entered. For rules in red where would I find the IP I would use. Thanks guys Id really appreciate any help given.
Worked!
scootley said:
This seems to all work best if I start OpenVPN after activating tethering, not before.
Click to expand...
Click to collapse
Thanks scootley! These worked me on 4.3. I activated my hotspot before OpenVPN, but I used
Code:
iptables --flush
first before entering your commands. Seems to help. My OpenVPN server config also has the following in addition to push redirect:
Code:
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "redirect-gateway autolocal def1"
Jrock2t5 said:
OK, so I'm having a bit of trouble understanding and implementing the fix for my nexus 5. I've already got WiFi tethering working through the sqlite db fix but now I can't get my connection to work when my VPN (PIA official app) is broadcasting. These commands you're sending, are they done on the phone terminal or computer and is that EXACTLY how theyre being entered. For rules in red where would I find the IP I would use. Thanks guys Id really appreciate any help given.
Click to expand...
Click to collapse
These commands are entered on the phone. You can download Terminal Emulator or something similar through the app store.
First make sure you're connect to your hotspot from your computer. Next, let's find your local IP address. Here are the instructions for Windows:
Click on the Start menu and type cmd. When you see the cmd applications in Start menu panel, click it or just press enter.
A command line window will open. Type ipconfig and press enter.
You'll see a bunch of information, but the line you want to look for is "IPv4 Address." The number across from that text is your local IP address.
Here's how to do the same thing on a Mac:
Open System Preferences (via the Apple menu at the top lefthand corner of your screen).
When System Preferences opens, click on the icon labeled Network.
You should see a few options on the left with labels like Wi-Fi, Ethernet, Bluetooth, etc. The ones with green dots have IP addresses assigned to them. Click the one on top (if it isn't already selected) and look to the right. There should be a sentence that reads something like "Wi-Fi is connected to Chocolate and has the IP address 192.168.1.102." The number at the end of that sentence is your local IP address.
Thanks for this thread, I've nearly got tethering working through Private Internet Access/Open VPN.
When running the commands
Code:
ip rule add from 192.168.43.0/24 lookup 61
ip route add default dev tun0 scope link table 61
ip route add 192.168.43.0/24 dev wlan0 scope link table 61
ip route add broadcast 255.255.255.255 dev wlan0 scope link table 61
i get an error "RTNETLINK answers: File exists"
I tethered up while connected to the VPN and could ping out to external IP addresses but no DNS resolution. So in my windows settings I manually specified DNS settings and can now browse the web through the VPN on my Galaxy s4!
But how do I fix the DNS issue? I want the clients that connect to pick up the DNS settings that actually work, without having to manually specify.
Thanks for any help
Vpn problem
Hi I havent tried the above options..yet
I have a sgs3 sgh-t999 . a comercial vpn account with the xxx.ovpn cert files.
after getting the details entered into open vpn and importing the cert file all is good untill I go to connect [see attachment]
phone is v4.3, baseband mjc, kernel v 3.0.31, rom S3rx v3.0 1-27-14
any suggestions on how to proceed?
RXP said:
Thanks for this thread, I've nearly got tethering working through Private Internet Access/Open VPN.
When running the commands
Code:
ip rule add from 192.168.43.0/24 lookup 61
ip route add default dev tun0 scope link table 61
ip route add 192.168.43.0/24 dev wlan0 scope link table 61
ip route add broadcast 255.255.255.255 dev wlan0 scope link table 61
i get an error "RTNETLINK answers: File exists"
I tethered up while connected to the VPN and could ping out to external IP addresses but no DNS resolution. So in my windows settings I manually specified DNS settings and can now browse the web through the VPN on my Galaxy s4!
But how do I fix the DNS issue? I want the clients that connect to pick up the DNS settings that actually work, without having to manually specify.
Thanks for any help
Click to expand...
Click to collapse
1) RTNETLINK answers: File exists
This just means you already ran the command before during this reboot session and it's saved into the route table. If you restart your phone, and run the commands again, it will go through first time, but repeated commands will yield same error. Should be normal. Table clears on reboot.
2) Please see the thread at http://forum.xda-developers.com/galaxy-s2/help/solved-wifi-hotspot-issue-samsung-t1689242
It seems like in order for OpenVPN DNS push to work, you have to change your APN settings on your phone to have it automatically register and push out to your other devices. I had the same problem and came across this during a search.
Massive thanks to the OP for posting this here and to everyone helping out in this thread.
The above rules route wifi tethered traffic via the vpn but I was wondering if there are similar rules to route usb tether too?
Cheers
It seems to work once, but when Data connection is lost or openvpn reconnects, wifi tathering stops working, need to do everything again (switch all off, connect to 3G, vpn, create wifi hotspot and apply fix script). And somehow DNS doesn't work. Tryed on Galaxy S5, LG L70, both on 4.4.2
But in general, this workaround is working, just needs a little bit of tweaking
This is fantastic.
For those of you using VPN on your phone as well, does it seem to stay connected? My VPN (OpenVPN) was flawless on 4.3 ... I mean smooth as ice with no disconnects.
When I upgraded to Kitkat, I wanted to immediately hide in a hole from embarrassment. Only after trying to connect and stay connected did I start to read around to check what the heck was going on. Biggest mistake ever. But then again, who would have thought right? I mean come on...who would have thought it would make using VPN a nightmare after an update that's suppose to be improved? Whatever...
Anyhow, lesson learned. Now I'm waiting desperately for someone to figure out how to downgrade from 4.4 back to 4.3 and/or to find a patch/fix for this issue so we don't have to run a script on every boot or reset.
At the end of the day, at least there is a solution thanks to folks like you. Kudos to the OP and everyone else who has contributed to the work around...for the time being lets hope...
:good:
For anyone interested, I played with the commands to have it work over a USB tether instead of Wifi. Why? Because my battery life stinks and this way my phone is charging also. What the heck. works great.
The only change was in the two spots where it has "wlan0" change them to "usb0". Another change was that the subnet of the USB connection is 192.168.42.0/24 (versus 192.168.43.0/24 on wifi). I get it working in this order:
1) reboot phone (to make sure to other lingering route tables are wiped out
2) turn off wifi
3) establish VPN connection
4) start USB tethering (and have your phone usb connected to your computer
5) After eveything is hooked up, open a terminal window, make sure you have superuser access (su) and execute the commands below. I just have them saved in a text file on my phone's sd card, copy them and just paste them all at once into the terminal window. Haven't figured out how to get this to run automatically using init.d (yet - assuming you can because upon phone reboot, I have to assuming that it will spit out errors because the tun0 and usb0 devices will not exist!)
iptables -t filter -F FORWARD
iptables -t nat -F POSTROUTING
iptables -t filter -I FORWARD -j ACCEPT
iptables -t nat -I POSTROUTING -j MASQUERADE
ip rule add from 192.168.42.0/24 lookup 61
ip route add default dev tun0 scope link table 61
ip route add 192.168.42.0/24 dev usb0 scope link table 61
ip route add broadcast 255.255.255.255 dev usb0 scope link table 61
Vpn api delete route joy downgraded
@grogargh
Have you tried Tasker, run shell
To run after booting [or from widget or otherwise]
http://forum.xda-developers.com/showthread.php?t=1110775

Categories

Resources