[APP][2.3.5+][1.14 - 12/21/2014] DnsQache: Custom DNS + HTTP(S) Proxy
Code:
*** Disclamer: Read the [URL="http://forum.xda-developers.com/showpost.php?p=48623656&postcount=2"]DISCLAIMER[/URL] file before committing to the use of this application.
Introduction
DnsQache is a custom DNS provider and content proxy manager for root enabled users. It enables the use of custom DNS name servers and content caching as well as HTTP/HTTPS Proxy and caching for Android Rooted phones. The serices provided by DnsQache can significantly accelerate Internet browsing and generally any access to network services, especially for those using tethering facilities provided by many ROMs.
Click to expand...
Click to collapse
Images
Coming soon ...
Click to expand...
Click to collapse
Installation instructions
** PREREQUISITES **
1) A rooted Android phone with busybox -- you should know how to, and have already, rooted your phone and get busybox operational on the same phone;
2) Your phone's kernel must be netfilter-enabled (most stock kernels support netfilter (IPTABLES), but it's a good idea to check to be sure);
3) If using Harry Mue's and Sofia Lemons' wifi tether application, assure you use a version released after July 18, 2013.
Custom DNS Provider and Query Caching
To use the program for just DNS caching and redirection, install and start the program. Thereafter, check the options in the "System|Settings: DNS" menu and tune to your liking.
The DNS cache is implemented via dnsmasq and is always active when DnsQache is active. For Android versions lower than Jelly Bean, the application manages the network settings (e.g., system properties and /etc/resolv.conf) so that all DNS requests resolve via the local dnsmasq server.
For Android versions Jelly Bean and higher, the application sets rules via IPTABLES (http://www.netfilter.org/projects/iptables/) to redirect all DNS requests to the local dnsmasq server. In that way, DNS caching is always active when DnsQache is active. This is true whether or not the phone is being used for tethering.
For users of the fantastic Android Wifi Tether application (https://code.google.com/p/android-wifi-tether), the authors of that application, on Jul 18, 2013, merged in code fixes submitted by the author of this program that prevents the wifi-tether application from listening on the
localhost interface, which is required for DNS caching and not used by wifi-tether. To assure you are using the version of code in which that 'fix' exists, you should be using wifi_tether_v3_4-experimental1.apk or higher (see https://code.google.com/p/android-wifi-tether/downloads/list). Tethered users gain the benefit of dns caching as well as proxy services provided by DnsQache.
At first, it may be a good idea to turn on 'Log Queries' in the DNS settings. That will allow you to view all DNS queries made by your phone and the endpoint to which the queries were redirected. To see those, you can use logcat (or an application that displays the same) or use the "System|View Log" menu, the latter of which will take a snapshot of the existing logcat log as it relates to dnsmasq and present the information. If no log shows (e.g., the log says the log file is not available), then it means you did not turn on Log Queries and restart the service, or the service failed due to bad settings. The most common issue there is if you use custom IP addresses for the DNS name servers and dnsmasq ultimately fails to start due to such configuration error.
Using the HTTP/HTTPS Proxy
Generally, for proxy use, clients (your laptop for example) can connect via wifi to your phone, when tethering, and get access to the internet using the mobile connection (4G, 3G, 2G) of your phone. That may occur through custom ROMs as native hotspot or via the wifi-tether application. When DnsQache is active, custom DNS name servers and caching is automatically enabled for tethered users as well as the phone.
To use proxy services, chech the values in the "System|Settings: Proxy" menu. Once saved, the options will take effect only after the service is (re)started. To restart, simply 'stop' and 'start' the DnsQache service. To do that, return to the main page of the app and the big 'DQ' will be either green or grey. If grey, it means the service is not currently running, so just touch the DQ to start it. If green (and you need to restart), just touch the DQ and give it time to shut down (goes grey) and touch it again (start).
The Proxy settings allow for the use of either polipo (http://www.pps.univ-paris-diderot.fr/~jch/software/polipo/) or tinyproxy (https://banu.com/tinyproxy/). Tinyproxy does not perform page caching, as does polipo, so the general preference ends up use of polipo.
The settings require that you to specify one or more CIDR ranges for client addresses allowed to connect to the proxy. The CIDRs of interest generally are the network addresses (e.g., 172.20.21.0/24) of your mobile hotspot (tether) network. You can view that in your phone settings, or the settings of your wifi-tether application. DnsQache sets the proxy connection port to 3128, so any client you want to proxy *must* set the proxy port to 3128. A later release will allow changing the port.
To have tethered users go through the proxy instead of directly NATed connection through the phone, the tethered user must set their device (computer, et al) to use a proxy. Set the proxy settings to use the IP address of your tethering gateway (the IP address of your wifi when tethering -- usually that is the ".1" address of the CIDR you specified for your client addresses for tethering or mobile hotspot application). As noted, when using the polipo proxy, proxy caching of content takes place on the phone, though secured pages (HTTPS) should not end up cached.
Click to expand...
Click to collapse
Download
Download links are below in the Disclaimer Post, after the disclaimer (which you should read). That post will be kept up to date and includes the legal necessities with distributing an application.
** Source Code **
The sources for the application are available on GitHub -- feel free to fork it and send pull requests as you see fit.
Click to expand...
Click to collapse
Changelog
Recent Updates -- see Changelog post below.
Click to expand...
Click to collapse
FAQ
Trying to figure out what to set for the maximum DNS cache size?
A nice rule of thumb is try 200 or 300 on JB and above, see how that works for you. On older Android (less than Jelly Bean), give it some room, like 1000, and see how that works, tune if necessary. The cache data is not all that much, so you're not stealing all that much RAM. Read more about that in this post if you're interested.
Click to expand...
Click to collapse
Thanks To/Credits
The author of this program would like to thank Harry Mue and Sofia Lemons for the fantastic Android Wifi Tether application for its use in both using that application and and in learning Android. Some of the code in DnsQache borrow from ideas and indeed implementation from Harry's and Sofia's code base, therefore this body of code carries his license and Copyright (duly noted in the DISCLAIMER.txt and the code, where appropriate).
The front page, and indeed the service layer code was inspired by, and to some extent, borrows from the venerable android-wifi-tether project originally authored by Harry Mue ([email protected]) and Sofia Lemons. While so inspired, obviously DnsQache is different in its nature and thus the code is quite different as a whole. Still -- reading and contributing to Harry's and Sofia's code was what got things rolling, so that body of work deserves significant mention, and that exists also in the sources.
Click to expand...
Click to collapse
XDA:DevDB Information
DnsQache, App for the Apps & Games
Contributors
tdhite
Source Code: https://github.com/Android-Apps/DnsQache
Version Information
Status: Stable
Current Stable Version: 1.14
Stable Release Date: 2014-12-21
Created 2014-12-21
Last Updated 2014-12-21
Reserved
Disclaimer and Download Link
*** Legal Disclaimer -- READ ALL OF THE FOLLOWING ***
The Download Links Are After This Disclaimer Information
If you use the software, or convey it to someone else, you and all subsequent conveyees are bound by the following:
This work is partially based on the work by Harry Mue and Sofia Lemons (mailto: [email protected]) as it relates to Service management Though only a minor basis, DnsQache none the less acknowledges that body of work, and carries all of the disclaimers also inherent therein. See https://code.google.com/p/android-wifi-tether/ for more.
LEGAL DISCLAIMERS AND ASSUMPTION OF THE RISK BY THE USER OF THIS PROGRAM
Assumption of the Risk of Use
YOU ASSUME, AND AGREE TO ASSUME, ALL THE RISK OF HARM BY USING THIS PROGRAM. THIS PROGRAM MAY VOID YOUR WARRANTY WITH A THIRD PARTY, IT MAY IMPROPERLY OPERATE AND DAMAGE YOUR DEVICE, IT MAY CAUSE ANY MYRIAD OF HARMFUL OUTCOMES REGARDING YOUR DEVICE OR THE USE OF THE DEVICE ON WHICH IT GETS INSTALLED. YOU ACKNOWLEDGE THAT YOU ARE AWARE OF THOSE RISKS, UNDERSTAND THOSE RISKS, AND VOLUNTARILY AND INTELLIGENTLY ELECT TO ENGAGE THOSE RISKS BY USING THE PROGRAM.
Disclaimer of Warranty
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME ALL LIABILITY AND AGREE THAT IN NO EVENT WILL YOU SEEK ANY FORM OF RECOMPENSE, WHETHER LEGAL OR EQUITABLE, INCLUDING BUT NOT LIMITED TO NECESSARY SERVICING, REPAIR, CORRECTION OR OTHERWISE.
Limitation of Liability
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS THE PROGRAM, PERMITTED OR NOT, BE LIABLE TO YOU FOR LEGAL DAMAGES OR EQUITABLE RELIEF, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Click to expand...
Click to collapse
DOWNLOAD LINKS:
DnsQache 1.14 - PIE (Lollipop) Support
MD5 Checksum: c4939d4a8f09e66ce9ea8645a6499f97
DnsQache 1.13
MD5 Checksum: 3549c7732613e3a0963f15efb0cf3562
Version 0.85 (for pre-Android 3.0 users): dnsqache.apk
MD5 Checksum: f05161d291ec47ca1fbed95a10356908 dnsqache.apk
Change Logs
DnsQache Version Notes
DICLAIMER (always read disclaimers)!
ChangLog:
Version: 1.14
Underlying service (native) apps now position independent executables (PIE) for Lollipop support.
If any of the services (dnsmasq, polipo, tinyproxy) fail to load, use v1.13 and please post a report of the problem and a logcat if possible.
Previous Releases:
Version: 1.13
Removed unnecessary DNS resetting for certain network connectivity changes. This drastically reduces su access Toast messages and restarts of the dns caching service.
Includes all other enhancements/fixes to date (click the button below to see historical change logs).
Use this version if you have problems with the latest PIE (Lollipop) supporting version.
Version: 1.12 Alpha
Fixed Custom DNS Preferences Settings to allow manual override of Multi-Country selection. Just select 'None" as the Country and then manually set the custom providers. Error checking lacks at this moment, so be careful to enter valid IP addresses.
Custom DNS Provider lists now sort based on city and secondarily by country. Note that not all entries have city data -- those will appear first so it's "anyone's guess" as to the city in which those DNS servers actually exist. Just scroll down to find specific cities if you prefer to know.
Includes all enhancements/fixes to date.
Version: 1.1 Alpha
New facilities to download world-wide DNS server lists for use as Custom DNS Setting.
Minor bug fixes (e.g., cosmetic).
All nhancements/fixes to date.
Version: 1.07
Includes all enhancements/fixes to date.
Added custom DNS Provider option.
Fixed DNS log display.
Version: 1.0 Beta (RC5)
Includes all enhancements/fixes from RC4.
Fixed cache size resetting to 200.
Version: 1.0 Beta (RC4)
Includes all enhancements/fixes from RC2 (RC3 was a bust!).
Fixed failures in setting DNS providers when changed.
Fixed text not syncing with status on main UI page.
Version: 1.0 Beta (RC2)
New version -- beta 1.0, release candidate 2.
Fixed failures to start on boot.
New UI (requires Android 3.x or above).
*Many* settings surfaced to tightly control Polipo and TinyProxy
Version: 0.81
Fixed polipo not starting with default settings.
Changed keyboard on proxy settings page when editing the allowed CIDRS. Now allows multiple CIDRS as comma separated. For example: 172.20.21.0/24, 192.168.1.0/24
Slipstreamed in a fix for the version bump (download link updated)
Version 0.82
Fixed bug where the DNS cache size was resetting to 0 (disabled cache)
Note: The reparation of this fix will likely cause a single reset of your cache size setting to change to 200 when you start the DnsQache service. Just reset the value to your liking, and stop/start the DnsQache service. After that initial 'reset' the program should operate normally in this regard.
Before sending a bug post on this issue, please assure you verify you have version 0.82 of the program, and also that you've cycled through the initial reset mentioned above.
Version 0.83
Modified IPTABLES and process model due to some ROMs killing dnsmasq processes other than the ROMs own, or otherwise refusing to start if another program is listening on port 53. DnsQache now listens on port 5353 for DNS requests and redirects all network interface requests destined for port 53 to DnsQache port 5353. DnsQache, of course, allows itself to send requests out port 53 to the custom DNS entries.
Before sending a bug post on this issue, please assure you verify you have version 0.83 of the program, and also that you've cycled through the initial reset mentioned above.
Version 0.84
Added About and Donate Views;
Fixed DNS cache size resetting to default on reboot of phone;
Note: Due to the nature of the cache resetting, in rare cases, the configuration files for the underlying dnsmasq may contain an invalid value, which can cause dnsmasq to fail to start. If you experience connection failures after updating, please do the following: stop the DnsQache service; clear the DnsQache applications data (to do that, go to your application manager and select "Clear Data." Another method is to simply uninstall the old version of DnsQache prior to installing this upgrade); run DnsQache and configure the settings to your liking; start the DnsQache service (hit that big DQ and make it go Green!).
Note: When upgrading with new dnsqache.apk files, you should (really, really should) stop the DnsQache service (the big DQ turns grey when the service is off); install the dnsqache.apk; then check settings (installs may overwrite some settings); finally restart the service.
whow!
android404 said:
whow!
Click to expand...
Click to collapse
Hope you like it. Let me know how it goes.
@tdhite first of all,great work! there is only oneappsimilar to yours.
i was using crossbreeder until now,i've been testing your app on my samsung galaxy y duos running stock 2.3.6. i've faced one bug,when i click about it does nothing.i am using opendns & polipo under dns & proxy settings. also i dont know wheather your app is working or not,so i've attached the logs from data/data/com.tdhite.dnsqache. plz tell me if it works or not.
i will suggest you should work on the app UI & icon.a holo dark look will be better.& plz make this app an foreground application & hide the notification bar icon or include an option to do it.
p.s. when i type 'su getprop net.dns1' it shows 127.0.0.1. & for 'su getprop net.dns2' it shows 119.30.37.10.
killoid said:
@tdhite first of all,great work! there is only oneappsimilar to yours.
i was using crossbreeder until now,i've been testing your app on my samsung galaxy y duos running stock 2.3.6. i've faced one bug,when i click about it does nothing.i am using opendns & polipo under dns & proxy settings. also i dont know wheather your app is working or not,so i've attached the logs from data/data/com.tdhite.dnsqache. plz tell me if it works or not.
i will suggest you should work on the app UI & icon.a holo dark look will be better.& plz make this app an foreground application & hide the notification bar icon or include an option to do it.
p.s. when i type 'su getprop net.dns1' it shows 127.0.0.1. & for 'su getprop net.dns2' it shows 119.30.37.10.
Click to expand...
Click to collapse
Given the logs, it appears the DNS caching / redirection is working quite well. You can also watch the DNS operations using a command (terminal emulator or similar):
logcat -s dnsmasq:*
That will let you watch the DNS queries -- of course assuming you have 'Log Queries' turned on in the settings.
As for the 'net.dns?' property settings, DnsQache will set the phone to use localhost (dnsmasq) as the primary, but if it were to blow away the secondary setting, no network at all would work if dnsmasq failed for any reason. So in the event port 53 on localhost is not listening, the secondary dns server would get used by Android so at least you get network. As another point, Jelly Bean and above don't even use those properties, so not to worry if you're not on an older Android version.
Polipo, however, appears to have a bad value for the CIDR settings. I surmise this might be a bug, I'll fix it if so. The issue, as a bet, is that without at least *one* click of the 'Set Allowed CIDRs' button in the Proxy settings, the default value somehow is getting missed in the configuration manager. The key log was "can't parse network null" so polipo refused to start. I need to surface that kind of error better -- will work on that. You can see the error in /data/data/com.tdhite.dnsqache/conf/polipo.conf where the line:
allowedClients=127.0.0.1, null
probably appears. That's because, for whatever reason, the default is not taking so the configuration is wrong.
So, can you try going to the 'Settings|Settingsroxy" menu and click the 'Set Allowed CIRDs' button it should properly set the configuration. Then restart the service (click the big DQ so it goes grey, give it a few secs to clear the messages that popup, then click the big DQ again to start it). That will then properly start polipo.
My apologies for the bug -- I have to attest I always set the CIDR differently than default because the tethering (native) usually is set differently for me. This is a bug and I'll fix it and re-upload a new version. I'll post here when it's fixed and uploaded (probably evening, I have work-work to do).
Finally -- polipo provides an internal status page (actually many). You can view that on your phone or on any device tethered (thus with an IP address in the allowed CIDR range). For instance, on your phone browser, go to http://localhost:3128/polipo/status? to see current status. See this page for more: http://www.pps.univ-paris-diderot.fr/~jch /software/polipo/polipo.html.
tdhite said:
So, can you try going to the 'Settings|Settingsroxy" menu and click the 'Set Allowed CIRDs' button it should properly set the configuration. Then restart the service (click the big DQ so it goes grey, give it a few secs to clear the messages that popup, then click the big DQ again to start it). That will then properly start polipo.
Click to expand...
Click to collapse
yes after trying your method polipo is seemed to be working ok.in the log now it says 'Established listening socket on port 3128.'
My apologies for the bug -- I have to attest I always set the CIDR differently than default because the tethering (native) usually is set differently for me. This is a bug and I'll fix it and re-upload a new version. I'll post here when it's fixed and uploaded (probably evening, I have work-work to do).
Click to expand...
Click to collapse
when you find enough time,you do it.no hurry! we all have a life.
Finally -- polipo provides an internal status page (actually many). You can view that on your phone or on any device tethered (thus with an IP address in the allowed CIDR range). For instance, on your phone browser, go to http://localhost:3128/polipo/status? to see current status. See this page for more: http://www.pps.univ-paris-diderot.fr/~jch /software/polipo/polipo.html.
Click to expand...
Click to collapse
i've tried to access to the address you mentioned with opera mini,but no success.it says in the page 'could not connect to remote server'.
killoid said:
yes after trying your method polipo is seemed to be working ok.in the log now it says 'Established listening socket on port 3128.'
when you find enough time,you do it.no hurry! we all have a life.
i've tried to access to the address you mentioned with opera mini,but no success.it says in the page 'could not connect to remote server'.
Click to expand...
Click to collapse
Check download link -- updated version with fixes. Attached is a screenshot of hitting localhost to see polipo status. As well, you can now enter multiple CIDRs by comma separating them. That way you can turn on your WiFi, include your WiFi CIDR in the 'allowed' settings, start DnsQache with polipo enables and then hit your device via the Wifi network (e.g., http://192.168.208.77:3128/polipo/status?).
tdhite said:
Check download link -- updated version with fixes. Attached is a screenshot of hitting localhost to see polipo status. As well, you can now enter multiple CIDRs by comma separating them. That way you can turn on your WiFi, include your WiFi CIDR in the 'allowed' settings, start DnsQache with polipo enables and then hit your device via the Wifi network (e.g., http://192.168.208.77:3128/polipo/status?).
Click to expand...
Click to collapse
download link is not working,giving 404 error.
killoid said:
download link is not working,giving 404 error.
Click to expand...
Click to collapse
fixed.
tdhite said:
Check download link -- updated version with fixes. Attached is a screenshot of hitting localhost to see polipo status. As well, you can now enter multiple CIDRs by comma separating them. That way you can turn on your WiFi, include your WiFi CIDR in the 'allowed' settings, start DnsQache with polipo enables and then hit your device via the Wifi network (e.g., http://192.168.208.77:3128/polipo/status?).
Click to expand...
Click to collapse
as i am currently not in any wifi network,i cant test the link u posted.but i am posting the logs from data/data/* . hope it helps. but when i installed the new app over the old & started it,in the polipo log it was showing null.i made it right using the method u told me before.& another thing,u said it is v0.81 but in the app it shows v1.0.
tdhite said:
fixed.
Click to expand...
Click to collapse
is the proxy setting right now? attached screenshot.
killoid said:
is the proxy setting right now? attached screenshot.
Click to expand...
Click to collapse
Hi, your logs look fine, polipo is also running. It's logs will be relatively benign when operating correctly. It looks like you turned off query logging on the DNS settings -- either that or you've just not made any DNS queries yet, but dnsmasq also logged that it's redirecting. Unless you turn on Log Queries, the DNS logs will be rather silent. Just look at logcat to see them when Log Queries is on (logcat -s dnsmasq:*) -- we don't have dnsmasq log to the file system as it would grow to much.
I'll explain the CIDR a little later this evening when I'm done working. It dawns on me you might not understand how the tethering networking works, and your CIDR for the proxy needs to match the CIDR you setup for the mobile hot stop or wifi-tether.
tdhite said:
I'll explain the CIDR a little later this evening when I'm done working. It dawns on me you might not understand how the tethering networking works, and your CIDR for the proxy needs to match the CIDR you setup for the mobile hot stop or wifi-tether.
Click to expand...
Click to collapse
Note -- I put up an updated (slipstream) release of the apk file in the upload link. It has the version number correctly stated (thanks for noticing). To install it, download it, turn off the DnsQache service, install the apk, verify you got v0.81 as the version of the app, then start the service again.
Let me explain the CIDR values now, as work is over (for a break, but I'm doing some very cool coreOS and mesos stuff later on Amazon).
Anyway -- the CIDR is a network specification that you also select in your mobile hotspot / wifi-tether application. For instance, in the Android Wifi Tether app, you go to settings and select from a list of networks it will support for supplying IP addresses to the tethered devices (laptops, etc.). That network is what is critical to polipo as a proxy service. To maintain security, you can set the "allowed CIDRs" in DnsQache to limit connections that polipo will serve as a proxy to the Internet.
When you set the allowed CIDRs in DnsMasq, it lets you specify one or more networks that you want polipo to serve as as a proxy. So, I have my mobile hotspot program (native as I run a custom ROM) set the tethering network as 172.20.21.0/24 -- meaning the hotspot program will sit on 172.20.21.1 and give out to tethered devices addresses from 172.20.21.2 up to 172.20.21.254. So, for a tethered device in that range to use polipo as a proxy, you have to tell polipo (via DnsMasq settings) to accept connections from devices with addresses from the "allowed CIDRs" -- namely 172.20.21.0/24. I often add another one -- my WiFi network so I can check out the phone from other computers on my network.
As an example, let's say you setup your tethering app to use the network 10.10.10.0/24 as your tethering network. But you also want to let your home computer open the stats page on the phone just to make sure stuff is to your liking (or even the polipo configuration page). Further, let's say that you have WiFi turned on on your phone, and your home WiFI network is 192.168.1.0/24, and your phone got an address of 192.168.1.110. You might setup the allowed CIDRs as:
10.10.10.0/24, 192.168.1.0/24
Then, restart the DnsQache service. After that, you should be able to see the polipo config page from your phone ( by going to http://localhost:3128/polipo/config? ) or any tethered device (by going to http://10.10.10.1:3128/polipo/config? ) or your home network (by going to http://192.168.1.110:3129/polipo/config? ).
Now remember also -- for your tethered devices devices to get proxied internet via polipo, you have to start the mobile hotspot (or wifi-tether) and that will kill your home network connection since the WiFi is used for the tethering network.
Does that help?
tdhite said:
Hi, your logs look fine, polipo is also running. It's logs will be relatively benign when operating correctly. It looks like you turned off query logging on the DNS settings -- either that or you've just not made any DNS queries yet, but dnsmasq also logged that it's redirecting. Unless you turn on Log Queries, the DNS logs will be rather silent. Just look at logcat to see them when Log Queries is on (logcat -s dnsmasq:*) -- we don't have dnsmasq log to the file system as it would grow to much.
Click to expand...
Click to collapse
well,hadn't made any dns queries then so it didnt show up in the log.but later i saw dns is lock & loaded.
---------- Post added at 11:39 AM ---------- Previous post was at 11:29 AM ----------
tdhite said:
Note -- I put up an updated (slipstream) release of the apk file in the upload link. It has the version number correctly stated (thanks for noticing). To install it, download it, turn off the DnsQache service, install the apk, verify you got v0.81 as the version of the app, then start the service again.
Click to expand...
Click to collapse
it is correct now. :good:
Let me explain the CIDR values now, as work is over (for a break, but I'm doing some very cool coreOS and mesos stuff later on Amazon).
Anyway -- the CIDR is a network specification that you also select in your mobile hotspot / wifi-tether application. For instance, in the Android Wifi Tether app, you go to settings and select from a list of networks it will support for supplying IP addresses to the tethered devices (laptops, etc.). That network is what is critical to polipo as a proxy service. To maintain security, you can set the "allowed CIDRs" in DnsQache to limit connections that polipo will serve as a proxy to the Internet.
When you set the allowed CIDRs in DnsMasq, it lets you specify one or more networks that you want polipo to serve as as a proxy. So, I have my mobile hotspot program (native as I run a custom ROM) set the tethering network as 172.20.21.0/24 -- meaning the hotspot program will sit on 172.20.21.1 and give out to tethered devices addresses from 172.20.21.2 up to 172.20.21.254. So, for a tethered device in that range to use polipo as a proxy, you have to tell polipo (via DnsMasq settings) to accept connections from devices with addresses from the "allowed CIDRs" -- namely 172.20.21.0/24. I often add another one -- my WiFi network so I can check out the phone from other computers on my network.
As an example, let's say you setup your tethering app to use the network 10.10.10.0/24 as your tethering network. But you also want to let your home computer open the stats page on the phone just to make sure stuff is to your liking (or even the polipo configuration page). Further, let's say that you have WiFi turned on on your phone, and your home WiFI network is 192.168.1.0/24, and your phone got an address of 192.168.1.110. You might setup the allowed CIDRs as:
10.10.10.0/24, 192.168.1.0/24
Then, restart the DnsQache service. After that, you should be able to see the polipo config page from your phone ( by going to http://localhost:3128/polipo/config? ) or any tethered device (by going to http://10.10.10.1:3128/polipo/config? ) or your home network (by going to http://192.168.1.110:3129/polipo/config? ).
Now remember also -- for your tethered devices devices to get proxied internet via polipo, you have to start the mobile hotspot (or wifi-tether) and that will kill your home network connection since the WiFi is used for the tethering network.
Does that help?
Click to expand...
Click to collapse
well that helped a lot! i've understood that whole CIDRS thing much better now.but as a noob i will req u to quote this explanation about CIDRS on the 1st page. people will quit asking about CIDRS then maybe.
Hi when I set cache to 1024 after reboot it's back to 0 any ideas please great app by the way seems to boost internet quite nicely thanks
Sent from my HTC One X using Tapatalk
smeejaytee said:
Hi when I set cache to 1024 after reboot it's back to 0 any ideas please great app by the way seems to boost internet quite nicely thanks
Sent from my HTC One X using Tapatalk
Click to expand...
Click to collapse
Can you tell me what version of Android you are on? Possibly recent changed introduced a persistence bug with newer Jelly Bean file structures and file system security. Not sure, but I'll hunt it down as soon as I can. Still would like to know the version of your Android, though.
Jb 4.2.2 thanks for the reply could I also ask which is the best dns server as your app has a few choices I've only ever used Google and I tried open dns once but don't know whenever it's better or not any advise would be appreciated thanks for your work
Sent from my HTC One X using Tapatalk
Related
Would like to edit my DNS settings on this. Is it possible? After hearing what sounds like a DNS poisoning, would like to swap out TMOs DNS for another provider.
Grab anycut off the marketplace.
Long tap on the desktop -> shortcut -> activity -> ip settings.
I've been using openDNS from the moment I got the phone. Works like a charm.
edit - shouldn't have replied that quickly... this only works for WiFi as far as I know... but I haven't tested that. Will do so now.
edit 2 - well... scratch all that. I just tested opendns on both wifi at my home and using edge and both did not work. I guess ip settings doesn't work?
That is a nice find for when you are on wifi. It doesn't change your DNS when you are on the network. I have also wanted to change my DNS to Opendns but have not found a way to change dns on data connection. Any help would be appreciated.
angel-78 said:
That is a nice find for when you are on wifi. It doesn't change your DNS when you are on the network. I have also wanted to change my DNS to Opendns but have not found a way to change dns on data connection. Any help would be appreciated.
Click to expand...
Click to collapse
Can you confirm that is works for wifi? Opendns.com/org isn't showing that it's working for me.
Ummm opendns.com/org doesn't work for me and I am on opendns
Stupid question: why are you worried about DNS poisoning? I'm aware of what it is, but I'm not aware of how someone would exploit it.
They'd have to find an exploit on T-Mobiles DNS servers (or the higher servers that they receive the information from), that would either: a) use a "fake" higher DNS server to get info from, one that would provide spoofed entries, or b) insert fake entries into the cache. Correct?
Curious as to why you'd be paranoid about this tbh. Even with OpenDNS, if there's an exploits on T-Mobiles servers, wouldn't they be able to exploit it on the edge/3g servers? And if OpenDNS were ever compromised, it would leave hundreds of thousands of users more vulnerable, vs the (very) few people who use their cell phone for web banking.
neoobs said:
Ummm opendns.com/org doesn't work for me and I am on opendns
Click to expand...
Click to collapse
Confusing syntax on my part. I meant .com or .org.
Gary13579 said:
Stupid question: why are you worried about DNS poisoning? I'm aware of what it is, but I'm not aware of how someone would exploit it.
They'd have to find an exploit on T-Mobiles DNS servers (or the higher servers that they receive the information from), that would either: a) use a "fake" higher DNS server to get info from, one that would provide spoofed entries, or b) insert fake entries into the cache. Correct?
Curious as to why you'd be paranoid about this tbh. Even with OpenDNS, if there's an exploits on T-Mobiles servers, wouldn't they be able to exploit it on the edge/3g servers? And if OpenDNS were ever compromised, it would leave hundreds of thousands of users more vulnerable, vs the (very) few people who use their cell phone for web banking.
Click to expand...
Click to collapse
Guess you don't frequent boards as much as myself. It has already happened twice now. Just search for browser hijacked...
Being it has only been on Edge/3G, it must be their DNS. WIFI has never been affected.
Open an adb shell or Terminal Emulator and type
Code:
setprop ro.kernel.android.ndns 2
setprop net.eth0.dns1 208.67.222.222
setprop net.eth0.dns2 208.67.220.220
Those are ip addresses for OpenDNS, so use your own if you want something else. It might not be persistent through reboots though. If it isn't, append it to init.rc. I can't test this on actual hardware right now but on the emulator it does pass OpenDNS's test (in the upper right corner). Make sure you set the properties before opening the browser.
jashsu said:
Open an adb shell or Terminal Emulator and type
Code:
setprop ro.kernel.android.ndns 2
setprop net.eth0.dns1 208.67.222.222
setprop net.eth0.dns2 208.67.220.220
Those are ip addresses for OpenDNS, so use your own if you want something else. It might not be persistent through reboots though. If it isn't, append it to init.rc. I can't test this on actual hardware right now but on the emulator it does pass OpenDNS's test (in the upper right corner). Make sure you set the properties before opening the browser.
Click to expand...
Click to collapse
thanks trying this now and it seems to work well
Not only will it not persist on reboot, it will not persist over DHCP, so every time it reconnects to the network, this will have to be redone.
well, dunnow if you'v seen this
Mobile or other devices :
DNS servers are typically specified under advanced wi-fi settings. However, as every mobile device uses a different user interface for configuring DNS server settings, we provide only a generic procedure below. For more information, please consult your mobile provider's documentation.
To change your settings on a mobile device:
1. Go to the screen in which wi-fi settings are specified.
2. Find the screen in which DNS server settings are specified.
3. If there are IP addresses specified in the fields for the primary and seconday DNS servers, write them down for future reference.
4. Replace those addresses with Google IP addresses: 8.8.8.8 and 8.8.4.4.
5. Save and exit.
6. Test that your setup is working correctly; see Testing your new settings below.
Click to expand...
Click to collapse
Ather said:
well, dunnow if you'v seen this
Click to expand...
Click to collapse
Nice try
But that will only affect WiFi.
Ather said:
well, dunnow if you'v seen this
Click to expand...
Click to collapse
that only works for wifi or 3g connection as well?
I think the only way you can use T-Mobiles network is through there DNS. I think they have it locked to that. I remember when I used to tether if you right clicked a picture (that is on the internet obviously not on your hard drive) and went to properties it was never listed just the url that it was supposed to be it also had an ip before that url. That ip was always the same no matter what site. I think there is a proxy running on one end or the other.
aad4321 said:
google dns is the fastest and best...
8.8.8.8
8.8.4.4
Click to expand...
Click to collapse
Prove that google dns is faster than opendns, it hasn't even been out for a week yet while opendns is very mature.
This benchmark would have to disagree with you.
http://gizmodo.com/5420931/namebench-helps-you-find-the-fastest-dns-server-for-your-computer
It is highly dependent on your location. Google DNS might be faster than OpenDNS for some, while UltraDNS might be faster than Google DNS for others.
Try out the benchmarks yourself to see which one is the fastest for you. I use OpenDNS myself.
google dns is not at the moment everywhere the fastest but dont worry it will be. suggest you dont use this for t-mobile nl tv coz this wont count for your download limit and wont add to your download fair-use-time other dns probably will
tried nice worked on x10
Using this program you can control your phone from any browser. It requires a rooted Android phone.
* You can click and type on the phone (we inject touch events to the touch device and create a new HID for typing),
* get screenshots (copied from the framebuffer device) in jpeg and png, record images in sequence
* start phone calls (it uses '/bin/system/service' from android)
* open webpages on the phone (it uses intents)
* browse, download from, upload to the SD card (it uses AjaXplorer so you can rename files, listen mp3, etc.)
* browse and read every files on phone
* adjust LCD backlight
* get the phone's location (GPS and network, it uses our JAVA code and shows the result on GoogeMaps)
* exporting contacts, messages, call list in txt, csv, xml,
* chat with phone and other users
* terminal emulator with Shell In A Box
* user rights management, log
* works on wifi, 3g
* DynDNS support (it's a dinamic DNS service, after you register at dyndns.org, your phone will have an address like: myphone.homeip.net, this only works if you can reach your phone using its IP address)
* if your 3g internet provider blocks the incoming connection to your phone, then you cannot connect using its IP address or DynDNS, but you can connect through our server (the phone starts the connection like GoogleTalk does)
* user admin has a random password each time, but you can add new users. The connection is not encrypted, we are planning to use https instead of http
* opensource (it is licensed under General Public License)
* most of the functions uses only C++ part, which has very low memory footprint and almost no CPU use in idle.
* Homepage: androidwebkey.com
Feel free to ask for features and send bugs.
Market Link
I don't trust this AT ALL!!!
Yzord said:
I don't trust this AT ALL!!!
Click to expand...
Click to collapse
Why? Everything works as listed. It's opensource, you can compile it for yourself.
Sorry for my attitude. It is not personal, but these kind of apps give me the creeps...
Yzord said:
Sorry for my attitude. It is not personal, but these kind of apps give me the creeps...
Click to expand...
Click to collapse
That's all right. But I can't image a way to make it more trustable.
Pretty slow but it works.
evilkorn said:
Pretty slow but it works.
Click to expand...
Click to collapse
If there is a demand for this, we will hire a server with a faster connection. It seems like all the 3G internet providers blocks the incoming connection to the phone in USA, so we have to redirect the packets through our server. In Europe the situation is better, and we can connect to the phone directly.
Webkey listens on all interfaces, so if you manage to set up a VPN, it will work.
morapeter said:
If there is a demand for this, we will hire a server with a faster connection. It seems like all the 3G internet providers blocks the incoming connection to the phone in USA, so we have to redirect the packets through our server. In Europe the situation is better, and we can connect to the phone directly.
Webkey listens on all interfaces, so if you manage to set up a VPN, it will work.
Click to expand...
Click to collapse
I know for AT&T unless you have the laptop connect type package, ie: APN is isp.cingular, this is true. So nearly all AT&T mobile phones will have this limitation.
I like that you've worked around it using this method, I think I'll have to give this a try myself.
Also sounds like something a business might be interested in having, but their own server.. Is the communications secure between the phone and server?
khaytsus said:
I know for AT&T unless you have the laptop connect type package, ie: APN is isp.cingular, this is true. So nearly all AT&T mobile phones will have this limitation.
I like that you've worked around it using this method, I think I'll have to give this a try myself.
Also sounds like something a business might be interested in having, but their own server.. Is the communications secure between the phone and server?
Click to expand...
Click to collapse
There is nothing new about this topic. Virtual Private Network is made for this, it's secure and everyone can have an own server (although it's not so easy to set it up, but most of the firmwares support it on the phone). There are several other solutions, for example ssh reverse port forwarding (-R option), or socat can create a tunnel device as well. None of these solutions were good for us, because I didn't want to mess up anything on the phone like creating new network interface, or maintain a ssh tunnel.
Our solution is simple. The phone creates a TCP connection to the server and listen on that. It reopens it when it closed. Whenever a user connects to our site from a browser, the server searches for the appropriate socket, and connects them.
It's not secure yet, but I'll finish https when I have time. After that the connection will be secure between the browser and the phone (which is better than securing the connection between the phone and the server).
I like where this app is going. Seems good.
I ran this before on 2.1, but now Webkey won't run on my Evo running Froyo. It just hangs with black screen on start. I am running the rooted stock 2.2 ROM and other apps requiring root run fine. Any ideas?
Also, I'm a developer and want to add an option to select an http port to listen on. I'm pretty sure http will work fine over another port, like 8080 (over Sprint without using your proxy server), and I wanted to mod the code (and submit to you) if it works. Is it obvious how to build the full solution from the C and Java sources? Just Java I've done, but not built an app requiring the NDK, yet.
Thanks!
So if I understand this correctly, this relies on a server at some fixed location, as well as an apk on the phone.
Is the server source available so that I could modify the APK to point to my own server? It seems that the sources you provide are only to rebuild the APK, and that a user would have to trust your server.
wvufan said:
I ran this before on 2.1, but now Webkey won't run on my Evo running Froyo. It just hangs with black screen on start. I am running the rooted stock 2.2 ROM and other apps requiring root run fine. Any ideas?
Also, I'm a developer and want to add an option to select an http port to listen on. I'm pretty sure http will work fine over another port, like 8080 (over Sprint without using your proxy server), and I wanted to mod the code (and submit to you) if it works. Is it obvious how to build the full solution from the C and Java sources? Just Java I've done, but not built an app requiring the NDK, yet.
Thanks!
Click to expand...
Click to collapse
At start the Java code tests whether it needs to extract files. I assume that something changed on Froyo. Do you have a directory /data/data/com.webkey after install? Or does it put it on the SD card?
There is a function for changing port. You can do it from the Java gui.
For the compiling (under linux):
I used "Customized Android NDK r3 with enabled support of C++ exceptions, RTTI and Standard C++ Library", see
http://www.crystax.net/android/ndk-r3.php
and downloaded the precompiled binaries. Please find a build.sh in c.zip (I uploaded it right now). It uses my directory structure, but I hope you can find out how it works. There are some bash tricks with grep and sed to generate the menu in every html. The README.txt might help as well. Feel free to ask about anything.
heilpern said:
So if I understand this correctly, this relies on a server at some fixed location, as well as an apk on the phone.
Is the server source available so that I could modify the APK to point to my own server? It seems that the sources you provide are only to rebuild the APK, and that a user would have to trust your server.
Click to expand...
Click to collapse
In some countries you don't have to use the server (the internet providers don't block), but yes, you are right. The server code is a python script and I need to check it (again) for security leaks before opening it and ask permission from the other developer. I would say this will happen this weekend. (However, the protocol is simple. It couldn't be simpler.)
There are some other solutions for this problem:
- If you set up a Virtual Private Network on the phone (I never did that, but reverse ssh port forwarding worked for me), then you don't have to use our server.
- I hope in the next release there will be https, which encodes the data between the phone and the browser (after that you if you check the certificate then you can trust to any server). I try to finish it in a week.
I believe the publication of a program like this needs extra care because of its reputation. Before https there won't be a Market version, where you can change the server address (because of security reason). Of course, if you would like it, I'm happy to send you an apk where you can change the server address, or you can compile it for yourself.
Alright, so where can I download this from please? The hompage link is not working.
Aqua1ung said:
Alright, so where can I download this from please? The hompage link is not working.
Click to expand...
Click to collapse
It should work, please try again. It is also available on the Market (search for Webkey).
Okay, now it works. Thanks. All I gotta do now is root my phone
As for suggestions, how about taking pictures remotely using the FFC and/or BFC? Just in case your phone gets stolen or lost...
Aqua1ung said:
Okay, now it works. Thanks. All I gotta do now is root my phone
As for suggestions, how about taking pictures remotely using the FFC and/or BFC? Just in case your phone gets stolen or lost...
Click to expand...
Click to collapse
Nice Now you have to start the camera program and watch the screenshot . I'll check what can I do with the camera device from C++.
This is a great app. I love how you can upload and download from your sd card! The remote control is a little slow over 3g, but very promising. Thanks
stickerbob said:
This is a great app. I love how you can upload and download from your sd card! The remote control is a little slow over 3g, but very promising. Thanks
Click to expand...
Click to collapse
Well... There is an option in AjaXplorer, which downloads several files in a zip archive (even directories), but I was lazy, I didn't implement it in C++ (although the zip library was already there because of the png library). I don't promise to finish it in the following weeks, but I'll do it sometime.
Unlike other FTP Server apps we have released an FTP Server with almost all the features you can think of. Some features FTP Server Ultimate has and most other apps don't have:
- Add multiple users: and give every user their own root, allow write access and force stay in given root directory
- Run FTP server over SSL (FTPS Implicit) to have a secure connection
- Or run FTP server over SSH (SFTP) to be even more secure! With even support for Secure Copy (SCP) and public key authentication.
- Run multiple servers at the same time!
- Extensive logging!
- No root needed!
And more features:
- Start/Stop a FTP server automatically when connected/disconnected from a specified WIFI network, or on boot
- Optionally only allow specified IP addresses to access a FTP Server
- Add a Dynamic DNS Updater using the local or public IP of your device
- UTF-8 support
- Optional anonymous access
- The FTP Server can be accessed from the web (for example through your 3G connection) if supported by your mobile network
- No more need for an USB cable
- Share files with other devices
You can download it for free from Google Play (see the link below). I would appreciate it if you could leave a message stating what you think of the app, whether it works ok and whether you are missing anything. Quite some time has been put into it.
FTP Server Ultimate on Google Play
Video review by JIMMYMCGEE:
XDA TV
FAQ
How come I can't run a server on a port below 1024?
That is a limitation of Android. However, you can try out our app Port Forwarder Ultimate which allows you to access the server on a port below 1024! So you can for example run it on port 21.
All feedback is welcome!
No feedback yet? I would really appreciate it if someone could try it out and let me know what you think of it. I really have put some time into it
Thanks
Did anyone try the app yet?
I tried it just now!
I dig it!
A suggestion if I may:
Add a little more dummy-proofing like tell them their connect string is "ftp://192.168.0.7:41839/" or whatever... and for both public and local URLs. Instead of just letting them know their current port number and IP addresses, etc. People familiar with FTP and FTPS will get it but n00bs will get lost.
In all I dig it tho! I'll use it!
Thanks man!
---------- Post added at 10:10 AM ---------- Previous post was at 09:35 AM ----------
Vibrate on Connect (with my Galaxy Note SC-05D) isn't working.
And a status window with connected users (IP and/or login_name) and current operation (sending, receiving, CD folder name, etc) would be really nice - and in the basic version - it's kind of a safety thing IMO. Then press-holding on a user name should bring up an option panel menu: Kick, Kick-ban IP, Kick-Ban UserName, (and in the pay version: Send message).
Here's a little treat for ya... Opened into PhotoShop directly from my SC-05D phone:
http://tesselator.gpmod.com/Images/Temporary/FTP_Grab.png
Now all I need is a gopher server and I'll be in retro-la-la-land! (j/k of course)
Bifurcator said:
I tried it just now!
I dig it!
A suggestion if I may:
Add a little more dummy-proofing like tell them their connect string is "ftp://192.168.0.7:41839/" or whatever... and for both public and local URLs. Instead of just letting them know their current port number and IP addresses, etc. People familiar with FTP and FTPS will get it but n00bs will get lost.
In all I dig it tho! I'll use it!
Thanks man!
---------- Post added at 10:10 AM ---------- Previous post was at 09:35 AM ----------
Vibrate on Connect (with my Galaxy Note SC-05D) isn't working.
And a status window with connected users (IP and/or login_name) and current operation (sending, receiving, CD folder name, etc) would be really nice - and in the basic version - it's kind of a safety thing IMO. Then press-holding on a user name should bring up an option panel menu: Kick, Kick-ban IP, Kick-Ban UserName, (and in the pay version: Send message).
Here's a little treat for ya... Opened into PhotoShop directly from my SC-05D phone:
http://tesselator.gpmod.com/Images/Temporary/FTP_Grab.png
Now all I need is a gopher server and I'll be in retro-la-la-land! (j/k of course)
Click to expand...
Click to collapse
Great to hear it's all working ok! Did you also try the sftp or ftps server? Thanks for the feedback!
Would you also be able to leave a review on Play? I would really appreciate that!
Did anyone else try the app??
Themuzz said:
Great to hear it's all working ok! Did you also try the sftp or ftps server? Thanks for the feedback!
Would you also be able to leave a review on Play? I would really appreciate that!
Click to expand...
Click to collapse
I did all those things yesterday!
Themuzz said:
Unlike other FTP Server apps we have released an FTP Server with almost all the features you can think of. Some features FTP Server Ultimate has and most other apps don't have:
- Add multiple users: and give every user their own root, allow write access and force stay in given root directory
- Run FTP server over SSL (FTPS Implicit) to have a secure connection
- Or run FTP server over SSH (SFTP) to be even more secure! With even support for Secure Copy (SCP) and public key authentication.
- Run multiple servers at the same time!
- Extensive logging!
- No root needed!
And more features:
- Start/Stop a FTP server automatically when connected/disconnected from a specified WIFI network, or on boot
- Optionally only allow specified IP addresses to access a FTP Server
- Add a Dynamic DNS Updater using the local or public IP of your device
- UTF-8 support
- Optional anonymous access
- The FTP Server can be accessed from the web (for example through your 3G connection) if supported by your mobile network
- No more need for an USB cable
- Share files with other devices
You can download it for free from Google Play (see the link below). I would appreciate it if you could leave a message stating what you think of the app, whether it works ok and whether you are missing anything. Quite some time has been put into it.
FTP Server Ultimate on Google Play
FAQ
How come I can't run a server on a port below 1024?
That is a limitation of Android. However, you can try out our app Port Forwarder Ultimate which allows you to access the server on a port below 1024! So you can for example run it on port 21.
All feedback is welcome!
Click to expand...
Click to collapse
How to access from the web?
I'm using it and it works great!
Are all of the same features present in your "servers ultimate " app?
Sent from my M886 using Tapatalk 2
Great APP! Thanks!
This got featured on the XDA portal!
Downloading and reviewing just for the sake of the hard work you put.
I'm having problems (Can't connect) using this with my Samsung GT-7100 Galaxy Note II.
I think is not an App problem but from the device. Every time i try to connect I'm getting this message : "ECONNREFUSED - Connection refused by server"
Using other FTP Server and same result.
Never had this issue with my other device Galaxy S III.
Any ideas how to solve this problem?
Thanks
rickyx said:
How to access from the web?
I'm using it and it works great!
Click to expand...
Click to collapse
Good to hear it works. About accessing from the web, you will need to use the public IP (visible under the info button on the start screen of the app). However, depending on your internet provider it might not work (some internet providers block it). If you use it through wifi you would need to enable port forwarding.
jbrt said:
Are all of the same features present in your "servers ultimate " app?
Click to expand...
Click to collapse
Yes, however, this app will be updated faster and is way less intensive to run on your device, since it's focused on FTP.
rind said:
Great APP! Thanks!
Click to expand...
Click to collapse
You're welcome
theDroidfanatic said:
This got featured on the XDA portal!
Downloading and reviewing just for the sake of the hard work you put.
Click to expand...
Click to collapse
I just read it on XDA, great article! And thanks for the reviewing, really appreciate it.
M3xital said:
I'm having problems (Can't connect) using this with my Samsung GT-7100 Galaxy Note II.
I think is not an App problem but from the device. Every time i try to connect I'm getting this message : "ECONNREFUSED - Connection refused by server"
Using other FTP Server and same result.
Never had this issue with my other device Galaxy S III.
Any ideas how to solve this problem?
Thanks
Click to expand...
Click to collapse
That sounds like a port forwarding problem. Do you try to access it through WIFI and are you with the client on the same WIFI network? Could you elaborate a bit?
It would be great if everyone who tries it let's me know whether it works ok and whether you are missing anything. Also, reviews on Android Play are of course welcome
Thanks!
Themuzz said:
Good to hear it works. About accessing from the web, you will need to use the public IP (visible under the info button on the start screen of the app). However, depending on your internet provider it might not work (some internet providers block it). If you use it through wifi you would need to enable port forwarding.
Yes, however, this app will be updated faster and is way less intensive to run on your device, since it's focused on FTP.
You're welcome
I just read it on XDA, great article! And thanks for the reviewing, really appreciate it.
That sounds like a port forwarding problem. Do you try to access it through WIFI and are you with the client on the same WIFI network? Could you elaborate a bit?
It would be great if everyone who tries it let's me know whether it works ok and whether you are missing anything. Also, reviews on Android Play are of course welcome
Thanks!
Click to expand...
Click to collapse
Hello I'm a bit of a noob at the whole FTP thing. I downloaded the app, set up the server, and enabled port forwarding on my router. How do I gain access to the server? When I type my public ip into the url bar it just goes to my router login. I'm confused...
Thanks for any help!
Edit: I tried switching to 3G. I got a different public IP but I still got a "could not connect" error in the browser.
Sidenote-When I slide up the log menu it shows the different servers underneath, like there's no background in the log menu.
Themuzz said:
That sounds like a port forwarding problem. Do you try to access it through WIFI and are you with the client on the same WIFI network? Could you elaborate a bit?
Click to expand...
Click to collapse
I'm trying to access through WiFi and yes client is on the same WiFi.
Server SSID Behaviour
Hi and thanks for putting this out. I've added, run and connected to a SFTP server with no problems But here's my problem - I'd like the same server to run on multiple SSIDs (e.g. my home and work ones).
When I tick the "start server when connected to selected wifi network" box I can only enter a single SSID and have the server start automatically when a connection comes up. I took a long shot and tried entering my two SSIDs with common delimiters (comma, semi-colon, backslash etc.) but no dice - the server wouldn't start automatically when connecting to either SSID (which wasn't unexpected as it's worded in the app to indicate whatever is entered is meant to be a single SSID). In the log I could see the server stop when wifi went down, log when wifi was connected to any SSID and when a server started and stopped.
I then tried creating an exact copy of the first server but with a different SSID set. Upon trying to save the second new server the app warned about two servers using duplicate ports and wouldn't let me save it. Fair enough but, with the particular settings, neither server should be running at the same time i.e. they are both set to only run when connected to different SSIDs. Picky picky I know
I also tried leaving the SSID field blank.The thinking here was that, when left blank, it would try and start the server when any SSID was connected.
To summarise... the ability to start a server on: any wifi connection, multiple named SSIDs or a single SSID would be great.
not conecting
hi:
I set up the sftp server without problem, but when i tried to access i got an error.
I tried to connect with:
ssh -p serverport [email protected]
sftp [email protected]
sftp serverip
But i get,
for ssh:
ssh: connect to host serverip port sererport: Connection refused
for sftp:
Connecting to serverip
ssh: connect to host serverip port 22: Connection refused
Connection closed
However, i connected with winscp without problem.
So, do you have any idea of why i can't connect with ssh and sftp?
And if i could solve the problem, can i use scp?
BR
Really cool, worked good, f*** MTP
deaver_92 said:
Hello I'm a bit of a noob at the whole FTP thing. I downloaded the app, set up the server, and enabled port forwarding on my router. How do I gain access to the server? When I type my public ip into the url bar it just goes to my router login. I'm confused...
Thanks for any help!
Edit: I tried switching to 3G. I got a different public IP but I still got a "could not connect" error in the browser.
Sidenote-When I slide up the log menu it shows the different servers underneath, like there's no background in the log menu.
Click to expand...
Click to collapse
Ah, it sounds like you forget using the port number. For example, you have an FTP server running on port 2121 with internal IP 192.168.1.54 and enabled port forwarding on your router to forward outside port 2121 to inside IP 192.168.1.54 and port 2121. Now you can access the FTP server using your public IP, for example 123.123.123.123
However, you need to specify the port number when using the IP. If you use a browser, type: ftp://123.123.123.123:2121/ That should work.
Let me know!
M3xital said:
I'm trying to access through WiFi and yes client is on the same WiFi.
Click to expand...
Click to collapse
Ok, so client and server are on the same wifi. The server is, for example, running on 192.168.1.54 and port 2121, now on the client (probably a computer) use the browser and type in ftp://192.168.1.54:2121/
Let me know whether it worked!
Northernmost said:
Hi and thanks for putting this out. I've added, run and connected to a SFTP server with no problems But here's my problem - I'd like the same server to run on multiple SSIDs (e.g. my home and work ones).
When I tick the "start server when connected to selected wifi network" box I can only enter a single SSID and have the server start automatically when a connection comes up. I took a long shot and tried entering my two SSIDs with common delimiters (comma, semi-colon, backslash etc.) but no dice - the server wouldn't start automatically when connecting to either SSID (which wasn't unexpected as it's worded in the app to indicate whatever is entered is meant to be a single SSID). In the log I could see the server stop when wifi went down, log when wifi was connected to any SSID and when a server started and stopped.
I then tried creating an exact copy of the first server but with a different SSID set. Upon trying to save the second new server the app warned about two servers using duplicate ports and wouldn't let me save it. Fair enough but, with the particular settings, neither server should be running at the same time i.e. they are both set to only run when connected to different SSIDs. Picky picky I know
I also tried leaving the SSID field blank.The thinking here was that, when left blank, it would try and start the server when any SSID was connected.
To summarise... the ability to start a server on: any wifi connection, multiple named SSIDs or a single SSID would be great.
Click to expand...
Click to collapse
Good idea! Great to hear you tried all those options but unfortunately at this moment only one SSID can be specified. However, as soon as we thought of 2-3 more servers to add for the update we will also include the ability to select multiple SSID's
kurokirasama said:
hi:
I set up the sftp server without problem, but when i tried to access i got an error.
I tried to connect with:
ssh -p serverport [email protected]
sftp [email protected]
sftp serverip
But i get,
for ssh:
ssh: connect to host serverip port sererport: Connection refused
for sftp:
Connecting to serverip
ssh: connect to host serverip port 22: Connection refused
Connection closed
However, i connected with winscp without problem.
So, do you have any idea of why i can't connect with ssh and sftp?
And if i could solve the problem, can i use scp?
BR
Click to expand...
Click to collapse
Good point, the SFTP server only supports SFTP commands and will work great with all SFTP clients, however, SSH commands are not all supported. You can try the linux sftp command.
However, we also released an SSH Server (on Play) which also supports SFTP and SCP. So if you try that app you can connect through SSH commands from the command line.
Let me know whether it worked.
Mach3.2 said:
Really cool, worked good, f*** MTP
Click to expand...
Click to collapse
You're right, way easier and can be used wireless!
I would appreciate if if everyone could leave a review on Play. Thanks for the feedback, more comments are of course welcome!
Hi:
I tried your ssh server and with winscp i had no problems. I could also connect without problem trough ssh command. But when I tried scp, the server disconnect the command and some times the app closed itself.
I don't know why this happens, I hope you can help me. I could let it like this because with ssh command it is enough for me but it bothers me xd.
kurokirasama said:
Hi:
I tried your ssh server and with winscp i had no problems. I could also connect without problem trough ssh command. But when I tried scp, the server disconnect the command and some times the app closed itself.
I don't know why this happens, I hope you can help me. I could let it like this because with ssh command it is enough for me but it bothers me xd.
Click to expand...
Click to collapse
Could you send me the steps you took? So what client are you using and what command did you send that produced an error?
To start, this is not yet another SSH Server, it is more complete compared to other SSH daemons available. But of course that's up to you to decide.
Run multiple SSH Servers at the same time and have multiple users with public key authentication! No root is needed!
Here some cool features:
- Multiple users support
- Every user can have a password and/or public key for authentication
- For every user you can set a root directory, allow write access and force stay in the root directory for use in SFTP
- Optionally only allow access from certain IP's
- For every user (dis)allow X11, agent forwarding, inbound connections, outbound connections
- Run multiple SSH and/or telnet servers at the same time
- If you add a telnet server you can even optionally run it over SSL/TLS
- Support for Dynamic DNS so you can always access your server
- Set authorization timeout, idle timeout, maximum authorization requests, maximum concurrent sessions per user
And some more general features:
- Free
- Extensive logging
- Start on boot
- Start/stop on connect/disconnect WIFI network
- The servers can be accessed from the web (for example through your 3G connection) if supported by your mobile network
Notes:
- The Shell access only works on ARM devices, however, SFTP and SCP access works on all devices.
- When you type exit the users session shell will stop but the connection will stay open, untill you close it. That's a little bug we are working on, scroll down if you want to help Normally you wouldn't notice this small problem.
SSH Server can be found on Google Play:
SSH Server on Play
FAQ
How can I get a public key?
Use puttygen to generate a public and private key. Import the public key in SSH Server and use the private key on your side (for example with putty). For more help just ask here.
How come I can't run a server on a port below 1024?
That is a limitation of Android. However, you can try out our app Port Forwarder Ultimate which allows you to access the server on a port below 1024! So you can for example run it on port 22.
If you want to help fix the last bug in the app please continue reading:
The problem:
Typing exit in the shell doesn't close the connection but only the shell. If you close the shell connection everything will be stopped, so it's not a big bug since the app works just fine with it.
How come we can't fix it:
We can detect when the connection is closed, and when that happens we close the sessions shell (if it's still open) using the PID of the process. However, we cannot check whether the process is still running from java android code using the PID. We don't want to run a linux command, we want to check whether the process is still running from pure java (using the PID) since everything works from java. So if you know how to accomplish this please post a reply.
Feedback and questions are welcome so we can improve the app! If you need help, also just post a reply
Thanks.
Looks awesome! Much nicer feature set than other available SSH servers I've used. I know it's a feature to not need root, but would you consider adding in a root option to use port 22? Makes SSH and SCP much easier to use when you don't need to specify the port on the command-line or in a configuration file.
Se7enLC said:
Looks awesome! Much nicer feature set than other available SSH servers I've used. I know it's a feature to not need root, but would you consider adding in a root option to use port 22? Makes SSH and SCP much easier to use when you don't need to specify the port on the command-line or in a configuration file.
Click to expand...
Click to collapse
Ah, good questions, I forgot to add it to the description. The SSH server is fully functioning from java so it works on almost all devices but as you know it also has the limitation that only ports above 1024 can be used. However, I have also released a separate app called Ports Forwarder Ultimate which allows you to forward port 22 to for example 2222 internally. It uses iptables to do so and need a rooted phone.
Port Forwarder Ultimate on Play
Let me know whether that works. I would also appreciate it if you could leave a review on Play or maybe let me know what you are still missing
Hi! Thanks for this great app. I was looking for a multi-user SSH server and I think I got it!
I would like to use your "Force stay in document root" functionality but when I log in with the user I created it does not put me in the right directory (it keeps me in / instead of say /data/local/tmp/user1) and of course I can browse everywhere.
It may be because the app does not have the right to go there? I may try on the sdcard as well?
Thanks.
saidelike said:
Hi! Thanks for this great app. I was looking for a multi-user SSH server and I think I got it!
I would like to use your "Force stay in document root" functionality but when I log in with the user I created it does not put me in the right directory (it keeps me in / instead of say /data/local/tmp/user1) and of course I can browse everywhere.
It may be because the app does not have the right to go there? I may try on the sdcard as well?
Thanks.
Click to expand...
Click to collapse
That's weird, could you try the sdcard as root directory? Let me know whether that does work.
Themuzz said:
That's weird, could you try the sdcard as root directory? Let me know whether that does work.
Click to expand...
Click to collapse
And did that work?
Themuzz said:
And did that work?
Click to expand...
Click to collapse
To be honest, I finally chose to use the dropbear ssh server that gave me everything I needed from the command line (not an app), but I need root access...
saidelike said:
To be honest, I finally chose to use the dropbear ssh server that gave me everything I needed from the command line (not an app), but I need root access...
Click to expand...
Click to collapse
SSH Server also supports root, just change the custom shell start command to /system/bin/su and the app will request root for the shell. Or type su during a session and the shell session will get root.
And if the problem is using a port below 1024 just try Port Forwarder Ultimate (a free app) which can link port 22 to a port above 1024 (which the server is running on).
Are you missing other features as well?
Is anyone else using the app? Does it work ok?
No feedback?
I used your app on a MINIX Neo X5, but it had problems with the auto start (even after changing the auto start options)... Any ideas?
.acy said:
I used your app on a MINIX Neo X5, but it had problems with the auto start (even after changing the auto start options)... Any ideas?
Click to expand...
Click to collapse
You mean with the start on boot? Or what option are you talking about? Let me know!
yes the "start on boot" option
very nice app!
Hi,
I've been using this app recently and like it a lot. I especially like the fact you allow to start the app even if our networking is turned off.
Most other server apps refuse to start when wifi is off, but in my case I often do bluetooth tethering between my laptop and my phone, with all networks off, and this app works! Or I sometimes test by ssh to localhost while in airplane mode. So thank you for allowing the server to start without insisting that network is on, so we have a choice to do what we want to do!
The info button is also fantastic, since tells me all IP addresses on the phone, including the bluetooth tethering IP, as well as the public IP if I'm in a NAT environment! Other apps only tell you your wifi IP and perhaps your mobile network IP, but nothing more.
I also like that you have the option to keep the screen turned on, as well as the scp support (most other ssh apps only have sftp for file transfer).
Finally, the live logging, showing you good and bad password attempts, color coded, as well as the option to vibrate on connection are very cool.
What can I say, I am very impressed, please keep it up! I considered your Ultimate Servers but it's more than I need, and requires too many permissions, so I will keep using your SSH Server app and recommending it to my friends!
One suggestion I have, is maybe you could change the notification icon color when a connection is active, so we can quickly see from the notification bar while the app is in the background, if someone is currently connected.
thanks for a very usefull app
now I can transfer files easily between my pc and my phone (using scp) or have a terminal on my phone with the user interface on the pc (keyboard, screen, mouse, etc ...) (using ssh)
just wanted to say thanks
Remote Commands
Sorry to bump an old thread, but I'm having issues with remote commands.
Getting a shell is no issue, but when I use SSH to issue a remote command, putty or the Debian SSH client errors out. Any idea what I can do to fix that?
Everything else works perfect on my Minix Neo X7.
Thanks for the awesome work!
Themuzz said:
Feedback and questions are welcome so we can improve the app! If you need help, also just post a reply
Click to expand...
Click to collapse
Does it work on X86 Android ? (ZE551ML)
Thanks
Hello!
I just tried checking what URLs Amazon access to download software updates by a Firewall, and, ecstatic that my router supports HTTPS request blocking, I experimented them, one by one, on one of my older 3rd Gen devices.
What you need :-
1. A still bootable Fire tablet,
2. A way to get into your router's settings,
3. Username and password of your router;
(This is usually found on your router's packaging, or sticked into its side, if you can't get it, try continuing because some old routers don't ask for passwords, and if it asks for passwords try contacting the provider for help.)
4. Default Gateway address or a PC connected to router to get it.
5. Common sense of course
First step-
(Skip this if you know your default gateway address.)
Open up a command prompt and type 'ipconfig' and enter, and look for Default Gateway Address, and copy what's in front of it.)
Second step-
Open a web browser and type http://y.o.u.r.g.a.t.e.w.a.y, of course replace with what you copied, but keeping http://.
Third step-
You should see a prompt asking you for password, if not skip this, it may ask you later. Just input your password and username to proceed.
Fourth step-
This is the step that requires common sense. You will have to determine where's the setting that allows you to block domains. For me, it was on Security=>Domain name filter. As some suggestions look for Parental Controls, Blacklist, Security, Firewall, domain name filter, Webpage blacklist, etc.
Fifth step-
You can block the two below to stop downloading amazon updates for good, I tested this on my HD 8 (2017),
amzdigital-a.akamaihd.net
amzdigitaldownloads.edgesuite.net
(Note that the tablet will still determine if a software update is available, but it will fail to download it. If you want to stop checking for software updates, I think that the two below will do,
softwareupdates.amazon.com
updates.amazon.com)
Sixth step-
Remember to apply the settings of course, and then quit the router settings, and try visiting one of the sites above. If it stucks on loading then you are successful, if it shows something as Forbidden or Error then your router probably doesn't support HTTPS blocking.
YOU ARE DONE!
Note-
I tried this on my HD 8, with a freshly flashed stock ROM, and left it connected overnight, just I saw that 'Your device has not yet checked for updates.'
Please remember that if you connect this to an another network, updates will normally download. This is not device specific, just router specific.
I hope that you found this useful!
Thanks!
Just wanted to drop a note here that I blocked those domains using a Pi-Hole (locally hosted DNS-based blocker) but I was still updated yesterday to 5.6.1.0. Perhaps Amazon bypasses the connection's DNS and uses its own? I've now added the blocked domains to my router as well, so fingers crossed I suppose.
Vague Rant said:
Just wanted to drop a note here that I blocked those domains using a Pi-Hole (locally hosted DNS-based blocker) but I was still updated yesterday to 5.6.1.0. Perhaps Amazon bypasses the connection's DNS and uses its own? I've now added the blocked domains to my router as well, so fingers crossed I suppose.
Click to expand...
Click to collapse
Strange. I blocked the URLs above in the router the day I made the thread, and my device is not checked for updates ever since. It may be an issue in your blocker, maybe Amazon bypasses the connection's DNS. Good Luck, since you blocked in router now? :good: