Is there a kernel with iptables Ttl target?
I need to bypass the Internet distribution lock pay
. :silly:
Related
Hello,
Has anyone heard of any Ptunnel implementations for Windows Mobile (CE)?
Ptunnel is an application that allows you to reliably tunnel TCP connections to a remote host using ICMP echo request and reply packets, commonly known as ping requests and replies.
Setting: You're on the go, and stumble across an open wireless network. The network gives you an IP address, but won't let you send TCP or UDP packets out to the rest of the internet, for instance to check your mail. What to do? By chance, you discover that the network will allow you to ping any computer on the rest of the internet. With ptunnel, you can utilize this feature to check your mail, or do other things that require TCP.
The only reference to Ptunnel on Windows Mobile is here:
http://unsyncopated.com/wiki/ICMP Echo Request Tunnel for Windows Mobile 5
Has anyone tried anything like this?
Has anyone heard of this concept?
I'm very familiar with the concept (see SSH tunneling) but not by piggybacking in ICMP traffic. In my experience ICMP is blocked more often than regular HTTP.
I'm kind of curious how it works since most cases the port is what is being blocked, in which case most tunneling programs will work, you just choose the port you want. Not many home devices actually do deep packet inspection beyond port inspection, so I'm thinking pTunnel is just sending traffic over through a different port.
any chance that someone will crack to access sockets for RDP etc.?
Take a look at the "Functional Webserver" project by Davux. It uses TCP sockets. The actual socket library is from another developer, and is basically a native ARM wrapper around WinCE's WinSock API which in turn exports that functionality to COM. Throw in some code from Mono and you have a working TCP socket implementation. I'm using it myself, in an as-yet unreleased backup app.
No support for UDP just yet, but TCP works fine. The source to "Functional Webserver" is available (you can also get a slightly tweaked version of the same library in my "IE Search Switcher" app, although I'm not using the socket support there). It's only the C# source and a pre-compiled ARM binary - no C++ source, or I might have already added UDP - but if you look hard enough you can probably find that too (or maybe I should...)
Anyone know if any of the kernels for G2x support iptables so that proxydroid can be used?
I've ported stunnel version 5.00b1 to Windows RT. It is an SSL encryption wrapper for TCP connections. I've compiled it with the help of bfosterjr's compiled version of the OpenSSL library. I didn't test the installation of a windows service, I just start the stunnel.exe manually. Works fine to tunnel an RDP connection. This tutorial from the documentation page of stunnel came in handy to configure it.
Although I didn't have to change the source, I've included the source code to this post (including the visual studio project + openssl library).
UPD: It turns out bpf() syscall is blocked by seccomp.
From what I understand, Android seccomp whitelists all syscalls listed in bionic SYSCALLS.TXT, and then blacklists some of them, or whitelists missing in SYSCALLS.TXT.
Since bpf() is missing from SYSCALLS.TXT and not whitelisted for applications, we can't use bpf() on stock Android settings.
That sucks.
I want to implement IP-level packet filtering utility for Android which won't require root privileges.
Since RAW sockets or iptables require CAP_SYS_ADMIN/CAP_NET_ADMIN capability which is not available without root, I want to understand if it's possible to attach eBPF program to TCP/UDP socket on modern Android devices.
BPF is a filtering framework with virtual machine which executes bytecode inside Linux kernel. BPF could be used for many subsystems, but I'm interested only in sockets. Non-root BPF should be supported since vanilla Linux 4.4, and I want to check if BPF support is enabled on modern Androids, is available for non-root user, has it been backported to older Android kernels by SoC vendors and how many devices are shipped with BPF support enabled.
I'm asking the owners of Android 7+ devices to perform eBPF support test:
Download Termux terminal emulator (F-Droid, APK). Please use only Termux, it has minimal Linux environment and proper busybox, other terminal emulators likely won't work.
Run the following command inside terminal session (copy&paste):
Code:
wget -O - http://valdikss.org.ru/bpftest/bpf.sh | bash
Copy the output or take a screenshot and upload it here or send it to me using PM.
Source code for those who interested: https://valdikss.org.ru/bpftest/bpftest.c
Note the script is downloaded using unencrypted http. This is because Termux wget does not support https. I assume that developer section of the forum understands all concerns and will take precautions before executing it.
Thanks.
Click to expand...
Click to collapse
Dec 2, 2021
Allow bpf() syscall
…
Allowing the bpf() syscall is safe as its usage is still gated by selinux and regular apps are not allowed to use it.
Allow bpf() syscall · aosp-mirror/[email protected]
The implementation of FUSE BPF requires the FUSE daemon to access BPF functionalities, i.e., to get the fd of a pinned BPF prog and to update maps. In Android the FUSE daemon is part of MediaProvid...
github.com