Comments (19)
To clarify, the iodine c client calls open_tun() (in tun.c) and there can specificy the name of the tun device.
Andiodine gets the tun-device from the Android VPN Framework and just passes a file-descriptor into the actual iodine client code, thus it skips the open_tun() call.
I doubt that just the different naming plays any role in the end. Also I can confirm that it worked once for meβ’ on an android 4.2.2.
For the question about why the name 'dns0'. See in tun.c#L110, there is a loop trying dns0,dns1,....
from andiodine.
Thank you. Reading and experimenting further I see that the iodine binary, with no "-d" setting, will use "dns0" and NOT "tun0".
Why does andiodine use tun0? In the tun.c it appears that tun0 is used for darwin, and that different network config is loaded.
from andiodine.
In andiodine in IodineVpnService L 380 we call establish()
. By this android will create 'tun0' (or whetever android likes as a name) for us.
from andiodine.
So why does android decide to use tun0 when it is called by vpn service, and dns0 when called by iodine binary? the naming seems to be the point of failure, at least in my environment.
tun0 = tunnel comes up, data is sent / received, but software using tunnel cannot see it.
dns0 = same, but browser etc works.
from andiodine.
Ive looked everywhere for a permission, ownership etc that was preventing a virtual device named 'tun0' from having the same function as one named 'dns0'. They appear identical, yet something prevents one from working and not the other.
from andiodine.
In case of iodine cmdline binary there is no Android involved but just Linux. There iodine requests the name 'dns0'.
From your error description I would guess something with the routing is not set up properly.
In case of iodine on cmdline it fires some "route add .. gateway .." commands to set up routing.
With andiodine we again rely on the Android VPN Framework. So something could be wrong here. Did you validate/compared the routing settings in both cases?
from andiodine.
Top is andiodine/ vpn setup,
bottom is from command line.
shell@android:/ $ ip route show
default via 192.168.2.1 dev wlan0
default via 192.168.2.1 dev wlan0 metric 233
10.0.0.0/27 dev tun0 proto kernel scope link src 10.0.0.4
192.168.2.0/24 dev wlan0 proto kernel scope link src 192.168.2.104 metric 233
192.168.2.1 dev wlan0 scope link
shell@android:/ $ ip route show
default via 192.168.2.1 dev wlan0
default via 192.168.2.1 dev wlan0 metric 233
10.0.0.0/27 dev dns0 proto kernel scope link src 10.0.0.2
192.168.2.0/24 dev wlan0 proto kernel scope link src 192.168.2.104 metric 233
192.168.2.1 dev wlan0 scope link
other places to look besides 'ip route show'?
from andiodine.
I think ip route show should contain all necessary info.
Both versions don't set the default gateway to 10.0.0.1 (the dns-tunnel endpoint).
Can you ping 10.1.0.1 (the dns-tunnel endpoint where iodined runs) in both cases?
Can you verify that for iodine commandline version, when you use the browser that it's really using the tunnel?
from andiodine.
Yes, i have optware installed and have used both 'tsocks' and another android tool to point traffic into the tunnel.
using the 'default route' setting in andiodine does not change the inability for clients to see the responses/traffic. the traffic still happens, just nobody at client side of tunnel can see it. I have verified that the tunnel still sets up properly with 'tcpdump' and other traffic monitoring ways.
from andiodine.
sorry, let me back up. 'tsocks' works with either 'tun0' or 'dns0'. So, youre right, the naming is not what is at fault.
from andiodine.
tsocks is intended for SOCKS tunnels. iodine is a layer 3 tunnel. So it should be unrelated.
from andiodine.
the iodined server has a socks proxy set up. see http://dnstun.com
from andiodine.
'tsocks' only works with elevated permissions. android apps don't have access to the tunnel due to some permissions issue...somewhere.
from andiodine.
I wasn't aware that you are using that service from dnstun.com, I haven't heard of it before. Therefore I was irritated by your mention of tsocks. Now things make more sense.
However, for debugging this makes it more complicated. I recommended that you first try to get things going using a iodined server under your control.
from andiodine.
having access to the server would definitely cut down on the guessing!
How do I ask the client to add a device name? "client_set_..?" I dont see it anywhere in client.c.
from andiodine.
In iodine.c https://github.com/yvesf/andiodine/blob/master/jni/iodine/src/iodine.c#L346
It passes either the device name from -d
or NULL, if NULL then tun.c open_tun() starts probing dns0,dns1,etc..
Regarding the Android VPN Framework I'm not aware of any method to fix the device-name.
from andiodine.
i am working to add the option of forcing "dns0". Learning as I go. If I can get it working, it will appear as a fork.
Thank you for your responses! Much appreciated. I'm learning a lot from you and your project. :)
from andiodine.
Upon further study, this is really not an issue with andiodine but more an issue with connecting via socks to remote proxy over the tunnel.
Thanks for your interaction, much appreciated.
from andiodine.
Thanks for the update, you're welcome π
from andiodine.
Related Issues (20)
- Setting "Request Type" does not seem to take effect HOT 4
- Crash after FragmentList.findViewById() returned null HOT 5
- app crash after connect if "Tunnel Nameserver" setting is empty HOT 6
- java.lang.NullPointerException: Attempt to invoke virtual method 'int android.os.ParcelFileDescriptor.detachFd()' on a null object reference HOT 1
- What iodine version is being used? HOT 2
- How fast should iodine be? HOT 3
- NullPointerException when I connect same address twice (double click the item) HOT 3
- Connection keeps randomly dropping HOT 10
- Not working on Android 6.x? HOT 5
- port andiodine to frekky's iodine fork for better performance HOT 4
- Cannot build andiodine 1.4 HOT 1
- VPN not working HOT 6
- andiodine + openvpn tunnel? HOT 1
- v1.4 should be on F-droid HOT 3
- zinou
- andiodine 1.5 build HOT 3
- "Due to recent changes to the github platform this project has moved to gitlab..." HOT 2
- Nameserver not protected under Android 13 - loop on tunnel device
- App Update Required
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from andiodine.