hexene / localvpn Goto Github PK
View Code? Open in Web Editor NEWA packet interceptor for Android built on top of VpnService
License: Apache License 2.0
A packet interceptor for Android built on top of VpnService
License: Apache License 2.0
What to do if I want to block some IP from accessing the internet? Is it possible using LocalVPN?
Getting following exception after starting VPN:
Connection error: 172.29.22.1:7:59614
java.net.ConnectException: failed to connect to /172.29.22.1 (port 7): connect failed: ENETUNREACH (Network is unreachable)
at libcore.io.IoBridge.connect(IoBridge.java:129)
at libcore.io.IoBridge.connect(IoBridge.java:115)
at java.nio.SocketChannelImpl.connect(SocketChannelImpl.java:199)
at xyz.hexene.localvpn.TCPOutput.initializeConnection(TCPOutput.java:138)
at xyz.hexene.localvpn.TCPOutput.run(TCPOutput.java:90)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:422)
at java.util.concurrent.FutureTask.run(FutureTask.java:237)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
at java.lang.Thread.run(Thread.java:818)
Caused by: android.system.ErrnoException: connect failed: ENETUNREACH (Network is unreachable)
at libcore.io.Posix.connect(Native Method)
at libcore.io.BlockGuardOs.connect(BlockGuardOs.java:111)
at libcore.io.IoBridge.connectErrno(IoBridge.java:151)
at libcore.io.IoBridge.connect(IoBridge.java:127)
at libcore.io.IoBridge.connect(IoBridge.java:115)
at java.nio.SocketChannelImpl.connect(SocketChannelImpl.java:199)
at xyz.hexene.localvpn.TCPOutput.initializeConnection(TCPOutput.java:138)
at xyz.hexene.localvpn.TCPOutput.run(TCPOutput.java:90)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:422)
at java.util.concurrent.FutureTask.run(FutureTask.java:237)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
at java.lang.Thread.run(Thread.java:818)
Hi thanks for this useful code i just wonder is it possible to add p12 certificate and establish vpn connection with your project ?
I am trying to search anything after clicking the button Start Vpn.It shows Internet is not working.
Again after closing Vpn everything is normal.
Can you please help me to fix this issue?.
Thank you
Network write error: 123.125.102.202:443:42234
TCPOutput java.io.IOException: Broken pipe
at sun.nio.ch.FileDispatcherImpl.write0(Native Method)
at sun.nio.ch.SocketDispatcher.write(SocketDispatcher.java:55)
at sun.nio.ch.IOUtil.writeFromNativeBuffer(IOUtil.java:93)
at sun.nio.ch.IOUtil.write(IOUtil.java:51)
at sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:512)
at org.test.vpn.TCPOutput.processACK(TCPOutput.java:187)
Is it possible to get the plain-text URL submitted as part of a request? I'd like to be able to see (i.e. via Packet.java
) not just the destination IP address and port, but the actual URL submitted (e.g. https://www.google.com
).
_for SEYI _
E/TCPInput: Connection error: 111.13.142.2:5222:50418
java.net.NoRouteToHostException: No route to host
at sun.nio.ch.SocketChannelImpl.checkConnect(Native Method)
at sun.nio.ch.SocketChannelImpl.finishConnect(SocketChannelImpl.java:742)
at xyz.hexene.localvpn.TCPInput.processConnect(TCPInput.java:93)
at xyz.hexene.localvpn.TCPInput.run(TCPInput.java:70)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:428)
at java.util.concurrent.FutureTask.run(FutureTask.java:237)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1133)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:607)
at java.lang.Thread.run(Thread.java:760)
Hello @hexene,
I couldn't find no other way to contact you, so I'm opening this issue. I hope it's ok.
From my quick look on this project, it seems really well written, congratulations!
I'm still testing it on my environment, but by reading the other issues, and the fact that the last commit was 2 years ago, I can imagine there are some bugs and TODOs.
I have a startup and I'm currently in need of the functionality this project provides, but it needs to be compatible with multiple devices and must not interfere with user experience. Compatibility with too older versions of Android are not so required (like 5.1 onwards is fine, maybe even 6.0+).
I would like to know if it's possible if you could offer patches and updates on this, either as a freelancing gig or some other monetizing model that you find best.
Thanks in advance!
I tried to compile and install this app on redmi note 2. I clicked the start button, the vpn service is started, but then I don't have internet access and nothing pops out? what is the function of this app?
I would like to implement a packet capture by learning this code, could you please offer a simple README or something illustrates how this app works?
how i can dump vpn data to pcap file?
can u help me
i want to generate pcap file that i can analysis it by wireshark
thanks
Any one working on similar project?? Thanks for any help. i am so urgent to do that
My intention is to identify which URL is coming from which app.
Hi ,can this lib replace hostname dynamically go through vpnservice.
@hexene could you explain to me how i can convert the packet data to the .pcap ?
In which part of code I can get the information (packages) that i must save to create a log ?
Please don't close this, i have some question.
Thanks so much
hello,
first of all AWESOME work!
LocalVPNService.class has the fallowing line (TODO):
private static final String VPN_ADDRESS = "10.0.0.2"; // Only IPv4 support for now
are you working on a ipv6 solution, if so when will it be ready?
if not,can you please direct me to some links on how to add ipv6 support or even direct me yourself (if it is OK).
i'll be happy to contribute to this project with this issue if i can
you can also reach me at
[email protected]
the app installs but whatever internet request (lets say google search for example) wont process.
Am not sure why it is so
Use this project, just open the localVPN, you can use the network, but the network speed is very slow. After the next, you can not open the network.
Hi Mohamed,
Thanks so much for sharing your work. I am a newbie to both Android and Java, but learning as I read your code. So this could very well be my issue.
I built an apk image with Android Studio 2.1RC and ran on ASUS (4.1.1) tablet with USB debugging enabled and connected to my Ubuntu box where Android Studio is running.
I can see logcat output. I have added more Log.i() into both TCP/UDP input/output to track.
With LocalVPN started, UDP packets to DNS server (port 53) are captured, but no reply packet is seen.
With LocalVPN stop, Web browing works fine. So I think it is not DNS server connectivity issue.
I assume this should work. Thanks for any suggestion that you may have.
Here is a part of logcat output.
04-27 11:23:43.486 29098-29189/xyz.hexene.localvpn I/UDPOutput: UDP out:208.67.220.220:53:24941
04-27 11:23:43.486 29098-29189/xyz.hexene.localvpn I/UDPOutput: packet=Packet{ip4Header=IP4Header{version=4, IHL=5, typeOfService=0, totalLength=62, identificationAndFlagsAndFragmentOffset=-1001308160, TTL=64, protocol=17:UDP, headerChecksum=48955, sourceAddress=10.0.0.2, destinationAddress=208.67.220.220}, udpHeader=UDPHeader{sourcePort=24941, destinationPort=53, length=42, checksum=500}, payloadSize=34}
04-27 11:23:43.506 29098-29188/xyz.hexene.localvpn I/UDPInput: UDP in sleep 10
04-27 11:23:43.536 29098-29189/xyz.hexene.localvpn I/UDPOutput: UDP out write:208.67.220.220:53:24941
04-27 11:23:43.566 29098-29188/xyz.hexene.localvpn I/UDPInput: UDP in sleep 10
Thanks.
-chang
Hi
Thanks for sharing your solution. I have started trying your solution on my Android LG G5 device. I am getting the following exception. It would be great to point out how to avoid these exceptions.
Network read error: 173.194.222.106:443:40475 :: java.io.IOException: Connection reset by peer
Network write error: 173.194.222.103:443:43385 :: java.io.IOException: Broken pipe
这个项目下载后运行提示
Attempt to invoke virtual method 'java.io.FileDescriptor android.os.ParcelFileDescriptor.getFileDescriptor()' on a null object reference
可以联系下吗?邮箱:[email protected]
期望能合作,非常感谢
Its definitely a simple and elegant VPN packet sniffing implementation. I just want to know if this was tested on any real device (Phone) on load by using browsers/APPs etc. If so can you please let me know the outcome.
The code does not seem to consider the TCP window of the underlying OS while writing the packets and neither it seems to set/update the window limit on the subsequent ACKs.
I suppose the code is bound to break on load without addressing the above two constraints.
11-24 09:10:22.387 28769-29138/xyz.hexene.localvpn E/TCPInput: Connection error: 172.217.25.14:443:38862
java.net.ConnectException: Connection timed out
at sun.nio.ch.SocketChannelImpl.checkConnect(Native Method)
at sun.nio.ch.SocketChannelImpl.finishConnect(SocketChannelImpl.java:742)
at xyz.hexene.localvpn.TCPInput.processConnect(TCPInput.java:93)
at xyz.hexene.localvpn.TCPInput.run(TCPInput.java:70)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:428)
at java.util.concurrent.FutureTask.run(FutureTask.java:237)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1133)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:607)
at java.lang.Thread.run(Thread.java:761)
Hi,
Congrats for the great job 1st of all!
I use it in a test app and when trying to ping the packets seems not created.
Should I implement the packet creation for ICMP protocol ?
or there is another work around ?
Thanks in advance.
Mary
Hi,
I am very new to network programming in Android. I have a query regarding the VPN_INTERFACE_ADDRESS. In this code it is selected as 10.0.0.2. How is it decided? The code works fine in emulator, but not in real device. Should I change the address?
Please let me know, that would be a great help.
Thanks,
Nilanjana
After building the app and activating the VPN through the button I try accessing a website through a mobile browser such as Chrome but all requests timeout with the error at https://gist.github.com/Random-Primate/b1947e1816bdb856302961291f6e6676.
I've tried with a
Any help appreciated.
Network write error: 173.194.14.20:443:53589
java.net.SocketException: sendto failed: EPIPE (Broken pipe)
i download this project and run it on HM Note4, can't open any website,please help me.
Hello,
I want to set up an Android application that allows to retrieve and capture the user's Internet traffic, I used LocalVPN but after a while the traffic hangs.
Thank you for helping me on this
Hi,
I tried to use this in Intel X86 emulator (AVD) based on API 19. But it throws error "Unfortunately LocalVPN stopped" Kindly let me know what i am missing
First this is really a piece of code! It is really powerful but difficult to read. I am missing some doc to be sure how to use it. Does it exist?
For my issue:
LocalvpnService processes packets coming from the internet like:
I/RESULTS: count: 0 sip: /216.58.201.234 sport: 443 dip: /192.168.1.27 dport: 43898
I/RESULTS: count: 1 sip: /172.217.19.226 sport: 443 dip: /192.168.1.27 dport: 42040
I/RESULTS: count: 2 sip: /77.238.180.11 sport: 443 dip: /192.168.1.27 dport: 60925
etc...
I've added some logs.
All modules LocalvpnSerice, TCPinput, TCPoutput, etc... starts well.
But any apps which access the network like chrome accessing google.com blocks and I don't see the packet coming through the vpn,
Is there something well known?
I tried to include an http request in the code but it generates an error:
java.net.ConnectException: failed to connect to /192.168.1.1 (port 80) after 6000ms: isConnected failed: ECONNREFUSED (Connection refused)
class ScanAsync extends AsyncTask<String, Integer, Void> {
VpnService vpn = new VpnService();
@OverRide
protected Void doInBackground(String... params) {
URL url = null;
try {
url = new URL("http://192.168.1.1");
} catch (MalformedURLException e) {
e.printStackTrace();
}
HttpURLConnection conn = null;
try {
if (url != null) {
conn = (HttpURLConnection) url.openConnection();
}
if (conn != null) {
conn.setRequestMethod("GET");
}
} catch (IOException e) {
e.printStackTrace();
}
if (conn != null) {
conn.setConnectTimeout(6000);
}
try {
if (conn != null) {
conn.connect();
}
} catch (IOException e) {
e.printStackTrace();
}
return null;
}
}
Hi, i would know one information, after the capturing of the packets i need to write a log in .pcap file, because i need to analyse the traffic on a certain website.
Example:
Android app --> Capture traffic ---> Log .pcap --> Conversion in .har
So, my question is: using your code how i can create a log (.pcap) ?
Best Regards
When trying to write to vpn output with vpnOutput.write(bufferFromNetwork), the java.io.IOException: write failed: EINVAL (Invalid argument) is thrown. It happens on several phones.
It is ok for some requests, but for some I get this exception and then the vpn stops working.
In the LogCat I can see several java.net.SocketException: recvfrom failed: ECONNRESET (Connection reset by peer) errors.
Can you point me to the solution of this?
Thanks
Hi, How to send the username and password by vpnservice? I find is has no api for username and password in vpnSerivce.
I'm trying to make this application working when fragmentation occurs.
I've noticed that identificationAndFlagsAndFragmentOffset variable in IP4Header objects is not correctly updated when fragmentation occurs so i think that's the problem.
In which part of the program should i implement the identificationAndFlagsAndFragmentOffset update?
I noticed that you just swap the source and destination address and keep all the other fields in requesting IP packet header to form the response IP packet header. The fragmentation flags and offset of response IP packet are taken from requesting packet. Will it affect the reassembly of response packet?
Any answer will be appreciated.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.