Hello @hexene,

I couldn't find no other way to contact you, so I'm opening this issue. I hope it's ok.

From my quick look on this project, it seems really well written, congratulations!

I'm still testing it on my environment, but by reading the other issues, and the fact that the last commit was 2 years ago, I can imagine there are some bugs and TODOs.

I have a startup and I'm currently in need of the functionality this project provides, but it needs to be compatible with multiple devices and must not interfere with user experience. Compatibility with too older versions of Android are not so required (like 5.1 onwards is fine, maybe even 6.0+).

I would like to know if it's possible if you could offer patches and updates on this, either as a freelancing gig or some other monetizing model that you find best.

Thanks in advance!

这个项目下载后运行提示
Attempt to invoke virtual method 'java.io.FileDescriptor android.os.ParcelFileDescriptor.getFileDescriptor()' on a null object reference
可以联系下吗？邮箱：[email protected]
期望能合作，非常感谢

@hexene could you explain to me how i can convert the packet data to the .pcap ?

In which part of code I can get the information (packages) that i must save to create a log ?

Please don't close this, i have some question.

Thanks so much

First this is really a piece of code! It is really powerful but difficult to read. I am missing some doc to be sure how to use it. Does it exist?

For my issue:
LocalvpnService processes packets coming from the internet like:
I/RESULTS: count: 0 sip: /216.58.201.234 sport: 443 dip: /192.168.1.27 dport: 43898
I/RESULTS: count: 1 sip: /172.217.19.226 sport: 443 dip: /192.168.1.27 dport: 42040
I/RESULTS: count: 2 sip: /77.238.180.11 sport: 443 dip: /192.168.1.27 dport: 60925
etc...
I've added some logs.
All modules LocalvpnSerice, TCPinput, TCPoutput, etc... starts well.

But any apps which access the network like chrome accessing google.com blocks and I don't see the packet coming through the vpn,

Is there something well known?

I tried to include an http request in the code but it generates an error:
java.net.ConnectException: failed to connect to /192.168.1.1 (port 80) after 6000ms: isConnected failed: ECONNREFUSED (Connection refused)

class ScanAsync extends AsyncTask<String, Integer, Void> {
VpnService vpn = new VpnService();
@OverRide
protected Void doInBackground(String... params) {
URL url = null;

    try {
        url = new URL("http://192.168.1.1");
    } catch (MalformedURLException e) {
        e.printStackTrace();
    }
    HttpURLConnection conn = null;
    try {
        if (url != null) {
            conn = (HttpURLConnection) url.openConnection();
        }
        if (conn != null) {
            conn.setRequestMethod("GET");
        }
    } catch (IOException e) {
        e.printStackTrace();
    }
    if (conn != null) {
        conn.setConnectTimeout(6000);
    }
    try {
        if (conn != null) {
            conn.connect();
        }
    } catch (IOException e) {
        e.printStackTrace();
    }

    return null;
}

}

Getting following exception after starting VPN:
Connection error: 172.29.22.1:7:59614
java.net.ConnectException: failed to connect to /172.29.22.1 (port 7): connect failed: ENETUNREACH (Network is unreachable)
at libcore.io.IoBridge.connect(IoBridge.java:129)
at libcore.io.IoBridge.connect(IoBridge.java:115)
at java.nio.SocketChannelImpl.connect(SocketChannelImpl.java:199)
at xyz.hexene.localvpn.TCPOutput.initializeConnection(TCPOutput.java:138)
at xyz.hexene.localvpn.TCPOutput.run(TCPOutput.java:90)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:422)
at java.util.concurrent.FutureTask.run(FutureTask.java:237)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587)
at java.lang.Thread.run(Thread.java:818)
Caused by: android.system.ErrnoException: connect failed: ENETUNREACH (Network is unreachable)
at libcore.io.Posix.connect(Native Method)
at libcore.io.BlockGuardOs.connect(BlockGuardOs.java:111)
at libcore.io.IoBridge.connectErrno(IoBridge.java:151)
at libcore.io.IoBridge.connect(IoBridge.java:127)
at libcore.io.IoBridge.connect(IoBridge.java:115) 
at java.nio.SocketChannelImpl.connect(SocketChannelImpl.java:199) 
at xyz.hexene.localvpn.TCPOutput.initializeConnection(TCPOutput.java:138) 
at xyz.hexene.localvpn.TCPOutput.run(TCPOutput.java:90) 
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:422) 
at java.util.concurrent.FutureTask.run(FutureTask.java:237) 
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1112) 
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:587) 
at java.lang.Thread.run(Thread.java:818) 

Its definitely a simple and elegant VPN packet sniffing implementation. I just want to know if this was tested on any real device (Phone) on load by using browsers/APPs etc. If so can you please let me know the outcome.
The code does not seem to consider the TCP window of the underlying OS while writing the packets and neither it seems to set/update the window limit on the subsequent ACKs.

I suppose the code is bound to break on load without addressing the above two constraints.

_for SEYI _

After building the app and activating the VPN through the button I try accessing a website through a mobile browser such as Chrome but all requests timeout with the error at https://gist.github.com/Random-Primate/b1947e1816bdb856302961291f6e6676.

I've tried with a

• Model Number: Moto G, Android Version: 5.1, Motorola XT1032 API22.
• Samsung Galaxy S4 on Android V4.2 and V5.1

Any help appreciated.

I noticed that you just swap the source and destination address and keep all the other fields in requesting IP packet header to form the response IP packet header. The fragmentation flags and offset of response IP packet are taken from requesting packet. Will it affect the reassembly of response packet?
Any answer will be appreciated.

When trying to write to vpn output with vpnOutput.write(bufferFromNetwork), the java.io.IOException: write failed: EINVAL (Invalid argument) is thrown. It happens on several phones.

It is ok for some requests, but for some I get this exception and then the vpn stops working.

In the LogCat I can see several java.net.SocketException: recvfrom failed: ECONNRESET (Connection reset by peer) errors.

Can you point me to the solution of this?

Thanks

Network write error: 123.125.102.202:443:42234
TCPOutput java.io.IOException: Broken pipe
at sun.nio.ch.FileDispatcherImpl.write0(Native Method)
at sun.nio.ch.SocketDispatcher.write(SocketDispatcher.java:55)
at sun.nio.ch.IOUtil.writeFromNativeBuffer(IOUtil.java:93)
at sun.nio.ch.IOUtil.write(IOUtil.java:51)
at sun.nio.ch.SocketChannelImpl.write(SocketChannelImpl.java:512)
at org.test.vpn.TCPOutput.processACK(TCPOutput.java:187)

Hi,
I am very new to network programming in Android. I have a query regarding the VPN_INTERFACE_ADDRESS. In this code it is selected as 10.0.0.2. How is it decided? The code works fine in emulator, but not in real device. Should I change the address?

Please let me know, that would be a great help.

Thanks,
Nilanjana

Hi thanks for this useful code i just wonder is it possible to add p12 certificate and establish vpn connection with your project ?

how i can dump vpn data to pcap file?
can u help me
i want to generate pcap file that i can analysis it by wireshark
thanks

Hello,
I want to set up an Android application that allows to retrieve and capture the user's Internet traffic, I used LocalVPN but after a while the traffic hangs.
Thank you for helping me on this

What to do if I want to block some IP from accessing the internet? Is it possible using LocalVPN?

https://raw.githubusercontent.com/x-falcon/tools/master/hosts

Hi, i would know one information, after the capturing of the packets i need to write a log in .pcap file, because i need to analyse the traffic on a certain website.

Example:
Android app --> Capture traffic ---> Log .pcap --> Conversion in .har

So, my question is: using your code how i can create a log (.pcap) ?

Best Regards

https://raw.githubusercontent.com/x-falcon/tools/master/hosts

I am trying to search anything after clicking the button Start Vpn.It shows Internet is not working.
Again after closing Vpn everything is normal.
Can you please help me to fix this issue?.
Thank you

11-24 09:10:22.387 28769-29138/xyz.hexene.localvpn E/TCPInput: Connection error: 172.217.25.14:443:38862
java.net.ConnectException: Connection timed out
at sun.nio.ch.SocketChannelImpl.checkConnect(Native Method)
at sun.nio.ch.SocketChannelImpl.finishConnect(SocketChannelImpl.java:742)
at xyz.hexene.localvpn.TCPInput.processConnect(TCPInput.java:93)
at xyz.hexene.localvpn.TCPInput.run(TCPInput.java:70)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:428)
at java.util.concurrent.FutureTask.run(FutureTask.java:237)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1133)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:607)
at java.lang.Thread.run(Thread.java:761)

Hi, How to send the username and password by vpnservice? I find is has no api for username and password in vpnSerivce.

https://raw.githubusercontent.com/x-falcon/tools/master/hosts

Any one working on similar project?? Thanks for any help. i am so urgent to do that

i download this project and run it on HM Note4, can't open any website,please help me.

Hi
Thanks for sharing your solution. I have started trying your solution on my Android LG G5 device. I am getting the following exception. It would be great to point out how to avoid these exceptions.

Network read error: 173.194.222.106:443:40475 :: java.io.IOException: Connection reset by peer
Network write error: 173.194.222.103:443:43385 :: java.io.IOException: Broken pipe

https://raw.githubusercontent.com/x-falcon/tools/master/hosts

Hi,

Congrats for the great job 1st of all!
I use it in a test app and when trying to ping the packets seems not created.
Should I implement the packet creation for ICMP protocol ?
or there is another work around ?
Thanks in advance.

Mary

Use this project, just open the localVPN, you can use the network, but the network speed is very slow. After the next, you can not open the network.

Hi ,can this lib replace hostname dynamically go through vpnservice.

I tried to compile and install this app on redmi note 2. I clicked the start button, the vpn service is started, but then I don't have internet access and nothing pops out? what is the function of this app?

I would like to implement a packet capture by learning this code, could you please offer a simple README or something illustrates how this app works?

1. IP v6?
2. IP v4 Header option?
3. VPNService protect blocked, so the project can not work on android. ==> critical bug.

Is it possible to get the plain-text URL submitted as part of a request? I'd like to be able to see (i.e. via Packet.java) not just the destination IP address and port, but the actual URL submitted (e.g. https://www.google.com).

https://raw.githubusercontent.com/x-falcon/tools/master/hosts

the app installs but whatever internet request (lets say google search for example) wont process.
Am not sure why it is so

My intention is to identify which URL is coming from which app.

Hi Mohamed,

Thanks so much for sharing your work. I am a newbie to both Android and Java, but learning as I read your code. So this could very well be my issue.

I built an apk image with Android Studio 2.1RC and ran on ASUS (4.1.1) tablet with USB debugging enabled and connected to my Ubuntu box where Android Studio is running.

I can see logcat output. I have added more Log.i() into both TCP/UDP input/output to track.

With LocalVPN started, UDP packets to DNS server (port 53) are captured, but no reply packet is seen.
With LocalVPN stop, Web browing works fine. So I think it is not DNS server connectivity issue.

I assume this should work. Thanks for any suggestion that you may have.

Here is a part of logcat output.

04-27 11:23:43.486 29098-29189/xyz.hexene.localvpn I/UDPOutput: UDP out:208.67.220.220:53:24941
04-27 11:23:43.486 29098-29189/xyz.hexene.localvpn I/UDPOutput: packet=Packet{ip4Header=IP4Header{version=4, IHL=5, typeOfService=0, totalLength=62, identificationAndFlagsAndFragmentOffset=-1001308160, TTL=64, protocol=17:UDP, headerChecksum=48955, sourceAddress=10.0.0.2, destinationAddress=208.67.220.220}, udpHeader=UDPHeader{sourcePort=24941, destinationPort=53, length=42, checksum=500}, payloadSize=34}
04-27 11:23:43.506 29098-29188/xyz.hexene.localvpn I/UDPInput: UDP in sleep 10
04-27 11:23:43.536 29098-29189/xyz.hexene.localvpn I/UDPOutput: UDP out write:208.67.220.220:53:24941
04-27 11:23:43.566 29098-29188/xyz.hexene.localvpn I/UDPInput: UDP in sleep 10

Thanks.
-chang

https://github.com/tree-sitter/tree-sitter/issues/2673

Network write error: 173.194.14.20:443:53589
java.net.SocketException: sendto failed: EPIPE (Broken pipe)

hello,
first of all AWESOME work!

LocalVPNService.class has the fallowing line (TODO):
private static final String VPN_ADDRESS = "10.0.0.2"; // Only IPv4 support for now

are you working on a ipv6 solution, if so when will it be ready?
if not,can you please direct me to some links on how to add ipv6 support or even direct me yourself (if it is OK).

i'll be happy to contribute to this project with this issue if i can
you can also reach me at
[email protected]

Hi,

I tried to use this in Intel X86 emulator (AVD) based on API 19. But it throws error "Unfortunately LocalVPN stopped" Kindly let me know what i am missing

I'm trying to make this application working when fragmentation occurs.
I've noticed that identificationAndFlagsAndFragmentOffset variable in IP4Header objects is not correctly updated when fragmentation occurs so i think that's the problem.
In which part of the program should i implement the identificationAndFlagsAndFragmentOffset update?