Questions

Question

Questions

Closed this issue a year ago · 11 comments

Currently, I've modified ToyVPN source ( Provided by Android team ) to make it works as

Step 1. Capturing all packets from Tun interface by VPNService ( Interface IP 10.0.0.1 )
Step 2. Encrypt received packets ( without any modification ) then pass them to VPN server through HTTPS protocol
Step 3. On server side decrypt received packet then send it to a tunnel device with exact IP of 10.0.0.1

This rule also is required on server side. iptables -t nat -A POSTROUTING -s 10.0.0.0/8 -o eth0 -j MASQUERADE

As this behavior I've made a client and server working. Of course it is very slow.

Lets back to main questions.

Does using this library will solve slow issue ?
This library will modify the raw packets and return them as SOCKS5 data ?

Answer 1 · 2023-03-03T13:37:53.000Z

Yeah, this is a typical TCP in TCP problem. tun2socks is one of the solutions to this problem. It reassembly TCP packets into streams on the client side, and then splices them to another TCP stream, so that the entire data path only has a single layer of TCP stream. The Socks5 protocol is used to pass network addresses between clients and server.

Android VPN reference implementation: https://github.com/heiher/sockstun

Answer 2 · 2023-03-04T14:50:43.000Z

After looking at https://github.com/heiher/sockstun I inspired from it, I did build hev-socks5-tunnel and integrated it inside my app.

This is my config: "tunnel:\n mtu: 9000\nsocks5:\n port: 1080\n address: '127.0.0.1'\n udp: 'tcp'\nmisc:\n task-stack-size: 20480\n log-level: warn\n log-file: socks.log";

After running the app, I did check data/app folder to check the log file, but it does not exist how I can check the library is working or not ?

also for receiving socks5 packets from the library, I've to listen at port 1080 ? so the library will connect to my local server then i can receive packets and pass them to remote server right ?

Answer 3 · 2023-03-04T16:13:45.000Z

After looking at https://github.com/heiher/sockstun I inspired from it, I did build hev-socks5-tunnel and integrated it inside my app.

This is my config: "tunnel:\n mtu: 9000\nsocks5:\n port: 1080\n address: '127.0.0.1'\n udp: 'tcp'\nmisc:\n task-stack-size: 20480\n log-level: warn\n log-file: socks.log";

udp: udp if the server isn't hev-socks5-server

After running the app, I did check data/app folder to check the log file, but it does not exist how I can check the library is working or not ?

write log to /sdcard/socks.log (add permission to manifest

also for receiving socks5 packets from the library, I've to listen at port 1080 ? so the library will connect to my local server then i can receive packets and pass them to remote server right ?

yeah, the socks5 client will connect to the server address that specified by config socks5.address:socks5.port. so you should listen on it and pass data to remote real socks5 server.

Answer 4 · 2023-03-05T05:28:41.000Z

This is my VPNService https://gist.github.com/Ali-Khazaee/1efaaab81bb5d86e11f4e5849b7efddc

Write permission exist in manifest, but there is no log at /sdcard/socks.log

Answer 5 · 2023-03-05T07:15:06.000Z

Why not modify it based on sockstun?

Answer 6 · 2023-03-08T07:06:48.000Z

Why not modify it based on sockstun?

There are a few issues exists inside this application, 1. it does not works on windows cause of symbolic links, 2. it does not works with android 8 and above, you will need an old android studio to build it

Answer 7 · 2023-03-08T07:49:39.000Z

I tried to fix those errors inside sockstun application, now application runs but still no output inside logcat

Answer 8 · 2023-03-08T11:05:50.000Z

There are a few issues exists inside this application, 1. it does not works on windows cause of symbolic links, 2. it does not works with android 8 and above, you will need an old android studio to build it

You are right! It is currently built on API level 24, the apk can run on a newer system. I think maybe it is time to bump up the minimum API level. It would be great if you can send a PR~

Answer 9 · 2023-03-08T11:11:16.000Z

I tried to fix those errors inside sockstun application, now application runs but still no output inside logcat

Will the VPN works except for no log output?

Try to output log to file:

https://github.com/heiher/sockstun/blob/master/app/src/main/java/hev/sockstun/TProxyService.java#L120

				"  log-level: debug\n" +
				"  log-file: /sdcard/hs5t.log\n" +

Don't forgot to add the sdcard writing permission to manifiest.

Answer 10 · 2023-03-08T13:22:12.000Z

You are right! It is currently built on API level 24, the apk can run on a newer system. I think maybe it is time to bump up the minimum API level. It would be great if you can send a PR~

I will create a PR for it

Answer 11 · 2023-03-08T13:55:54.000Z

I made the PR it's just the bump, There are many warning exists inside the project,