Heya guys;
Alpha Terminal script attached (randomizes mac) Reboot after you run it as root
I've been working on changing the mac address for a bit, and as of 30 minutes ago, I seemed to have successfully accomplished it.
Survives reboot
Accepts any OUI
Completes 4-way WPA handshake
However, while I have been successful on my phone, I don't have another device to confirm repeatability.
For the brave souls who wish to try, please note that this is a -permanent- change. Your original MAC is not copied somewhere automatically, so don't blame me for not remembering your original MAC, or if you get eaten by the dragons that may lie ahead.
For this test, I'm going to start with the basics of what I did. As I get feedback, I'll respond with questions and hopefully narrow down potential system variability. I was running these commands as root, though.
Open your terminal emulator of choice and follow along (replace the ×''s with the mac of your choosing
Code:
netcfg wlan0 hwaddr ××:××:××:××:××:××
Enjoy your new permanent mac. (Could it be this simple?)
confirm the change
Code:
ip link show wlan0
Make the change permanent
Code:
echo "××:××:××:××:××:××" > /efs/wifi/.mac.info
Reboot, then check to see if the MAC took
Code:
ip link show wlan0
Try connecting to an AP with WPA on, and report back.
Very interesting, could you put this all into an app? So perhaps Mac addresses could be spoofed? A GUI would make things a lot easier. I'll try this out later on my oneplus one. [emoji3]
-Sent from my BR0K3N ON3.
[DEV][WIP]Permanently change wireless MAC address (WORKS!)
evilpotatoman said:
Heya guys;
Alpha Terminal script attached (randomizes mac) Reboot after you run it as root
<< snip >>
Try connecting to an AP with WPA on, and report back.
Click to expand...
Click to collapse
Works on Samsung Centura SCH-S738C running Ice Cream Sandwich ( 4.0.4 ), and rooted with stock
ROM. Verified after reboot! The phone reconnected immediately to wifi network.
Also works on Samsung Tab 3 SM-T217S running KitKat ( 4.4.2 ), and rooted with stock ROM. Verified after reboot! The phone reconnected immediately to wifi network.
I skipped the commands, and simply edited both the ' .mac.info ' and ' .mac.cob ' (backup?) files (after backing up both!).
So simple. Works where MacChanger failed. May I tell you that I love you?
forid200 said:
Very interesting, could you put this all into an app? So perhaps Mac addresses could be spoofed? A GUI would make things a lot easier. I'll try this out later on my oneplus one. [emoji3]
-Sent from my BR0K3N ON3.
Click to expand...
Click to collapse
Yepper, spoofing works, but since that may an indication of nefariousness , the script doesn't spoof the oui, just mods the last 3 octets. Interested modders may mod my script as they see fit
evilpotatoman said:
Yepper, spoofing works, but since that may an indication of nefariousness , the script doesn't spoof the oui, just mods the last 3 octets. Interested modders may mod my script as they see fit
Click to expand...
Click to collapse
Privacy is hardly nefarious.
"This Android app turns off Wi-Fi tracking without turning off Wi-Fi"
"'Retailers, crooks, the government, and others shady individuals are tracking your movements. Even when your Wi-Fi is turned off, your phone may be broadcasting information to whomever is in range which can be used both to track repeated visits to as well as your exact movements in an area under surveillance,' Chainfire wrote on Google+."
100% agree with CFs implementation, which is why my script (rudely) emulates it. The nefarious acts I hinted at consist of things like manually setting your MAC to aide in the hacking of APs with MAC authentication. I'm sure you can agree with that being an invasion of privacy.
evilpotatoman said:
100% agree with CFs implementation, which is why my script (rudely) emulates it. The nefarious acts I hinted at consist of things like manually setting your MAC to aide in the hacking of APs with MAC authentication. I'm sure you can agree with that being an invasion of privacy.
Click to expand...
Click to collapse
Agreed. Though, I believe the good of personal privacy outweighs the potential evils.
evilpotatoman said:
Yepper, spoofing works, but since that may an indication of nefariousness , the script doesn't spoof the oui, just mods the last 3 octets. Interested modders may mod my script as they see fit
Click to expand...
Click to collapse
It's handy in a lot of cases, but the tools to do something shouldn't be restricted in my opinion. About the spoofing a particular MAC, there's many legitimate reasons why you may wanna do this too. So flagging it off as just for malicious usage is sort of invalid. For example, if you go to a mall, and they have free Wi-Fi, however they require you to create an account and login, via this they will log your usage and collect data. For privacy reasons, you may wanna spoof MACs. Or if you go to a hotel and want to setup your chromecast but it has a login landing page, you're stuck. Unless you can spoof the MAC with your phone.
-Sent from my BR0K3N ON3.
HoytK said:
I skipped the commands, and simply edited both the ' .mac.info ' and ' .mac.cob ' (backup?) files (after backing up both!).
Click to expand...
Click to collapse
It may be that the time stamp on the '.mac.info' file must be earlier than the time stamp on the '.mac.cob' file. Can anyone confirm this?
Can anyone make a script to reverse what Pry-Fi did to my device, so that it stops rebooting randomly.
I will happily pay for your time. I just cannot believe this and Pry-Fi are there only viable options? Surely someone can build a script to run via terminal to fix issues?
Let me know if you are action donations?
I would be forever in your debt!
Related
AdFree is a fantastic program created by XDA user delta_foxtrot2 (see this thread in the G1 forum) to facilitate using your hosts file to block ad servers. This makes it extremely easy. Of course you will need root access!
Unfortunately I found some ads still weren't blocked and the last update to the AdFree hosts file happened 2010-02-27. So I decided to update the hosts file myself. I merged the hosts files from adfree/mvps/yoyo and added a bunch of mobile ad providers I've found myself. The list is free of duplicates and comments, so as to keep it as small as possible (it still amounts to about 635 kB).
To install this hosts file, you still need root access obviously:
download the zip
unpack it to the directory where adb.exe is located (if you don't know what adb is or how to get it running, please use the search)
open a command prompt
Code:
adb shell mount -o rw,remount -t yaffs2 /dev/block/mtdblock3 /system
adb push hosts.for.mobile.txt /etc/hosts
adb shell mount -o ro,remount -t yaffs2 /dev/block/mtdblock3 /system
You might need to restart your phone. Also clearing the Android browser cache will apparently help in getting rid of already cached ads (worked for me, ymmv).
As for ethical discussions on blocking ads for free apps, blah. I don't so much have a problem with ads, as I do with the personal data that gets send to the ad providers. I'm talking about location data and whatever else they might want to know about my device and what I'm running ("analytics" is a fancy name for "we want to find out as much about you as we possibly can get away with").
Anyway.. use it, don't use it, up to you.
Last updated
15-4-2010 23:23 (20808 hosts blocked)
.
Thanks a bunch!
Thanks for the updated hosts. So should we even bother with the program, especially if it doesn't get updated hardly at all?
You're welcome!
If you push my hosts file, you don't need the AdFree app, but I wanted to acknowledge his work and give people a simpler alternative to using adb.
Best choice right now is my hosts file as it's simply more comprehensive.
Sent from my HTC Hero using the XDA mobile application powered by Tapatalk
phaelox said:
You're welcome!
If you push my hosts file, you don't need the AdFree app, but I wanted to acknowledge his work and give people a simpler alternative to using adb.
Best choice right now is my hosts file as it's simply more comprehensive.
Sent from my HTC Hero using the XDA mobile application powered by Tapatalk
Click to expand...
Click to collapse
Understood. Yeah, it was a great start/beginning to blocking ads, but no updates. Thanks again.
Thanks! I've been looking for something like this for awhile. Real quick question: is getting "Data connectivity errors" in browser normal with this? It didn't start till I pushed this on my phone.
tmayne said:
Real quick question: is getting "Data connectivity errors" in browser normal with this? It didn't start till I pushed this on my phone.
Click to expand...
Click to collapse
Short answer: Yes.
Long answer:
You may know this, but I'll explain anyway. The way this works is as follows. The loopback address for any network interface is 127.0.0.1 -- this is the address for the device, but only from the device itself, it loops back on itself. We don't want to waste bandwidth with ads, or have ad providers collect all sorts of data on us, so we don't want to connect to them. Any FQDN -Fully Qualified Domain Name- (for example: analytics.admob.com) needs to be converted into an IP address to be able to connect to it. Here's where the 'hosts' file comes in. It's a simple text file with a record on each line that says redirect 'hostname' to 'ip-address'. So we put a line in that reads '127.0.0.1 analytics.admob.com'. This tells our device that any connection made to 'analytics.admob.com' needs to be redirected to '127.0.0.1', which is your device. Basically a dead-end, as you are not running their webserver serving ads on your device, so this results in a data connection error.
Now, usually you will surf to a site that loads images (advertisements) from a server that is listed in this hosts file, and as a result the ads will not load. That shouldn't popup any error windows. But if you try to visit http://analytics.admob.com in your browser, then yes, you will see an error.
If the latter happens with a site you do wish to visit, just open the hosts file in a text editor (one that supports UNIX-style line ends) and remove the line in question, or put a '#' in front of the line to comment it out.
Hope that made it clearer.
Yeah it did. No worries though since it seems that after pressing "Ok" everything works fine! Small trade off for blocked ads! Thanks!
Thanks for this How-TO!
So basicaly that mean we can restrict acces to certain websites from our phone?
eg: adding this line
Code:
127.0.0.1 forum.xda-developers.com
and I'll no longer be able to browse XDA from my phone?
Keep writing such How-To, like this one and the one to sign update.zip, I found this interessant and usefull
tmayne said:
Yeah it did. No worries though since it seems that after pressing "Ok" everything works fine! Small trade off for blocked ads! Thanks!
Click to expand...
Click to collapse
You're welcome, glad I could help.
carbonyle said:
Thanks for this How-TO!
So basicaly that mean we can restrict acces to certain websites from our phone?
eg: adding this line
Code:
127.0.0.1 forum.xda-developers.com
and I'll no longer be able to browse XDA from my phone?
Keep writing such How-To, like this one and the one to sign update.zip, I found this interessant and usefull
Click to expand...
Click to collapse
Cheers. And yes, that's exactly right. Just remember the hosts file takes FQDN's, so you can block a domain (or subdomain) this way, but not a directory or page on a domain. Also, blocking a domain does not also block its subdomains.
PS. this method of using the hosts file is not unique to your android phone, it works on most operating systems on PC as well. See this Wikipedia entry for more info.
what about non rooted phones? I just got myself a htc desire, I'm happy with it but would be happier if I wouldn't be required to see all those ads.
Unfortunately root is required to remount /system as writable to be able to overwrite the hosts file.
Without root you could use another free app found in Market called "AdBlock", which functions as a localhost proxy. Just set localhost as proxy in APN/wifi settings. It doesn't come with a prefilled list of keywords to block though, but it works on a URL level, not FQDN, so you can specify a url or part of it to block.
Just one more quick concern about the Data Connectivity issues: Certain areas of my university require a redirect page login in order to connect to wifi. However, it seems that at certain locations, I get the Data Connectivity error pop up repeatedly and my phone never makes it to the redirect page.
Actually it seems my phone only likes the wifi in my dorm. As stepping outside (to a library or classroom) and attempting to connect to the same wifi produces the error.
Is this an issue with the hosts file or with the phone itself??
Thanks!
If you DO see the wifi redirect page at SOME locations, then the hosts file is not blocking it (wouldn't make sense as it's likely an intranet page anyway). Sounds like wifi reception is unstable on your phone.
This is getting off-topic, but..... Have you already updated your radio? (the part of the ROM that handles everything related to GSM/3G/WiFi/Bluetooth connections). If not, here for the latest radio update.zip - flash through recovery.
phaelox said:
If you DO see the wifi redirect page at SOME locations, then the hosts file is not blocking it (wouldn't make sense as it's likely an intranet page anyway). Sounds like wifi reception is unstable on your phone.
This is getting off-topic, but..... Have you already updated your radio? (the part of the ROM that handles everything related to GSM/3G/WiFi/Bluetooth connections). If not, or the latest radio update.zip - flash through recovery.
Click to expand...
Click to collapse
I should note that I'm using a Motorola Cliq...Handler 1.5 ROM. There is a radio update available for the Motorola Cliq (I'm currently using 1.3.18 and 1.4.8 has been released) but there are some apk incompatibilities with it (particularly Swype which I love...since it's in closed beta right now, there are no accessible updates for it unfortunately).
Since I bought my phone off of ebay, I can't send it back for a new one. The essential things work but it is a bit frustrating that it has some problems.
tmayne said:
I should note that I'm using a Motorola Cliq...Handler 1.5 ROM. There is a radio update available for the Motorola Cliq (I'm currently using 1.3.18 and 1.4.8 has been released) but there are some apk incompatibilities with it (particularly Swype which I love...since it's in closed beta right now, there are no accessible updates for it unfortunately).
Since I bought my phone off of ebay, I can't send it back for a new one. The essential things work but it is a bit frustrating that it has some problems.
Click to expand...
Click to collapse
I'm pretty sure that updating radio won't affect other softwares since "radio" is *just* the piece of code that can handle GSM/Wifi/BT/3G, ... signals
I'll always keep an open mind, but from what I know, I'm with carbonyle on this.
Back on topic:
if you come across an app that still displays ad, regardless of my hosts file, please reply in this topic with the app/version (and a logcat output would be nice if you know how) and I'll see if I can find the ad provider domain and update the hosts file.
I'm confused... This is for blocking apps adds???
:No-Frost: said:
I'm confused... This is for blocking apps adds???
Click to expand...
Click to collapse
Yes it is. See it like a firewall wich blocks mobile ads. Because the app wont recieve any response from the ad url it tries to reach, it'll simply not display the ad (like when you use the app without wifi or data connextion on)
Wooooooo thanks... worked like a charm in glympse shazam and others =D...
PS: Air Control still have adds... Mmm how can we know what's the host for the add in the apps so we can contribute into blocking them???
All links pulled due to XDA Request after an XDA member complained I was only out for profits to a moderator on a few products I have. Due to the fact I link to a product or two and a few other things in many videos, I was asked to pull any content relating to this.
I will still be offering all this great material at my website. Just go to google and search for MobileTechVideos.
I really think these how-to videos should be in Q&A (or general) instead of development.
Sent from my brain using Thumbs 2.0.
glitterballs said:
I really think these how-to videos should be in Q&A (or general) instead of development.
Sent from my brain using Thumbs 2.0.
Click to expand...
Click to collapse
I'd probably agree. I put that line in their for a MOD to move them if applicable. Now that I decided to dive into this, if a MOD moves this, might you be able to join my ROM flashing video with this one?
Thanks.
My company uses Cisco VPN along with RSA SecurID.
I've tried other "solutions" in the past with no success.
Will this process work in my situation?
I have access to all the settings from a .pcf configuration file.
When I had an iPhone, VPN worked perfectly (not that I'd go back to an iPhone just for that ).
The VPN Connections applications allows for a secure token so I think it may work. The SecureID just gives you a token correct? And then you input it for access?
If you watch near the end of video 2 I show you that application and there is clearly a field for token input. You should not need the .pcf file for the phone. I would think you would just input the current token each time.
I tried it and the connection fails every time.
Went through the process twice and followed directions to the letter.
I also tried the check box "Password + Token Digits" and that did not work either.
I'm using a 2.2 ROM currently but I think I'll put my phone back to stock and try again with 2.1.
Your video is excellent, by the way, and extremely easy to follow.
Thank you for compliments. Did you verify tun module was running using the lsmod command from a shell?
connexion2005 said:
Thank you for compliments. Did you verify tun module was running using the lsmod command from a shell?
Click to expand...
Click to collapse
Yes, tun was definitely running.
thank you much, works well.
jwolfburg said:
thank you much, works well.
Click to expand...
Click to collapse
Glad it was able to help you! I know I would have loved this info 6 months ago as I was figuring it out. If you are looking for a good RDP app, then use RemoteRDP. I'm using the $20 enterprise edition and it's amazing. They have cheaper versions as well with a few less bells and whistles options.
Now I'm just trying to crack DNS issues with Android not resolving hostnames of machines when VPN'd or on a WIFI network.
I am getting a device or resource busy when I do insmod android22tun.ko
I am running auxura and I skipped the rooting process as I am obviously already rooted.
Any ideas anyone?
I suppose you could try modprobe instead of insmod just to see. It could also very well be ROM dependent and something with this particular tun.ko file could be incompatible. There are many different tun.ko files for different kernels.
connexion2005,
I just wanted to thank you for the awesome step-by-step tutourial on getting my phone connected to IPSec VPN. I too am a IT Admin and recently got my phone with the objective in mine to remotely manage infraustruture. Your instructions are to the point and didn't leave much to guessing.
BTW: at the end of the video you mention the gscript tool to run the tun.ko for reloading. Shouldn't you actually had said adroid21tun.ko? That's what works.
mrjazze said:
connexion2005,
I just wanted to thank you for the awesome step-by-step tutourial on getting my phone connected to IPSec VPN. I too am a IT Admin and recently got my phone with the objective in mine to remotely manage infraustruture. Your instructions are to the point and didn't leave much to guessing.
BTW: at the end of the video you mention the gscript tool to run the tun.ko for reloading. Shouldn't you actually had said adroid21tun.ko? That's what works.
Click to expand...
Click to collapse
I mean the technical name of the vpn module on linux based equipment is tun.ko so that's what I went with. I understand that may be confusing now. Whatever the module is named is what needs to be loaded. So you could call it mobiletechvideosdotcom.ko and that's what you'd load...lol. Thanks for the compliments!
Your very welcome. I think i have watched all your videos and I have to say great job.
sent from my Samsung Captivate using XDA app.
connexion2005,
It seems I have run into a problem. I have been able to connect to our ASA a few times already, but when I just tried today it fails. After investigating, my script to load the android21tun.ko fails with error "init_module 'android21tun.ko' failed (file exists). I even get the failure after reboot phone. Do you have any suggestions.
PS: Out of curiosity, you suggested RemoteRDP, have you tried PocketCloud? I like it so much I will pay the $14.99 for full version.
Thank you. This worked like a charm.
mrjazze said:
connexion2005,
It seems I have run into a problem. I have been able to connect to our ASA a few times already, but when I just tried today it fails. After investigating, my script to load the android21tun.ko fails with error "init_module 'android21tun.ko' failed (file exists). I even get the failure after reboot phone. Do you have any suggestions.
PS: Out of curiosity, you suggested RemoteRDP, have you tried PocketCloud? I like it so much I will pay the $14.99 for full version.
Click to expand...
Click to collapse
I have not used PocketCloud but RemoteRDP is absolutely phenomenal. Is this occuring even after a reboot? Perform an lsmod from a terminal and check to see if the tun module is running. I'm not sure why this would happen. May have to uninstall everything including the tun and re-perform the steps.
I did get it to work again. Strangely, it was after receiving a phone call that the module would load. Thanks again for your assistance.
Well that's good. I can't explain any bugs as my dev work only extends so far!
I know that some of you are still dealing with this issue and in different roms, As I was too, but for anyone wishing to fix this the right way after installing their roms, follow below and this will fix your problem.
Disable WIFI (settings/System/Wireless & networks untick wifi. System must be rooted, use any root explorer, and navigate to your SD card location where you put the file you downloaded, and select to copy it, then navigate to system/lib. and rename the file with adding .old at the end, and paste this file into this location. Then MOVE the file you just added ".old" to your sdcard as a backup, exit out of your explorer and reboot.
And when you are back in the phone, turn wifi on, go to settings about phone then hardware information, and you now have your actual wifi mac address and not the generic.
Anyone who uses zip roms, can replace this file in there zip file before flashing. Should work without having an issue, cant guarantee every phone as I do not have every phone, nor can I guarantee every rom, but you can always try it.
If this was fixed then FML but I tried.
The attached file is not zipped, after downloading just rename and remove the .zip at the end, forum will not allow uploading of unknown extension. Initial User Testing shows POSSIBLY NOT Compatible with Gingerbread
Thanks for this. It's exactly what I was looking for!
I use NexusHD2 Gingerbread, and it doesn't work for me (it's \system\lib - no etc folder in system). It actually stopped my wifi working. It turned on for a few seconds, didn't even try to connect, and then turned off.
It's all fine after restoring the old state and rebooting though.
Thanks for the effort all the same - I hope others have more luck than me.
if it really works why dont you share this with the developers so that the new builds will come with the real mac address.
are you sure that you are getting the real MAC address.
because in the MDJ's latest kernel we get a unique MAC address but not the original one
johncmolyneux said:
I use NexusHD2 Gingerbread, and it doesn't work for me (it's \system\lib - no etc folder in system). It actually stopped my wifi working. It turned on for a few seconds, didn't even try to connect, and then turned off.
It's all fine after restoring the old state and rebooting though.
Thanks for the effort all the same - I hope others have more luck than me.
Click to expand...
Click to collapse
Thanx, edited my original post with the correct path, and incompatible with Gingerbread Possibly
agarp said:
if it really works why dont you share this with the developers so that the new builds will come with the real mac address.
are you sure that you are getting the real MAC address.
because in the MDJ's latest kernel we get a unique MAC address but not the original one
Click to expand...
Click to collapse
AGarp, now I cant be 100% sure, but I can assure you that ts not the 00:11:22:33:44:55. My MAC Addy right now is: 00:90:4C:B7:CE:36 Unique or Actual I dont think matters once you have a actual valid MAC Address.
And as for sharing it with Developers, I think by posting here I am offering it to Dev's and anyone else that wants it.
AngelDeath said:
Thanx, edited my original post with the correct path, and incompatible with Gingerbread Possibly
AGarp, now I cant be 100% sure, but I can assure you that ts not the 00:11:22:33:44:55. My MAC Addy right now is: 00:90:4C:B7:CE:36 Unique or Actual I dont think matters once you have a actual valid MAC Address.
And as for sharing it with Developers, I think by posting here I am offering it to Dev's and anyone else that wants it.
Click to expand...
Click to collapse
well if its the unique one then most of the new nand builds comes with it.
AngelDeath said:
AGarp, now I cant be 100% sure, but I can assure you that ts not the 00:11:22:33:44:55. My MAC Addy right now is: 00:90:4C:B7:CE:36 Unique or Actual I dont think matters once you have a actual valid MAC Address.
Click to expand...
Click to collapse
It's not dissimilar to the MAC address I have on my device (not the same though). Is this just a forced value, or is it actually the real MAC address? If it's a forced value I'm just wondering what advantage there is over having the previously forced one of 00:11:22:33:44:55? Surely you'd still have the same MAC address as someone else that did the same thing on their phone.
Or am I missing something?
johncmolyneux said:
It's not dissimilar to the MAC address I have on my device (not the same though). Is this just a forced value, or is it actually the real MAC address? If it's a forced value I'm just wondering what advantage there is over having the previously forced one of 00:11:22:33:44:55? Surely you'd still have the same MAC address as someone else that did the same thing on their phone.
Or am I missing something?
Click to expand...
Click to collapse
i think the advantage is when u try to connect two Leo phones to a same network might get conflict because of similar MAC Addresses
and some routers wont accept this "00:11:22:33:44:55" MAC Address
I did that and now my phone does not boot!!! Please HELP
I have a basic samsung feature phone. Id like to use this as a modem for my Acer if possible. This phone works fine on all my ubuntu systems - just plug it in for the first time, click next-next in the wizard and I'm online. On the tablet, I see that it shows up as a /dev/ttyACM0. I belive this means that its a matter of getting the correct chat commands and associating pppd with the android layer. I imagine the process must be similar as to getting a USB 3G dongle working. Does anyone have any thoughts on how to do this?
There are already some threads about tethering the tablet to your phone, as well as 3G dongles.
http://forum.xda-developers.com/showthread.php?t=1152869
But yeah, no solution yet.
got it working
I thought I'd post the info on how I got this working for my specific situation. I have not read many other threads about this so maybe this type of info is already out there.
My phone is a basic samsung feature phone on AT&T that I called up and got unlimited data for $10/mo extra. This phone is practically unusable for browsing on itself. I plugged it into my ubuntu laptop and basically the tethering worked right away. I thought then that it should be able to work on the tablet. I wanted to make sure that "unlimited data" also applied to tethering to a computer. They said yes, if you can get tethering working - still no limit. I get 1-2Mbit rate over it.
This is on a rooted tablet, of course.
When I plug it into my tablet I get a single /dev/ttyACM0. If your phone is similar, you maybe able to use this info.
I went to At+t website and found this:
Then I read the man pages for pppd "man pppd". From this information, I understood how to modify the sample scripts "gprs", "gprs-connect-chat" and "gprs-disconnect-chat".
I then came up with a suitable "ip-up" script, based on ones found in the Huawei 3G modem example code. This is called when a ppp0 connection is made. Some of the lines in there I am not sure of, but it works, regardless.
I was surprised to find the standard "chat" program was not present in any of the roms I'd tried. Currently I am using virtuous Xoom. Somewhere, I found "chat-ril" which did the trick.
I've attached "modem.zip" which contains all the mentioned files.
From a root shell, you type:
pppd call gprs &
(This is kind of a pain but I'd like to find a way to automatically do that when the phone is plugged in)
If you do ifconfig ppp0, you should have an address, then try to browse.
Now I'm watching Netflix on my A500 as I drive! Also google navigation is absolutely great on a tablet, once you have the data connection.
willyampz said:
I've attached "modem.zip" which contains all the mentioned files.
From a root shell, you type:
pppd call gprs &
(This is kind of a pain but I'd like to find a way to automatically do that when the phone is plugged in)
If you do ifconfig ppp0, you should have an address, then try to browse.
Now I'm watching Netflix on my A500 as I drive!
Click to expand...
Click to collapse
Thanks for the work, but what are we to do with the modem.zip file you provided?
Modem zip contains the scripts and the chat-ril utility that need to be copied to your tablet. There's two ways to copy the files to your tablet:
1)
first unzip the files on your PC
use adb and push the files over to your tablet in the corresponding locations under /system.
2)
unzip the files to a micro SD or USB stick
remount the /system partition as read/write
copy them to the corresponding locations in the tablet filesystem from the SD or USB stick.
Copying files to your /system partition is described elsewhere in the forum but I can give more detail if needed.
I'm admittedly a noob on many levels. I think I followed your instructions but I get:
# pppd call gprs &
# /system/bin/chat-ril: permission denied
Any suggestions?
make sure you do it as root by typing 'su' first. Also check the permissions of chat-ril binary to be executable.
Thanks, it was the chat-ril with incorrect permissions.
So going with what you provided and much help from Google, I was able to make my own set of scripts for my phone and carrier (a Nokia 5230 and T-mobile). It looks like it's connecting both in my shell on the tablet (all "got it"s and OKs) and on the phone side which shows it with the 3G connection in use. Executing that ifconfig ppp0 gives me an ip address with a [up point-to-point running multicast].
My problem is I can't seem to access anything on the tablet. I can ping google from within the shell but the default browser, Dolphin, and the rest of my internet accessing apps don't work. I did change a line in the ip-up file from /system/bin/setprop "net.interfaces.defaultroute" "gprs" to "3g", which is what I named my connection script. Is there something else I'm missing?
Thank you for all the help.
Well, the good news is you can ping which probably means it can work and you are just about there.
The stuff in ip-up I don't completely understand myself, but that's probably where the issue is. By that point I was so close and anxious, that I just manually did some 'setprop's and experiment until it worked. I had exactly the same issue where I could ping but not browse at one point. Also, make sure the dns setprop's are set. Are you sure the "3g" should not be "gprs". I'm not sure that has to do with the script name. But maybe just the fact that you can ping means that's ok. I'm just not sure. Good luck.
Long time reviewer, first time poster - can't post in the dev forums until I have 10 postings (sigh).
Question for the devs or others in the know - in the ICS (granted very early) builds, I can't get IPtables to work, but an earlier list of changes seems to indicate that this should be working.
Manifests itself with errors starting the firewall in Droidwall. So, am I doing something wrong or is IPtables not available in the current ICS builds (I'm using the 0120 nightly)?
Other than that and the lack of Flash, my experience with the NC ICS builds has been nothing short of amazing.
Many thanks for the answer and for the ICS builds.
I just noticed this last night when Sshtunnel wouldn't work on my nook, but is fine on a Touchpad. I'd rather not compile my own kernel if enough people would find iptables useful.
Apparently not many CM9 users are concerned about IPtables and restricting access to the internet by apps. Hopefully one of the devs will pick this up for a future build. I worry about the info that my apps are sending out to the extent that I might go back to CM7 on my NC...
It ain't that I am unconcerned, it is just that I don't know the answer. I actually consider a working firewall to be of the utmost importance. I am pretty sure we are not alone. I did have trouble with it too, it said that the kernel came loaded with an updated version of (all numbers approximate) iptables 1.4.1.11 instead of the 1.4.1.10 that the droidwall was looking for. I honestly don't know what the issue is, but I am trying to be kinda ok about it, simply because I bet you dollars to donuts that firewalls work on cm9 sooner or later.
Lots of stuff work on cm9, I just don't feel like I can get my panties in a bunch because my pet issue isn't ready yet. I bet if we're patient it wont be long.
Or I just need to learn how to run the software better. If figure it out I will report back.
I guess my issue is that one of the chagelogs indicated that Netfilter was functioning in the upstream builds, but wasn't (apparently) working in the NC version. "Glad" to see it's not just me, but not so good that it seems to be lingering without a Dev comment.
user17600 said:
I guess my issue is that one of the chagelogs indicated that Netfilter was functioning in the upstream builds, but wasn't (apparently) working in the NC version. "Glad" to see it's not just me, but not so good that it seems to be lingering without a Dev comment.
Click to expand...
Click to collapse
PS - Anyone able to post this question in the Dev thread (I can't due to low posting count)?
[Note: I am not addressing firewalls; just iptables and global SOCKS5 forwarding in this post]
I very much need iptables support in the kernel and it appears to be here now. My needs are for a global proxy that all Android apps using the network will use. In theory, it ought to be as easy as loading the relevant, pre-built kernel module, and writing the correct iptables script to route all outgoing connections through your already-running ssh proxy. There are several apps that do this already.
I noticed there's a newer app for iptables maintenance "Iptables (beta)" in the Market by Moroni Granja, who also wrote the Autoproxy utilities. His utility does indicate that CM 7.2.0-RC1-encore (as of 2012-03-24) does have the required modules on it and offers to update the iptables binary for you which may (or may not) be necessary. I did update mine.
Whether it automatically re-routes all your outgoing connections through your already running SOCKS proxy I have yet to find out [edit: see my **UPDATE** below]. I have seen several apps like this in the market but none have worked on my Nook Color CM 7.1.X but I will try to see if they work on CM 7.2.X with Moroni Granja's utility. Another one that claims "global proxy support" is MAX LV's "ProxyDroid." None of them will open an SSH tunnel using SOCKS dynamic proxying and then iptables to it [edit: see my **UPDATE** below].
Dropbear on Cyanogenmod is not built with "-D" option. If it were, you could open a dynamic socks proxy using "ssh" on the device, set Proxydroid to use 127.0.0.1:58080 as your SOCKS5 proxy, set it to global mode (or set up an iptables script for this), and you have your own SSH tunnel. I don't see any app that will do this all at once anywhere in the market but I'm close to putting together a skeleton if only I had OpenSSH or Dropbear with "-D" dynamic forwarding compiled into it. That's the big obstacle here [edit: see my **UPDATE** below]..
Well, I did write that last paragraph a little hastily. There are two apps, "SSHTunnel" and "SSHTunnel (beta)" which come close to these requirements, but the author specifically notes they are intended for people behind the "Great Firewall" and I have had very little luck getting this to work. However, these apps do have interesting internals that can be used to further the effort for a true SOCKS5 tunnel using SSH to a remote host because, as you may already know, all you need is a remote Unix host to get this to work completely.
**UPDATE** I have successfully used SSHTunnel (beta) to connect to a remote host through the SSH SOCKS5 tunnel without setting any browser settings on CM 7.2.0 on my Nook Color. It is working now, though it's cumbersome to say the least. I am observing several connections on my remote SSH host that are being made from my Nook Color to places like Wikipedia and Google Play Store using http and https, among other things. I cannot confirm that all of my outgoing connections are being made through the SOCKS5 proxy but many are.
The executable being used is named /data/data/org.sshtunnel.bat/sshtunnel and it is actually OpenSSH_5.8p2. OpenSSH is very inefficient as compared to Dropbear. Indeed, the author of SSHTunnel says it will significantly reduce battery life. Replacing this with a Dropbear binary with dynamic forwarding may result in significant speed increase, battery life, and decreased memory usage.
In conclusion, I can report that global SOCKS5 proxy via SSH does work on CM 7.2.0-RC1-encore using the "IPtables (beta)" app in conjunction with SSHTunnel (beta).