I am using Genymotion emulator for Testing My proxy.So I need use iptables to redirect all tcp data to my proxy Port.
when I use
iptables -t nat -N REDSOCKS
it prints 'can't initialize iptables table `nat': Table does not exist (do you need to insmod?)'
But when I use
iptables -L
it prints the default table 'filter' complete chains.
'nat' and 'filter' are default tables in netfilter, Why nat table does not exist?
Users of retail Android devices cannot access iptables binary. Even Android OS itself cannot access that binary.
Source.
A few general things about routing with iptables.
Dont forget to enable routing .
sudo sysctl net.ipv4.ip_forward=1
or
echo 1 > /proc/sys/net/ipv4/ip_forward
and
iptables -t nat -A PREROUTING -i $device -p tcp --dport $srcPortNumber
-j REDIRECT --to-port $dstPortNumber
Related
I want to redirect the all the port to the specified port in android. In Ubuntu or raspberry, I can use
sudo iptables -t nat -A PREROUTING -i ens33 -p tcp --dport 1:65535 -j REDIRECT --to-port 10000
sudo iptables -t nat -A OUTPUT -p tcp --dport 1:65535 -j REDIRECT --to-port 20000 -m owner ! --uid-owner root
How can I redirect the port like the above commands in android? Do I need a rooted device?
We can root the device and download Termux to run the commands same as ubuntu.
You should try PORT FORWARDER apps from google play. There are many port forwarders Available there.
Anyone of those can work for you.
I have this script running on boot (as root) on my phone and cycling on a timer to make my wifi hotspot send data through a PIA VPN(tun0). PIA will assign a single port allowed to be used for port forwarding and I now want to forward that assigned port to a tethered PC which is connected to the wifi hotspot (wlan0). The PC's local IP address is 192.168.1.252 (hotspot assigned) and the port number is 40212 (PIA assigned). Is there a way to add that routing to this script?
Additional Info:
$ netcfg
wlan0 UP 192.168.1.1/24
lo UP 127.0.0.1/8
tun0 UP 10.100.1.6/30
rmnet UP xx.xxx.xxx.xxx/xx #Didn't want phone's external(?) IP online.
Script:
while sleep 30; do
iptables -t filter -F FORWARD
iptables -t nat -F POSTROUTING
iptables -t filter -I FORWARD -j ACCEPT
iptables -t nat -I POSTROUTING -j MASQUERADE
iptables -t nat -A PREROUTING -p udp --dport 53 -j DNAT --to 8.8.8.8
ip rule add from 192.168.1.0/24 lookup 61
ip route add default dev tun0 scope link table 61
ip route add 192.168.1.0/24 dev wlan0 scope link table 61
ip route add broadcast 255.255.255.255 dev wlan0 scope link table 61
My host OS is: Linux Mint 15, my guest OS on virtualBox is: androVM.
What I want to do is take all http/s traffic from androVM and tunnel it though mitmproxy.
I am using the following, I usually connect to the internet via vpn (tun0).
The virtualbox is attached to the NAT, tun0 interface.
Here is the iptables script I am using, and yes I did install the cert on androVM via adb.
I am running the following bash script as follows:
#!/bin/sh
echo "Setting up IP tables"
echo "Resetting iptables rules"
iptables -t nat -F
echo "Now setting up ip forwarding rules"
sysctl -w net.ipv4.ip_forward=1
echo "Setting up the routing rules so all traffic from tun0(whatever interface) goes to mitmproxy"
iptables -t nat -A PREROUTING -i tun0 -p tcp --dport 443 -j REDIRECT --to-port 8080
iptables -t nat -A PREROUTING -i tun0 -p tcp --dport 80 -j REDIRECT --to-port 8080
echo "Completed task"
$ sudo ./iptables.sh
$ sudo mitmproxy
What happens at this point is the androVM won't even access the internet, I have previously used this and it has worked, maybe something else is doing on, any hints, clues or guidance would be appreciated.
Thanks
I have downloaded the Android kernel sources from http://source.android.com/source/building-kernels.html
I have then started the emulator and wanted to play with iptable rules but I get this following error. Is the iptable package not fully installed? why is NAT table missing?
Initially I had started following http://randomizedsort.blogspot.de/2011/03/porting-iptables-1410-to-android.html#comment-form_8482839589527760177 to install iptables, but having seen iptablesv1.4.11.1 on the adb shell, I had abandoned the idea. Has anybody tried porting iptables on newer android kernel sources??
adb shell
# su root
# iptables -t nat -A OUTPUT -p tcp --dport 8000 -j REDIRECT --to-port 8080
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:450
iptables v1.4.11.1: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
Please advise!
Use protocol numbers (-p 6) instead of names (-p tcp):
iptables -t nat -A OUTPUT -p 6 --dport 8000 -j REDIRECT --to-port 8080
See this answer for more info:
getprotobyname error iptables
I try to iptables -A OUTPUT -p tcp --sport 5228 -j DROP but it comes to failure messages:
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:378
I have an rooted device and busybox on it. Strange is that if I see the rules list of iptables this port is in it. I´m not sure does it work? What is my problem?
Seems like a known bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=558415
It lists workarounds if you're interested.
Use protocol numbers (-p 6) instead of names (-p tcp):
iptables -A OUTPUT -p 6 --sport 5228 -j DROP
See this answer for more info:
getprotobyname error iptables