In ToyVpnService they read IP packets and then forward them to a remote VPN server.
Why do they use DatagramChannel? Isn't DatagramChannel used with UDP only?
Why do they forward packages with their IP and TCP headers? There are a lot of examples of writing arbitrary data to sockets (for example, here) without headers.
From what I can tell the ToyVpnService is either an experiment or in a very early stage of development.
Yes, it's only used for UDP. They either don't care about lost packets at this stage or they plan to implement a control mechanism later.
In the messenger example that you provide, the apps exchange strings. They don't need to send any other info because they only want to display them. When you communicate with a VPN you have to send the headers so the VPN can forward any data it receives.
Related
I am trying to implement a VPN service on Android. I am provided raw IP packets (TUN interface which works on layer-3) and not sure how I am supposed to send the packets. I know I can parse the IP packets to pull out the transport layer data (TCP or UDP) and then send it, but I was hoping there was a way I can just simply send the whole IP packet.
Initially, I tried using a raw socket (https://man7.org/linux/man-pages/man7/raw.7.html) and send it that way but learned that this was not possible due to permission issues. To open a raw socket you need root permissions and Android applications cannot run as root.
I found a project called LWIP (https://www.nongnu.org/lwip/2_1_x/index.html) which says that it is a TCP/IP stack implementation library, but after reading the documentation, I can't figure out how to do this.
LWIP has their raw APIs (https://www.nongnu.org/lwip/2_1_x/raw_8h.html#a17edd059f34f45a770fe2fa458ecf4dd) which looks promising but I am not sure if this is what I need. Basically, I just need a way to send the raw IP packet and then get the response, and write it back to the TUN interface -- essentially a pass-through proxy.
Any help would be greatly appreciated. Thanks!
You're trying to reinvent the wheel. There are several appropriate encapsulation methods like GRE or IP-in-IP.
Sending a raw IP packet requires the use of an IP protocol number in any case, so your receiver can get the packets after registering that number.
For starters, it might be easier to use UDP encapsulation.
I use this Tutorial to Make PPTP VPN Connection Programmatically And Capture Packets
But Some thing is wrong, i think problem is when i want cature pockets in while loop
when i Connect to vpn by app and try to open site in browser it shows : You are offline ...
Send And received always is 0 bytes / 0 pockets
also i need to disconnect connection in app
how i can fix them ?
The tutorial you used is not about PPTP or another specific VPN kind, it's about packet capturing. You should implement PPTP client side by yourself and after that interconnect you packet capture code (while loop) and PPTP client code.
If you can show your source code it would be easier to show what's wrong.
UPD1:
so how i can use PPTP connection, connect and disconnect it ?
This is a big and complex task. There is no fast solution. When I did the same I've spent about a year for it. You can do something like the following:
Import existing 3rd party PPTP client into your project (for example, http://pptpclient.sourceforge.net/)
Improve imported code to make it able to interact with your main code (C/C++ code you can use as native library via JNI or as external executable and interact with it via IPC)
Link your code with imported code (read IP datagrams from VPN service socket, write them into PPTP client socket, and vice versa)
UPD2:
I saw two applications which implement VpnService.
The first one is StrongSwan. VpnService extended here, native part (real vpn service implementation) starts here.
The second is OpenVpn port ics-openvpn. It starts standalone openvpn process here, and manages it via standard openvpn management interface (unix socket) here.
am new to this application developer, first I'll describe the setup of my system. I've one mechanical machine, it connected with a PC via PLC, now I've some data ( decimal numbers) in PC (which is from machine), now
I need to develop an application to display contents (decimal numbers) in the android mobile, which is in PC via WiFi.
And i need to send some command back to PC,
Is it possible with simple application developer with simple coding?
Please help.
You can easily use TCP sockets which are based on IP protocol and will allow you to communicate over any IP network.
For your Server/PC
you can write a simple java tcp server on your PC.
Tutorials:
TCP Server
All About Sockets ... great starting point.
For your Android/Client
you will have to understand the basics on android development and take a look at couple of networking example.
follow these links:
Your First Android App
Android TCP Client Example
Extra :
TCP on Wikipedia no need to read the implimentation details just understand the concept.
If you want to do it only with your PC<->Mobile, you could expose the data-file via a webserver and then let the mobile read that file and expose in a desired manner. This is not a suggested way to do it, as it has several draw backs e.g. limiting exposed data etc.
Assuming that the data you want to expose is not trivial and may contain multiple data sources, Doing it in more-interoperable way will be a bit more work.
Write webservices (REST/SOAP) that expose the data from the server
Write an mobile app that consume the data from the webservice (via a REST client)
Once the app has consumed the data, you can write your
desired ui to display it on the mobile app.
I am writing a flashcard program and would like to see the question on my android phone and at the same time want the answer to pop up on my PC. So the phone needs to push the answer to the PC, which is listening. The entire thing would go through wifi.
My current plan is to build an http server on the PC as a separate java application and use HTTP requests from the phone to push the flashcard answer. Is this a good idea or is there an easier way to do this, without HTTP? I just need to send single strings.
You can use HTTP, just create a TCP Listener on Port 80 and filter header messages out, the android part would be easier, because there are several api functions for http requests.On the other side, a simple TCP Listener on any other Port would be better, because Skype is using for example port 80, and the performance would be a little bit better. The android part isnt much harder, you only have to set up a client on your port, and then send your message to your pc.So i would suggest to use a custom port and a TCP Server on your PC and a TCP listener on android.
I'm in the early stages of writing an app that will need to broadcast data to several other devices.
My first thought was using an UDP broadcast, however according to both
http://code.google.com/p/boxeeremote/wiki/AndroidUDP and
Android 3G UDP Broadcast
he UDP will not be able to push through the NAT when on the mobile network
(which is essential for my app).
I know that i could either use a server to broadcast however i'd rather avoid generating to much traffic on my home server.
The last alternative that i can think of is having several tcp/ip connections and looping through all connected clients and sending the broadcast. But since I'm counting on having at least 30 listeners I believe this will be to expensive.
I do not have any broadcast associated code yet, that's why I haven't posted any;)
Is there a way to break through the NAT? Will the phone be able to handle 30 simultaneous tcp/ip connections? Or should i look into some other method of broadcasting?
Any hint would be greatly appreciated!
Kind regards
Johan Risch
:::::::::::::::::::::::::ADDED::::::::::::::::::::::::::::::::
I will be sending strings of length 10-20 characters once every 30-360 seconds
(will be controllable by the user) containing geo points in string format. The order in which the data will be sent is not important, that's why I thought of udp first.
I've set up my server so that when a user logs in he/she updates my database with his/her current ip.
Preferably i'd like it to work globally, but as long as it would work within the mobile networks in the same country.
That's about all the relevant information i can think of, hope this clears some things up!
:::::::::::::::::::::::::/ADDED:::::::::::::::::::::::::::::::::
The NAT doesn't pass UDP through because UDP has no destination address, so technically UDP has to be sent to all subnetworks of the network. When the network is your home LAN, it's no big deal, but when the network is your ISP or university backbone or cellular provider, the UDP could be replicated to hundreds of thousands of subnets. That's a packet storm that will degrade network performance for everyone, and it's massive overkill for your particular app since you really only want to talk to a small number of clients.
This problem has been solved many times already. Instant Messaging clients have a similar situation as yours: want to do direct P2P messaging when possible, through firewalls. How do they do it? The original NAT traversal / firewall traversal solution was to set up a message relay server. All clients talk to the server, and the server echos messages from one client to the others as appropriate. It works with NATs and firewalls because the client initiates the outgoing connection to the server.
If the clients are able to establish a peer to peer connection, then the relay server can just give the clients each other's IP addresses and stop relaying messages.
UPNP is a protocol that enables clients to request a firewall to open a port for incoming traffic. BitTorrent clients use UPNP to enable clients to connect P2P for file sharing. Clients find each other via the torrent server. Most home LAN firewall routers support UPNP now, but it seems doubtful to me that a cellular network provider would provide UPNP support for over the air connections.
Another (remote) possibility is multicast TCP/IP, but as I recall this is really optimized for "push" content flowing from the server to clients rather than client-originated peer to peer.
Your best bet is to take a look at the open source IM clients out there, particularly ones with Android implementations, and see how they're doing IM. Jabber is one that comes to mind, I'm sure there are others. You could even use an IM system's messaging API as your data transport layer and more or less stay out of the wire level details completely.