I have downloaded the Android kernel sources from http://source.android.com/source/building-kernels.html
I have then started the emulator and wanted to play with iptable rules but I get this following error. Is the iptable package not fully installed? why is NAT table missing?
Initially I had started following http://randomizedsort.blogspot.de/2011/03/porting-iptables-1410-to-android.html#comment-form_8482839589527760177 to install iptables, but having seen iptablesv1.4.11.1 on the adb shell, I had abandoned the idea. Has anybody tried porting iptables on newer android kernel sources??
adb shell
# su root
# iptables -t nat -A OUTPUT -p tcp --dport 8000 -j REDIRECT --to-port 8080
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:450
iptables v1.4.11.1: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
Please advise!
Use protocol numbers (-p 6) instead of names (-p tcp):
iptables -t nat -A OUTPUT -p 6 --dport 8000 -j REDIRECT --to-port 8080
See this answer for more info:
getprotobyname error iptables
Related
I want to redirect the all the port to the specified port in android. In Ubuntu or raspberry, I can use
sudo iptables -t nat -A PREROUTING -i ens33 -p tcp --dport 1:65535 -j REDIRECT --to-port 10000
sudo iptables -t nat -A OUTPUT -p tcp --dport 1:65535 -j REDIRECT --to-port 20000 -m owner ! --uid-owner root
How can I redirect the port like the above commands in android? Do I need a rooted device?
We can root the device and download Termux to run the commands same as ubuntu.
You should try PORT FORWARDER apps from google play. There are many port forwarders Available there.
Anyone of those can work for you.
I am using Genymotion emulator for Testing My proxy.So I need use iptables to redirect all tcp data to my proxy Port.
when I use
iptables -t nat -N REDSOCKS
it prints 'can't initialize iptables table `nat': Table does not exist (do you need to insmod?)'
But when I use
iptables -L
it prints the default table 'filter' complete chains.
'nat' and 'filter' are default tables in netfilter, Why nat table does not exist?
Users of retail Android devices cannot access iptables binary. Even Android OS itself cannot access that binary.
Source.
A few general things about routing with iptables.
Dont forget to enable routing .
sudo sysctl net.ipv4.ip_forward=1
or
echo 1 > /proc/sys/net/ipv4/ip_forward
and
iptables -t nat -A PREROUTING -i $device -p tcp --dport $srcPortNumber
-j REDIRECT --to-port $dstPortNumber
My host OS is: Linux Mint 15, my guest OS on virtualBox is: androVM.
What I want to do is take all http/s traffic from androVM and tunnel it though mitmproxy.
I am using the following, I usually connect to the internet via vpn (tun0).
The virtualbox is attached to the NAT, tun0 interface.
Here is the iptables script I am using, and yes I did install the cert on androVM via adb.
I am running the following bash script as follows:
#!/bin/sh
echo "Setting up IP tables"
echo "Resetting iptables rules"
iptables -t nat -F
echo "Now setting up ip forwarding rules"
sysctl -w net.ipv4.ip_forward=1
echo "Setting up the routing rules so all traffic from tun0(whatever interface) goes to mitmproxy"
iptables -t nat -A PREROUTING -i tun0 -p tcp --dport 443 -j REDIRECT --to-port 8080
iptables -t nat -A PREROUTING -i tun0 -p tcp --dport 80 -j REDIRECT --to-port 8080
echo "Completed task"
$ sudo ./iptables.sh
$ sudo mitmproxy
What happens at this point is the androVM won't even access the internet, I have previously used this and it has worked, maybe something else is doing on, any hints, clues or guidance would be appreciated.
Thanks
This is the error i am getting in logcat:
runIptablesCmd(): failed /system/bin/iptables -t raw -A bw_raw_PREROUTING ! -i lo+ -m owner --socket-exists res=768
After issued strace -c netd i got the following things. please suggest me to proceed further.
iptables v1.4.11.1: can't initialize iptables table `raw': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
iptables v1.4.11.1: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
It seems like a ramdisk issue.
Check and make sure your ramdisk (mainly init.rc) has the necessary parts for the mdns service. You can see here that there are additions to the netd service (these mdns services weren't in Android versions before Jellybean) that have mdns added to it and there is also an mdns service as well at the bottom of the init.rc I linked to earlier.
Add those two parts to the init.rc and see if that resolves the issue.
I try to iptables -A OUTPUT -p tcp --sport 5228 -j DROP but it comes to failure messages:
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:378
I have an rooted device and busybox on it. Strange is that if I see the rules list of iptables this port is in it. I´m not sure does it work? What is my problem?
Seems like a known bug:
https://bugzilla.mozilla.org/show_bug.cgi?id=558415
It lists workarounds if you're interested.
Use protocol numbers (-p 6) instead of names (-p tcp):
iptables -A OUTPUT -p 6 --sport 5228 -j DROP
See this answer for more info:
getprotobyname error iptables