IPv6 support for Gen8 - Gen8 Android Development

Hi.
I've put a Gen8 kernel with support for IPv6 on
Code:
http://www.pps.jussieu.fr/~jch/software/files/zImage-jch-20110304
(I'm not allowed to post URLs. Grr.)
Rename the file above to zImage, then download chulri's initramfs and follow his instructions on
http://forum.xda-developers.com/showthread.php?t=930197
You can test that it works by browsing ip6.me. (Only if your AP has IPv6, obviously.)
--jch

About the IPv6 support
The above only adds IPv6 to the kernel, and relies on the existing userspace. While Google's userspace has fairly decent IPv6 support (most notably, all Java applications should run with IPv6 without trouble), the Archos uClibc is built without IPv6 support. This means that Archos utilities will not work with IPv6 -- in particular, you won't be able to mount any IPv6 SMB shares.
I've contacted an Archos developer on this subject, and he told me that they have no plans for official IPv6 support in Gen8. (Planned obsolescence?)
--jch

I've added your post to he [INFO] What is root? How do I root my gen8 device? What can I do when I have root? Thread and asked Mr. Clown the moderator to move it to the gen8 dev forum and give you access to it.

Moved to dev forums

jch0 said:
The above only adds IPv6 to the kernel, and relies on the existing userspace. While Google's userspace has fairly decent IPv6 support (most notably, all Java applications should run with IPv6 without trouble), the Archos uClibc is built without IPv6 support. This means that Archos utilities will not work with IPv6 -- in particular, you won't be able to mount any IPv6 SMB shares.
I've contacted an Archos developer on this subject, and he told me that they have no plans for official IPv6 support in Gen8. (Planned obsolescence?)
--jch
Click to expand...
Click to collapse
the toolchain that comes with the archos kernel sources is quite outdated.
but the http://buildroot.uclibc.org/ toolchain (git clone git://git.buildroot.net/buildroot) has ipv6 support, i believe. but im no developer.
the toolchains options show beside others:
*** Toolchain Options ***
[*] Enable large file (files > 2 GB) support
[*] Enable IPv6 support
[*] Enable RPC support
-*- Enable WCHAR support
[*] Enable toolchain locale/i18n support

woti23 said:
the http://buildroot.uclibc.org/ toolchain (git clone git://git.buildroot.net/buildroot) has ipv6 support, i believe.
Click to expand...
Click to collapse
It can be built with IPv6 support, yes (it's disabled by default).
But that doesn't solve the issue. Archos' /lib/libc.so and all the utilities linked against it don't support IPv6; short of replacing all of that, you're not going to get IPv6 support in the Archos-provided utilities (notably the SMB support).
(Off-topic rant. The IPv4 pool has become exhausted last month. Buying a networked device with no v6 support in 2011 is highly idiotic.)
--jch

jch0 said:
(Off-topic rant. The IPv4 pool has become exhausted last month. Buying a networked device with no v6 support in 2011 is highly idiotic.)
Click to expand...
Click to collapse
Rant on off-topic rant: why should it be idiotic? You don't need IPv6 in LAN. Thus the end-devices don't need to know it as well. ISPs can do NAT on all those dynamic IPs.
You cannot switch to IPv6 in 2011, neither in 2012. So many people still have IPv4-only devices. Switch the IP protocol and they'll be back in middle ages

Why we need IPv6
I think that's actually getting back on-topic -- why do you need IPv6 in your Android device in the first place?
chulri said:
ISPs can do NAT on all those dynamic IPs.
Click to expand...
Click to collapse
NAT breaks peer-to-peer applications, such as Skype, SIP or Spotify.
Right now, we're working around NAT by using UPNP, NAT-PMP, UDP hole punching, STUN and other nasty hacks. With the v4 pool exhausted, ISPs are going to start deploying double-NAT (which is what you're alluding to), and these techniques are going to become increasingly unrealiable.
Some actual data: Spotify uses both client-server and peer-to-peer communication, and falls back to pure client-server operation when peer-to-peer fails. According to Spotify's CEO, peer-to-peer works in a mere 60% of cases -- that means that 40% of Spotify clients are using pure client-server, putting load on Spotify's servers. (I'm not aware of any actual data from the Skype folks.)
In short -- you don't need IPv6 if all you do is browsing the web. You do need IPv6 if you want non-web applications to still work in 2013. And I certainly do.
Switch the IP protocol and they'll be back in middle ages
Click to expand...
Click to collapse
Nobody's speaking of switching IPv4 off in the foreseeable future -- we're doubtless going to use double-stack (both IPv4 over NAT and end-to-end IPv6 on the same device) for years to come.
--jch
P.S. $aur0n, are you listening?

Related

[Q] Installing dnsmasq?

Hi all,
I hope this is the right category for this post. If not, I apologise.
So, I have a Samsung Galaxy S2 running CM9 nightly 20120523. I live outside of the US but I enjoy listening to pandora.com. Up until now, I was using a VPN connection to a US server to stream pandora.
However, I stumbled upon tunlr.net that enables us to stream pandora from anywhere just routing your dns queries to pandora on via their DNS and for free.
Because tunlr.net wishes to keep servers load as low as possible, they added artificial delays in DNS queries in an attempt to keep people from using tunlr as their primary DNS.
As such, I have setup dnsmasq on my network to route DNS queries for pandora.com to tunlr.net server's and any other DNS query to my regular ISP/Google DNS.
Now, I would like to achieve the same thing on my i9100 on any wifi network and any data connection.
I figured the best way to do this would be to run dnsmasq locally, edit the dnsmasq.conf so that pandora.com is queried at tunlr.net DNS and using Google's DNS for any other query.
However, I can't find a thorough guide to installing and configuring and running dnsmasq as a daemon on my phone... I tried opkg-cl but it couldn't find dnsmasq (it seems the available packages are not legion). I tried installing from github but not much luck here either.
TL;DR: I am trying to install and run dnsmasq as a deamon on my CM9 Samsung i9100, please advise.
I know a few things about unix/linux but I am not a guru so please don't assume too much in your explanations.
Thanks for your help!
Anyone?
therighttime said:
Anyone?
Click to expand...
Click to collapse
Isn't this done directly in /etc/hosts ? When I once configured a firewall/ router server dnsmasq helped push the DNS addresses to the clients...
Sent from my LG-P350 using Tapatalk 2
Also very interested in this, anyone managed to get this working?
moved to QA section...
dbarrera said:
Isn't this done directly in /etc/hosts ? When I once configured a firewall/ router server dnsmasq helped push the DNS addresses to the clients...
Sent from my LG-P350 using Tapatalk 2
Click to expand...
Click to collapse
AFAIK dnsmasq allows you to specify different DNS servers based on the domain name to resolve. In this case, I want any DNS request to go to the default DHCP specified DNS server and requests for *.pandora.com to go to tunlr.net special DNS servers who does some tunneling and some voodoo magic to make pandora see you as a US based client.
Editing the hosts file will not cut it because tunlr.net reroutes some your cdn requests through their own servers (but not all of them) so as to tunnel them and make pandora see you as a US client. It is not altering pandora.com's IP address, which is what the hosts file would do.

[APP] VPN Server on Android Device?

I'm looking to run a VPN server on my Android device so that I can set up a virtual network adapter on my PC to connect to the same network as my Android's wifi. I've seen plenty of Android VPN clients, but no server software.
Is there any software out there to run a VPN server on an android device?
I've heard OpenSSH runs an L2/L3 VPN, but I everything I can find on getting OpenSSH running on Android is all about ftp, and they usually wind up running an alternative. Is there a release of OpenSSH I can use on android for the purpose stated?
Thanks for your patience and support,
Serrath
Bumping the thread.
serrath said:
Bumping the thread.
Click to expand...
Click to collapse
I've ssh into my droid phone without a problem using SSHDroid. I'm also looking for how to setup a vpn server(vpnd) on the same droid phone. It might make it simpler for some work I do that requires access to the static ip address I have at home.
I may go with the following solution instead. blog.gidley.co.uk/2009/03/tunnelling-ssh-over-socks-proxy.html
If you're still looking, we just released Servers Ultimate from which the latest update (today) allows you also to run a VPN Server!
Have a look at the thread and let me know what you think of it! You do need a rooted ARM device to get it working (most devices are arm and if you think about a vpn server you're probably also rooted )
http://forum.xda-developers.com/showthread.php?t=1829334
Themuzz said:
If you're still looking, we just released Servers Ultimate from which the latest update (today) allows you also to run a VPN Server!
Have a look at the thread and let me know what you think of it! You do need a rooted ARM device to get it working (most devices are arm and if you think about a vpn server you're probably also rooted )
http://forum.xda-developers.com/showthread.php?t=1829334
Click to expand...
Click to collapse
i want some help in building an adblock app. I need to intercept all requests using vpn to local a vpn server.

[Q] Custom Rom For Enterprise Deployment

Ok... I am Software Engineer and I have been developing mostly for Windows environments, but recently started getting into Android. I want to get more into the Operating System from a lower level. I am looking to build a custom ROM that must meet certain requirements to be used.
What I would like to do for a specific device:
1) Strip stock ROM of bloatware
2) Use SSH Tunnel for all data traffic (3G/4G, WiFi, etc.)
- This will have to be an embedded setup so that the device will always be using the SSH Tunnel to encrypt data accessing from company resources.
- If at all possible, block sites that are normally blocked when on the physical network.
3) Company Email, Contacts, and Calendar information to be synced from Lotus Notes to native android applications using only the SSH Tunnel connection.
4) Enforce password requirement for phone lock screen.
5) Change the OTA Device Update server to create my own.
- Insight as to how I would host my own on my internal network would be appreciated, if it is at all possible.
6) Detect company secure WiFi Access Points and only permit automatic switching to these sources for data, others (unsecured) will need to manually connected.
Now, I know how to make a custom ROM, where I am stripping bloatware and pre-rooting and such so I don't need help with requirement 1.
However, I have no clue where to start with the security aspect of this. Is it possible to embed all the settings into the OS configuration for routing data over a secure and encrypted source? This is an absolutely imperative thing, where Corporate Security mandates that the syncing of emails and such must be done over an encrypted connection. If SSH tunneling is not the best solution, perhaps VPN? Our company currently deploys Cisco AnyConnect for VPN from company laptops. Again, this has to be built into the configuration of the device. The user cannot have the ability to turn off/on this feature (unless the root or do various other violations to corporate policy). Speed is not a concern, these are work devices and only need to be reliable in accessing work resources.
As for requirement 4, is there any way to force a password lock on the device? Maybe deploy the ROM in some sort of initial setup mode (similar to Microsoft's OOBE for windows), where they are prompted to create there phone password and enter various other credentials to setup the email syncing with the native email client?
For requirement 5 & 6, well these are just pipe dreams. If they could be done, and not require a UI to manage them, then it would be great. However, I figure this would be not so easy to do.
The reason why this all has to be built in and configured, is because the user cannot be given the option to disable these features with a simple UI. Also, the phones can not receive carrier specific OTA updates, that would wipe this system configurations. The update server has to be possible, as all the carriers currently host there own. There has to be a way to build my own and deploy my ROM as an official release to the device without having to have a custom recovery or root.
Any insight into any of this would be great. For the most part I am looking for the built in network access features that I discussed above and insight on how to accomplish this if at all possible. Everything else could just be whatever input you are willing to provide. I realize this is a big project, but the result will be a phenomenal step in securing and expanding company resources. I realize there may be enterprise solutions out there that will already accomplish most of this, but I am looking to stay away from those options.
mkruluts said:
Also, the phones can not receive carrier specific OTA updates, that would wipe this system configurations. The update server has to be possible, as all the carriers currently host there own.
Click to expand...
Click to collapse
Hello mkruluts,
where did you get that the carriers host their own servers?
I would seriously be interested.
Optimally, do you have a link?
I read on this forum that even the branded updates come from a manufacturer's server:
http://forum.xda-developers.com/showpost.php?p=43915102&postcount=574
"HTC gets the go ahead to push it OTA from their servers"
http://forum.xda-developers.com/showpost.php?p=8525999&postcount=141
"The vendor's servers are tied to the carrier network."
--Droiderino

Which internal android services/daemons bypass user-level VPN?

I've made a mock-up VPN that blocks everything and yet I see some tcp requests going through. I assume there are some internal stuff that ignores user-space "VPN mode".
Anyone who worked with networking in Android knows some off the top of their head?
KZekai said:
I've made a mock-up VPN that blocks everything and yet I see some tcp requests going through. I assume there are some internal stuff that ignores user-space "VPN mode".
Anyone who worked with networking in Android knows some off the top of their head?
Click to expand...
Click to collapse
What TCP/IP layer does the VPN work on?
BTW: Android only has VpnService API inbuilt - it's described here
BTW: Android only has VpnService API inbuilt - it's described here
Click to expand...
Click to collapse
Thanks, that was useful. Sadly, nothing on how built-in Xiaomi services bypass VPN and send their detailed "telemetry" directly. Spyware is deep in this one.

General Tethering

Has anyone found a way to tether from the phone without being throttled?
mosh.org
mosh then forward traffic through the tunnel
no privilege elevation needed
Let me go have a look see at it. I'm not looking for the full 5G but God I lived through dial up once already.... and it looks to be open source which is even better!
XeoNoX said:
mosh.org
mosh then forward traffic through the tunnel
no privilege elevation needed
Click to expand...
Click to collapse
I am guessing you recommended this without actually having tried it because according to the mosh readme: "Mosh does not support X forwarding or the non-interactive uses of SSH, including port forwarding."
If mosh can be actually used for tunneling, would you please describe specifically how to do so? My general understanding of this would be to run a server app on the phone and then connect client devices like PC's and Android TV's using mosh in client mode to it to forward their traffic through it. However, I cannot find an SSH server app for Android which will run on Android 11 due to changes made by Google in Android 10 and above. My understanding of the official mosh documentation is that mosh requires an SSH server to establish a connection before it can run its own server mode.
In addition will mosh tunnel both IPv4 and IPv6 traffic? If so, how would this be setup? Would two separate server sessions be required?
Iv tried most of the paid apps in the store (Klink, Pdanet+ and so forth) and Klink while not full speed works the best but after a few days all of the sudden you lose the ability to use sites like Netflix, Amazon Prime Video, or oddly Minecraft services.
i get anywhere from 85-130mbps by using vpn hotspot + adguard. it requires root tho.

Categories

Resources