I put the following script in my /system/etc/init.d/ folder
Code:
#!/system/bin/sh
iptables -P OUTPUT DROP
On my Samsung GalaxyS - CM10 - Semaphore Kernel, it is applied at boot time as it should.
On my Galaxy Tab 2 7 CM9 (CM Kernel) on the other hand, it is not getting applied.
WHY ?
I've already checked: The scripts in the init.d-folder indeed do get executed.
And there wasn't also anything useful in the logcat either (nor did I find evidence that something flushed/overwrote iptables).
My next guess would be that the netfilter/iptables isn't loaded yet while init.d is still being processed.
Is there a way to load iptables manually upfront?
Thanks for your thoughts.
init.d iptables drop
The same problem. Sony Xperia stock, rooted.
I've made "iptables drop" script for init.d to prevent data leak BEFORE firewall loads.
It works. But sometimes script doesn't affect iptables, or something overwrites it.
Don't know what to do :/
Hi
I would like to reopen the topic.
I have written an init service which is executed by the init.rc script. This service set a new iptables configuration. I have checked all the outputs and it seems to work, but a later service overwrites my settings.
Does anyone know which service this and if it also has been executed by the init.rc script or later?
Otherwise I have to write a wrapper over iptables which only accepts my commands.
Regards,
cloooned
It seems like lucky random.
Your init script can be executed before or after tool-that-overwrites. The only way is to make delays and re-execute.
Anyway, phone wont be protected for some small period during boot.
Hello. I have a question about rules in afwall. I want to lock qq and wechat. It works very well. However, I used this app on mobile phones of a company. I need to uninstall afwall again. Is it possible to copy the created rules into init.d in order to keep them running without the app? Where can I find the file with the rules?
thanks...
micky1067 said:
Hello. I have a question about rules in afwall. I want to lock qq and wechat. It works very well. However, I used this app on mobile phones of a company. I need to uninstall afwall again. Is it possible to copy the created rules into init.d in order to keep them running without the app? Where can I find the file with the rules?
thanks...
Click to expand...
Click to collapse
This should be in the AFWALL+ thread however it can export the rules and with that you can turn it into a script and load it at boot. To lock qq and webchat you need to know the GUID and block that but be warned that turning on or off network interfaces deletes IPTables
Related
Hey guys, I came up with a basic set of tools which I find useful. You may redistribute , include in any custom ROMs and/or distributions.
This includes:
Rewrite /default.prop for ADB
Install and deploy busybox in /system/xbin
install bash, ipctool, strace, tcpdump, and viewmem binaries.
To install, you must be rooted.
Unzip the attached file
place it on your nook.
cd to the folder you installed
Run the following
Code:
sh /sdcard/BHT/run.sh
Please note, I use Android Market app QuickSSH to get into my nook terminal, your results may very.. I hope someone else grabs these files and makes it all more user friendly. I've got too many other things going on.
I encourage other developers to include these valuable debugging tools in their packages.
You, sir, are a monster! You get my vote.
Sent from my Nexus S using xda premium
AdamOutler said:
Hey guys, I came up with a basic set of tools which I find useful. You may redistribute , include in any custom ROMs and/or distributions.
This includes:
Rewrite /default.prop for ADB
Install and deploy busybox in /system/xbin
install bash, ipctool, strace, tcpdump, and viewmem binaries.
To install, you must be rooted.
Unzip the attached file
place it on your nook.
cd to the folder you installed
Run the following
Code:
sh /sdcard/BHT/run.sh
Please note, I use Android Market app QuickSSH to get into my nook terminal, your results may very.. I hope someone else grabs these files and makes it all more user friendly. I've got too many other things going on.
I encourage other developers to include these valuable debugging tools in their packages.
Click to expand...
Click to collapse
I can turn this into an apk, if you don't mind. By turn on adb with this method, adb will be rooted and the device will still be allowed to sleep?
brianf21 said:
I can turn this into an apk, if you don't mind. By turn on adb with this method, adb will be rooted and the device will still be allowed to sleep?
Click to expand...
Click to collapse
By all means. Please do.
My vote too. I just hope after you win that you keep up the great work on the Nook Tablet. The last two weeks or so have looked very promising towards getting custom roms on here and a lot of that has to do with Adam's hard work along with a few others
Nearly all of these are already in snowball-mod, but I'll include ipctool, and viewmem for the next release.
cfoesch said:
Nearly all of these are already in snowball-mod, but I'll include ipctool, and viewmem for the next release.
Click to expand...
Click to collapse
How did you get default.prop reread into memory? The only think I can see is the 2nd init hijack? Am I missing something a lot easier?
brianf21 said:
How did you get default.prop reread into memory? The only think I can see is the 2nd init hijack? Am I missing something a lot easier?
Click to expand...
Click to collapse
Note, I said "nearly all". I don't really see though how changing /default.prop would keep over reboots... rootfs is stored in memory and recreated every time, isn't it?
I've added the binaries to NT Hidden Settings. I have not implemented /default.prop swap yet. I have to play with hijacking init before I do. Thanks again.
brianf21 said:
I've add the binaries to NT Hidden Settings. I have not implemented /default.prop swap yet. I have to play with hijacking init before I do. Thanks again.
Click to expand...
Click to collapse
cool. where are you hosting that binary? I currently have a mirror set up at nook1.adamoutler.com for easy access... When someone gets a new device, they need to download 3 things onto their device to make it a real tablet.. nook1=hidden settings, nook2=homecatcher, nook3=market.. I may change 3 to launcherpro, but hidden settings is the number1 tool required for the nook Tablet.
AdamOutler said:
cool. where are you hosting that binary? I currently have a mirror set up at nook1.adamoutler.com for easy access... When someone gets a new device, they need to download 3 things onto their device to make it a real tablet.. nook1=hidden settings, nook2=homecatcher, nook3=market.. I may change 3 to launcherpro, but hidden settings is the number1 tool required for the nook Tablet.
Click to expand...
Click to collapse
Homecatcher? I mean, I understand if you want to keep using the B&N store and stuff, but if you don't care about the B&N stuff, then the hacked SystemUI.apk is a way better option than Homecatcher.
But then, you're advancing "launcher pro", while I would more generally say "any non-B&N launcher"...
I added another option to nt hidden settings to run adb as root. It doesn't require a reboot and it automatically turns off auto mount. I am using nemith's adbd.
remount / as rw
stop adbd
replace /sbin/adbd
remount / as ro
setprop to turn off auto mount
start adbd as root
It's not persistent after reboot, but it works and doesn't kill the battery. I am not going to bother with hkvc's hijacking init method, because it looks like you, hkvc, bauwks, and nemith will be able to replace the os soon. Thanks.
Information and Modules description
I was in the need to add some missing kernel modules to my Xperia Mini Pro sk17i with v4.0.2.A.0.58, but I could only find modules compiled form ICS sources, so I decided to build them myself.
All modules have been compiled from official sony Xperia v4.0.2.A.0.58 kernel sources, using Android NDK r5, and they should be fine with any GB based Xperia 2011 device (with that kernel version at least).
This is the list of modules, with some interesting programs using them:
fuse.ko: Cryptonite (used to create encrypted EncFS or Truecrypt volumes, adds support to mount drives so that are visibile to the whole Android system. Note: Cryptonite is not currently able to load the module automatically, you need to load it from Terminal Emulator..se more below)
usb-storage.ko, nls_utf8.ko, ntfs.ko (compiled with write support, currently untested): USB OTG Helper (used to mount external USB drives with USB On The Go cables).
cifs.ko, slow-work.ko, md4.ko: CifsManager (used to mount network shares)
ext4.ko, jbd2.ko: if you wish to use the EXT4 filesystem
tun.ko: needed by VPN clients, like OpenVPN or DroidVPN
Installation Instructions
Attached to this post you will find a ZIP that can be used along with CWM Recovery to install the modules in system.
Download the module, put it inside you SD card, reboot your phone in CWM (which you can install with the Xperia CWM Auto-Installer) and select install zip from sdcard, and browsed to the ZIP. Reboot your phone when install finishes.
Loading Modules
No module is automatically loaded at system startup: this saves your memory and battery (some of those modules are known to drain your battery if always loaded).
To manually load a module you have to open the Android Terminal Emulator and tap:
Code:
su
insmod /system/lib/modules/MODULENAME.ko
where MODULENAME is the name of the module you want to load.
Other useful commands:
Code:
lsmod
to see currently running commands
Code:
rmmod MODULENAME.ko
to unload a module.
If you wish to manually load a module at phone startup you should use init.rd or any other method (?) to run custom scripts at startup.
Load Order
Some modules need to be loaded in a specific order:
slow-work.ko must be loaded before cisf.ko
jbd2.ko must be loaded before ext4.ko
Other Firmware Versions
I've released the same package for other firmware versions, click on the firmware version to go to the specific thread:
ICS v4.1.B.0.587 Kernel Modules package by zxp
Changes
v2 - 2012.07.19
===========
- customized, built and added slow-work.ko, which is needed to load cifs.ko
- added jbd2.ko, which is needed to load ext4.ko
v1 - 2012.07.12
===========
- First release
Thanks for this..
Fuse, and the rest as required, are automatically loaded as required by USB OTG Helper if found in /system/lib/modules.
shardul_seth said:
Thanks for this..
Fuse, and the rest as required, are automatically loaded as required by USB OTG Helper if found in /system/lib/modules.
Click to expand...
Click to collapse
Yes, the same applies to CifsManager, even if it requires some fiddling in options, while your USB OTG Helper does it automagically...by the way, it would be really nice of you if you could add the same auto-load code to Cryptonite, which is open source somewhat related to your work! :good:
zxp said:
Yes, the same applies to CifsManager, even if it requires some fiddling in options, while your USB OTG Helper does it automagically...by the way, it would be really nice of you if you could add the same auto-load code to Cryptonite, which is open source somewhat related to your work! :good:
Click to expand...
Click to collapse
I have my own encryption script, and I am happy with it.. So no fiddling with cryptonite for me
Updated both install and uninstall packages to fix cifs.ko and ext4.ko that couldn't be loaded because of missing dependencies (slow-work.ko and jbd2.ko).
You can find the updated zips in the first post.
where i can find the ext4.ko module for Xperia 2011 ICS?, i can't find it nowhere, can you help me with it?
sorry for my bad english
lightdesiny said:
where i can find the ext4.ko module for Xperia 2011 ICS?, i can't find it nowhere, can you help me with it?
sorry for my bad english
Click to expand...
Click to collapse
I don't know where to find it, I don't have upgraded to ICS yet, sorry.
If you are sure that no one have released it I may build a package similar to this one once I upgrade to ICS, in the coming weeks. Keep an eye on this forum :cyclops:
hi when I type the cod say me that not found that I istall it with recovery please help me
my phone xperia ray
my rome is 2.3.4 - 4.0.2.A.0.58 GB
hadics1 said:
hi when I type the cod say me that not found that I istall it with recovery please help me
my phone xperia ray
my rome is 2.3.4 - 4.0.2.A.0.58 GB
Click to expand...
Click to collapse
Don't complain if none will answer you.
hadics1 said:
hi when I type the cod say me that not found that I istall it with recovery please help me
my phone xperia ray
my rome is 2.3.4 - 4.0.2.A.0.58 GB
Click to expand...
Click to collapse
Can you please explain your problem better?
I can't understand your post.
zxp said:
lightdesiny said:
where i can find the ext4.ko module for Xperia 2011 ICS?, i can't find it nowhere, can you help me with it?
sorry for my bad english
Click to expand...
Click to collapse
I don't know where to find it, I don't have upgraded to ICS yet, sorry.
If you are sure that no one have released it I may build a package similar to this one once I upgrade to ICS, in the coming weeks. Keep an eye on this forum :cyclops:
Click to expand...
Click to collapse
I've just released the same package as this for Xperia ICS v4.1.B.0.587, you can now use ext4 on the latest ICS firmware
This is great
Sent from my WT19i
mount nfs share works with busybox - but won't with cifsmanager
Hello folks,
as this is my first post here, i'd like to thank all of the contributors for the excellent Guides and Howtos on this platform. Based on the instructions in this forums i was able to root my Xperia Mini Pro sk17i and greatly expand my devices applicability. Thanks to all of you!
Sorry, that the post got that long - hope that someone is still so kind to read and answer to it. I just wanted to be as precise as possible in the desription of my problem.
And here it comes. As the title of my post already implies, my ultimate goal is to mount nfs shares of my NAS and Router in my private network as user-friendly and simple as possible.
So far, I tried the following to achieve this goal:
Install busybox to generally expand linux capabilities of the device
install the Android Terminal emulator also from Google play
as previuosly mentioned, the device is rooted and Super user capabilities are set
created a mount-point for the nfs share
installed cifsmanager for mounting/unmounting with one click later
I tried to manually mount the share in the terminal. Without busybox i had no luck, but actually that was not sursprising at all. With busybox however, it worked instantly - what indeed surprised me, because this thread here implied somehow the kernel, as is, wasn't even capable to do it without additional modules. I could easily browse the share with ES file manager etc. and make use of my shares. So far, so great. :good:
But opening a terminal, get super user rights and mount manually by typing the whole sequence of
Code:
busybox mount -o nolock,vers=3 -t nfs 192.xxx.xxx.x.x:/my/nfs/share /mnt/MyLocalFolder
is not what you'd call simple or user-friendly at all.
So i aimed to improve the mount procedure with cifsmanager, but I always fail. And do no not understand what i am doing wrong. Initially i tried it without further kernel modules, encouraged by the success i had with busybox. But i always got a "Invalid argument" reply.
During the troubleshooting I stumbled upon this post, and thx to zxp's files, i managed to add the kernel modules to my /system/lib/modules folder (and yes, I have the exact same original/stock GB kernel version they are intended for).
But still no luck - even after i added slow-work.ko to the list of modules loaded by cifsmanager in the properties (placed before cifs.ko as it was suggested by another thread found somewhere in the forum). The info tab states the modules are loaded, but i still receive the same crooked "Invalid argument" message. What the heck am I doing wrong?
Seems to me there is some sort of general syntax issue - here is what info I give the app:
Share: 192.xxx.xxx.x.x:/my/nfs/share
Mount Point: /mnt/MyLocalFolder (tested with and without the mount point prefix in properties)
User: guest (default - without it, it wont work,app description states it will be ignored for nfs shares anyway)
Pwd: left empty
Options:nolock, vers=3 (tested with and without these - but where generally considered essential in some threads + my shares are nfs_v3)
Does somebody have an idea what is going wrong and might point me in some useful direction?
Thanks and Cheers to you all,
Nix
Use script manager and create a script!
Nixblicker said:
Hello folks,
as this is my first post here, i'd like to thank all of the contributors for the excellent Guides and Howtos on this platform. Based on the instructions in this forums i was able to root my Xperia Mini Pro sk17i and greatly expand my devices applicability. Thanks to all of you!
Sorry, that the post got that long - hope that someone is still so kind to read and answer to it. I just wanted to be as precise as possible in the desription of my problem.
And here it comes. As the title of my post already implies, my ultimate goal is to mount nfs shares of my NAS and Router in my private network as user-friendly and simple as possible.
So far, I tried the following to achieve this goal:
Install busybox to generally expand linux capabilities of the device
install the Android Terminal emulator also from Google play
as previuosly mentioned, the device is rooted and Super user capabilities are set
created a mount-point for the nfs share
installed cifsmanager for mounting/unmounting with one click later
I tried to manually mount the share in the terminal. Without busybox i had no luck, but actually that was not sursprising at all. With busybox however, it worked instantly - what indeed surprised me, because this thread here implied somehow the kernel, as is, wasn't even capable to do it without additional modules. I could easily browse the share with ES file manager etc. and make use of my shares. So far, so great. :good:
But opening a terminal, get super user rights and mount manually by typing the whole sequence of
Code:
busybox mount -o nolock,vers=3 -t nfs 192.xxx.xxx.x.x:/my/nfs/share /mnt/MyLocalFolder
is not what you'd call simple or user-friendly at all.
So i aimed to improve the mount procedure with cifsmanager, but I always fail. And do no not understand what i am doing wrong. Initially i tried it without further kernel modules, encouraged by the success i had with busybox. But i always got a "Invalid argument" reply.
During the troubleshooting I stumbled upon this post, and thx to zxp's files, i managed to add the kernel modules to my /system/lib/modules folder (and yes, I have the exact same original/stock GB kernel version they are intended for).
But still no luck - even after i added slow-work.ko to the list of modules loaded by cifsmanager in the properties (placed before cifs.ko as it was suggested by another thread found somewhere in the forum). The info tab states the modules are loaded, but i still receive the same crooked "Invalid argument" message. What the heck am I doing wrong?
Seems to me there is some sort of general syntax issue - here is what info I give the app:
Share: 192.xxx.xxx.x.x:/my/nfs/share
Mount Point: /mnt/MyLocalFolder (tested with and without the mount point prefix in properties)
User: guest (default - without it, it wont work,app description states it will be ignored for nfs shares anyway)
Pwd: left empty
Options:nolock, vers=3 (tested with and without these - but where generally considered essential in some threads + my shares are nfs_v3)
Does somebody have an idea what is going wrong and might point me in some useful direction?
Thanks and Cheers to you all,
Nix
Click to expand...
Click to collapse
that works, but...
Well, yeah - that was an option. I already did, and it works with the busybx mount as stated.
But i would have to write another to mount another share, unmount them, and one to prevent ES file manager to somehow occupy the mount to make it busy before unmounting etc.
I hoped that cifsmanager would smooth and ease the mounting/unmounting.
Thank you for your suggestion, anyway!
Cheers, Nix
shardul_seth said:
Use script manager and create a script!
Click to expand...
Click to collapse
I'm trying to get a script to execute via init.d or even in the terminal ... sh ./script but am running into issues that I'm not sure why or what is happening. I can't get the script to even execute via command line with the terminal app...so I need to figure that out first then maybe init.d will work. I can however execute the command in the script just fine, so I am not sure what is going on. It should be a simple script that I've seen posted on XDA. I started a thread over on the blaze dev section buy have been told it would fit here better so I'm posting a link to what I've already done.
http://forum.xda-developers.com/showthread.php?p=45042841#post45042841
As you can see from that link and the screenshot the execution of the script fails but I can echo that string in just fine. I'd like to get this scripted to it will work on boot and hopefully find a way to make it run before apps start starting so the sd card will prepare faster and the files I have apps linked to will be present when there requested...which is a problem.
Thanks!
Hello,
Problem:
My Meizu MX3 (runs Flyme os 3 based on android 4.2.2) has preset "Camera" in the DIRECTORY_DCIM environment variable. Most of the camera apps respect this setting and they are saving photos in the Camera instead of the DCIM. This causes problems with automatic syncing, because photos are obviously expected to be in the DCIM.
Partial solutions:
I tried symlinking the two dirs, but as far as i know it is not possible in the FUSE used since the 4.2.2.
mount -o bind led to the duplicity in the gallery app and i don't consider it too "clean" solution.
I ended up with modifying source of Focal open source camera not to read DIRECTORY_DCIM env var, but rather just to save the picture into the DCIM directly.
Is there a way to change this variable on boot? I don't want to use any 3rd party apps for simple things like this. Editing init.rc led to nothing, because it is always replaced by the default one from the ramdisk.
Thanks in advance.
Have you tried making an init.d script to export the value you want? I haven't looked at the source code so I don't know if that'll make a difference, but that's the only thing I can think of, short of modifying the API call using e.g. Xposed (somewhat similar to what this mod does.)
You may want to link the SO question you also created, in case you get a working answer there, so anyone stumbling on this page will find the way to that.
The init.d dir was not on my phone, so i tried creating it. Scripts from there do not get run on the startup, which brings me back to the problem with editing init.rc.
I will probbly just keep using modified camera until they release Ubuntu mobile for mx3 - which according to rumors could be soon
Thank you for your time
Sent from my M353 using XDA Premium 4 mobile app
Check if in your init.rc there is something like
Code:
service flash_recovery /system/etc/install-recovery.sh
Then you can edit/create that script and enable running init.d scripts with:
Code:
busybox run-parts /system/etc/init.d
search on this forum for more info
Sent from my ZP980 using Tapatalk
Thank you, your guide worked and my scripts in init.d now get executed
Sadly, exporting the variable in script residing in init.d does nothing (the script itself gets executed, i tried echoing "test" in file). There must be something, which keeps reseting the DIRECTORY_DCIM to its original value, or else i'm out of ideas
Or am i assuming incorrectly, that Java code
Code:
Environment.DIRECTORY_DCIM
should read env variable settable by
Code:
export DIRECTORY_DCIM="DCIM"
?
Actually now that you say that I checked my init.rc and I don't have that. Plus if I try
Code:
echo DIRECTORY_DCIM
I have nothing, so at least for me it's not set there.
Sent from my ZP980 using Tapatalk
For me echoing the varible also returns nothing, but reading it by Java returns "Camera".
Since it was my only clue, i hoped it could be reset by exporting DIRECTORY_DCIM (since android docs states that
android.os.Environment provides acces to environment vars) I guess i was wrong.
Is there any other kind of emvironment variables, i am not aware of?
Sent from my M353 using Tapatalk
I checked that variable is hardcoded in the android.os.Environment class.
I can think of three methods to test to change that but I didn't test any:
Use exposed framework to change the call that gets DIRECTORY_DCIM, if that's possible it's probably the best choice.
Edit and compile again android.os.Environment (I have no idea how to do that or if it's even possible)
Make a script that monitors your X folder to move pictures to DCIM folder
I can help you with the last one
The xposed is great idea, but unfortunately it doesn't work. It says "unknown option -- c" which as far as i know has something to do with bad (probably outdated?) version of SU. Meizu's firmware is probably more customized android than i previously thought.
Now i'm using the solution you also advised - i am automatically moving media from Camera to DCIM - i was hoping for more clean solution, but i guess this is as close as i'll ever get (don't get me wrong, it works as it is supposed to. I'm just a perfectionist )
Thank's for your time.
np I'm a perfectionist too and it's always cool to learn how things work and can be hacked
Sent from my ZP980 using Tapatalk
Hello members
I have sh script that wipes phone and it runs successfully at reboot automatically but I want to execute
based on condition based on failed screen lock attempts or when a specific app is removed
How I can program the sh script to make execution depending this?
I know some apps like tasker etc do this but can I achieve this by coding in script ?
Thanks