Here's how to use logcat..There are two main ways to do a logcat, within android, and through adb. Logcat within android can be done one of two ways, through a Logcat app..Here are two good examples are either aLogcat or CatLog I prefer catlog, because in my opinion it has a little bit nicer UI. Both of these programs can dump their logs to a txt file, which is very useful for debugging. Or, you can do it in terminal emulator (same rules as running through adb.
On the other hand, using adb to run logcat, in my opinion is much more useful, because you can start using it when android boots (i.e. once the boot animation appears.)
The code for logcat to output to a file is
Code:
adb logcat > name of problem.txt
you can also do
Code:
adb logcat -f name of problem.txt
how I prefer to do it is this way:
Code:
adb logcat -v long > name of problem.txt
with the -v flag & the long argument, it changes output to long style, which means every line of logcat will be on its own line (makes it a little neater, imo)
Note: When outputting to a file, you will see a newline, but nothing printed, this is normal. To stop logcat from writting to a file, you need to press ctrl+c.
Here's where using logcat (via adb makes life really easy)
Lets say you find a problem you're having after looking at a logcat.
For example:
When I was trying to use a different ramdisk, wifi wouldn't work so I got a logcat that's almost 1300 lines long (a lot of stuff happens in the background)
So if you are searching for an error in the logcat file (it's always e/ for error, f/ for fatal. Those are the two main things that will break a system.)
Code:
D/dalvikvm( 871): GC_CONCURRENT freed 472K, 6% free 10224K/10823K, paused 1ms+6ms
V/AmazonAppstore.DiskInspectorServiceImpl( 871): Available blocks: 21981, Block size: 4096, Free: 90034176, Threshold: 5242880, withinThreshold? true
D/AmazonAppstore.UpdateService( 871): Received action: null from intent: Intent { cmp=com.amazon.venezia/com.amazon.mas.client.framework.UpdateService }
W/AmazonAppstore.UpdateService( 871): Confused about why I'm running with this intent action: null from intent: Intent { cmp=com.amazon.venezia/com.amazon.mas.client.framework.UpdateService }
D/dalvikvm( 890): GC_CONCURRENT freed 175K, 4% free 9375K/9671K, paused 2ms+3ms
V/AmazonAppstore.ReferenceCounter( 871): Reference (MASLoggerDB) count has gone to 0. Closing referenced object.
E/WifiStateMachine( 203): Failed to reload STA firmware java.lang.IllegalStateException: Error communicating to native daemon
V/AmazonAppstore.UpdateService( 871): runUpdateCommand doInBackground started.
V/AmazonAppstore.UpdateService( 871): Running UpdateCommand: digitalLocker
V/AmazonAppstore.UpdateCommand( 871): Not updating key: digitalLocker from: 1334228488057
V/AmazonAppstore.UpdateService( 871): Finished UpdateCommand: digitalLocker
V/AmazonAppstore.UpdateService( 871): Running UpdateCommand: serviceConfig
V/AmazonAppstore.MASLoggerDB( 871): performLogMetric: Metric logged: ResponseTimeMetric [fullName=com.amazon.venezia.VeneziaApplication_onCreate, build=release-2.3, date=Wed Apr 11 13:10:55 CDT 2012, count=1, value=1601.0]
V/AmazonAppstore.MASLoggerDB( 871): onBackgroundTaskSucceeded: Metric logged: ResponseTimeMetric [fullName=com.amazon.venezia.VeneziaApplication_onCreate, build=release-2.3, date=Wed Apr 11 13:10:55 CDT 2012, count=1, value=1601.0]
W/CommandListener( 118): Failed to retrieve HW addr for eth0 (No such device)
D/CommandListener( 118): Setting iface cfg
D/NetworkManagementService( 203): rsp
D/NetworkManagementService( 203): flags
E/WifiStateMachine( 203): Unable to change interface settings: java.lang.IllegalStateException: Unable to communicate with native daemon to interface setcfg - com.android.server.NativeDaemonConnectorException: Cmd {interface setcfg eth0 0.0.0.0 0 [down]} failed with code 400 : {Failed to set address (No such device)}
W/PackageParser( 203): Unknown element under : supports-screen at /mnt/asec/com.android.aldiko-1/pkg.apk Binary XML file line #16
D/wpa_supplicant( 930): wpa_supplicant v0.8.x
D/wpa_supplicant( 930): random: Trying to read entropy from /dev/random
D/wpa_supplicant( 930): Initializing interface 'eth0' conf '/data/misc/wifi/wpa_supplicant.conf' driver 'wext' ctrl_interface 'N/A' bridge 'N/A'
D/wpa_supplicant( 930): Configuration file '/data/misc/wifi/wpa_supplicant.conf' -> '/data/misc/wifi/wpa_supplicant.conf'
D/wpa_supplicant( 930): Reading configuration file '/data/misc/wifi/wpa_supplicant.conf'
D/wpa_supplicant( 930): ctrl_interface='eth0'
D/wpa_supplicant( 930): update_config=1
D/wpa_supplicant( 930): Line: 4 - start of a new network block
D/wpa_supplicant( 930): key_mgmt: 0x4
(mind you, that's 29 lines out of 1300ish, just for example)
I then could do the following with logcat:
Code:
adb logcat WifiStateMachine:E *:S -v long > name of problem.txt
and this will only print out any errors associated with WifiStateMachine, and anything which is fatal, which makes it about a million times easier to figure out what's going on!
In WifiStateMachine:E, the :E = to look for Errors, the full list of options is as follows:
V — Verbose (lowest priority)
D — Debug
I — Info (default priority)
W — Warning
E — Error
F — Fatal
S — Silent (highest priority, on which nothing is ever printed)
You can replace the :E with any other letter from above to get more info.
In order to filter out anything other than what you are looking for (in this case, WifiStateMachine) you must put a *:S after your last command (i.e. WifiStateMachine:E ThemeChoose:V ... ... AndroidRuntime:E *:S)
Sources: http://developer.android.com/tools/help/logcat.html
http://developer.android.com/tools/help/adb.html
Please do NOTE: : I am just sharing. Original post is Here.
Don't be a noob. Be a newbie..!!
Details here.
Great guide! I am glad that I can help you by logcat. Thanks.
Sent from my E10i using xda app-developers app
How long take the. Logcat?
Sent from my E10i using xda premium
ruben21 said:
How long take the. Logcat?
Sent from my E10i using xda premium
Click to expand...
Click to collapse
Whatever you want.
Sent from my E10i using xda app-developers app
Well and how I finish the logcat because I leave them all the night and still run
Sent from my E10i using xda premium
ruben21 said:
Well and how I finish the logcat because I leave them all the night and still run
Sent from my E10i using xda premium
Click to expand...
Click to collapse
Just press CTRL + C
Thanks bro.
☜ Sent from my X10 MP U20i ☞
I have nexus4 and nexus7 (both are 4.3), I noticed all apps resolve dns connection as root (uid 0).
I want to know/ask, why on android, all apps resolve dns connection as root?
I block dns connection as root, then all apps can not resolve dns.
(iptables -I OUTPUT -p udp --dport 53 -m owner --uid-owner 0 -j DROP)
I also noticed, my nexus7 will resolve dns as root, if the connection blocked, then the apps will not resolve dns.
but my nexus4 will resolve dns as root first, if it blocked, then apps will resolve dns as apps-id.
why will that?
anyone have this problem?
both n4/n7 is running stock andorid 4.3 (donwload from google)
thanks.
I can confirm that something very strange is going on in Android 4.3, I'm runing the Slimrom mod and the same thing is true for me, all dns request are done as root. But to make things even stranger the dns props are set but not used, it seems like something is really broken within bioinc that makes it impossible to change dns servers on the fly.
Mine is running android stock rom for both, downloaded from google.
I still not understand, why will that.
Thanks.
Sent from my Nexus 4 using xda app-developers app
Browsing through the AOSP sources, I noticed that Android 4.3 incorporated a somewhat confusing series of commits under the heading of "dns cache per interface," which effectively causes all Bionic DNS requests to be proxied through netd. This commit is the most important element.
Here is the old implementation from Android 4.2.2:
Code:
static struct hostent *
gethostbyname_internal(const char *name, int af, res_state res)
{
const char *cp;
char *bp, *ep;
int size;
struct hostent *hp;
struct resolv_cache* cache;
[b]res_static rs = __res_get_static();[/b]
static const ns_dtab dtab[] = {
NS_FILES_CB(_gethtbyname, NULL)
{ NSSRC_DNS, _dns_gethtbyname, NULL }, /* force -DHESIOD */
{ 0, 0, 0 }
};
assert(name != NULL);
switch (af) {
case AF_INET:
size = INADDRSZ;
break;
case AF_INET6:
size = IN6ADDRSZ;
break;
default:
h_errno = NETDB_INTERNAL;
errno = EAFNOSUPPORT;
return NULL;
}
rs->host.h_addrtype = af;
rs->host.h_length = size;
[...]
h_errno = NETDB_INTERNAL;
if (nsdispatch(&hp, dtab, NSDB_HOSTS, "gethostbyname",
default_dns_files, name, strlen(name), af) != NS_SUCCESS) {
return NULL;
}
h_errno = NETDB_SUCCESS;
return hp;
Note the use of the libc resolver. The library is issuing the DNS requests directly.
By contrast, here is the new Android 4.3 implementation:
Code:
// very similar in proxy-ness to android_getaddrinfo_proxy
static struct hostent *
gethostbyname_internal(const char *name, int af, res_state res, const char *iface)
{
[b]const char *cache_mode = getenv("ANDROID_DNS_MODE");[/b]
FILE* proxy = NULL;
struct hostent *result = NULL;
[b]if (cache_mode != NULL && strcmp(cache_mode, "local") == 0) {[/b]
res_setiface(res, iface);
return gethostbyname_internal_real(name, af, res);
}
proxy = android_open_proxy();
if (proxy == NULL) goto exit;
/* This is writing to system/netd/DnsProxyListener.cpp and changes
* here need to be matched there */
if (fprintf(proxy, "gethostbyname %s %s %d",
iface == NULL ? "^" : iface,
name == NULL ? "^" : name,
af) < 0) {
goto exit;
}
if (fputc(0, proxy) == EOF || fflush(proxy) != 0) {
goto exit;
}
result = android_read_hostent(proxy);
So by default, Android 4.3 will proxy the requests through netd (owned by UID 0). This can be verified by setting DBG to 1 in system/netd/DnsProxyListener.cpp, then watching logcat:
Code:
D/DnsProxyListener( 146): argv[0]=getaddrinfo
D/DnsProxyListener( 146): argv[1]=omg.yahoo.com
D/DnsProxyListener( 146): argv[2]=^
D/DnsProxyListener( 146): argv[3]=1024
D/DnsProxyListener( 146): argv[4]=0
D/DnsProxyListener( 146): argv[5]=1
D/DnsProxyListener( 146): argv[6]=0
D/DnsProxyListener( 146): argv[7]=^
D/DnsProxyListener( 146): GetAddrInfoHandler for omg.yahoo.com / [nullservice] / [nulliface] / 1489
D/DnsProxyListener( 146): GetAddrInfoHandler, now for omg.yahoo.com / (null) / (null)
D/DnsProxyListener( 146): argv[0]=getaddrinfo
D/DnsProxyListener( 146): argv[1]=l1.yimg.com
D/DnsProxyListener( 146): argv[2]=^
D/DnsProxyListener( 146): argv[3]=1024
D/DnsProxyListener( 146): argv[4]=0
D/DnsProxyListener( 146): argv[5]=1
D/DnsProxyListener( 146): argv[6]=0
D/DnsProxyListener( 146): argv[7]=^
D/DnsProxyListener( 146): GetAddrInfoHandler for l1.yimg.com / [nullservice] / [nulliface] / 1489
D/DnsProxyListener( 146): GetAddrInfoHandler, now for l1.yimg.com / (null) / (null)
As seen in the Android 4.3 code snippet, it is possible to temporarily revert to the old behavior by setting ANDROID_DNS_MODE to "local", causing Bionic to send the request through gethostbyname_internal_real(), the old implementation. On this system, the shell user is blocked from sending network traffic via netfilter, but the root user (which owns netd) has full network access:
Code:
[email protected]:/ $ id
uid=2000(shell) gid=2000(shell) groups=1003(graphics),1004(input),1007(log),1009(mount),1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),3002(net_bt),3003(inet),3006(net_bw_stats) context=u:r:shell:s0
[email protected]:/ $ ANDROID_DNS_MODE= telnet google.com 80
telnet: can't connect to remote host (74.125.227.135): Connection refused
1|[email protected]:/ $ ANDROID_DNS_MODE=local telnet google.com 80
telnet: bad address 'google.com'
1|[email protected]:/ $
In the former case (proxied request), the application was able to look up the hostname via netd, but could not send data traffic. In the latter case (direct request), the application was not able to look up the hostname at all.
It is possible to change the systemwide default by making a tweak to system/core/rootdir/init.rc and rebuilding your kernel image:
Code:
diff --git a/rootdir/init.rc b/rootdir/init.rc
index b6d7335..d0efc46 100644
--- a/rootdir/init.rc
+++ b/rootdir/init.rc
@@ -47,6 +47,7 @@ loglevel 3
export ANDROID_ASSETS /system/app
export ANDROID_DATA /data
export ANDROID_STORAGE /storage
+ export ANDROID_DNS_MODE local
export ASEC_MOUNTPOINT /mnt/asec
export LOOP_MOUNTPOINT /mnt/obb
export BOOTCLASSPATH /system/framework/core.jar:/system/framework/core-junit.jar:/system/framework/bouncycastle.jar:/system/framework/ext.jar:/system/framework/framework.jar:/system/framework/telephony-common.jar:/system/framework/voip-common.jar:/system/framework/mms-common.jar:/system/framework/android.policy.jar:/system/framework/services.jar:/system/framework/apache-xml.jar
Maybe there is a better way to patch existing ROMs in place.
So, any easyway to deny some apps, to resolve dns?
How apps connect to netd to resolve dns? Unix socket? Or inet socket?
Ok, what I want to do is, some apps connect through tor network and prevent dns leaks.
Thanks.
Sent from my Nexus 4 using xda app-developers app
Ok, I found it in android_open_proxy().
It look like use unix socket "/dev/socket/dnsproxyd".
So I can not use iptables to deny some apps connect to dnsproxy? right?
Any idea to prevent some apps/uid (but not all), connect to dnsproxy?
Thank you.
Sent from my Nexus 4 using xda app-developers app
I tried export ANDROID_DNS_MODE=local
but it make no different on my nexus 4
(my nexus 4 use android stock room 4.3, download from google)
[email protected]:/ $ id
uid=2000(shell) gid=2000(shell) groups=1003(graphics),1004(input),1007(log),1009(mount),1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),3002(net_bt),3003(inet),3006(net_bw_stats) context=u:r:shell:s0
[email protected]:/ $ telnet google.com
telnet: bad address 'google.com'
1|[email protected]:/ $ set |grep -i dns
1|[email protected]:/ $ export ANDROID_DNS_MODE=local
[email protected]:/ $ set |grep -i dns
ANDROID_DNS_MODE=local
_='ANDROID_DNS_MODE=local'
[email protected]:/ $ telnet google.com
telnet: bad address 'google.com'
any idea why will that?
thank you.
johnw.xda said:
I tried export ANDROID_DNS_MODE=local
but it make no different on my nexus 4
(my nexus 4 use android stock room 4.3, download from google)
[email protected]:/ $ id
uid=2000(shell) gid=2000(shell) groups=1003(graphics),1004(input),1007(log),1009(mount),1011(adb),1015(sdcard_rw),1028(sdcard_r),3001(net_bt_admin),3002(net_bt),3003(inet),3006(net_bw_stats) context=u:r:shell:s0
[email protected]:/ $ telnet google.com
telnet: bad address 'google.com'
1|[email protected]:/ $ set |grep -i dns
1|[email protected]:/ $ export ANDROID_DNS_MODE=local
[email protected]:/ $ set |grep -i dns
ANDROID_DNS_MODE=local
_='ANDROID_DNS_MODE=local'
[email protected]:/ $ telnet google.com
telnet: bad address 'google.com'
any idea why will that?
thank you.
Click to expand...
Click to collapse
Hmm, it looks like this change removed the logic that populates the nameserver list from the system properties. So with ANDROID_DNS_MODE=local, libc will search /system/etc/hosts but it won't actually be able to contact any nameservers:
Code:
[email protected] / $ ANDROID_DNS_MODE=local RES_OPTIONS=debug ping -c1 localhost
;; res_setoptions("debug", "env")..
;; debug
PING localhost (127.0.0.1) 56(84) bytes of data.
64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=1.85 ms
--- localhost ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.852/1.852/1.852/0.000 ms
[email protected] / $ ANDROID_DNS_MODE=local RES_OPTIONS=debug ping -c1 google.com;; res_setoptions("debug", "env")..
;; debug
;; res_nquerydomain(google.com, <Nil>, 1, 1)
;; res_query(google.com, 1, 1)
;; res_nmkquery(QUERY, google.com, IN, A)
;; res_send()
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28372
;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; google.com, type = A, class = IN
;; res_query: send error
;; res_nquerydomain(google.com, , 1, 1)
;; res_query(google.com., 1, 1)
;; res_nmkquery(QUERY, google.com., IN, A)
;; res_send()
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41613
;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; google.com, type = A, class = IN
;; res_query: send error
ping: unknown host google.com
[email protected] / $
There's some code in _resolv_set_nameservers_for_iface() that might help, but I don't think this gets run from ordinary command-line utilities.
Any idea to prevent some apps/uid (but not all), connect to dnsproxy?
Click to expand...
Click to collapse
You could try applying filesystem ACLs or SELinux rules to /dev/socket/dnsproxyd
Compiling setfacl with Bionic is a hassle, but you could boot e.g. a Debian ARM image in QEMU and build a binary that is statically linked with glibc. You might also need to build a kernel with CONFIG_TMPFS_POSIX_ACL=y; this setting is currently disabled on the CM10.2 grouper builds.
Other possibilities include:
Modify Bionic to reinstate the old nameserver list behavior, and modify /init.rc as above
Modify netd; you could try calling setresuid() to send out each request under the UID of the client instead of UID 0
Write a daemon that intercepts DNS requests intended for netd; this could use a modified version of the netd DnsProxy logic or it could pass the request through to the real netd
Sorry, I forgot to mention before, maybe the reason is, my busybox/telnet is compiled on debian use glibc with -static flags, so telnet/busybox does not use android's libc, and does not use dnsproxy too.
Anyway, is it possible to compile owner libc for android? Where can download android 4.3 libc source code? Do I need to setup ndk to compile it? or can I use gcc to compile it.
Did you do that before?
Thank you again.
Sent from my Nexus 4 using xda app-developers app
I'm using pppwidget to access the network and I think that is affected by this DNS issues. As specific way to get network, is not aware of all this new stuff and thus unable to resolv dns queries.
johnw.xda said:
Sorry, I forgot to mention before, maybe the reason is, my busybox/telnet is compiled on debian use glibc with -static flags, so telnet/busybox does not use android's libc, and does not use dnsproxy too.
Anyway, is it possible to compile owner libc for android? Where can download android 4.3 libc source code? Do I need to setup ndk to compile it? or can I use gcc to compile it.
Did you do that before?
Thank you again.
Sent from my Nexus 4 using xda app-developers app
Click to expand...
Click to collapse
johnw.xda said:
Anyway, is it possible to compile owner libc for android? Where can download android 4.3 libc source code? Do I need to setup ndk to compile it? or can I use gcc to compile it.
Did you do that before?
Click to expand...
Click to collapse
I've been building my Android 4.3 ROMs from the CM10.2 sources.
You can try building from AOSP directly (instructions here). CM builds aren't difficult, but they did require a few extra steps.
I'm not aware of a way to build Bionic standalone. Trying the obvious stuff like running "ndk-build" in that directory, or using crosstool-ng, didn't work for me. Others can jump in if they know...
cernekee said:
Hmm, it looks like this change removed the logic that populates the nameserver list from the system properties. So with ANDROID_DNS_MODE=local, libc will search /system/etc/hosts but it won't actually be able to contact any nameservers:
Code:
[email protected] / $ ANDROID_DNS_MODE=local RES_OPTIONS=debug ping -c1 localhost
;; res_setoptions("debug", "env")..
;; debug
PING localhost (127.0.0.1) 56(84) bytes of data.
64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=1.85 ms
--- localhost ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.852/1.852/1.852/0.000 ms
[email protected] / $ ANDROID_DNS_MODE=local RES_OPTIONS=debug ping -c1 google.com;; res_setoptions("debug", "env")..
;; debug
;; res_nquerydomain(google.com, <Nil>, 1, 1)
;; res_query(google.com, 1, 1)
;; res_nmkquery(QUERY, google.com, IN, A)
;; res_send()
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28372
;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; google.com, type = A, class = IN
;; res_query: send error
;; res_nquerydomain(google.com, , 1, 1)
;; res_query(google.com., 1, 1)
;; res_nmkquery(QUERY, google.com., IN, A)
;; res_send()
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41613
;; flags: rd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; google.com, type = A, class = IN
;; res_query: send error
ping: unknown host google.com
[email protected] / $
There's some code in _resolv_set_nameservers_for_iface() that might help, but I don't think this gets run from ordinary command-line utilities.
You could try applying filesystem ACLs or SELinux rules to /dev/socket/dnsproxyd
Compiling setfacl with Bionic is a hassle, but you could boot e.g. a Debian ARM image in QEMU and build a binary that is statically linked with glibc. You might also need to build a kernel with CONFIG_TMPFS_POSIX_ACL=y; this setting is currently disabled on the CM10.2 grouper builds.
Other possibilities include:
Modify Bionic to reinstate the old nameserver list behavior, and modify /init.rc as above
Modify netd; you could try calling setresuid() to send out each request under the UID of the client instead of UID 0
Write a daemon that intercepts DNS requests intended for netd; this could use a modified version of the netd DnsProxy logic or it could pass the request through to the real netd
Click to expand...
Click to collapse
Hi,
Thanks for this analysis.
It certainly does look like 4.3 is ignoring net.dns1 value as the nameserver.
I'm running my custom dns server inside Android and now I suddenly find that it's not being queried.
I may have a small step towards solving this problem.
iptables -t nat -I OUTPUT -p udp -d 192.168.1.1 --dport 53 -j DNAT --to-destination 192.168.1.5:53
iptables -t nat -I OUTPUT -p tcp -d 192.168.1.1 --dport 53 -j DNAT --to-destination 192.168.1.5:53
This works by intercepting the DNS requests meant for the remote nameserver and redirecting it to the local DNS server.
Hope this helps someone figure it out.
There may be a way to programmatically change the active interface DNS server?
Or a way to perhaps disable the DNS proxy completely (ANDROID_DNS_MODE=local doesn't work any more as mentioned)?
cernekee said:
Write a daemon that intercepts DNS requests intended for netd; this could use a modified version of the netd DnsProxy logic or it could pass the request through to the real netd
Click to expand...
Click to collapse
This is what I wound up doing: I copied the DnsProxyListener and Bionic resolver code into an experimental new program called "dnsproxy2", and then tweaked the logic a little bit. Sources are posted here and I'm attaching binaries to this message.
Currently it allows you to pass in a single DNS server address which will unconditionally override the OS-provided DNS servers, and when it proxies requests on behalf of an application it will change the thread's UID (Linux fsuid) to match the caller so that the traditional netfilter app/UID restrictions will be honored.
To see it in action, just do:
Code:
adb push libs/armeabi-v7a/dnsproxy2 /data/local/tmp
adb shell "su -c '/data/local/tmp/dnsproxy2 -v 8.8.8.8'"
The "-v" flag will show the DNS requests on the console.
This was tested with CM10.2. Note that Firefox appears to bypass the DNS proxy.
If this proves useful it may be worth writing a GUI installer/settings app. Another possible improvement would be to allow selectively overriding the DNS server based on the active connection.
cernekee said:
This is what I wound up doing: I copied the DnsProxyListener and Bionic resolver code into an experimental new program called "dnsproxy2", and then tweaked the logic a little bit. Sources are posted here and I'm attaching binaries to this message.
Currently it allows you to pass in a single DNS server address which will unconditionally override the OS-provided DNS servers, and when it proxies requests on behalf of an application it will change the thread's UID (Linux fsuid) to match the caller so that the traditional netfilter app/UID restrictions will be honored.
To see it in action, just do:
Code:
adb push libs/armeabi-v7a/dnsproxy2 /data/local/tmp
adb shell "su -c '/data/local/tmp/dnsproxy2 -v 8.8.8.8'"
The "-v" flag will show the DNS requests on the console.
This was tested with CM10.2. Note that Firefox appears to bypass the DNS proxy.
If this proves useful it may be worth writing a GUI installer/settings app. Another possible improvement would be to allow selectively overriding the DNS server based on the active connection.
Click to expand...
Click to collapse
Is this method still going strong? At this moment there is no app on the market that can change DNS (mobile data access).
hardKNOXbz said:
Is this method still going strong? At this moment there is no app on the market that can change DNS (mobile data access).
Click to expand...
Click to collapse
I'd suggest reading the last few pages of the CrossBreeder thread. I don't think dnsproxy2 is in the official release yet but a number of people have been experimenting with it and posting their results.
cernekee said:
I'd suggest reading the last few pages of the CrossBreeder thread. I don't think dnsproxy2 is in the official release yet but a number of people have been experimenting with it and posting their results.
Click to expand...
Click to collapse
Thank you, I'll do that.
I have created a bug for AOSP regarding broken ANDROID_DNS_MODE=local behavior:
https://code.google.com/p/android/issues/detail?id=75232
Plz try this to connect throo vpn.
This is not my work i just take it from cm11 and put it to stock rom and it work.
sshtunnel_support.zip
https://docs.google.com/file/d/0BzL6ekv_OuX2cE9uY3pfYzNmdWs/edit?usp=docslist_api
Hi Guys,
So i've been trying to flash modules from within the phone without having to boot into the recovery,
and i found that i can just extract the update-binary and execute it through shell and it will do the trick!!
however,
know im trying to do that through my app,
i successfully got root access using Chainfire's libsuperuser,
however, whenever i send the commands to run update-binary i get "segmentation fault(core dumped)" Error.
the command i using in both shell and from within the app is "./update-binary 3 stdout ./modules.zip".
P.S. this might be irrelevent but when ever i add a number before stdout (e.g 7stdout) i get segmentation fault during shell as well,
other than that, i can't find the problem
This is a logcat of the process through strace, if we have a linux debugger here
Code:
08-24 17:06:43.568 8703-9188/com.thunder.kernel.lighter D/libsuperuser: [libsuperuser][SU*] execve("./update-binary", ["./update-binary", "3", "recovery", "./KernelLighter.zip"], [/* 24 vars */]) = 0
08-24 17:06:43.573 8703-9188/com.thunder.kernel.lighter D/libsuperuser: [libsuperuser][SU*] gettid() = 9202
08-24 17:06:43.573 8703-9188/com.thunder.kernel.lighter D/libsuperuser: [libsuperuser][SU*] syscall_983045(0x39a10, 0x399d4, 0, 0x40, 0x399d4, 0xbea729c0, 0xd8ec, 0xf0005, 0, 0, 0, 0, 0, 0xbea72960, 0x28dcf, 0x8c9c, 0x60000010, 0x39a10, 0, 0, 0xc764, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0) = 0
08-24 17:06:43.588 8703-9188/com.thunder.kernel.lighter D/libsuperuser: [libsuperuser][SU*] mmap2(NULL, 131072, PROT_READ, MAP_SHARED, 8, 0) = 0x4007e000
08-24 17:06:43.588 8703-9188/com.thunder.kernel.lighter D/libsuperuser: [libsuperuser][SU*] open("/dev/urandom", O_RDONLY|O_LARGEFILE) = 4
08-24 17:06:43.588 8703-9188/com.thunder.kernel.lighter D/libsuperuser: [libsuperuser][SU*] read(4, "B\300>7", 4) = 4
08-24 17:06:43.593 8703-9188/com.thunder.kernel.lighter D/libsuperuser: [libsuperuser][SU*] close(4) = 0
08-24 17:06:43.598 8703-9188/com.thunder.kernel.lighter D/libsuperuser: [libsuperuser][SU*] mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40119000
08-24 17:06:43.598 8703-9188/com.thunder.kernel.lighter D/libsuperuser: [libsuperuser][SU*] mprotect(0x40119000, 4096, PROT_READ) = 0
08-24 17:06:43.603 8703-9188/com.thunder.kernel.lighter D/libsuperuser: [libsuperuser][SU*] fcntl64(0, F_GETFL) = 0 (flags O_RDONLY)
08-24 17:06:43.603 8703-9188/com.thunder.kernel.lighter D/libsuperuser: [libsuperuser][SU*] --- SIGSEGV (Segmentation fault) @ 0 (0) ---
08-24 17:06:43.693 8703-9188/com.thunder.kernel.lighter D/libsuperuser: [libsuperuser][SU*] +++ killed by SIGSEGV (core dumped) +++
08-24 17:06:43.693 8703-9188/com.thunder.kernel.lighter D/libsuperuser: [libsuperuser][SU*] Process 9202 detached
08-24 17:06:53.368 8703-8756/com.thunder.kernel.lighter D/libsuperuser: [libsuperuser][SU%] END
08-24 17:06:43.603 8703-9188/com.thunder.kernel.lighter D/libsuperuser: [libsuperuser][SU*] fcntl64(0, F_GETFL) = 0 (flags O_RDONLY)
Click to expand...
Click to collapse
I think this line is the important one. I think fcntl stands for flag control, also there is something about read only. Hope this helps somehow, I am not an android expert, but I do know a few things about linux...
I've read some man pages. Combined with what I know from Android I suppose the following: When you execute the command in the shell, there is nothing between it and the kernel / memory. If you execute it from within the app, you have to bypass some securit system put around Android apps which is checking the permissions of the apps. The app itself will not be able to write to the memory, therefore the process is generating a SIGSEV signal, which just says the process trying to write is not allowed to write. Without this, executed from the shell directly, you are allowed as you already have full access
You get a segmentation fault (I suppose SIGSEV as well) when you write something before stdout, because stdout is specifying a system device; the standard output. When the system can't find this device, it is missing an address to write to, that's why you get the segmentation fault as well.
Hope this hellps, I am not entirely sure.
I figured it was due to stdout but is there a way around it?
Sent from my HTC One X
As I already said, I am not an Android expert. But what you have to try is: I don't know if this is possible, but try to start a new shell instance form within the app, gain root access and execute the command there rather than directly processing the command from the app. That's what I do in a Linux GUI when trying to run particular commands.
EDIT: Another question: What does the command update-binary do exactly? Does it need stdout as parameter definitely? Also, as stdout is a virtual system device, that's likely the cause why it won't work from within the app. Is there an Android access right for virtual system devices like stdout which you need to sepcify for the app?
dansou901 said:
As I already said, I am not an Android expert. But what you have to try is: I don't know if this is possible, but try to start a new shell instance form within the app, gain root access and execute the command there rather than directly processing the command from the app. That's what I do in a Linux GUI when trying to run particular commands.
EDIT: Another question: What does the command update-binary do exactly? Does it need stdout as parameter definitely? Also, as stdout is a virtual system device, that's likely the cause why it won't work from within the app. Is there an Android access right for virtual system devices like stdout which you need to sepcify for the app?
Click to expand...
Click to collapse
You might have missed it,
But I'm running the command as root,
Thus it would already be in a different shell, the su.
I thought it could be permission but root only needs root permission and I have that.
The update-binary is found in all flashable zips,
It's what process the update scripts and flashes the zip,
I'm trying for a recovery less flashing technic.
Also the stdout parameter can be anything and it will still cause the error,
But from within a shell it will also work with anything.
Sent from my HTC One X