brianhansonxyz/vpnhotspotmod
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Use a less invasive method for disabling IPv6 tethering

Browse Source 
Fixes #33.
This commit is contained in:
Mygod
2019-08-27 23:38:53 +08:00
parent df9cb6180a
commit c483c5ad06
2 changed files with 23 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
mobile/src/main/java/be/mygod/vpnhotspot/SettingsPreferenceFragment.kt
View File

@@ -112,6 +112,10 @@ class SettingsPreferenceFragment : PreferenceFragmentCompat() {
File(app.deviceStorage.cacheDir, "iptables-save").absolutePath.also { File(app.deviceStorage.cacheDir, "iptables-save").absolutePath.also {
commands.appendln("ln -sf /system/bin/iptables $it") commands.appendln("ln -sf /system/bin/iptables $it")
} }
val ip6tablesSave = if (Build.VERSION.SDK_INT >= 24) "ip6tables-save" else
File(app.deviceStorage.cacheDir, "ip6tables-save").absolutePath.also {
commands.appendln("ln -sf /system/bin/ip6tables $it")
}
commands.append(""" commands.append("""
|echo dumpsys ${Context.WIFI_P2P_SERVICE} |echo dumpsys ${Context.WIFI_P2P_SERVICE}
|dumpsys ${Context.WIFI_P2P_SERVICE} |dumpsys ${Context.WIFI_P2P_SERVICE}
@@ -125,6 +129,9 @@ class SettingsPreferenceFragment : PreferenceFragmentCompat() {
|echo iptables -t nat |echo iptables -t nat
|$iptablesSave -t nat |$iptablesSave -t nat
|echo |echo
|echo ip6tables-save
|$ip6tablesSave
|echo
|echo ip rule |echo ip rule
|ip rule |ip rule
|echo |echo

23
mobile/src/main/java/be/mygod/vpnhotspot/net/Routing.kt
View File

@@ -46,6 +46,7 @@ class Routing(private val caller: Any, private val downstream: String) : IpNeigh
* Source: https://android.googlesource.com/platform/external/iptables/+/android-5.0.0_r1/iptables/iptables.c#1574 * Source: https://android.googlesource.com/platform/external/iptables/+/android-5.0.0_r1/iptables/iptables.c#1574
*/ */
val IPTABLES = if (Build.VERSION.SDK_INT >= 26) "iptables -w 1" else "iptables -w" val IPTABLES = if (Build.VERSION.SDK_INT >= 26) "iptables -w 1" else "iptables -w"
val IP6TABLES = if (Build.VERSION.SDK_INT >= 26) "ip6tables -w 1" else "ip6tables -w"
fun clean() { fun clean() {
TrafficRecorder.clean() TrafficRecorder.clean()
@@ -59,6 +60,11 @@ class Routing(private val caller: Any, private val downstream: String) : IpNeigh
it.execQuiet("while $IPTABLES -t nat -D POSTROUTING -j vpnhotspot_masquerade; do done") it.execQuiet("while $IPTABLES -t nat -D POSTROUTING -j vpnhotspot_masquerade; do done")
it.execQuiet("$IPTABLES -t nat -F vpnhotspot_masquerade") it.execQuiet("$IPTABLES -t nat -F vpnhotspot_masquerade")
it.execQuiet("$IPTABLES -t nat -X vpnhotspot_masquerade") it.execQuiet("$IPTABLES -t nat -X vpnhotspot_masquerade")
it.execQuiet("while $IP6TABLES -D INPUT -j vpnhotspot_filter; do done")
it.execQuiet("while $IP6TABLES -D FORWARD -j vpnhotspot_filter; do done")
it.execQuiet("while $IP6TABLES -D OUTPUT -j vpnhotspot_filter; do done")
it.execQuiet("$IP6TABLES -F vpnhotspot_filter")
it.execQuiet("$IP6TABLES -X vpnhotspot_filter")
it.execQuiet("while ip rule del priority $RULE_PRIORITY_DNS; do done") it.execQuiet("while ip rule del priority $RULE_PRIORITY_DNS; do done")
it.execQuiet("while ip rule del priority $RULE_PRIORITY_UPSTREAM; do done") it.execQuiet("while ip rule del priority $RULE_PRIORITY_UPSTREAM; do done")
it.execQuiet("while ip rule del priority $RULE_PRIORITY_UPSTREAM_FALLBACK; do done") it.execQuiet("while ip rule del priority $RULE_PRIORITY_UPSTREAM_FALLBACK; do done")
@@ -79,6 +85,8 @@ class Routing(private val caller: Any, private val downstream: String) : IpNeigh
iptables("$IPTABLES -t $table -A $content", "$IPTABLES -t $table -D $content") iptables("$IPTABLES -t $table -A $content", "$IPTABLES -t $table -D $content")
private fun RootSession.Transaction.iptablesInsert(content: String, table: String = "filter") = private fun RootSession.Transaction.iptablesInsert(content: String, table: String = "filter") =
iptables("$IPTABLES -t $table -I $content", "$IPTABLES -t $table -D $content") iptables("$IPTABLES -t $table -I $content", "$IPTABLES -t $table -D $content")
private fun RootSession.Transaction.ip6tablesInsert(content: String) =
iptables("$IP6TABLES -I $content", "$IP6TABLES -D $content")
private fun RootSession.Transaction.ndc(name: String, command: String, revert: String? = null) { private fun RootSession.Transaction.ndc(name: String, command: String, revert: String? = null) {
val result = execQuiet(command, revert) val result = execQuiet(command, revert)
@@ -260,13 +268,14 @@ class Routing(private val caller: Any, private val downstream: String) : IpNeigh
transaction.exec("echo 1 >/proc/sys/net/ipv4/ip_forward") transaction.exec("echo 1 >/proc/sys/net/ipv4/ip_forward")
} }
/** fun disableIpv6() {
* Alternative approach: ndc interface ipv6 $downstream <enable|disable> transaction.execQuiet("$IP6TABLES -N vpnhotspot_filter")
* transaction.ip6tablesInsert("INPUT -j vpnhotspot_filter")
* This approach does the same (up until now) and is easier for parsing error output. transaction.ip6tablesInsert("FORWARD -j vpnhotspot_filter")
*/ transaction.ip6tablesInsert("OUTPUT -j vpnhotspot_filter")
fun disableIpv6() = transaction.exec("echo 1 >/proc/sys/net/ipv6/conf/$downstream/disable_ipv6", transaction.ip6tablesInsert("vpnhotspot_filter -i $downstream -j REJECT")
"echo 0 >/proc/sys/net/ipv6/conf/$downstream/disable_ipv6") transaction.ip6tablesInsert("vpnhotspot_filter -o $downstream -j REJECT")
}
fun forward() { fun forward() {
transaction.execQuiet("$IPTABLES -N vpnhotspot_fwd") transaction.execQuiet("$IPTABLES -N vpnhotspot_fwd")