Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,741,628 Members 40,589 Now Online
XDA Developers Android and Mobile Development Forum

http(s) proxy support (web, maps, etc)

Tip us?
 
daveba
Old
(Last edited by daveba; 7th May 2011 at 04:13 PM.) Reason: Uploading source code
#1  
Senior Member - OP
Thanks Meter 61
Posts: 398
Join Date: Mar 2010
Location: Dubai
Default http(s) proxy support (web, maps, etc)

I was sitting at a customer (yes real work) the other day without access to VPN (ports blocked) and i was roaming so daren't switch on 3g due to the extortionate costs. They did have a wireless access and required a proxy for browsing, web mail, etc. Unfortunately if you're connected to wireless you can't also turn your wifi on your laptop into an adhoc hotspot for your phone (even though ad-hoc works perfectly now) so i quickly downloaded transproxy, compiled it (i did have access to the NDK on my lappie luckily) , and set up iptables and voila, a transparent proxy was up and running and everything sprung into life on my Desire. The nice thing (as mentioned in the subject) is that this is not limited to only the browser (i.e. it's not setting the http_proxy in the SQlite db) so even my MAPS, and everything that uses comms thru port 80 came to life.

Posting this if anyone's interested. I hear the CM6 now has proxy access, but this should work for any ROM that is rooted (i.e has su installed) and has iptables support.

Basic HTTP auth is supported, NTLM is NOT SUPPORTED CURRENTLY (and may never be as i don't have a server i can test with).

UPDATE 7th MAY 2011: PLEASE READ THIS POST FIRST

PLEASE post logcat outputs while starting transproxy or it makes it hard for me to diagnose errors. Just saying it doesn't work will not help me fix it.

Version 3.08 beta
- New GUI only. Thanks lots to user fonix232

Version 3.04-3.07
- Bugfixes

Version 3.03
- Major rewrite of redsocks to support transparent proxying (no need to support tproxy binary).

Version 3.02
- Limit the forks as some complex pages may result in large number of process forks which may lead to memory depletion, slowdown in phone, crash, etc.
- Add port 5228 redirection for market auth

Version 3.01
- Split traffic for b*stard proxies that don't support port 80 connections via CONNECT method

Version 3.00
- Full transparency (currently only 80/443 forwarded)

Version 2.04
- Fixed the loss of focus bug when going from on -> off in the GUI
- Fixed the hostname resoltion bug in the Host field.

Version 2.03
- SOCKS 4a/5 support
- Fix password quoting in proxy.sh script
- Removed iptables binary due to ROM incompatabilites. Your ROM must support and have iptables binary included.

Versions 2.01/2.02
- Private testing versions only to fix bugs.

Version 2.00
- Rewrite to support (basic) proxy auth
- Disabled https as it cannot work transparently

Version 1.03
- Fix to work nexus one not having multiport module
- Included 'iptables' binary

Version 1.02
- Internal only version

Version 1.01
- Fix for broken 'su' parsing by splitting the iptables script into 2 scripts to start/stop

Version 1.0
- Broken version not working with 'su' correctly

TODO:
- Abritrary forwarding (i.e. 80,443,++++) -but the upstream proxy needs to allow those ports which it seems many b*stard proxies don't. Use a VPN for that if you can.
- NTLM support
Attached Thumbnails
Click image for larger version

Name:	gui.png
Views:	17206
Size:	23.0 KB
ID:	424226  
Attached Files
File Type: apk TransProxy.apk - [Click for QR Code] (100.3 KB, 12113 views)
File Type: apk TransProxy2.04.apk - [Click for QR Code] (128.1 KB, 6376 views)
File Type: apk TransProxy3.07.apk - [Click for QR Code] (58.2 KB, 18339 views)
File Type: apk TransProxy3.08beta.apk - [Click for QR Code] (58.9 KB, 35583 views)
File Type: zip TransProxy3.zip - [Click for QR Code] (71.5 KB, 10915 views)
File Type: zip redsocks4transproxy3.zip - [Click for QR Code] (865.6 KB, 12799 views)
The Following 22 Users Say Thank You to daveba For This Useful Post: [ Click to Expand ]
 
magdap
Old
#2  
Senior Member
Thanks Meter 14
Posts: 110
Join Date: May 2010
can you please translate this for unrooted people, (i have no clue where to type this abd stuff)? does this only work for rooted devices? how much time you think you need for an apk :)


and does this work only in combination with a laptop or is this a standalone version ( i heard you can set up proxy when you surf next to your laptop, but without it its not possible)?
 
wallla
Old
#3  
wallla's Avatar
Senior Member
Thanks Meter 12
Posts: 100
Join Date: Jun 2010
Great work! I'm so happy someone capable finally cares about the missing wifi proxy issue.
Do you think it will work on other (rooted) phones, too? I'm interested using it with my Milestone...

Looking forward to see it with a nice UI.
Motorola Milestone || Stock Elcair 2.1 (not rooted)
Nexus S GT-i9023 || Matr1x 15 CFS || Stock ICS 4.0.3 - rooted
The Following User Says Thank You to wallla For This Useful Post: [ Click to Expand ]
 
iamgpc
Old
#4  
Senior Member
Thanks Meter 267
Posts: 137
Join Date: Sep 2008
Location: Taiwan

 
DONATE TO ME
I get an error when do iptables


# iptables -t nat -A OUTPUT -p tcp -m multiport --dports 80,443 -j REDIRECT --to
-ports 8123
iptables -t nat -A OUTPUT -p tcp -m multiport --dports 80,443 -j REDIRECT --to-p
orts 8123
getsockopt for multiport failed strangely: No such file or directory
getsockopt for multiport failed strangely: No such file or directory
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:378
iptables: No chain/target/match by that name
#
 
blud7
Old
#5  
blud7's Avatar
Senior Member
Thanks Meter 56
Posts: 390
Join Date: Jul 2010
I'm a waitin on the apk! Will solve several people problems.
 
daveba
Old
#6  
Senior Member - OP
Thanks Meter 61
Posts: 398
Join Date: Mar 2010
Location: Dubai
Quote:
Originally Posted by magdap View Post
can you please translate this for unrooted people, (i have no clue where to type this abd stuff)? does this only work for rooted devices? how much time you think you need for an apk :)


and does this work only in combination with a laptop or is this a standalone version ( i heard you can set up proxy when you surf next to your laptop, but without it its not possible)?
Unfortunately it won't work for unrooted phones since you need access to do kernel stuff like forwarding destination packets to ports 80,443 to another arbitrary port.

You don't need a laptop after you've pushed the 'tproxy' binary. You can run the commands directly from a root console on the phone.
 
daveba
Old
#7  
Senior Member - OP
Thanks Meter 61
Posts: 398
Join Date: Mar 2010
Location: Dubai
Quote:
Originally Posted by wallla View Post
Great work! I'm so happy someone capable finally cares about the missing wifi proxy issue.
Do you think it will work on other (rooted) phones, too? I'm interested using it with my Milestone...

Looking forward to see it with a nice UI.
Yes i don't see why it shouldn't work with other rooted phones as long as you have the iptables binary and modules (or in kernel).
 
daveba
Old
#8  
Senior Member - OP
Thanks Meter 61
Posts: 398
Join Date: Mar 2010
Location: Dubai
Quote:
Originally Posted by iamgpc View Post
I get an error when do iptables


# iptables -t nat -A OUTPUT -p tcp -m multiport --dports 80,443 -j REDIRECT --to
-ports 8123
iptables -t nat -A OUTPUT -p tcp -m multiport --dports 80,443 -j REDIRECT --to-p
orts 8123
getsockopt for multiport failed strangely: No such file or directory
getsockopt for multiport failed strangely: No such file or directory
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:378
iptables: No chain/target/match by that name
#
Looks like your ROM/kernel doesn't have the multiport matching netfilter builtin or as a module. SO in your case you'd need to change the command to be run for each port you're redirecting like this

Code:
Select Code
iptables -t nat -A OUTPUT -p tcp --dport 80   -j REDIRECT --to-port 8123
iptables -t nat -A OUTPUT -p tcp --dport 443  -j REDIRECT --to-port 8123
 
daveba
Old
#9  
Senior Member - OP
Thanks Meter 61
Posts: 398
Join Date: Mar 2010
Location: Dubai
Quote:
Originally Posted by blud7 View Post
I'm a waitin on the apk! Will solve several people problems.
I'm a good C programmer (IMHO) but never dabbled in android programming, so it may take a while. If some developer comes up with a gui before me, please feel free. I hope i've passed on the know-how to do the raw stuff though.
 
jacketyjoe
Old
#10  
Member
Thanks Meter 0
Posts: 38
Join Date: Jul 2010
Yay, somebody did something about the lack of proxy support

I'm just going to wait for it to be released in a rom (or an app), i'm too lazy and don't need it urgently.
Phones:
  1. motorola v3x-hacked and still running
  2. HTC desire S-OFF'ed-DATA++: Anyways changing
You lecture me on phones, i'll lecture you on computers

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes