Comments (4)
Works perfect for me, thank you! It's really awesome to see an issue analysed, fixed and a new version released within hours, hats off.
It's using now the dns1 from my wifi configuration, which is ipv4, and is also shown in the "Stats" window :)
from pcapdroid.
Can you verify that the non DNS traffic is working correcly? E.g. install termux
, run pkg install curl
and then curl 216.58.208.131
.
Can you check the app log to see which DNS server it detects? It prints an information log when you click the start button:
Log.i(TAG, "Using DNS server " + public_dns);
You can retrieve the log with adb logcat
from pcapdroid.
Hey, thanks for the quick reponse!
- Normal traffic using curl with an IP is working
- DNS is also working, when disabling Wifi
- DNS is not working via wifi, when using my local router or using 8.8.8.8 as DNS in android wifi config
- When using 8.8.8.8 as DNS, this is also printed when using "dig" in termux
- The DNS that PCAPdroid logs to be using is IPv6 and probably from my provider (vodafone/unitymedia)
Here is the logcat
02-14 17:48:21.001 7194 7194 D VpnService: prepare function with android vpn context is called for non knox vpn profile
02-14 17:48:21.003 7194 7194 D Main : onActivityResult -> start CaptureService
02-14 17:48:21.008 7194 7194 D CaptureService: onStartCommand
02-14 17:48:21.010 7194 7194 I CaptureService: Using DNS server 2a02:908:2:b::1
02-14 17:48:21.050 7194 8511 D VPNProxy: getIPv4Pref(getVpnDns) = 10.215.173.2
02-14 17:48:21.050 7194 8511 D VPNProxy: getIPv4Pref(getPublicDns) = 2a02:908:2:b::1
02-14 17:48:21.050 7194 8511 E VPNProxy: getPublicDns() returned invalid address
02-14 17:48:21.050 7194 8511 D VPNProxy: getIPv4Pref(getVpnIPv4) = 10.215.173.1
02-14 17:48:21.050 7194 8511 D VPNProxy: getIPv4Pref(getPcapCollectorAddress) = 127.0.0.1
02-14 17:48:21.050 7194 8511 D VPNProxy: getIntPref(getPcapCollectorPort) = 1234
02-14 17:48:21.050 7194 8511 D VPNProxy: getIntPref(dumpPcapToUdp) = 0
02-14 17:48:21.050 7194 8511 D VPNProxy: getIntPref(dumpPcapToJava) = 1
02-14 17:48:21.050 7194 8511 D VPNProxy: getIntPref(getTlsDecryptionEnabled) = 0
02-14 17:48:21.050 7194 8511 D VPNProxy: getIPv4Pref(getTlsProxyAddress) = 0.0.0.0
02-14 17:48:21.050 7194 8511 D VPNProxy: getIntPref(getTlsProxyPort) = 8080
02-14 17:48:21.062 7194 8511 D VPNProxy: Starting packet loop [tapfd=79]
02-14 17:48:21.062 7194 8511 D VPNProxy: zdtun_parse_pkt failed
02-14 17:48:21.062 7194 8511 I chatty : uid=10343(com.emanuelef.remote_capture) CaptureService identical 1 line
02-14 17:48:21.062 7194 8511 D VPNProxy: zdtun_parse_pkt failed
02-14 17:48:21.063 7194 7194 D getLocalIPAddress: Using WiFi IP: 192.168.0.206
02-14 17:48:21.338 7194 8511 I CaptureService: Get uid local=/10.215.173.1:44656 remote=/69.171.250.61:443
02-14 17:48:21.344 7194 8511 I CaptureService: Get uid=10207
02-14 17:48:21.344 7194 8511 D UID_RESOLVER: uid [ipv4][proto=6] 10.215.173.1:44656 -> 69.171.250.61:443 => 10207
02-14 17:48:21.344 7194 8511 I VPNProxy: [proto=6]: 10.215.173.1:44656 -> 69.171.250.61:443 [10207/com.whatsapp]
02-14 17:48:21.347 7194 7194 D MainReceiver: Got StatsUpdate: bytes_sent=60, bytes_rcvd=0, pkts_sent=1, pkts_rcvd=0
02-14 17:48:21.364 7194 8511 D VPNProxy: Exporting a 132 B PCAP buffer
02-14 17:48:21.453 7194 8511 D VPNProxy: zdtun_parse_pkt failed
02-14 17:48:21.516 7194 8511 D VPNProxy: zdtun_parse_pkt failed
02-14 17:48:21.538 7194 8511 D VPNProxy: l7proto: app=119, master=91
02-14 17:48:21.768 7194 7194 D MainReceiver: Got StatsUpdate: bytes_sent=702, bytes_rcvd=705, pkts_sent=9, pkts_rcvd=9
02-14 17:48:22.131 7194 8511 D CaptureService: sendConnectionsDump(1 connections)
02-14 17:48:22.132 7194 7194 D MainReceiver: Got StatsUpdate: bytes_sent=742, bytes_rcvd=782, pkts_sent=10, pkts_rcvd=10
02-14 17:48:22.636 7194 7194 D MainReceiver: Got StatsUpdate: bytes_sent=782, bytes_rcvd=782, pkts_sent=11, pkts_rcvd=10
02-14 17:48:23.138 7194 8511 D VPNProxy: Exporting a 1768 B PCAP buffer
I don't want to use my providers ipv6 dns, so the question is where that is coming from.
I can't change the DNS that is delivered from the router via DHCP, but I changed both DNS1 and DNS1 in the wifi settings.
from pcapdroid.
Thanks for the useful information. It should be fixed in 3235c03. You can find the new apk at https://github.com/emanuele-f/PCAPdroid/releases/tag/v1.2.14 or wait for the playstore version to be available. Can you confirm that it works?
Regarding the IPv6 DNS, your router probably has DHCPv6 running. Usually you can either disable it or configure a custom IPv6 DNS server.
from pcapdroid.
Related Issues (20)
- Is that possible to use real-time capture by default? HOT 2
- Activity Monitor HOT 7
- Pvapdroid
- no network connection in specific app when using PCAPDroid HOT 12
- Log: [AppsResolver] Could not retrieve package HOT 1
- Filtering by Prepared Hosts HOT 1
- sslkeylogfile.txt produces "Duplicated entry" warnings in scapy, fails to decrypt traffic HOT 2
- PCAPdroid Trailer not work,lua plugin is loaded normally HOT 8
- Feature request: Geo location block
- ICMP traffic not available HOT 2
- App crashes on Android permissions reset
- Start on boot doesn't seem to work HOT 3
- High cpu usage when use it through root mode, and libcapd.so process doesn't be killed HOT 6
- Implement PCAPdroid trailer equivalent in pcapng
- Garbage characters in PCAPdtoid trailer app name HOT 6
- Save mitmproxy capture HOT 1
- I want to thank those for being patient with me. I didn't know anything about the internet until I got hacked. I have a big problem with reading much more than 2 sentences and I loose focus and skip a quarter page.
- Add network interface information HOT 1
- Mention the Blacklist source when Malware connection is detected and other disclosures HOT 3
- Improve connections error reporting
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pcapdroid.