Related
I have found that you can enable www access through a proxy server by inserting new iptables rules in Android. I have used it successfully to browse internet throughput the wifi at my office, it should be the same for school networks with proxy servers as well.
Requirements:
Root access
Kernel with iptable and netfilter support
Known working kernels:
Doomkernel v10
Have been tested on .368 firmware and Doomkernel v10, all iptable and netfilter modules are included in his kernel.
1. Open a terminal emulator or use a scripting app, I have been using ScriptManager.
2. Add iptables entry, root access is needed to manipulate the iptables.
Replace ip address and port in the --to parameter to match your own proxy server address
$ su
# iptables -t nat -A OUTPUT -p tcp -o wlan0 -d internal.ericsson.com -j ACCEPT
# iptables -t nat -A OUTPUT -p tcp -o wlan0 --dport 80 -j DNAT --to 153.140.40.150:3132
# iptables -t nat -L (to list newly added rule)
All apps will now connect to the proxy when accessing port 80
To remove iptables:
$ su
# iptables -t nat -F OUTPUT
You might see several error messages, they can be ignored
modprobe: module 'ip_tables' not found
getsocket for multiport failed strangely: No such file or directory
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:378
Please let me know if you know how to improve the ruleset and if other kernels are working as well.
Updated ruleset:
Have added additional rule to configure iptales to bypass proxy for intranet web addresses, it would otherwise try to open up intranet web pages trough the proxy server.
The easy way
http://forum.xda-developers.com/showthread.php?t=766569
w1000i said:
The easy way
http://forum.xda-developers.com/showthread.php?t=766569
Click to expand...
Click to collapse
Thanks for the url, have you tried it? Might give it a try but is sounds like it is just a frontend to manipulating the iptables, I prefer to change it myselft, that gives full flexibility to do whatever I wish with the iptables
Did give DroidProxy a try from the android marked but it did not seem to work which is why I started to setup the proxy manually in iptables.
---------- Post added at 10:08 AM ---------- Previous post was at 09:43 AM ----------
w1000i said:
The easy way
http://forum.xda-developers.com/showthread.php?t=766569
Click to expand...
Click to collapse
Found out that, the transporxy project has been discontinued and replaced with autoproxy which according to the forum members should work very well.
http://forum.xda-developers.com/showthread.php?t=1083284
It should work as long as multiports are not used as this is not included in Doomkernel v10. This only mean that you will have to add a seperate rule for each port you wish to forward ie. one for port 80 and one for port 443 instead of having both included in the same rule.
I want to setup OpenVPN on my device, but the installer is saying that it needs a TAP/TUN module. After doing some research it looks like it's tun.ko that I'm looking for, but I'm not that famaliar with the android devices (this is my first droid, had it for about a month now) and would like some help or recommendations
I'm actually running an Bell branded XT860.
tun/tap is built in D3 stock kernel, so you need no module tun.ko.
Which OpenVPN Installer did you try? The app from the market? It worked fine for me, only shortcoming is the openvpn binary seems to have a bug on D3, the built-in route and ifconfig commands do not work. But no big deal for me, since I use a start script anyway and add these commands to this script.
Can you elaborate how your using the startup scripts? I'm using OpenVPN on CM7 on another device and it works well. My D3 is getting shipped to me and I'd like to also get OpenVPN running on it.
Thanks
How detailled do you need it? I can show you what I did, but you need some Linux / OpenVPN skills to alter it for your needs. Unfortunately, I currently don't have the time to write a failsave HowTo. But if you have further questions, feel free to ask.
1. remount /system read-write
2. mkdir -p /system/scripts/openvpn and copy your OpenVPN configfiles there
3. Create script /system/scripts/ovpn.sh:
#! /system/bin/sh
openvpn --cd /system/scripts/openvpn --config openvpn.conf --daemon
sleep 1
ifconfig tun0 172.31.254.10 pointopoint 172.31.254.9
/system/sbin/route add -net 10.0.0.0/8 dev tun0
exit 0
4. Make a widget with app Script Manager
5. remount /system read-only
EDIT: What I missed to mention before: I had some MTU problemes. Configuring "mssfix 1200" solved it.
So let me get this right.
I have openvpn settings and the binary installed.
config files are in /sdcard/openvpn/
both the -> swissvpn.ovpn and ca.crt
openvpn binary is in /system/xbin/openvpn
I modified script in /system/scripts/openvpn to read
openvpn.conf to swissvpn.ovpn
--------------------------------------
#! /system/bin/sh
openvpn --cd /system/scripts/openvpn --config swissvpn.ovpn --daemon
sleep 1
ifconfig tun0 172.31.254.10 pointopoint 172.31.254.9
/system/sbin/route add -net 10.0.0.0/8 dev tun0
exit 0
-----------------------------------
saved to /system/scripts/ovpn.sh
Questions
1.) Do I need to point openvpn to the config files in /system/scripts/openvpn or /sdcard/openvpn for it to work?
2.)Will this finally fix the routing problem with the browser not tunneling properly?
3.)Do I need to issue "Load tun kernel module" in "openvpn settings" or is this already solved with the stock kernel?
Regarding your first question, yes you have to, and this isn't your only mistake. You cannot just adopt my ifconfig and route settings.
OK, how could we start? I fear you are using a server-pushed configuration and I further fear this will just not work with this "broken" openvpn binary.
Could you please post your swissvpn.ovpn?
And please do the following, on command line as root:
openvpn --cd /sdcard/openvpn --config swissvpn.ovpn
... and please post the output.
output
-----------------------------------------------
export PATH=/data/local/bin:$PATH
[email protected]_solana:/$ export PATH=/data/local/bin:$PATH
[email protected]_solana:/$ su
[email protected]_solana:/# openvpn --cd /sdcard/openvpn --config swissvpn.ovpn
Tue Oct 11 17:19:08 2011 OpenVPN 2.1.1 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] built on Feb 2 2010
Enter Auth Username:
------------------------------------------
also config file swissvpn.ovpn contents
------------------------------------------
dev tun
client
proto tcp-client
remote connect-openvpn.swissvpn.net 443
ca ca.crt
auth-user-pass
reneg-sec 86400
ns-cert-type server
-----------------------------------------
I messed up on my last post.
I meant the ovpn.sh script is in /system/scripts/
the 2 config files swissvpn.opvn and ca.crt are in /system/scripts/openvpn/
The openvpn binary is in /system/xbin/openvpn/ and was installed by 'OpenVPN Installer' from the Market. "OpenVPN Settings" is the app I'm using to configure all of this.
also if I execute your ovpn.sh in script manager as root it just outputs this
--------------------------------------------
http ://oi51.tinypic.com/2n21vdx. jpg
http ://oi52.tinypic.com/2vw8bbt. jpg
http ://oi54.tinypic.com/c7vck. jpg
http ://oi52.tinypic.com/15hh4au. jpg
--------------------------------------------
You are obviously prompted for a Username. What happens when you type your username (and then password, I guess).
RE:
Well what it says in a message
this is with your script in there
Take note that I had clicked SwissVPN.ovpn
The green checkbox had turn off and displayed this message.
http ://oi52.tinypic.com/2a7cwzl.jpg
OK, it seams my workaround doesn't work for you because your ifconfig and route parameters are pushed by the server. There is more investigation needed, either in a new build of the openvpn binary or another workaround. I'll have a closer look at it, but really cannot promise you a timeline.
I was having your same problem with "FATAL:Linux ifconfig failed:could not execute external program."
There is a fix in this thread http://forum.xda-developers.com/archive/index.php/t-1074492.html
cd /system/xbin
ln -s /system/xbin /system/xbin/bb
this will create a correct link for ifconfig and route commands
Click to expand...
Click to collapse
I've got OpenVPN to connect successfully, yet no traffic routes through VPN.
This thread discusses the issue
http://forum.xda-developers.com/archive/index.php/t-1235954.html
Someone said
I can configure tun0 and the routing table manually and successfully pass traffic through the tunnel.
Click to expand...
Click to collapse
I don't understand the configuration he posted
vpnc work well with cisco vpn
download vpnc from market. works well with cisco vpn.
Hi, Looking for help to update the M8 tether hack to work with lollipop on Sprint stock rooted ROM.
I was able to update the default.xml file ( sprint stock lollipop based) in the attached zip which enabled the hotspot and works great with 3g. The init.d tether script used to get LTE working in the zip worked great on kitkat when set correctly using SManager but it doesn't seem to work on lollipop as everyone is aware. I am not experienced enough to edit the tether script which I suspect is the issue with LTE and was hoping someone else here was. It's below and also attached in the zip file under system/etc/init.d which I am sure you know already. Of course it might be something much harder than a simple update of a script or it probably would have been done already....
(I can't attach the zip I was referring to since I haven't posted 10 posts yet but it's here)
http://forum.xda-developers.com/atta...9&d=1423894001
Thanks!
#!/system/bin/sh
iptables -F
iptables -A bw_FORWARD -i !lo+
iptables -A natctrl_FORWARD -j RETURN -i rmnet+ -o wlan0 -m state --state RELATED,ESTABLISHED
iptables -A natctrl_FORWARD -j DROP -i wlan0 -o rmnet+ -m state --state INVALID
iptables -A natctrl_FORWARD -j RETURN -i wlan0 -o rmnet+
iptables -A natctrl_FORWARD -j DROP
iptables -A natctrl_nat_POSTROUTING -t nat -o rmnet+ -j MASQUERADE
oh yeah, six pack of top shelf NW beer sent to the person that can get this working
robsoprano said:
Hi, Looking for help to update the M8 tether hack to work with lollipop on Sprint stock rooted ROM.
I was able to update the default.xml file ( sprint stock lollipop based) in the attached zip which enabled the hotspot and works great with 3g. The init.d tether script used to get LTE working in the zip worked great on kitkat when set correctly using SManager but it doesn't seem to work on lollipop as everyone is aware. I am not experienced enough to edit the tether script which I suspect is the issue with LTE and was hoping someone else here was. It's below and also attached in the zip file under system/etc/init.d which I am sure you know already. Of course it might be something much harder than a simple update of a script or it probably would have been done already....
(I can't attach the zip I was referring to since I haven't posted 10 posts yet but it's here)
http://forum.xda-developers.com/atta...9&d=1423894001
Thanks!
#!/system/bin/sh
iptables -F
iptables -A bw_FORWARD -i !lo+
iptables -A natctrl_FORWARD -j RETURN -i rmnet+ -o wlan0 -m state --state RELATED,ESTABLISHED
iptables -A natctrl_FORWARD -j DROP -i wlan0 -o rmnet+ -m state --state INVALID
iptables -A natctrl_FORWARD -j RETURN -i wlan0 -o rmnet+
iptables -A natctrl_FORWARD -j DROP
iptables -A natctrl_nat_POSTROUTING -t nat -o rmnet+ -j MASQUERADE
Click to expand...
Click to collapse
Why not post in the tether hack thread?
http://forum.xda-developers.com/showthread.php?t=2712222
'cause they required 10 posts which I now have
hi, please delete this thread, it has been added to this existing one:
http://forum.xda-developers.com/showthread.php?t=2712222&page=20
I used to be able to tether over wi-fi by connecting to an OpenVPN server, then activating the phone as a wi-fi hotspot, then running a script to route data traffic over the VPN. For some reason, this is not working anymore.
This is the script that used to work:
Code:
su -
iptables -t filter -F FORWARD
iptables -t nat -F POSTROUTING
iptables -t filter -A FORWARD -j ACCEPT
iptables -t nat -A POSTROUTING -j MASQUERADE
When this didn't work I tried this script:
Code:
su -
iptables -t filter -F FORWARD
iptables -t nat -F POSTROUTING
iptables -t filter -I FORWARD -j ACCEPT
iptables -t nat -I POSTROUTING -j MASQUERADE
ip rule add from 192.168.43.0/24 lookup 61
ip route add default dev tun0 scope link table 61
ip route add 192.168.43.0/24 dev wlan0 scope link table 61
ip route add broadcast 255.255.255.255 dev wlan0 scope link table 61
But this isn't working either. If I connect the VPN, turn on the hotspot, and then run the script, I can't get the 2nd device to connect to wi-fi. If I connect the VPN, run the script, then turn on the hotspot, I'm able to connect, but the 2nd device does not get routed over the VPN (which defeats the purpose).
Is anybody doing this successfully and, if so, how are you doing it?
OK,
After some experimenting, I got this to work. For the benefit of anybody else trying to do this, here are the instructions that worked:
1. Turn on wi-fi hotspot on phone and connect from tethered device
2. Connect to your VPN (I use OpenVPN)
3. Using teminal emulator or other terminal program navigate to the location of the tether_routing .sh script
3. type su <cr>
4. type sh tether_routing.sh
Make sure you follow these steps in exactly this order!
Check to make sure your tethered device is actually connecting through the VPN (http://whatismyipaddress.com)
I changed the tether_routing.sh script slightly. For some reason, it seems to work better when 'su' is typed before running the script and not put in the script.
Code:
#!/system/bin/sh
iptables -t filter -F FORWARD
iptables -t nat -F POSTROUTING
iptables -t filter -I FORWARD -j ACCEPT
iptables -t nat -I POSTROUTING -j MASQUERADE
ip rule add from 192.168.43.0/24 lookup 61
ip route add default dev tun0 scope link table 61
ip route add 192.168.43.0/24 dev wlan0 scope link table 61
ip route add broadcast 255.255.255.255 dev wlan0 scope link table 61
Thank you for this! I have been trying to find a solution for a long time. I have an s6 now, but I'll try this weekend to see if it will work for me.
woody1 said:
OK,
After some experimenting, I got this to work. For the benefit of anybody else trying to do this, here are the instructions that worked:
1. Turn on wi-fi hotspot on phone and connect from tethered device
2. Connect to your VPN (I use OpenVPN)
3. Using teminal emulator or other terminal program navigate to the location of the tether_routing .sh script
3. type su <cr>
4. type sh tether_routing.sh
Make sure you follow these steps in exactly this order!
Check to make sure your tethered device is actually connecting through the VPN (http://whatismyipaddress.com)
I changed the tether_routing.sh script slightly. For some reason, it seems to work better when 'su' is typed before running the script and not put in the script.
Code:
#!/system/bin/sh
iptables -t filter -F FORWARD
iptables -t nat -F POSTROUTING
iptables -t filter -I FORWARD -j ACCEPT
iptables -t nat -I POSTROUTING -j MASQUERADE
ip rule add from 192.168.43.0/24 lookup 61
ip route add default dev tun0 scope link table 61
ip route add 192.168.43.0/24 dev wlan0 scope link table 61
ip route add broadcast 255.255.255.255 dev wlan0 scope link table 61
Click to expand...
Click to collapse
Thanks, I still couldn't get it to work. It is most likely user error, as I'm a bit of a newbie creating (copying/pasting/saving) scripts.
dave812 said:
Thanks, I still couldn't get it to work. It is most likely user error, as I'm a bit of a newbie creating (copying/pasting/saving) scripts.
Click to expand...
Click to collapse
You might try typing the commands into a terminal window one by one instead of putting them in a script. If you can get that to work, you can experiment with getting them to work in a script.
I found that in order for the script to work you need to convert the text file to unix format without the carriage return after each line. If you are creating the script in certain text editors in Windows there will be a carriage return.
Use this dos2unix utility to remove the carriage returns in the script and then it will work.
http://sourceforge.net/projects/dos2unix
uniphase said:
I found that in order for the script to work you need to convert the text file to unix format without the carriage return after each line. If you are creating the script in certain text editors in Windows there will be a carriage return.
Use this dos2unix utility to remove the carriage returns in the script and then it will work.
http://sourceforge.net/projects/dos2unix
Click to expand...
Click to collapse
You are correct about this script and this applies to any plain text file that's created in a Windows environment, then used on a Linux/Unix based system. I use Notepad++ on Windows which has an option to display and change the end-of-line style in use for a given file.
woody1 said:
OK,
After some experimenting, I got this to work. For the benefit of anybody else trying to do this, here are the instructions that worked:
1. Turn on wi-fi hotspot on phone and connect from tethered device
2. Connect to your VPN (I use OpenVPN)
3. Using teminal emulator or other terminal program navigate to the location of the tether_routing .sh script
3. type su <cr>
4. type sh tether_routing.sh
Make sure you follow these steps in exactly this order!
Check to make sure your tethered device is actually connecting through the VPN (http://whatismyipaddress.com)
I changed the tether_routing.sh script slightly. For some reason, it seems to work better when 'su' is typed before running the script and not put in the script.
Code:
#!/system/bin/sh
iptables -t filter -F FORWARD
iptables -t nat -F POSTROUTING
iptables -t filter -I FORWARD -j ACCEPT
iptables -t nat -I POSTROUTING -j MASQUERADE
ip rule add from 192.168.43.0/24 lookup 61
ip route add default dev tun0 scope link table 61
ip route add 192.168.43.0/24 dev wlan0 scope link table 61
ip route add broadcast 255.255.255.255 dev wlan0 scope link table 61
Click to expand...
Click to collapse
in this line>>>>> ip rule add from 192.168.43.0/24 lookup 61 <<<<<the ip is universal???
---------- Post added at 09:18 PM ---------- Previous post was at 08:48 PM ----------
I tried it with psiphon 113. I use ipleak.net btw and from my phone which is the device that share the connection it works as it should. But from the tablet which I connect through the phone I have DNS leak. The phone takes ip,dns from the vpn and the tablet gets only the ip but dns from Greece. It is also weird thst it doesn't take dns from Vodafone but generally dns from Greece... any ideas??
Here is a compilation of different ways to change/set the DNS Server in Android Devices
In this thread, I'll be setting the DNS Servers to 8.8.88 & 8.8.4.4 (Google DNS).
You can use any DNS server of your wish.
FOR NON-ROOTED DEVICES:
Method 1: (by changing WiFi Settings)
Note: For some devices, this will work only if you can set a static IP.
1. Go Settings->WiFi
2. Long press the Network you're connected to, and tap 'Modify Network'.
3. Check 'Advanced'. (may not be required in some phones)
Switch the IP settings from DHCP to Static.
Add required DNS servers to the entries for DNS 1 and DNS 2.
4. Click 'Save'
(Don't worry about the editing the IP address as the Android device may fill in the IP address it has acquired through DHCP.)
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Method 2: (Easiest Method using app)
You could just use any app like:
1. Engelsiz : DNS Changer
2. DNS Changer (NO ROOT)
3. DNS Changer (no root 3G/WiFi)
4. DNSet
5. DNS Changer
(or any other app in Play Store.)
(Some apps may require root access)
FOR ROOTED DEVICES:
Easiest way:
The best apps I would recommend to do this automatically are:
1. Override DNS (Root)
2. Set DNS
3. DNS + DNSCrypt Manager
4. DNS Forwarder
Method 3: (by editing DNS config)
1. Open the file 20-dns.conf from /etc/dhcpcd/dhcpcd-hooks/ using a Text Editor (I use ES File Explorer)
2. Add this line to the beggining & reboot device:
Code:
new_domain_name_servers="8.8.8.8 8.8.4.4 $new_domain_name_servers"
So, finally the script finally looks something like this:
Code:
##THIS CAN VARY slightly FOR DIFFERENT ROM BUILDS
# Set net.<iface>.dnsN properties that contain the
# DNS server addresses given by the DHCP server.
[B]new_domain_name_servers="[I]8.8.8.8[/I] [I]8.8.4.4[/I] $new_domain_name_servers"[/B]
if [[ $interface == p2p* ]]
then
intf=p2p
else
intf=$interface
fi
set_dns_props()
{
case "${new_domain_name_servers}" in
"") return 0;;
esac
count=1
for i in 1 2 3 4; do
setprop dhcp.${intf}.dns${i} ""
done
count=1
for dnsaddr in ${new_domain_name_servers}; do
setprop dhcp.${intf}.dns${count} ${dnsaddr}
count=$(($count + 1))
done
separator=" "
if [ -z "$new_domain_name" ]; then
separator=""
else
if [ -z "$new_domain_search" ]; then
separator=""
fi
fi
setprop dhcp.${interface}.domain "${new_domain_name}$separator${new_domain_search}"
}
unset_dns_props()
{
for i in 1 2 3 4; do
setprop dhcp.${intf}.dns${i} ""
done
setprop dhcp.${interface}.domain ""
}
case "${reason}" in
BOUND|INFORM|REBIND|REBOOT|RENEW|TIMEOUT) set_dns_props;;
EXPIRE|FAIL|IPV4LL|RELEASE|STOP) unset_dns_props;;
esac
This is a permanent change. (& sets only for WiFi)
Remove that added line to undo the changes.
(Source: http://forum.xda-developers.com/showpost.php?p=51650282&postcount=7 )
Method 4: (by changing DNS properties using Terminal Emulator)
Note: This may not work in Android 4.4 and above devices.
1. Open Terminal Emulator and type:
Code:
getprop | grep dns
2. Note down all the properties related to dns1, dns2.
These are the properties you need to set to change the DNS Server.
Use the following commands in Terminal Emulator to set them (using setprop):
Code:
su
setprop dhcp.wlan0.dns1 8.8.8.8
setprop dhcp.wlan0.dns2 8.8.4.4
setprop net.dns1 8.8.8.8
setprop net.dns2 8.8.4.4
Other optional properties for mobile networks (may vary with devices) (rmnet0 for 3G I guess)
Code:
setprop net.ppp0.dns1 8.8.8.8
setprop net.ppp0.dns2 8.8.4.4
setprop net.rmnet0.dns1 8.8.8.8
setprop net.rmnet0.dns2 8.8.4.4
setprop net.pdpbr1.dns1 8.8.8.8
setprop net.pdpbr1.dns2 8.8.4.4
Setting DNS for very older devices:
Code:
setprop ro.kernel.android.ndns 2
setprop dhcp.eth0.dns1 8.8.8.8
setprop dhcp.eth0.dns2 8.8.4.4
(You may similarly set dns3 & dns4, but that's not necessary)
These properties get reset to the original values upon reboot..
So, to keep these changes permanent, add the required commands to init.d
(Source: https://github.com/ukanth/afwall/wiki/DNS#changing-default-dns )
Method 5: (by using iptables command)
1. Open Terminal Emulator and type the following:
Code:
su
iptables -t nat -A OUTPUT -p tcp --dport 53 -j DNAT --to-destination 8.8.8.8:53
iptables -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to-destination 8.8.8.8:53
iptables -t nat -D OUTPUT -p tcp --dport 53 -j DNAT --to-destination 8.8.8.8:53 || true
iptables -t nat -D OUTPUT -p udp --dport 53 -j DNAT --to-destination 8.8.8.8:53 || true
iptables -t nat -I OUTPUT -p tcp --dport 53 -j DNAT --to-destination 8.8.8.8:53
iptables -t nat -I OUTPUT -p udp --dport 53 -j DNAT --to-destination 8.8.8.8:53
(you may also use this as AFWall+ Custom Script)
For more detailed info and better understanding, click here.
These properties get reset to the original values upon reboot..
So, to keep these changes permanent, add the required commands to init.d
Method 6: (by editing resolv.conf)
Note:
I think this method works only for old devices. Nothing wrong in trying
1. Open resolv.conf from /system/etc/ using a Text Editor (I use ES File Explorer)
(If there's no such file, create it and try.)
2. Modify the nameservers in the file to your desired DNS servers.
The file finally looks like this:
Code:
nameserver 8.8.8.8
nameserver 8.8.4.4
This change is permanent..
So, it's better to backup the original resolv.conf before editing.
(Source: https://butterflydroid.wordpress.com/2011/10/19/how-to-set-dns-server-on-android-phone/ )
Method 7: (by using ndc resolver command)
1. Open Terminal Emulator and type the following:
Code:
su
ndc resolver flushif [SIZE="1"][I]## to flush old DNS servers[/I][/SIZE]
ndc resolver flushdefaultif [SIZE="1"][I]## to flush resolver[/I][/SIZE]
ndc resolver setifdns <iface> <domains> <dns1> <dns2> ... [SIZE="1"][I]## Add the new servers[/I][/SIZE]
ndc resolver setdefaultif [SIZE="1"][I]## Set as the default device[/I][/SIZE]
This may vary for different Android Versions, so check this also..
These properties get reset to the original values upon reboot..
So, to keep these changes permanent, add the required commands to init.d
Method 8: (by using DNSCrypt command)
Install DNSCrpt on your Android Device with this instructions here.
Then check this answer here on Android Stack Exchange on how to set DNS using a script.
Hit the 'Thanks!' button if you found this helpful.
Leave a reply if you need any help
Do leave a reply if any of these methods worked on your device...
please tell me how to add init.d. I don't know.
rajarshi kundu said:
please tell me how to add init.d. I don't know.
Click to expand...
Click to collapse
This might help:
[GUIDE] How to use init.d scripts
Or try this app: Universal Init.d
method1
great list tks. re method 1, in my experience you have to give an ip address as otherwise you can't save the settings, which then turns out you have to give the device a static ip at your router.
Great list...
Now how about you tell us which versions of Android these work on?
Since Android 6.1.x you can only change the DNS for tethered devices and nothing else. Everything else is ignored, no matter what you set or which app you use.
Wartickler said:
Now how about you tell us which versions of Android these work on?
Since Android 6.1.x you can only change the DNS for tethered devices and nothing else. Everything else is ignored, no matter what you set or which app you use.
Click to expand...
Click to collapse
DNS + DNSCrypt Manager (root) worked for me in Android 7.1.1
Fast what is the fastest downloader for Android phone as cell phones and tablets also how do you use the DNS changer
S7 Nougat
seems after an upgrade to Nougat I cant view my DNS anymore is this true? Mine is nonrooted
i'm on Android 6.0.1 and the iptables method works!
setprop doesn't work.
Wartickler said:
Since Android 6.1.x you can only change the DNS for tethered devices and nothing else. Everything else is ignored, no matter what you set or which app you use.
Click to expand...
Click to collapse
Modifying the 20-dns.conf file worked for me on 7.0.
Help please,
Do u guys think dns changer app still needed if dns already change through build prop( kernel adiutor)? Or mod app like fly on mod?
Feels like its redundant
Is it possible to change dns host name permanently?
So it wont be changed to default after reboot..
@GokulNC
How to change the DNS ADDRESS with help of creating dumpy VPN service without help of any application .
With help of application -
U list out in non - root app list
Like
https://play.google.com/store/apps/details?id=com.burakgon.dnschanger
That app use dumpy vpn for dns change
But
why we app ??
Please try to discover the configuration of vpn..
Hi, I have a question.
Can you tell me if this changes will be applied also to DNS of Mobile Data?
Dns
I did change Dns regular interface for Android Tv but Dns leak test still shows Isp Dns. Why?
GokulNC said:
Here is a compilation of different ways to change/set the DNS Server in Android Devices
In this thread, I'll be setting the DNS Servers to 8.8.88 & 8.8.4.4 (Google DNS).
You can use any DNS server of your wish.
FOR NON-ROOTED DEVICES:
Method 1: (by changing WiFi Settings)
Note: For some devices, this will work only if you can set a static IP.
1. Go Settings->WiFi
2. Long press the Network you're connected to, and tap 'Modify Network'.
3. Check 'Advanced'. (may not be required in some phones)
Switch the IP settings from DHCP to Static.
Add required DNS servers to the entries for DNS 1 and DNS 2.
4. Click 'Save'
(Don't worry about the editing the IP address as the Android device may fill in the IP address it has acquired through DHCP.)
Method 2: (Easiest Method using app)
You could just use any app like:
1. Engelsiz : DNS Changer
2. DNS Changer (NO ROOT)
3. DNS Changer (no root 3G/WiFi)
4. DNSet
5. DNS Changer
(or any other app in Play Store.)
(Some apps may require root access)
FOR ROOTED DEVICES:
Easiest way:
The best apps I would recommend to do this automatically are:
1. Override DNS (Root)
2. Set DNS
3. DNS + DNSCrypt Manager
4. DNS Forwarder
Method 3: (by editing DNS config)
1. Open the file 20-dns.conf from /etc/dhcpcd/dhcpcd-hooks/ using a Text Editor (I use ES File Explorer)
2. Add this line to the beggining & reboot device:
Code:
new_domain_name_servers="8.8.8.8 8.8.4.4 $new_domain_name_servers"
So, finally the script finally looks something like this:
Code:
##THIS CAN VARY slightly FOR DIFFERENT ROM BUILDS
# Set net.<iface>.dnsN properties that contain the
# DNS server addresses given by the DHCP server.
[B]new_domain_name_servers="[I]8.8.8.8[/I] [I]8.8.4.4[/I] $new_domain_name_servers"[/B]
if [[ $interface == p2p* ]]
then
intf=p2p
else
intf=$interface
fi
set_dns_props()
{
case "${new_domain_name_servers}" in
"") return 0;;
esac
count=1
for i in 1 2 3 4; do
setprop dhcp.${intf}.dns${i} ""
done
count=1
for dnsaddr in ${new_domain_name_servers}; do
setprop dhcp.${intf}.dns${count} ${dnsaddr}
count=$(($count + 1))
done
separator=" "
if [ -z "$new_domain_name" ]; then
separator=""
else
if [ -z "$new_domain_search" ]; then
separator=""
fi
fi
setprop dhcp.${interface}.domain "${new_domain_name}$separator${new_domain_search}"
}
unset_dns_props()
{
for i in 1 2 3 4; do
setprop dhcp.${intf}.dns${i} ""
done
setprop dhcp.${interface}.domain ""
}
case "${reason}" in
BOUND|INFORM|REBIND|REBOOT|RENEW|TIMEOUT) set_dns_props;;
EXPIRE|FAIL|IPV4LL|RELEASE|STOP) unset_dns_props;;
esac
This is a permanent change. (& sets only for WiFi)
Remove that added line to undo the changes.
(Source: http://forum.xda-developers.com/showpost.php?p=51650282&postcount=7 )
Method 4: (by changing DNS properties using Terminal Emulator)
Note: This may not work in Android 4.4 and above devices.
1. Open Terminal Emulator and type:
Code:
getprop | grep dns
2. Note down all the properties related to dns1, dns2.
These are the properties you need to set to change the DNS Server.
Use the following commands in Terminal Emulator to set them (using setprop):
Code:
su
setprop dhcp.wlan0.dns1 8.8.8.8
setprop dhcp.wlan0.dns2 8.8.4.4
setprop net.dns1 8.8.8.8
setprop net.dns2 8.8.4.4
Other optional properties for mobile networks (may vary with devices) (rmnet0 for 3G I guess)
Code:
setprop net.ppp0.dns1 8.8.8.8
setprop net.ppp0.dns2 8.8.4.4
setprop net.rmnet0.dns1 8.8.8.8
setprop net.rmnet0.dns2 8.8.4.4
setprop net.pdpbr1.dns1 8.8.8.8
setprop net.pdpbr1.dns2 8.8.4.4
Setting DNS for very older devices:
Code:
setprop ro.kernel.android.ndns 2
setprop dhcp.eth0.dns1 8.8.8.8
setprop dhcp.eth0.dns2 8.8.4.4
(You may similarly set dns3 & dns4, but that's not necessary)
These properties get reset to the original values upon reboot..
So, to keep these changes permanent, add the required commands to init.d
(Source: https://github.com/ukanth/afwall/wiki/DNS#changing-default-dns )
Method 5: (by using iptables command)
1. Open Terminal Emulator and type the following:
Code:
su
iptables -t nat -A OUTPUT -p tcp --dport 53 -j DNAT --to-destination 8.8.8.8:53
iptables -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to-destination 8.8.8.8:53
iptables -t nat -D OUTPUT -p tcp --dport 53 -j DNAT --to-destination 8.8.8.8:53 || true
iptables -t nat -D OUTPUT -p udp --dport 53 -j DNAT --to-destination 8.8.8.8:53 || true
iptables -t nat -I OUTPUT -p tcp --dport 53 -j DNAT --to-destination 8.8.8.8:53
iptables -t nat -I OUTPUT -p udp --dport 53 -j DNAT --to-destination 8.8.8.8:53
(you may also use this as AFWall+ Custom Script)
For more detailed info and better understanding, click here.
These properties get reset to the original values upon reboot..
So, to keep these changes permanent, add the required commands to init.d
Method 6: (by editing resolv.conf)
Note:
I think this method works only for old devices. Nothing wrong in trying
1. Open resolv.conf from /system/etc/ using a Text Editor (I use ES File Explorer)
(If there's no such file, create it and try.)
2. Modify the nameservers in the file to your desired DNS servers.
The file finally looks like this:
Code:
nameserver 8.8.8.8
nameserver 8.8.4.4
This change is permanent..
So, it's better to backup the original resolv.conf before editing.
(Source: https://butterflydroid.wordpress.com/2011/10/19/how-to-set-dns-server-on-android-phone/ )
Method 7: (by using ndc resolver command)
1. Open Terminal Emulator and type the following:
Code:
su
ndc resolver flushif [SIZE="1"][I]## to flush old DNS servers[/I][/SIZE]
ndc resolver flushdefaultif [SIZE="1"][I]## to flush resolver[/I][/SIZE]
ndc resolver setifdns <iface> <domains> <dns1> <dns2> ... [SIZE="1"][I]## Add the new servers[/I][/SIZE]
ndc resolver setdefaultif [SIZE="1"][I]## Set as the default device[/I][/SIZE]
This may vary for different Android Versions, so check this also..
These properties get reset to the original values upon reboot..
So, to keep these changes permanent, add the required commands to init.d
Method 8: (by using DNSCrypt command)
Install DNSCrpt on your Android Device with this instructions here.
Then check this answer here on Android Stack Exchange on how to set DNS using a script.
Hit the 'Thanks!' button if you found this helpful.
Leave a reply if you need any help
Do leave a reply if any of these methods worked on your device...
Click to expand...
Click to collapse
I am trying to use method #3 but I dont have dhcpcd folder ... What to do? My device is rooted and in es manager root explore is checked...
Nice guide, if you have a Raspberry Pi install Pi-Hole on it, then set your home ip as DNS server on your phone/tablet and you'll have have adblocker on your phone/tablet.:good::good:
syamsoul said:
i'm on Android 6.0.1 and the iptables method works!
Click to expand...
Click to collapse
This thread has no other occurrence of "iptables" - would you mind including a reference.
I'm wasting far too much time reading solutions that don't work on CM13 - Android 6.0.1.
drummond said:
This thread has no other occurrence of "iptables" - would you mind including a reference.
I'm wasting far too much time reading solutions that don't work on CM13 - Android 6.0.1.
Click to expand...
Click to collapse
OP - Rooted Devices - Method 5 - it's right there, page 1.
There's an app too.
How much time can that waste?
(If it takes too long to go back one page, the OP is quoted just above your post)