Sniffer(VPN) Issue

[antest1]

This is the issue board for users whose sniffer is not working.

About Sniffer(VPN) Implementation

As I wrote in FAQ No.2, Kcanotify retrieves data from kancolle with Local VPN. The reason for using local VPN is that it is (almost) the only way to capture the packets without root permission.
For this, I am borrowing VpnService implementation from NetGuard source, so in fact I don't have make much work about this. Please understand that there are few open-source implementation or easily-usable library for non-rooted device, so it is hard to find the alternative. (I know the alternative local-proxy approach, but it makes user to modify various network settings.)

So, what is the problem?

There were some reports that Sniffer in Kcanotify does not work well in some devices.
Since the problem varies from devices and ROMs, so it is hard to figure out what is the exact problem.
I think there is some trouble for routing packet data from tunnel, which should be more analyzed. Unfortunately, since 1) I did not major in network protocol (TCP/IP) and 2) I am busy in my own study and research, It is hard to quickly deal with this problem.

What can you do?

If you have this problem, you may mail to me (kcanotify at gmail.com), or leave the comment to this issue.

It would be help to write: 1) Your device information (ex: Samsung Galaxy Note 4)
2) Your android version (ex: 6.0.1 or Marshmallow).
Check whether the whole internet is not working while Sniffer is on, or only kancolle is not working.

If you are familiar with the VPN implementation or TCP/IP protocol, you may review the sniffer code (Native), (JNI) and let me know which part is troublesome, or PR your bugfix.

Common solutions

Q1: Sniffer does not turn on after update A1: In some devices/android versions, there is a bug that does not request permission to start VPN. This is temporal, so you may restart the device or reinstall the application after turn off the Sniffer(VPN) in Kcanotify. Also, you may go to System Settings - More Network - VPN (The methods can vary: this is the case of Samsung devices) and remove Kcanotify, and re-gain the permission when start Kcanotify.

Q2: I cannot select the "I trust this application" A2: Some android version does not allows to change permission when there is some overlay in the screen. The common cases are the fairy in Kcanotify is on the screen or bluelight filter application is on. You must first disable this and get permission for VpnService.

[michaelaw320]

Tried to chain the VPN to SOCKS proxy, it failed. Seems that Bypass Addresses option is not honored in the Advanced Network Settings

How I set it up

Kcanotify, Settings -> Advanced Network Settings

Settings	Value
Enable SOCKS5 Proxy	checked
Apply for only Kancolle/DMM Login	unchecked
SOCKS5 Proxy Address	127.0.0.1
SOCKS5 Proxy Port	1984
Username	unset
Password	unset
Bypass Addresses	<serverIP>/32, 127.0.0.1/8 also tried with only <serverIP>/32

App used to provide SOCKS proxy: SSH Tunnel

Settings	Value
Use socks proxy	check
Local Port	1984
Host	<serverIP> (I use server IP address instead of hostname and it matches what I had in Bypass Addresses

I confirmed that the SOCKS proxy works by using Firefox for Android, setting proxy to the socks tunnel.

In a nutshell I tried to do

All traffic -> Kcanotify VPN sniffer -> SSH Tunnel -> Internet

Expected behaviour

• SSH Tunnel can be established even if Kcanotify VPN Sniffer is on
• SSH Tunnel connection stays connected when starting Kcanotify VPN Sniffer / at least able to reconnect
• Every other apps using the SSH tunnel connection (e.g. browser etc.)
• Kcanotify VPN shall allow SSH Tunnel to establish connection to <IP> for the SSH Tunnel to establish SOCKS proxy for Kcanotify to forward traffic to

What actually happened

• SSH Tunnel cannot connect to server, even though IP of the server is in the bypass list
• SSH Tunnel connection was cut immediately, and cannot reconnect when Kcanotify VPN Sniffer is on

• No internet connection is possible due to no SOCKS proxy

1) Your device information: Tried with Asus Zenfone 5Z, Sony D5503 2) Your android version: 8.0.0, 5.1.1

[antest1]

@michaelaw320

Did you tried to add your browser in Settings - Use Sniffer for Other Applications? It seems that socks proxy works when I add the browser in this setting, and does not work when I don't add the browser.

[michaelaw320]

@antest1

The problem is kcanotify vpn does not honor the bypass address

I tried adding SSH Tunnel and Firefox to Settings - Use Sniffer for Other Applications it has no effect, SSH Tunnel still cannot connect to host thus socks proxy cannot be established

Additional Sniffer Setting in kcanotify

Setting	Value
Sniffer Mode	ACTIVE
Use Sniffer for Other Applications	None
Use Extended IP Filtered	unchecked

[antest1]

@michaelaw320

Bypass Addresses does not matter in my case. (it works even if bypass address not set) Make sure that you restart sniffer (and also service if possible) after change the settings.

In my cases, setting appropriate username and password make SSH Tunnel works. If you are using public ssh server in the web, the connectivity may unstable.

[michaelaw320]

@antest1 can you share your setup and configuration (except for the SSH host) for me to reproduce? I have my own stable dedicated server for ssh

[antest1]

@michaelaw320 sorry for late response https://upload.cc/i1/2018/11/02/3scxrD.png (SSH Tunnel) https://upload.cc/i1/2018/11/02/9p7GTn.png (Kcanotify)

[michaelaw320]

aha... I see the problem now.

When at least 1 app is selected to use Use Sniffer for Other Applications, SSH Tunnel works (and other apps) as everything is not routed through SOCKS proxy except for those app selected in Use Sniffer for Other Applications.

However, if no app is selected for Use Sniffer for Other Applications everything will be routed through SOCKS proxy.

In the case of no app selected in Use Sniffer for Other Applications, every traffic would be routed through the SOCKS proxy except for traffic to Bypass Addresses if I understand it correctly. So in my case, I tried to allow the connection to SSH Host not to be routed through SOCKS Proxy by specifying the SSH Host in the Bypass Addresses and I expect every traffic would go to SOCKS meanwhile traffic for SSH Host should be direct.

Thus, my conclusion is Bypass Addresses is not honored at all when it should be honored.

[antest1]

@michaelaw320 In this case, SSH Tunnel fail to work (regardless of bypass address setting) since the (local) socks proxy server is built AFTER it success to connected with remote ssh server, so it cannot be connected to the remove as socks server does not exist in the local thus no internet connection available. You may check the same issue happens when setting kcanotify's socks settings with localhost and any random port.

Meanwhile, the code related with ip bypass (actually, ip routing) has been missing, so I'll add this part in the next update.

Stack Trace for connecting server with SSH Tunnel

11-11 14:04:40.955 19377-24513/org.sshtunnel E/SSHTunnel: Problem in SSH connection thread during connecting
  java.io.IOException: There was a problem while connecting to <remote_server>:22
      at com.trilead.ssh2.Connection.connect(Connection.java:864)
      at org.sshtunnel.SSHTunnelService.connect(SSHTunnelService.java:501)
      at org.sshtunnel.SSHTunnelService$5.run(SSHTunnelService.java:1071)
      at java.lang.Thread.run(Thread.java:764)
   Caused by: java.net.ConnectException: failed to connect to <remote_server>/<remote_server> (port 22) from /10.1.10.1 (port 60056) after 10000ms: isConnected failed: ECONNREFUSED (Connection refused)
      at libcore.io.IoBridge.isConnected(IoBridge.java:278)
      at libcore.io.IoBridge.connectErrno(IoBridge.java:187)
      at libcore.io.IoBridge.connect(IoBridge.java:129)
      at java.net.PlainSocketImpl.socketConnect(PlainSocketImpl.java:137)
      at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:390)
      at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:230)
      at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:212)
      at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:436)
      at java.net.Socket.connect(Socket.java:621)
      at com.trilead.ssh2.transport.TransportManager.establishConnection(TransportManager.java:264)
      at com.trilead.ssh2.transport.TransportManager.initialize(TransportManager.java:393)
      at com.trilead.ssh2.Connection.connect(Connection.java:809)
      at org.sshtunnel.SSHTunnelService.connect(SSHTunnelService.java:501) 
      at org.sshtunnel.SSHTunnelService$5.run(SSHTunnelService.java:1071) 
      at java.lang.Thread.run(Thread.java:764) 
   Caused by: android.system.ErrnoException: isConnected failed: ECONNREFUSED (Connection refused)
      at libcore.io.IoBridge.isConnected(IoBridge.java:267)
      at libcore.io.IoBridge.connectErrno(IoBridge.java:187) 
      at libcore.io.IoBridge.connect(IoBridge.java:129) 
      at java.net.PlainSocketImpl.socketConnect(PlainSocketImpl.java:137) 
      at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:390) 
      at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:230) 
      at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:212) 
      at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:436) 
      at java.net.Socket.connect(Socket.java:621) 
      at com.trilead.ssh2.transport.TransportManager.establishConnection(TransportManager.java:264) 
      at com.trilead.ssh2.transport.TransportManager.initialize(TransportManager.java:393) 
      at com.trilead.ssh2.Connection.connect(Connection.java:809) 
      at org.sshtunnel.SSHTunnelService.connect(SSHTunnelService.java:501) 
      at org.sshtunnel.SSHTunnelService$5.run(SSHTunnelService.java:1071) 
      at java.lang.Thread.run(Thread.java:764) 

[michaelaw320]

Confirmed in release 2.6.5 rev1 that External (internet) SOCKS5 proxy works as expected, and the behaviour of all application routed through SOCKS proxy behaves as expected. Local socks proxy still cannot be used when Use proxy for all applications is checked because SSH Tunnel cannot connect to the host.

Just giving an idea, turn the Use Sniffer for Other Application or a dedicated menu when Use proxy for all applications is selected to become Exclude these apps from proxy/sniffer

[LeftistTachyon]

Issue

KCANotify is not "listening in" to requests to KC servers when using Gotobrowser with an external proxy (KCCP on separate device in my local network). When usually I would expect a popup saying "please open from KCANotify", no such popup appears, and the overlay does not update. That is, only Kancolle is not working, and other networking functions, like using Chrome, are perfectly functional.
Instead, I would expect that popup to appear when the panel is not updating as expected.

Setup

Device Information

Samsung Galaxy 8, Android 9

Altered KCANotify Settings

• Select KanColle Application is set to Gotobrowser.
• Use Sniffer for Other Applications has Gotobrowser selected, although that did not seem to affect behavior

  Altered Gotobrowser Settings

• Enabled Enable Gadget Server Block Bypass
• Bypass Method is set to KCCacheProxy (Remote)
• Endpoint Server is set to 192.168.0.9:8081, since that is the address for the proxy

[antest1]

@LeftistTachyon

This thread is outdated (more than 2 years), you may open the new issue for the problem. For Kcanotify+GotoBrowser, using passive sniffer (kcanotify) with the broadcast mode enabled (gotobrowser) is recommended, which does not use VPN functionality in android system.