Open ignoramous opened 4 months ago
For T-mobile:
epdg.epc.mnc001.mcc262.pub.3gppnetwork.org
it works for me with the following configuration:
Dns: any type Extended DNS filtering: false DNS enhancer: true
IP version: 4 or/and 6
mEpdgServerIpArray is: [epdg.epc.mnc001.mcc262.pub.3gppnetwork.org/109.237.187.158, epdg.epc.mnc001.mcc262.pub.3gppnetwork.org/109.237.187.153, epdg.epc.mnc001.mcc262.pub.3gppnetwork.org/109.237.187.145, epdg.epc.mnc001.mcc262.pub.3gppnetwork.org/109.237.187.150, epdg.epc.mnc001.mcc262.pub.3gppnetwork.org/109.237.187.151, epdg.epc.mnc001.mcc262.pub.3gppnetwork.org/109.237.187.155, epdg.epc.mnc001.mcc262.pub.3gppnetwork.org/109.237.187.157, epdg.epc.mnc001.mcc262.pub.3gppnetwork.org/109.237.187.147, epdg.epc.mnc001.mcc262.pub.3gppnetwork.org/109.237.187.146, epdg.epc.mnc001.mcc262.pub.3gppnetwork.org/109.237.187.154, epdg.epc.mnc001.mcc262.pub.3gppnetwork.org/109.237.187.149, epdg.epc.mnc001.mcc262.pub.3gppnetwork.org/109.237.187.159] mCurrentEpdgIpCounter is: 0returning result: true
For Vodafone:
With the same configuration, any DNS:
epdg.epc.mnc002.mcc262.pub.3gppnetwork.org
The is a CNAME record behind the domain, which doesn't resolve (epdg.epc.drz1.vodafone-ip.de).
This causes the mEpdgServerIpArray to stay empty.
EPDG -- SIM0 [EpdgServerSelection] DNS resolution failed for epdg serverjava.net.UnknownHostException: Unable to resolve host "epdg.epc.mnc002.mcc262.pub.3gppnetwork.org": No address associated with hostname
VpnLifecycle onResponse: DNSSummary{Type:DNS-over-HTTPS,ID:Preferred,Latency:0.08878823,QName:epdg.epc.mnc002.mcc262.pub.3gppnetwork.org,QType:1,RData:--,RCode:0,RTtl:42,Server:cloudflare-dns.com,RelayServer:,Status:1,Blocklists:,UpstreamBlocks:false,Msg:no error,}
GoLog wall.go:159: D wall: answer for epdg.epc.mnc002.mcc262.pub.3gppnetwork.org. not blocked req at least two answers
This seems to be a problem of com.sec.epdg and not of rethinkdns: I'm getting the same errors without VPN enabled.
But: dig epdg.epc.mnc002.mcc262.pub.3gppnetwork.org
; <<>> DiG 9.16.41 <<>> epdg.epc.mnc002.mcc262.pub.3gppnetwork.org ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55138 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 4096 ;; QUESTION SECTION: ;epdg.epc.mnc002.mcc262.pub.3gppnetwork.org. IN A
;; ANSWER SECTION: epdg.epc.mnc002.mcc262.pub.3gppnetwork.org. 60 IN CNAME epdg.epc.drz1.vodafone-ip.de.
;; AUTHORITY SECTION: drz1.vodafone-ip.de. 1 IN SOA drns1.vodafone-ip.de. hostmaster.vodafone-ip.de. 2024052400 10800 3600 604800 60
;; Query time: 511 msec ;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Fri May 24 13:44:54 EEST 2024 ;; MSG SIZE rcvd: 255
A user writes,
Exclude T-Mobile IPs: https://github.com/M66B/NetGuard/blob/feef4c7b3beca3ed4b44250b580c637554a9d44f/app/src/main/java/eu/faircode/netguard/ServiceSinkhole.java#L1352-L1370