Can't connect from android

[prizraksarvar]

Hello, I'm trying to run on android and I can't connect. The server definitely works, the connection from Linux is normal. I use 3.1 version

D/WSTUN: WAIT for datagrames on 127.0.0.1:51821
D/WSTUN: DEBUG :: Oppening tcp connection to 5.161.65.57:31118
D/WSTUN: DEBUG :: TIMEOUT connection

Start command libwstunnel.so -v --udp --udpTimeoutSec -1 -L 127.0.0.1:51821:127.0.0.1:51821 wss://5.161.65.57:31118

[erebe]

Hello,

Like that I can't tell you. Can you take a tcpdum/pcap of the network traffic on server and client ?

tcpdump -i <interface> -s 65535 -w dump.pcap

[prizraksarvar]

I think it will be very difficult to run tcpdump on android, there are certain security restrictions. I have an assumption that the problem may be related to how the TCP connection is opened. How tcp connections are opened? I know for sure that it will not work in RAW format in android

[prizraksarvar]

I was still able to run tcpdump and, as I understand it, there are no packets from the application to connect to the tunnel. Perhaps now TCP is used to connect RAW or some other form not allowed by android.

[erebe]

The client use normal sockets, no RAW or anything else. So I don't think this is the issue.

Can you try starting the client with

--udp --udpTimeoutSec -1 -L 0.0.0.0:51821:127.0.0.1:51821 wss://5.161.65.57:31118

and also without UDP at all.

 -L 0.0.0.0:51821:127.0.0.1:51821 wss://5.161.65.57:31118

I don't know what software you have installed on your android, but if you can try first with some dns request (dig) for udp and netcat (nc) for tcp to try it will be perfect.

Also send me the pcap please, so I can take a look at it

[prizraksarvar]

dump.pcap.zip for udp

[prizraksarvar]

TCP connection

D/WSTUN: WAIT for tcp connection on 0.0.0.0:51821
D/WSTUN: DEBUG :: Oppening tcp connection to 5.161.65.57:31118

I stop process after some minute. dump.pcap.zip

[prizraksarvar]

dump-nc.pcap.zip I also made an attempt to connect to the wstunnel server through nc

[prizraksarvar]

I tried running the program as root and it worked. It remains to understand why it does not work in normal mode, it seems that the problem is still with an attempt to work with a socket at a low level

(base) MacBook-Pro:lzo asdasdsdsadsada$ ~/Library/Android/sdk/platform-tools/adb shell /data/local/tmp/libwstunnel.so -v -L 0.0.0.0:51821:127.0.0.1:51821 wss://5.161.65.57:31118
WAIT for tcp connection on 0.0.0.0:51821
DEBUG :: Oppening tcp connection to 5.161.65.57:31118
DEBUG :: Doing tls Handshake
DEBUG :: Oppening Websocket stream
CLOSE tunnel :: 0.0.0.0:51821 <==WSS==> 5.161.65.57:31118 <==TCP==> 127.0.0.1:51821
DEBUG :: Closing Websocket stream
DEBUG :: Closing TLS
DEBUG :: Closing tcp connection to 5.161.65.57:31118
DEBUG :: ====
5.161.65.57:31118: Network.Connection.connectionGetChunk: end of file
====
^C
(base) MacBook-Pro:lzo asdasdsdsadsada$ ~/Library/Android/sdk/platform-tools/adb shell /data/local/tmp/libwstunnel.so --udp --udpTimeoutSec -1 -v -L 0.0.0.0:51821:127.0.0.1:51821 wss://5.161.65.57:31118
WAIT for datagrames on 0.0.0.0:51821
DEBUG :: Oppening tcp connection to 5.161.65.57:31118
DEBUG :: Doing tls Handshake
DEBUG :: Oppening Websocket stream

[erebe]

Thank you for the dumps, will take a look at it later in the week-end when back, hime, but if in root it works, i guess it will only confirm your asssumptions.

Can you run strace on android ? if yes please do

strace -fff comand_line_wstunnel_cliebnt

for both the root and normal user, i would like to see which syscall get refused

[prizraksarvar]

I found the problem and everything turned out to be much easier. I launched the wstunnel and run vpn into the tunnel, without excluding it so that it would bypass the VPN, as a result we got a loop.

Many thanks for the help.

[erebe]

Haha no, such a déception. I was hopping for a more challenging issue :0

Well anyway, have fun with wstunnel 👍