Closed LuminousLizard closed 4 years ago
textbrowser
commented
4 years ago Thank you for the ticket. You will need a server. SmokeStack offers TCP listeners. If you have an additional device, install Stack on it, prepare a listener, and modify Smoke to connect to that listener. I do not have public listeners. Although I have not tested it, you may also install both Smoke and Stack on the same device.
textbrowser
commented
4 years ago Smoke and Stack may also connect to Spot-On and Spot-On-Lite.
LuminousLizard
commented
4 years ago Smokestack and Smoke on one device works and connects via localhost (10.1.10.1:4710) as well as my device IP.
But now I cannot connect Spot-On and Smokestack/Smoke:
I started a listener on smokestack with my device IP and tried to add it as neighbor in Spot-On but the connection can't be made.
Also I created a Listener in Spot-On and tried to connect with Smoke as well as with Smokestack, but the same. The Spot-On-Listener is running with local IP, maybe my router blocks the connection but it should auto-open the requested ports.
textbrowser
commented
4 years ago On Linux, I use OpenSSL for a variety of tests: openssl s_client -connect 192.168.178.10:4710
On the SO machine, do you have a firewall that's blocking 4710?
If you have a listener on 127.0.0.1:4710, you must forward remote connections to it. For example, by using iptables.
LuminousLizard
commented
4 years ago First of all, I must say that I'm no expert, I just do such stuff as a hobby.
I'm using Linux, ufw doesn't block and I created a listener on my internal network IP to avoid iptables. The problem was my router.
But now I have two more questions (sorry):
Why in the Spot-On Neighbors-Tab a different IP is displayed for the remote station ? My smartphone has an other IP. But in Smoke both IPs (PC and smartphone) are correct. Maybe because I use NetGuard on my smartphone ?
How can I now add participants because Smoke requires the "Name@SmokeID" but in Spot-On I have only my public keys ?
textbrowser
commented
4 years ago Do you have wireless isolation enabled on your router? If you're not comfortable with iptables, see gufw. It's a simple, graphical interface.
The remote IP addresses depicted in SO are the peer addresses. The Neighbors table depicts local and remote peers. A local peer is a client that you created to connect to a remote server while a remote peer is a representation of a remote client which was created as result of a local listener. Both types will have local and remote IP addresses. If you can, post some images. Or, list the IP addresses that you see in SO and the IP address that your mobile has assigned. I'm not familiar with NG.
SO offers transport facilities for Smoke. SO and Smoke are interoperable on Buzz and Fire. Other communications are separate.
LuminousLizard
commented
4 years ago Thanks for help ... chat via Fire/Buzz works :+1:
Wireless isolation is not enabled on my router. But all the time I tried specifically to connect via the mobile network to my internet access at home, so I switched off the wifi of my smartphone.
Thanks for the hint with gufw. Ufw has blocked but I have it disabled previously for testing purposes, which is why I first wrote that ufw does not block. I used gufw to create a rule for TCP Port 4710 in- and out-going, and it works with enabled firewall. An open 4710 port on the router is still necessary. Unfortunately I don't know anything about openssl in order to find a better solution (I have to fix it urgently).
The connection between two Smoke apps via Smokestack is currently not possible for me. I would like to see SO and Smoke in public, but most people are just too comfortable and lazy to use such cool and privacy focused software :disappointed: .
Maybe you should think about releasing Smoke and Smokestack via F-Droid in the future. For once I know how to use ADB, but updating would be easier and the app would get more publicity.
For now thanks for help and please don't give up on your project.
Greetings LuminousLizard
textbrowser
commented
4 years ago Let me see. Your mobile provider also includes Internet access? If so, yes, you will need a rule in your home's router so that packets destined for SO:4710 are properly routed to the SO listener. The wireless network and the provider network should be able to coexist, but perhaps they can't. You can create two neighbors in Smoke, one for the local network and one for your public network. Smoke will write to both sockets.
You can create a similar rule for the Stack service. The Stack machine would preferably have a static IP address so that the rule can be permanent. A lazy diagram:
Smoke (public IP) -> Home Router (Public IP / Special Forwarding Rule to Internal SO:4710) -> SO Listener (Private IP 192.168.178.200).
If you're solely using the wireless network, your router does not need to be modified because you've disabled isolation. In this example, Smoke would connect directly to the Stack or SO.
LuminousLizard
commented
4 years ago Let me see. Your mobile provider also includes Internet access?
Yes.
You can create two neighbors in Smoke, one for the local network and one for your public network. Smoke will write to both sockets.
Tried it and it works ! Also both at the same time. I have 2 secured connections in the "Neighbors-tab" in SO. Fire/Buzz works also.
Smoke (public IP) -> Home Router (Public IP / Special Forwarding Rule to Internal SO:4710) -> SO Listener (Private IP 192.168.178.200).
Exactly !
I actually have 3 possible sockets in Smoke (but not active):
Home network:
Smoke (Private IP 192.168.178.27) -> via Home Router -> SO Listener (Private IP 192.168.178.27).
Public network to home network:
Smoke (public IP) -> Home Router (Public IP / Special Forwarding Rule to Internal SO:4710) -> SO Listener (Private IP 192.168.178.27)
Public network:
Smoke (public smartphone IP) -> Smokestack Listener (public smartphone IP).
And other people could connect via Smoke to my Smokestack Listener or ?! I have tried to add this Smokestack as neighbor in OS, but the connection isn't set up. Here maybe Android blocks the connection coming from outside ?!?!
textbrowser
commented
4 years ago Yes, Smoke can connect to Stack, Spot-On, and Spot-On-Lite. Stack can connect to those services and itself. SO can also connect to all of those and itself. Only Smoke cannot connect to Smoke because it doesn't include servers.
I have not tried Stack on a public interface. It behaves correctly on a private IP. Yes, Android may be preventing this. To verify, open a terminal on your Linux machine and issue openssl s_client -connect Stack-IP-Address:port, where the Stack IP address is the public one.
LuminousLizard
commented
4 years ago I have not tried Stack on a public interface. It behaves correctly on a private IP. Yes, Android may be preventing this. To verify, open a terminal on your Linux machine and issue
openssl s_client -connect Stack-IP-Address:port, where the Stack IP address is the public one.
Doesn't work. The terminal is busy but outputs nothing. Also no connection is set up. I must terminate with ^C.
By the way, I just found a problem with Smokestack (working via public smartphone IP). It can start a Stack-Listener and connect with Smoke if I have disabled my wifi connection. But ....
as soon as I enable my wifi, Smoke lost the connection to Stack. Stack still shows a correct listener (no error).
If I start the Stack-Listener with activated wifi, the following error is displayed:
Error: An error (bind failed: EADDRNOTAVAIL (Cannot assign requested address)) occurred while attempting to listen.
textbrowser
commented
4 years ago In Stack, create two listeners. One listener for the private wireless network and another for the public wireless network. The application will create listeners for the given addresses. If the network becomes unavailable, Stack will terminate its listeners. The problem is the nebulous definition of connectivity.
ConnectivityManager connectivityManager = (ConnectivityManager)
SmokeStack.getApplication().getApplicationContext().
getSystemService(Context.CONNECTIVITY_SERVICE);
NetworkInfo networkInfo = connectivityManager.
getActiveNetworkInfo();
return networkInfo.getState() ==
android.net.NetworkInfo.State.CONNECTED;In Stack, create two listeners. One listener for the private wireless network and another for the public wireless network. The application will create listeners for the given addresses. If the network becomes unavailable, Stack will terminate its listeners.
Good idea. But it's a problem if you will connect to other wifi networks on the road. Most time I have deactivate my wifi outside home, to avoid auto-connections with public (insecure) wifi-access-points, but in such a situation your participants/friends (connected via your public smartphone IP) lost connection to your Stack.
The problem is, the nebulous definition of connectivity.
ConnectivityManager connectivityManager = (ConnectivityManager) SmokeStack.getApplication().getApplicationContext(). getSystemService(Context.CONNECTIVITY_SERVICE); NetworkInfo networkInfo = connectivityManager. getActiveNetworkInfo(); return networkInfo.getState() == android.net.NetworkInfo.State.CONNECTED;
It's to high for me (with my basic python knowledge) :sweat_smile: ... I believe he cannot handle multiple connections ?!
textbrowser
commented
4 years ago Stack can handle as many connections as Android allows. The problem is the definition of a connected network. Your device has two networks, one via the provider and another via the wireless. Disconnecting one may cause Android to believe that some of the network is unavailable.
As for providing access to the internal network, there are some possibilities. A public virtual service like Tilaa where you prepare one or more listeners using SO-Lite. Another, using the router and dynamic DNS. NO-IP offers free host names. SSH forwarding is another possibility.
LuminousLizard
commented
4 years ago Another, using the router and dynamic DNS. NO-IP offers free host names. SSH forwarding is another possibility.
Is a possibility, but I don't necessarily want to keep my computer running permanently. And I can't yet deal with SSH, just like with openSSL. But maybe in the future.
A public virtual service like Tilaa where you prepare one or more listeners using SO-Lite.
Yes ... I've thought of something like that. And I think its the easiest way for participants and the operator. I'm thinking about giving this a try. And Tilaa based in the Netherlands is a good idea.
textbrowser
commented
4 years ago With SSH forwarding, you can bypass additional software on your public server and have the packets forwarded to your private home server. Disabling the service is as simple as terminating the link. Although I have not tested it, you may be able to configure iptables to restrict packets on that SSH tunnel.
1. Public Server SSH Configuration
> sudo nano /etc/ssh/sshd_config
GatewayPorts yes
2. Private Server
> ssh -CR 8080:192.168.178.xyz:8080 user@public-server.org
3. Accessing
https://public-server.org:8080Example: https://raw.githubusercontent.com/textbrowser/spot-on/master/Wiki/spot-on-web-search.png.
SO provides a custom search engine which can be populated by the RSS mechanism. You can showcase the engine to the public via SSH and a public service like Tilaa.
textbrowser
commented
4 years ago This only works for direct connections as SSH does not enjoy the Echo. For Echoes, you will need SO-Lite or SO on the public server.
textbrowser
commented
4 years ago Problem resolved? Please open more.
LuminousLizard
commented
4 years ago Problem resolved? Please open more.
Problem solved ! :+1:
I'll try the VPS in the near future and report the result.
Hello,
I have known Goldbug for a while and wanted to try Smoke on my smartphone. But after the key generation, the connection to the neighbor server fails. Both "127.0.0.1" and the test server "dolphin-ipv4.cloud.tilaa.com" I get following error message:
Do you have any idea how I can fix it ?
I have a Fairphone 3 (Android 9). Maybe one possible source for this error is that I have removed following google apps via Android Debug Bridge:
Among others, following apps are still installed, otherwise some basic functions do not work:
Greetings LuminousLizard