search

yggdrasil-network / yggdrasil-android

Reference implementation for connecting to the Yggdrasil Network from Android devices
MIT License
120 stars 19 forks source link

Appears to connect to peer and list IP but no actual network activity #56

Open Ravenstine opened 8 months ago

Ravenstine commented 8 months ago

I want to use the official implementation on Android, but this app has never worked for me on either of my Pixel 5s. I'm stuck using crispa-android, which does successfully connect to my network, but is outdated and has almost no configurable settings.

What I'm experiencing is that the app will tell me I'm connected to my peer (hosted with AWS), and it will list my IP, but I'm not able to actually connect to any peers through the connection. When I sign in to my public peer and run yggdrasilctl getPeers, I don't see my phone's IP listed. In other words, the app acts like it's connected, but that doesn't appear to be the case.

This has been the case for both my old Pixel 5 using the stock Pixel ROM and my new Pixel 5 with GrapheneOS installed. I don't think multicast is the issue, because toggling those settings does nothing.

My version of Android is 14. But I had the same issue back on Android 10 on identical hardware.

wanderer commented 8 months ago

same here

neilalexander commented 8 months ago

If you have another VPN configured as always on, then you won't get the prompt to enable the Yggdrasil VPN extension on app startup. Is this the case on your devices?

Ravenstine commented 8 months ago

@neilalexander The issue occurs when I disable my VPN software and uncheck anything related to always-on or blocking outside connections, as well as on another device with no VPN app installed. In both cases, I'm able to get the Yggdrasil app to prompt me to be added to the VPN slot, which I accept.

If there's any diagnostic data I can try to provide, please let me know.

neilalexander commented 8 months ago

If you're getting the VPN prompt and still not getting a successful connection then we'd probably need some adb logs from the device to show what the extension is doing. Are you able to extract those?

Ravenstine commented 8 months ago

@neilalexander Here's the type of thing I'm seeing when I use adb logcat | grep ygg:

01-24 15:23:44.379 10624 10624 I GoLog   : Build name: yggdrasil
01-24 15:23:44.379 10624 10624 W ander.yggdrasil: type=1400 audit(0.0:1222): avc: denied { bind } for scontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tcontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tclass=netlink_route_socket permissive=0 bug=b/155595000 app=eu.neilalexander.yggdrasil
01-24 15:23:44.391  1826  4324 I Vpn     : Established by eu.neilalexander.yggdrasil on tun0
01-24 15:23:44.401  2525  2525 D TileServices: Couldn't find tile for ComponentInfo{eu.neilalexander.yggdrasil/eu.neilalexander.yggdrasil.YggTileService}
01-24 15:23:46.302 10624 10624 W ander.yggdrasil: type=1400 audit(0.0:1223): avc: denied { bind } for scontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tcontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tclass=netlink_route_socket permissive=0 bug=b/155595000 app=eu.neilalexander.yggdrasil
01-24 15:23:47.545 10624 10624 W ander.yggdrasil: type=1400 audit(0.0:1224): avc: denied { bind } for scontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tcontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tclass=netlink_route_socket permissive=0 bug=b/155595000 app=eu.neilalexander.yggdrasil
01-24 15:23:48.799 10624 10624 W ander.yggdrasil: type=1400 audit(0.0:1225): avc: denied { bind } for scontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tcontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tclass=netlink_route_socket permissive=0 bug=b/155595000 app=eu.neilalexander.yggdrasil
01-24 15:23:49.832 10624 10624 W ander.yggdrasil: type=1400 audit(0.0:1226): avc: denied { bind } for scontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tcontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tclass=netlink_route_socket permissive=0 bug=b/155595000 app=eu.neilalexander.yggdrasil
01-24 15:23:51.532 10624 10624 W ander.yggdrasil: type=1400 audit(0.0:1227): avc: denied { bind } for scontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tcontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tclass=netlink_route_socket permissive=0 bug=b/155595000 app=eu.neilalexander.yggdrasil
01-24 15:23:52.599 10624 10624 W ander.yggdrasil: type=1400 audit(0.0:1228): avc: denied { bind } for scontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tcontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tclass=netlink_route_socket permissive=0 bug=b/155595000 app=eu.neilalexander.yggdrasil
01-24 15:23:54.542 10624 10624 W ander.yggdrasil: type=1400 audit(0.0:1229): avc: denied { bind } for scontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tcontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tclass=netlink_route_socket permissive=0 bug=b/155595000 app=eu.neilalexander.yggdrasil
01-24 15:23:54.949  2525  2525 D TileServices: Couldn't find tile for ComponentInfo{eu.neilalexander.yggdrasil/eu.neilalexander.yggdrasil.YggTileService}
01-24 15:23:55.562 10624 10624 W ander.yggdrasil: type=1400 audit(0.0:1230): avc: denied { bind } for scontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tcontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tclass=netlink_route_socket permissive=0 bug=b/155595000 app=eu.neilalexander.yggdrasil

Here is the full log with some things redacted like my peer address and the private key. ravenstine-yggdrasil-log.txt

This is on a Pixel 5 with Android 13 reset to factory settings, with the only changes being F-Droid and Yggdrasil are installed.

spacedrone404 commented 6 months ago

Have no traffic also. Shows connected, but no net activity. Android 8.0, rooted device, all other vpn-like apps were stopped by brute force before using Yggdrasil.

tbitcomb commented 6 months ago

This may have been solved indirectly in one of the more recent Yggdrasil releases. I'm not sure of the exact version where it started working correctly, but I recently upgraded to 0.5.5 on my server peer, upgraded the Android app, and now I am able to connect successfully. It's possible my peer was still on a version before 0.5 that was still using DHT, which would explain why the legacy app still worked but not this one, and even though I had updated Yggdrasil on my peer, the Debian repository might have been lagging behind. Although the app didn't even work for me in the 0.4.x days, so I'm not entirely sure on that theory.

In other words, it seems like this issue can probably be closed.

@wanderer @spacedrone404 I don't suppose either of you could try updating the app and connecting to a peer with v0.5.5 installed? That would help confirm whether this issue has been solved already.

EDIT: Just realized I commented from my work account. I'm the OP (Ravenstine) btw.

spacedrone404 commented 6 months ago

but I recently upgraded to 0.5.5

Currently i'm on v0.1 (016), based on current Yggdrasil v0.5.4. The newest one from github repo. So, there is no possibility to go further.