All geek questions in one place

Failed to configure transparent TCP proxy on Android / Linux

I am trying to configure a transparent TCP proxy on Android for my dissertation, but I have some problems. I use the software that I found on this site - http://en.dfr.ch/free-software/java-tcp-proxy - the source is freely available.

I extracted the source and created an Android application from it. The bulk of the code is in the bottom loop.

while(!interrupted()) { Socket serverSocket=srvSock.accept(); Log.e(TAG, "New incoming connection"); try { serverSocket.setSoLinger(true,lingerTime); Socket clientSocket=new Socket(dstAddr,dstPort); clientSocket.setSoLinger(true,lingerTime); Log.e(TAG, "Server socket and client socket created"); StreamCopyThread sToC=new StreamCopyThread(serverSocket,clientSocket, "BrowserSide"); StreamCopyThread cToS=new StreamCopyThread(clientSocket,serverSocket, "ServerSide"); Log.e(TAG, "Working threads created"); sToC.setPeer(cToS); cToS.setPeer(sToC); Log.e(TAG, "Peers defined"); synchronized(lock) { connections.addElement(cToS); connections.addElement(sToC); sToC.start(); cToS.start(); Log.e(TAG, "Working threads running"); } } catch(Exception xc) { Log.e(TAG, header+":"+xc.getMessage()); // xc.printStackTrace(); } } srvSock.close();

Traffic is redirected from IP to localhost, where the proxy processes it. To do the redirection, I used the following iptables rule:

 iptables -t nat -A OUTPUT -p tcp --dport 80 -d [any ip] -j REDIRECT --to-port 8080

This seems to work in traffic redirection, however, when the proxy is working, it seems to be continuously creating new threads (connections) until the memory runs out. When logging, the output is similar to the one below. Where ... represents several cycles of the above output log before the error.

Workflows Running

New Inbound Connection

Server Socket and Client Socket Created

Workflows created

Peer nodes defined

BrowserSide → 611

Workflows Running

...

/127.0.0.1:8080 ↔ / [any ip]: 80: Too many open files

I am really confused why it is not working properly. The same error appears when I try to use it on Ubuntu on a computer, but it works fine on Windows. I think this may be a problem with iptables or some problems related to jvm / socket on Linux. I am currently running iptables version 1.4.4.

Thank you in advance for taking the time to look at this issue.

+4
source share
2 answers

You are most likely initiating a connection in your code with the same forwarded port.

Consider:

 iptables -t nat -I OUTPUT -p tcp --dport 80 -d [any ip] -m owner \! --gid-owner proxyrunner -j REDIRECT --to-port 8080

This excludes programs running as a proxyrunner group, be sure to execute your proxy accordingly:

 sg proxyrunner 'java [...]'
+1
source

Have you tried to launch other Java proxies, such as Small proxy with the same configuration?

http://dev.littleshoot.org/littleproxy/

Other open source proxies: http://proxies.xhaus.com/java/

-1
source

Source: https://habr.com/ru/post/1384783/

More articles:


All Articles