2015-10-24 18:01:55 +00:00
|
|
|
package eu.faircode.netguard;
|
|
|
|
|
2015-10-30 09:51:44 +00:00
|
|
|
import android.app.NotificationManager;
|
2015-10-24 18:01:55 +00:00
|
|
|
import android.app.PendingIntent;
|
|
|
|
import android.content.BroadcastReceiver;
|
|
|
|
import android.content.Context;
|
|
|
|
import android.content.Intent;
|
|
|
|
import android.content.IntentFilter;
|
2015-10-25 09:29:49 +00:00
|
|
|
import android.content.SharedPreferences;
|
2015-10-25 15:16:20 +00:00
|
|
|
import android.content.pm.PackageManager;
|
2015-10-24 18:01:55 +00:00
|
|
|
import android.net.ConnectivityManager;
|
|
|
|
import android.net.VpnService;
|
|
|
|
import android.os.ParcelFileDescriptor;
|
2015-10-24 19:50:29 +00:00
|
|
|
import android.preference.PreferenceManager;
|
2015-10-30 09:51:44 +00:00
|
|
|
import android.support.v4.app.NotificationCompat;
|
2015-10-24 18:01:55 +00:00
|
|
|
import android.util.Log;
|
2015-10-25 18:02:33 +00:00
|
|
|
import android.widget.Toast;
|
2015-10-24 18:01:55 +00:00
|
|
|
|
2015-10-29 22:29:01 +00:00
|
|
|
import java.io.FileInputStream;
|
|
|
|
import java.io.FileOutputStream;
|
2015-10-24 18:01:55 +00:00
|
|
|
import java.io.IOException;
|
2015-10-29 22:29:01 +00:00
|
|
|
import java.nio.ByteBuffer;
|
|
|
|
import java.nio.ByteOrder;
|
2015-10-24 18:01:55 +00:00
|
|
|
|
2015-10-29 06:47:12 +00:00
|
|
|
public class SinkholeService extends VpnService {
|
2015-10-25 15:16:20 +00:00
|
|
|
private static final String TAG = "NetGuard.Service";
|
2015-10-24 18:01:55 +00:00
|
|
|
|
2015-11-01 13:16:57 +00:00
|
|
|
private boolean last_roaming;
|
2015-10-25 15:16:20 +00:00
|
|
|
private ParcelFileDescriptor vpn = null;
|
2015-10-29 22:29:01 +00:00
|
|
|
private boolean debug = false;
|
|
|
|
private Thread thread = null;
|
|
|
|
|
2015-10-30 11:49:24 +00:00
|
|
|
private static final int NOTIFY_DISABLED = 1;
|
2015-10-26 16:23:41 +00:00
|
|
|
private static final String EXTRA_COMMAND = "Command";
|
2015-10-24 18:01:55 +00:00
|
|
|
|
2015-10-26 16:23:41 +00:00
|
|
|
private enum Command {start, reload, stop}
|
2015-10-24 18:01:55 +00:00
|
|
|
|
|
|
|
@Override
|
|
|
|
public int onStartCommand(Intent intent, int flags, int startId) {
|
2015-10-25 15:28:41 +00:00
|
|
|
// Get enabled
|
2015-10-25 09:29:49 +00:00
|
|
|
SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this);
|
2015-11-01 06:41:42 +00:00
|
|
|
final boolean enabled = prefs.getBoolean("enabled", false);
|
2015-10-25 09:29:49 +00:00
|
|
|
|
2015-10-25 15:28:41 +00:00
|
|
|
// Get command
|
2015-11-01 06:41:42 +00:00
|
|
|
final Command cmd = (intent == null ? Command.start : (Command) intent.getSerializableExtra(EXTRA_COMMAND));
|
2015-10-25 15:16:20 +00:00
|
|
|
Log.i(TAG, "Start intent=" + intent + " command=" + cmd + " enabled=" + enabled + " vpn=" + (vpn != null));
|
2015-10-25 09:29:49 +00:00
|
|
|
|
2015-11-01 06:50:49 +00:00
|
|
|
// Process command
|
|
|
|
new Thread(new Runnable() {
|
|
|
|
@Override
|
|
|
|
public void run() {
|
|
|
|
synchronized (SinkholeService.this) {
|
2015-11-01 06:41:42 +00:00
|
|
|
switch (cmd) {
|
|
|
|
case start:
|
|
|
|
if (enabled && vpn == null) {
|
2015-11-01 13:16:57 +00:00
|
|
|
last_roaming = Util.isRoaming(SinkholeService.this);
|
2015-11-01 06:41:42 +00:00
|
|
|
vpn = startVPN();
|
|
|
|
startDebug(vpn);
|
2015-11-01 06:44:48 +00:00
|
|
|
removeDisabledNotification();
|
2015-11-01 06:41:42 +00:00
|
|
|
}
|
|
|
|
break;
|
2015-10-26 13:32:14 +00:00
|
|
|
|
2015-11-01 06:41:42 +00:00
|
|
|
case reload:
|
|
|
|
// Seamless handover
|
|
|
|
ParcelFileDescriptor prev = vpn;
|
|
|
|
if (enabled) {
|
|
|
|
vpn = startVPN();
|
|
|
|
stopDebug();
|
|
|
|
startDebug(vpn);
|
|
|
|
}
|
|
|
|
if (prev != null)
|
|
|
|
stopVPN(prev);
|
|
|
|
break;
|
2015-10-26 13:32:14 +00:00
|
|
|
|
2015-11-01 06:41:42 +00:00
|
|
|
case stop:
|
|
|
|
if (vpn != null) {
|
|
|
|
stopDebug();
|
|
|
|
stopVPN(vpn);
|
|
|
|
vpn = null;
|
|
|
|
}
|
|
|
|
stopSelf();
|
|
|
|
break;
|
|
|
|
}
|
2015-10-26 13:32:14 +00:00
|
|
|
}
|
2015-11-01 06:50:49 +00:00
|
|
|
}
|
|
|
|
}).start();
|
2015-10-24 18:01:55 +00:00
|
|
|
|
|
|
|
return START_STICKY;
|
|
|
|
}
|
|
|
|
|
2015-10-30 07:57:36 +00:00
|
|
|
private ParcelFileDescriptor startVPN() {
|
2015-10-25 15:16:20 +00:00
|
|
|
Log.i(TAG, "Starting");
|
|
|
|
|
2015-10-25 15:28:41 +00:00
|
|
|
// Check if Wi-Fi
|
2015-10-25 16:12:25 +00:00
|
|
|
boolean wifi = Util.isWifiActive(this);
|
2015-10-25 15:16:20 +00:00
|
|
|
Log.i(TAG, "wifi=" + wifi);
|
|
|
|
|
2015-11-01 13:16:57 +00:00
|
|
|
// Check if Wi-Fi
|
|
|
|
boolean roaming = Util.isRoaming(this);
|
|
|
|
Log.i(TAG, "roaming=" + roaming);
|
|
|
|
|
2015-10-29 07:48:28 +00:00
|
|
|
// Check if interactive
|
|
|
|
boolean interactive = Util.isInteractive(this);
|
|
|
|
Log.i(TAG, "interactive=" + interactive);
|
|
|
|
|
2015-10-25 15:16:20 +00:00
|
|
|
// Build VPN service
|
|
|
|
final Builder builder = new Builder();
|
2015-10-25 15:28:41 +00:00
|
|
|
builder.setSession(getString(R.string.app_name));
|
2015-10-25 15:16:20 +00:00
|
|
|
builder.addAddress("10.1.10.1", 32);
|
2015-10-26 13:08:13 +00:00
|
|
|
builder.addAddress("fd00:1:fd00:1:fd00:1:fd00:1", 64);
|
2015-10-25 15:16:20 +00:00
|
|
|
builder.addRoute("0.0.0.0", 0);
|
2015-10-26 13:08:13 +00:00
|
|
|
builder.addRoute("0:0:0:0:0:0:0:0", 0);
|
2015-10-25 15:16:20 +00:00
|
|
|
|
|
|
|
// Add list of allowed applications
|
2015-11-01 13:16:57 +00:00
|
|
|
for (Rule rule : Rule.getRules(true, TAG, this)) {
|
|
|
|
boolean blocked = (wifi ? rule.wifi_blocked : rule.other_blocked);
|
|
|
|
if ((!blocked || (rule.unused && interactive)) && (wifi || !(rule.roaming && roaming))) {
|
2015-10-25 15:16:20 +00:00
|
|
|
Log.i(TAG, "Allowing " + rule.info.packageName);
|
|
|
|
try {
|
|
|
|
builder.addDisallowedApplication(rule.info.packageName);
|
2015-10-25 18:02:33 +00:00
|
|
|
} catch (PackageManager.NameNotFoundException ex) {
|
|
|
|
Log.e(TAG, ex.toString() + "\n" + Log.getStackTraceString(ex));
|
2015-10-25 15:16:20 +00:00
|
|
|
}
|
|
|
|
}
|
2015-11-01 13:16:57 +00:00
|
|
|
}
|
2015-10-25 15:16:20 +00:00
|
|
|
|
2015-10-25 15:28:41 +00:00
|
|
|
// Build configure intent
|
2015-10-25 15:16:20 +00:00
|
|
|
Intent configure = new Intent(this, ActivityMain.class);
|
|
|
|
PendingIntent pi = PendingIntent.getActivity(this, 0, configure, PendingIntent.FLAG_UPDATE_CURRENT);
|
|
|
|
builder.setConfigureIntent(pi);
|
|
|
|
|
2015-10-29 22:29:01 +00:00
|
|
|
if (debug)
|
|
|
|
builder.setBlocking(true);
|
|
|
|
|
2015-10-25 15:16:20 +00:00
|
|
|
// Start VPN service
|
2015-10-25 18:02:33 +00:00
|
|
|
try {
|
2015-10-26 13:32:14 +00:00
|
|
|
return builder.establish();
|
2015-10-26 13:13:23 +00:00
|
|
|
|
2015-10-25 18:02:33 +00:00
|
|
|
} catch (Throwable ex) {
|
|
|
|
Log.e(TAG, ex.toString() + "\n" + Log.getStackTraceString(ex));
|
|
|
|
|
|
|
|
// Disable firewall
|
|
|
|
SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this);
|
|
|
|
prefs.edit().putBoolean("enabled", false).apply();
|
|
|
|
|
|
|
|
// Feedback
|
|
|
|
Util.toast(ex.toString(), Toast.LENGTH_LONG, this);
|
2015-10-26 13:32:14 +00:00
|
|
|
|
|
|
|
return null;
|
2015-10-25 18:02:33 +00:00
|
|
|
}
|
2015-10-25 15:16:20 +00:00
|
|
|
}
|
|
|
|
|
2015-10-30 07:57:36 +00:00
|
|
|
private void stopVPN(ParcelFileDescriptor pfd) {
|
2015-10-25 15:16:20 +00:00
|
|
|
Log.i(TAG, "Stopping");
|
|
|
|
try {
|
2015-10-26 13:32:14 +00:00
|
|
|
pfd.close();
|
2015-10-25 18:02:33 +00:00
|
|
|
} catch (IOException ex) {
|
|
|
|
Log.e(TAG, ex.toString() + "\n" + Log.getStackTraceString(ex));
|
2015-10-25 15:16:20 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-10-30 07:57:36 +00:00
|
|
|
private void startDebug(final ParcelFileDescriptor pfd) {
|
2015-10-29 22:29:01 +00:00
|
|
|
if (!debug)
|
|
|
|
return;
|
|
|
|
|
|
|
|
thread = new Thread(new Runnable() {
|
|
|
|
@Override
|
|
|
|
public void run() {
|
|
|
|
try {
|
|
|
|
FileInputStream in = new FileInputStream(pfd.getFileDescriptor());
|
|
|
|
FileOutputStream out = new FileOutputStream(pfd.getFileDescriptor());
|
|
|
|
|
|
|
|
ByteBuffer buffer = ByteBuffer.allocate(32767);
|
|
|
|
buffer.order(ByteOrder.BIG_ENDIAN);
|
|
|
|
|
|
|
|
Log.i(TAG, "Start receiving");
|
|
|
|
while (!Thread.currentThread().isInterrupted() &&
|
|
|
|
pfd.getFileDescriptor() != null &&
|
|
|
|
pfd.getFileDescriptor().valid())
|
|
|
|
try {
|
|
|
|
buffer.clear();
|
|
|
|
int length = in.read(buffer.array());
|
|
|
|
if (length > 0) {
|
|
|
|
buffer.limit(length);
|
|
|
|
Packet pkt = new Packet(buffer);
|
|
|
|
|
|
|
|
if (pkt.IPv4.protocol == Packet.IPv4Header.TCP && pkt.TCP.SYN) {
|
|
|
|
int uid = pkt.getUid4();
|
|
|
|
if (uid < 0)
|
|
|
|
Log.w(TAG, "uid not found");
|
|
|
|
|
|
|
|
String[] pkg = getPackageManager().getPackagesForUid(uid);
|
|
|
|
if (pkg == null)
|
|
|
|
pkg = new String[]{uid == 0 ? "root" : "unknown"};
|
|
|
|
|
|
|
|
Log.i(TAG, "Connect " + pkt.IPv4.destinationAddress + ":" + pkt.TCP.destinationPort + " uid=" + uid + " pkg=" + pkg[0]);
|
|
|
|
|
|
|
|
// Send RST
|
|
|
|
pkt.swapAddresses();
|
|
|
|
pkt.TCP.clearFlags();
|
|
|
|
pkt.TCP.RST = true;
|
|
|
|
long ack = pkt.TCP.acknowledgementNumber;
|
|
|
|
pkt.TCP.acknowledgementNumber = (pkt.TCP.sequenceNumber + 1) & 0xFFFFFFFFL;
|
|
|
|
pkt.TCP.sequenceNumber = (ack + 1) & 0xFFFFFFFFL;
|
|
|
|
pkt.send(out);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
} catch (Throwable ex) {
|
|
|
|
Log.e(TAG, ex.toString());
|
|
|
|
}
|
|
|
|
Log.i(TAG, "End receiving");
|
|
|
|
} catch (Throwable ex) {
|
|
|
|
Log.e(TAG, ex.toString() + "\n" + Log.getStackTraceString(ex));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
});
|
|
|
|
thread.start();
|
|
|
|
}
|
|
|
|
|
2015-10-30 07:57:36 +00:00
|
|
|
private void stopDebug() {
|
2015-10-29 22:29:01 +00:00
|
|
|
if (thread != null)
|
|
|
|
thread.interrupt();
|
|
|
|
}
|
|
|
|
|
2015-11-02 05:29:09 +00:00
|
|
|
private BroadcastReceiver interactiveStateReceiver = new BroadcastReceiver() {
|
2015-10-29 07:48:28 +00:00
|
|
|
@Override
|
|
|
|
public void onReceive(Context context, Intent intent) {
|
|
|
|
Log.i(TAG, "Received " + intent);
|
|
|
|
Util.logExtras(TAG, intent);
|
|
|
|
reload(null, SinkholeService.this);
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2015-10-24 18:01:55 +00:00
|
|
|
private BroadcastReceiver connectivityChangedReceiver = new BroadcastReceiver() {
|
|
|
|
@Override
|
|
|
|
public void onReceive(Context context, Intent intent) {
|
2015-10-25 09:29:49 +00:00
|
|
|
Log.i(TAG, "Received " + intent);
|
|
|
|
Util.logExtras(TAG, intent);
|
2015-11-01 13:16:57 +00:00
|
|
|
|
|
|
|
if (last_roaming != Util.isRoaming(SinkholeService.this)) {
|
|
|
|
last_roaming = !last_roaming;
|
|
|
|
Log.i(TAG, "New state roaming=" + last_roaming);
|
|
|
|
reload(null, SinkholeService.this);
|
|
|
|
|
|
|
|
} else if (intent.hasExtra(ConnectivityManager.EXTRA_NETWORK_TYPE) &&
|
|
|
|
intent.getIntExtra(ConnectivityManager.EXTRA_NETWORK_TYPE, ConnectivityManager.TYPE_DUMMY) ==
|
|
|
|
ConnectivityManager.TYPE_WIFI)
|
2015-10-29 06:47:12 +00:00
|
|
|
reload(null, SinkholeService.this);
|
2015-10-25 22:31:00 +00:00
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2015-11-02 05:29:09 +00:00
|
|
|
private BroadcastReceiver packageAddedReceiver = new BroadcastReceiver() {
|
2015-10-25 22:31:00 +00:00
|
|
|
@Override
|
|
|
|
public void onReceive(Context context, Intent intent) {
|
|
|
|
Log.i(TAG, "Received " + intent);
|
2015-10-26 12:19:52 +00:00
|
|
|
Util.logExtras(TAG, intent);
|
2015-10-29 06:47:12 +00:00
|
|
|
reload(null, SinkholeService.this);
|
2015-10-24 18:01:55 +00:00
|
|
|
}
|
|
|
|
};
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public void onCreate() {
|
|
|
|
super.onCreate();
|
2015-10-24 19:50:29 +00:00
|
|
|
Log.i(TAG, "Create");
|
2015-10-25 15:28:41 +00:00
|
|
|
|
2015-11-02 05:29:09 +00:00
|
|
|
// Listen for interactive state changes
|
|
|
|
IntentFilter ifInteractive = new IntentFilter();
|
|
|
|
ifInteractive.addAction(Intent.ACTION_SCREEN_ON);
|
|
|
|
ifInteractive.addAction(Intent.ACTION_SCREEN_OFF);
|
|
|
|
registerReceiver(interactiveStateReceiver, ifInteractive);
|
2015-10-29 07:48:28 +00:00
|
|
|
|
|
|
|
// Listen for connectivity updates
|
|
|
|
IntentFilter ifConnectivity = new IntentFilter();
|
|
|
|
ifConnectivity.addAction(ConnectivityManager.CONNECTIVITY_ACTION);
|
|
|
|
registerReceiver(connectivityChangedReceiver, ifConnectivity);
|
|
|
|
|
2015-11-02 05:29:09 +00:00
|
|
|
// Listen for added applications
|
|
|
|
IntentFilter ifPackage = new IntentFilter();
|
|
|
|
ifPackage.addAction(Intent.ACTION_PACKAGE_ADDED);
|
|
|
|
ifPackage.addDataScheme("package");
|
|
|
|
registerReceiver(packageAddedReceiver, ifPackage);
|
2015-10-24 18:01:55 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public void onDestroy() {
|
|
|
|
Log.i(TAG, "Destroy");
|
2015-10-25 15:28:41 +00:00
|
|
|
|
2015-10-26 13:32:14 +00:00
|
|
|
if (vpn != null) {
|
2015-10-30 07:57:36 +00:00
|
|
|
stopDebug();
|
|
|
|
stopVPN(vpn);
|
2015-10-26 13:32:14 +00:00
|
|
|
vpn = null;
|
|
|
|
}
|
2015-10-25 15:28:41 +00:00
|
|
|
|
2015-10-29 07:48:28 +00:00
|
|
|
unregisterReceiver(interactiveStateReceiver);
|
2015-11-02 05:29:09 +00:00
|
|
|
unregisterReceiver(connectivityChangedReceiver);
|
|
|
|
unregisterReceiver(packageAddedReceiver);
|
2015-10-25 15:28:41 +00:00
|
|
|
|
2015-10-24 18:01:55 +00:00
|
|
|
super.onDestroy();
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public void onRevoke() {
|
|
|
|
Log.i(TAG, "Revoke");
|
2015-10-25 15:28:41 +00:00
|
|
|
|
2015-10-26 13:32:14 +00:00
|
|
|
if (vpn != null) {
|
2015-10-30 07:57:36 +00:00
|
|
|
stopDebug();
|
|
|
|
stopVPN(vpn);
|
2015-10-26 13:32:14 +00:00
|
|
|
vpn = null;
|
|
|
|
}
|
2015-10-25 15:28:41 +00:00
|
|
|
|
|
|
|
// Disable firewall
|
2015-10-25 09:29:49 +00:00
|
|
|
SharedPreferences prefs = PreferenceManager.getDefaultSharedPreferences(this);
|
|
|
|
prefs.edit().putBoolean("enabled", false).apply();
|
2015-10-25 15:28:41 +00:00
|
|
|
|
2015-11-01 06:44:48 +00:00
|
|
|
// Display warning
|
|
|
|
showDisabledNotification();
|
|
|
|
|
|
|
|
super.onRevoke();
|
|
|
|
}
|
|
|
|
|
|
|
|
private void showDisabledNotification() {
|
2015-10-30 11:49:24 +00:00
|
|
|
Intent riMain = new Intent(this, ActivityMain.class);
|
|
|
|
PendingIntent piMain = PendingIntent.getActivity(this, 0, riMain, PendingIntent.FLAG_CANCEL_CURRENT);
|
|
|
|
|
|
|
|
NotificationCompat.Builder notification = new NotificationCompat.Builder(this)
|
|
|
|
.setSmallIcon(R.mipmap.ic_launcher)
|
|
|
|
.setContentTitle(getString(R.string.app_name))
|
|
|
|
.setContentText(getString(R.string.msg_revoked))
|
|
|
|
.setContentIntent(piMain)
|
|
|
|
.setAutoCancel(true);
|
|
|
|
|
|
|
|
NotificationManager nm = (NotificationManager) getSystemService(Context.NOTIFICATION_SERVICE);
|
|
|
|
nm.notify(NOTIFY_DISABLED, notification.build());
|
2015-11-01 06:44:48 +00:00
|
|
|
}
|
2015-10-30 11:49:24 +00:00
|
|
|
|
2015-11-01 06:44:48 +00:00
|
|
|
private void removeDisabledNotification() {
|
|
|
|
NotificationManager nm = (NotificationManager) getSystemService(Context.NOTIFICATION_SERVICE);
|
|
|
|
nm.cancel(NOTIFY_DISABLED);
|
2015-10-24 18:01:55 +00:00
|
|
|
}
|
2015-10-25 22:04:10 +00:00
|
|
|
|
2015-10-26 16:23:41 +00:00
|
|
|
public static void start(Context context) {
|
2015-10-29 06:47:12 +00:00
|
|
|
Intent intent = new Intent(context, SinkholeService.class);
|
2015-10-26 16:23:41 +00:00
|
|
|
intent.putExtra(EXTRA_COMMAND, Command.start);
|
|
|
|
context.startService(intent);
|
|
|
|
}
|
|
|
|
|
2015-10-26 16:32:03 +00:00
|
|
|
public static void reload(String network, Context context) {
|
|
|
|
if (network == null || ("wifi".equals(network) ? Util.isWifiActive(context) : !Util.isWifiActive(context))) {
|
2015-10-29 06:47:12 +00:00
|
|
|
Intent intent = new Intent(context, SinkholeService.class);
|
2015-10-25 22:04:10 +00:00
|
|
|
intent.putExtra(EXTRA_COMMAND, Command.reload);
|
|
|
|
context.startService(intent);
|
|
|
|
}
|
|
|
|
}
|
2015-10-26 16:23:41 +00:00
|
|
|
|
|
|
|
public static void stop(Context context) {
|
2015-10-29 06:47:12 +00:00
|
|
|
Intent intent = new Intent(context, SinkholeService.class);
|
2015-10-26 16:23:41 +00:00
|
|
|
intent.putExtra(EXTRA_COMMAND, Command.stop);
|
|
|
|
context.startService(intent);
|
|
|
|
}
|
2015-10-24 18:01:55 +00:00
|
|
|
}
|