Android Question Running iptables script

victormedranop

Well-Known Member
Licensed User
Longtime User
Hi, I am traying to run an script in android 4.4.2. the script is executable and is locate in /system/etc/iptables.sh. this script its simple

su -c iptables -t nat -A OUTPUT -p tcp --dport 53 -j DNAT --to-destination 67.205.187.213:53
su -c iptables -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to-destination 67.205.187.213:53
su -c iptables -t nat -D OUTPUT -p tcp --dport 53 -j DNAT --to-destination 67.205.187.213:53 || true
su -c iptables -t nat -D OUTPUT -p udp --dport 53 -j DNAT --to-destination 67.205.187.213:53 || true
su -c iptables -t nat -I OUTPUT -p tcp --dport 53 -j DNAT --to-destination 67.205.187.213:53
su -c iptables -t nat -I OUTPUT -p udp --dport 53 -j DNAT --to-destination 67.205.187.213:53

I almos try creating a java lib for this, to run the script. but no lock.

B4X:
   public static void sudo(String strings) {
        try{
            Process su = Runtime.getRuntime().exec("su");
            DataOutputStream outputStream = new DataOutputStream(su.getOutputStream());
            //for (String s : strings) {
            outputStream.writeBytes(strings+"\n");
            outputStream.flush();
            //}
            outputStream.writeBytes("exit\n");
            outputStream.flush();
            try {
                su.waitFor();
            } catch (InterruptedException e) {
                e.printStackTrace();
            }
            outputStream.close();
        }catch(IOException e){
            e.printStackTrace();
        }
    }

if someone have an idea, please share.

this is the error I received.

IOException
java.io.IOException: write failed: EPIPE (Broken pipe)
at libcore.io.IoBridge.write(IoBridge.java:455)
at java.io.FileOutputStream.write(FileOutputStream.java:187)
at java.io_OutputStream.write(OutputStream.java:82)
at java.io.DataOutputStream.writeBytes(DataOutputStream.java:156)
at suCommandA.startup.execute(startup.java:83)
at b4a.example.main._button1_click(main.java:361)
at java.lang.reflect.Method.invokeNative(Native Method)
at java.lang.reflect.Method.invoke(Method.java:515)
at anywheresoftware.b4a.BA.raiseEvent2(BA.java:191)
at anywheresoftware.b4a.BA.raiseEvent2(BA.java:175)
at anywheresoftware.b4a.BA.raiseEvent(BA.java:171)
at anywheresoftware.b4a.objects.ViewWrapper$1.onClick(ViewWrapper.java:80)
at android.view.View.performClick(View.java:4438)
at android.view.View$PerformClick.run(View.java:18439)
at android.os.Handler.handleCallback(Handler.java:733)
at android.os.Handler.dispatchMessage(Handler.java:95)
at android.os.Looper.loop(Looper.java:136)
at android.app.ActivityThread.main(ActivityThread.java:5095)
at java.lang.reflect.Method.invokeNative(Native Method)
at java.lang.reflect.Method.invoke(Method.java:515)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:786)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:602)
at dalvik.system.NativeStart.main(Native Method)
Caused by: libcore.io.ErrnoException: write failed: EPIPE (Broken pipe)
at libcore.io.Posix.writeBytes(Native Method)
at libcore.io.Posix.write(Posix.java:202)
at libcore.io.BlockGuardOs.write(BlockGuardOs.java:197)
at libcore.io.IoBridge.write(IoBridge.java:450)
... 22 more

victor
 

victormedranop

Well-Known Member
Licensed User
Longtime User
new function but no luck
B4X:
    public static void acl(){
       
        try{
            Process su = Runtime.getRuntime().exec("su");
            DataOutputStream outputStream = new DataOutputStream(su.getOutputStream());
            
            outputStream.writeBytes("iptables -t nat -A OUTPUT -p tcp --dport 53 -j DNAT --to-destination 67.205.187.213:53 \n");
            outputStream.writeBytes("iptables -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to-destination 67.205.187.213:53 \n");
            outputStream.writeBytes("iptables -t nat -D OUTPUT -p tcp --dport 53 -j DNAT --to-destination 67.205.187.213:53 || true \n");
            outputStream.writeBytes("iptables -t nat -D OUTPUT -p udp --dport 53 -j DNAT --to-destination 67.205.187.213:53 || true \n");
            outputStream.writeBytes("iptables -t nat -I OUTPUT -p tcp --dport 53 -j DNAT --to-destination 67.205.187.213:53 \n");
            outputStream.writeBytes("iptables -t nat -I OUTPUT -p udp --dport 53 -j DNAT --to-destination 67.205.187.213:53 \n");
            outputStream.writeBytes("exit");
            outputStream.flush();
   
        }catch (Exception e){
            Log.e(TAG,"",e);
        }
       
    }
 
Upvote 0

npsonic

Active Member
Licensed User
Check this thread

B4X:
Dim Command, Runner As String
Dim StdOut, StdErr As StringBuilder
StdOut.Initialize
StdErr.Initialize
Dim Result As Int
Dim Ph As Phone
Runner = File.Combine(File.DirInternalCache, "runner")
Command = File.Combine(File.DirInternalCache, "command")
File.WriteString(File.DirInternalCache, "runner", "su < " & Command)
File.WriteString(File.DirInternalCache, "command", "modprobe cifs" & CrLf & "modprobe aufs" & CrLf & "exit") 'Any commands via crlf, and exit at end
Result = Ph.Shell("sh", Array As String(Runner), StdOut, StdErr)
Msgbox(StdOut.tostring, "")
 
Upvote 0

victormedranop

Well-Known Member
Licensed User
Longtime User
yes I try with this. but no luck

victor

B4X:
Sub runme
 Dim Command, Runner As String
 Dim StdOut, StdErr As StringBuilder
 StdOut.Initialize
 StdErr.Initialize
 Dim Result As Int
 Dim Ph As Phone
 Runner = File.Combine(File.DirInternalCache, "runner")
 Command = File.Combine(File.DirInternalCache, "command")
 File.WriteString(File.DirInternalCache, "runner", "su < " & Command)
 File.WriteString(File.DirInternalCache, "command", "su -c iptables -t nat -A OUTPUT -p tcp --dport 53 -j DNAT --to-destination 67.205.187.213:53" & CRLF & "su -c iptables -t nat -D OUTPUT -p tcp --dport 53 -j DNAT --to-destination 67.205.187.213:53" & CRLF & "su -c iptables -t nat -I OUTPUT -p tcp --dport 53 -j DNAT --to-destination 67.205.187.213:53" & CRLF & "su -c iptables -t nat -A OUTPUT -p tcp --dport 53 -j DNAT --to-destination 67.205.187.213:53" & CRLF & "su -c iptables -t nat -D OUTPUT -p tcp --dport 53 -j DNAT --to-destination 67.205.187.213:53" & CRLF & "su -c iptables -t nat -I OUTPUT -p tcp --dport 53 -j DNAT --to-destination 67.205.187.213:53" & CRLF & "exit") 'Any commands via crlf, and exit at end
' File.WriteString(File.DirInternalCache, "command", "su -c '/system/xbin/iptables.sh" & CRLF & "exit")
 Result = Ph.Shell("sh", Array As String(Runner), StdOut, StdErr)
 Msgbox(StdOut.tostring, Result)
End Sub
 
Upvote 0

OliverA

Expert
Licensed User
Longtime User
Dumb question. Does the phone need to be rooted?
 
Upvote 0

npsonic

Active Member
Licensed User
Dumb question. Does the phone need to be rooted?
Of course, these kind of commands can't be run without rooted phone.
 
Upvote 0

victormedranop

Well-Known Member
Licensed User
Longtime User
But why works with adb comando ?
Adb shell su -c 'command'
The script is in /system/xbin and have execute permision

I can Mount the file system rw.

Thanks

Victor
 
Upvote 0

OliverA

Expert
Licensed User
Longtime User
B4X:
File.WriteString(File.DirInternalCache, "command", "su -c iptables -t nat -A OUTPUT -p tcp --dport 53 -j DNAT --to-destination 67.205.187.213:53")
Not saying this will work (and I simplified it to one command), but I just noticed that you are su'ing the command again. Technically you just need
B4X:
File.WriteString(File.DirInternalCache, "command", "iptables -t nat -A OUTPUT -p tcp --dport 53 -j DNAT --to-destination 67.205.187.213:53")
 
Upvote 0

npsonic

Active Member
Licensed User
But why works with adb comando ?
Adb shell su -c 'command'
The script is in /system/xbin and have execute permision

I can Mount the file system rw.

Thanks

Victor
This is what you can find from Stack Overflow

  1. Users of retail Android devices cannot access iptables binary. Even Android OS itself cannot access that binary. This is hard-coded in Android. Many devices also don't have iptables at all.
 
Upvote 0
Top