From 1dd7e982d6d83f65e2c7114f1ea18e02ec02a261 Mon Sep 17 00:00:00 2001
From: emanuele-f <black.silver@hotmail.it>
Date: Sun, 3 Nov 2019 18:58:40 +0100
Subject: [PATCH] Add option to enable/disable unknown app traffic capture

---
 .../emanuelef/remote_capture/CaptureService.java  |  7 ++++++-
 .../emanuelef/remote_capture/MainActivity.java    |  5 +++++
 .../java/com/emanuelef/remote_capture/Prefs.java  |  1 +
 app/src/main/jni/vpnproxy-jni/vpnproxy.c          |  8 ++++----
 app/src/main/jni/vpnproxy-jni/vpnproxy.h          |  1 +
 app/src/main/res/values/strings.xml               |  3 +++
 app/src/main/res/xml/root_preferences.xml         | 15 ++++++++++++++-
 7 files changed, 34 insertions(+), 6 deletions(-)

diff --git a/app/src/main/java/com/emanuelef/remote_capture/CaptureService.java b/app/src/main/java/com/emanuelef/remote_capture/CaptureService.java
index 5ee81d26..1b41dc7b 100644
--- a/app/src/main/java/com/emanuelef/remote_capture/CaptureService.java
+++ b/app/src/main/java/com/emanuelef/remote_capture/CaptureService.java
@@ -43,6 +43,7 @@ public class CaptureService extends VpnService implements Runnable {
     private String vpn_dns;
     private String public_dns;
     private String collector_address;
+    private boolean capture_unknown_app_traffic;
     private int collector_port;
     private int uid_filter;
     private long last_bytes;
@@ -90,6 +91,7 @@ public class CaptureService extends VpnService implements Runnable {
         collector_address = settings.getString(Prefs.PREF_COLLECTOR_IP_KEY);
         collector_port = settings.getInt(Prefs.PREF_COLLECTOR_PORT_KEY);;
         uid_filter = settings.getInt(Prefs.PREF_UID_FILTER);
+        capture_unknown_app_traffic = settings.getBoolean(Prefs.PREF_CAPTURE_UNKNOWN_APP_TRAFFIC);
         last_bytes = 0;
 
         // VPN
@@ -203,7 +205,6 @@ public class CaptureService extends VpnService implements Runnable {
         return(collector_address);
     }
 
-    /* TODO use int */
     public int getPcapCollectorPort() {
         return(collector_port);
     }
@@ -212,6 +213,10 @@ public class CaptureService extends VpnService implements Runnable {
         return(uid_filter);
     }
 
+    public int getCaptureUnknownTraffic() {
+        return(capture_unknown_app_traffic ? 1 : 0);
+    }
+
     // from NetGuard
     @TargetApi(Build.VERSION_CODES.Q)
     public int getUidQ(int version, int protocol, String saddr, int sport, String daddr, int dport) {
diff --git a/app/src/main/java/com/emanuelef/remote_capture/MainActivity.java b/app/src/main/java/com/emanuelef/remote_capture/MainActivity.java
index e8fd32f9..a5d617d1 100644
--- a/app/src/main/java/com/emanuelef/remote_capture/MainActivity.java
+++ b/app/src/main/java/com/emanuelef/remote_capture/MainActivity.java
@@ -318,6 +318,10 @@ public class MainActivity extends AppCompatActivity implements LoaderManager.Loa
         return(mPrefs.getString(Prefs.PREF_COLLECTOR_PORT_KEY, getString(R.string.default_collector_port)));
     }
 
+    private boolean getCaptureUnknownTrafficPref() {
+        return(mPrefs.getBoolean(Prefs.PREF_CAPTURE_UNKNOWN_APP_TRAFFIC, true));
+    }
+
     @Override
     protected void onActivityResult(int requestCode, int resultCode, Intent data) {
         super.onActivityResult(requestCode, resultCode, data);
@@ -331,6 +335,7 @@ public class MainActivity extends AppCompatActivity implements LoaderManager.Loa
             bundle.putString(Prefs.PREF_COLLECTOR_IP_KEY, getCollectorIPPref());
             bundle.putInt(Prefs.PREF_COLLECTOR_PORT_KEY, Integer.parseInt(getCollectorPortPref()));
             bundle.putInt(Prefs.PREF_UID_FILTER, mFilterUid);
+            bundle.putBoolean(Prefs.PREF_CAPTURE_UNKNOWN_APP_TRAFFIC, getCaptureUnknownTrafficPref());
             intent.putExtra("settings", bundle);
 
             Log.d("Main", "onActivityResult -> start CaptureService");
diff --git a/app/src/main/java/com/emanuelef/remote_capture/Prefs.java b/app/src/main/java/com/emanuelef/remote_capture/Prefs.java
index aee15983..016f7f3e 100644
--- a/app/src/main/java/com/emanuelef/remote_capture/Prefs.java
+++ b/app/src/main/java/com/emanuelef/remote_capture/Prefs.java
@@ -4,4 +4,5 @@ public class Prefs {
     static final String PREF_COLLECTOR_IP_KEY = "collector_ip_address";
     static final String PREF_COLLECTOR_PORT_KEY = "collector_port";
     static final String PREF_UID_FILTER = "uid_filter";
+    static final String PREF_CAPTURE_UNKNOWN_APP_TRAFFIC = "capture_unknown_app";
 }
diff --git a/app/src/main/jni/vpnproxy-jni/vpnproxy.c b/app/src/main/jni/vpnproxy-jni/vpnproxy.c
index 5f3626b4..678f86e9 100644
--- a/app/src/main/jni/vpnproxy-jni/vpnproxy.c
+++ b/app/src/main/jni/vpnproxy-jni/vpnproxy.c
@@ -186,6 +186,7 @@ static char* getApplicationByUid(vpnproxy_data_t *proxy, int uid, char *buf, siz
 static void account_packet(zdtun_t *tun, const char *packet, ssize_t size, uint8_t from_tap, const zdtun_conn_t *conn_info) {
     struct sockaddr_in servaddr = {0};
     int uid = (int)conn_info->user_data;
+    bool is_unknown_app = ((uid == -1) || (uid == 1051 /* netd DNS resolver */));
     vpnproxy_data_t *proxy = ((vpnproxy_data_t*)zdtun_userdata(tun));
 
 #if 0
@@ -195,10 +196,8 @@ static void account_packet(zdtun_t *tun, const char *packet, ssize_t size, uint8
         __android_log_print(ANDROID_LOG_DEBUG, VPN_TAG, "net2tap: %lu B", size);
 #endif
 
-    if((proxy->pcap_dump.uid_filter != -1) &&
-        (uid != -1) && /* Always capture unknown-uid flows */
-        (uid != 1051) && /* Always capture netd DNS resolver flows as we don't know we requested them */
-        (proxy->pcap_dump.uid_filter != uid)) {
+    if(((proxy->pcap_dump.uid_filter != -1) && (proxy->pcap_dump.uid_filter != uid))
+        && (!is_unknown_app || !proxy->pcap_dump.capture_unknown_app_traffic)) {
         //__android_log_print(ANDROID_LOG_DEBUG, VPN_TAG, "Discarding connection: UID=%d [filter=%d]", uid, proxy->pcap_dump.uid_filter);
         return;
     }
@@ -460,6 +459,7 @@ static int run_tun(JNIEnv *env, jclass vpn, int tapfd, jint sdk) {
                 .collector_port = htons(getIntPref(&proxy, "getPcapCollectorPort")),
                 .uid_filter = getIntPref(&proxy, "getPcapUidFilter"),
                 .tcp_socket = false,
+                .capture_unknown_app_traffic = getIntPref(&proxy, "getCaptureUnknownTraffic"),
                 .enabled = true,
             },
     };
diff --git a/app/src/main/jni/vpnproxy-jni/vpnproxy.h b/app/src/main/jni/vpnproxy-jni/vpnproxy.h
index 6a95882a..24c82553 100644
--- a/app/src/main/jni/vpnproxy-jni/vpnproxy.h
+++ b/app/src/main/jni/vpnproxy-jni/vpnproxy.h
@@ -50,6 +50,7 @@ typedef struct vpnproxy_data {
         u_int16_t collector_port;
         int uid_filter;
         bool tcp_socket;
+        bool capture_unknown_app_traffic;
         bool enabled;
     } pcap_dump;
 
diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml
index 272048d6..6f2a28af 100644
--- a/app/src/main/res/values/strings.xml
+++ b/app/src/main/res/values/strings.xml
@@ -19,4 +19,7 @@
     <string name="stopping">Stopping...</string>
     <string name="starting">Starting...</string>
     <string name="about">About</string>
+    <string name="capture_unknown_app">Capture Unknown Traffic</string>
+    <string name="capture_unknown_app_summary">When an app filter is set, also capture general purpose traffic which cannot be associated to a specific app. This is usually needed to properly capture DNS traffic.</string>
+    <string name="capture_prefs">Capture</string>
 </resources>
diff --git a/app/src/main/res/xml/root_preferences.xml b/app/src/main/res/xml/root_preferences.xml
index 5a911b2c..0872c8e9 100644
--- a/app/src/main/res/xml/root_preferences.xml
+++ b/app/src/main/res/xml/root_preferences.xml
@@ -16,20 +16,33 @@
 
 <PreferenceScreen xmlns:app="http://schemas.android.com/apk/res-auto">
 
-    <PreferenceCategory app:title="@string/collector_prefs_header">
+    <PreferenceCategory app:title="@string/collector_prefs_header" app:iconSpaceReserved="false">
 
         <EditTextPreference
             app:key="collector_ip_address"
             app:title="@string/ip_address"
+            app:iconSpaceReserved="false"
             app:defaultValue="@string/default_collector_ip"
             app:useSimpleSummaryProvider="true" />
 
         <EditTextPreference
             app:key="collector_port"
             app:title="@string/port"
+            app:iconSpaceReserved="false"
             app:defaultValue="@string/default_collector_port"
             app:useSimpleSummaryProvider="true" />
 
     </PreferenceCategory>
 
+    <PreferenceCategory app:title="@string/capture_prefs" app:iconSpaceReserved="false">
+
+    <SwitchPreference
+        app:key="capture_unknown_app"
+        app:title="@string/capture_unknown_app"
+        app:iconSpaceReserved="false"
+        app:summary="@string/capture_unknown_app_summary"
+        app:defaultValue="true" />
+
+    </PreferenceCategory>
+
 </PreferenceScreen>