From b9ee20fca4062120ca68401b6d95235a3e5d522b Mon Sep 17 00:00:00 2001 From: emanuele-f Date: Sun, 23 Apr 2023 17:38:19 +0200 Subject: [PATCH] Fix TCP connections spam to VPN IP port 853 Fixes #313 --- app/src/main/jni/core/capture_vpn.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/app/src/main/jni/core/capture_vpn.c b/app/src/main/jni/core/capture_vpn.c index 26c9f609..0b8934db 100644 --- a/app/src/main/jni/core/capture_vpn.c +++ b/app/src/main/jni/core/capture_vpn.c @@ -522,6 +522,13 @@ int run_vpn(pcapdroid_t *pd) { goto housekeeping; } + bool is_internal_dns = pd->vpn.ipv4.enabled && (pkt.tuple.ipver == 4) && (pkt.tuple.dst_ip.ip4 == pd->vpn.ipv4.internal_dns); + if(is_internal_dns && ntohs(pkt.tuple.dst_port) == 853) { + // accepting this packet could result in multiple TCP connections being spammed + log_d("discarding private DNS packet directed to internal DNS"); + goto housekeeping; + } + if(((pkt.tuple.ipver == 6) && !pd->vpn.ipv6.enabled) || ((pkt.tuple.ipver == 4) && !pd->vpn.ipv4.enabled)) { char buf[512];