Commit Graph

196 Commits

Author SHA1 Message Date
emanuele-f
80034e4711 Detect always-on VPN enabled after capture start
Hide the stop button in such a case

Closes #412
2024-08-15 14:38:10 +02:00
emanuele-f
ebba4518f5 Fix broken open PCAP file feature
Broken since bf6e834f (v1.6.9)
2024-04-19 22:20:29 +02:00
emanuele-f
6b52b0454c Hide IPv6 stats if IPv6 is disabled 2024-03-12 10:18:22 +01:00
emanuele-f
630e911172 Add toggle for auto-reconnection on VPN termination
This allows the user to run other VPN apps, disconnecting PCAPdroid, and
restart it when they terminate.

Closes #411
2024-02-18 22:34:26 +01:00
emanuele-f
8ac6428bf1 Allow capturing multiple target apps
The target app option has been extended to allow the selection
of multiple apps.

Closes #146
2024-02-01 09:56:01 +01:00
emanuele-f
4a7a55d504 Ability to block QUIC always or only on decryption
Commit ddec1a8 limited the ability to block QUIC to only
connections matching the decryption rules. Some users may still want
to always block QUIC for different reasons, so this commit makes it
possible to choose the block policy to apply.

See #369
2024-01-28 20:08:24 +01:00
emanuele-f
e0112eaa3f Logs to debug issue with temporary unblock
See #390
2023-12-25 18:32:36 +01:00
emanuele-f
a241f1e346 Upgrade to SDK 34 - Android 14
Define a foregroundServiceType to meet the new Android policy:
https://developer.android.com/about/versions/14/behavior-changes-14#fgs-types

Closes #368
2023-12-10 12:44:56 +01:00
emanuele-f
bf6e834f17 Fix root permission request on read from pcap
INTERNET_ACROSS_USERS was requested when trying to read from a PCAP file,
which triggered a failure toast in most cases
2023-09-18 22:53:52 +02:00
emanuele-f
0928fec7fe Do not show private DNS warning when opening PCAP 2023-08-31 13:58:08 +02:00
emanuele-f
3ebc9df661 Fix root start failure due to short timeout
After ba7291c, the capture thread does not wait for the pcapd "su"
command to complete, so the old 3 seconds timeout is too short.
The timeout has been extended to 10 seconds and an informative
error is now shown.
2023-08-29 22:20:20 +02:00
emanuele-f
68d3a1dc12 Show notice when loading a PCAP without UID mappings 2023-08-21 07:08:09 +02:00
emanuele-f
1463e1656f Only stop PCAP dump after capture
This ensures that all the monitored data is actually exported, avoiding
a possible inconsistency between the data shown on the screen and the
exported PCAP data.
2023-08-18 21:11:53 +02:00
emanuele-f
ba7291c12f Show pcapd errors in the app UI
pcapd is now run without the daemonize option, allowing PCAPdroid to retrieve the
exit code and avoiding an unnecessary fork. Code-based error reporting is now
implemented in pcapd. Errors are now shown in the UI and common ones are localized.
2023-08-18 01:10:15 +02:00
emanuele-f
86b4c505e3 Add ability to open a PCAP file
PCAPdroid can now open a PCAP file and show the connections data

Closes #109
2023-08-17 22:17:59 +02:00
emanuele-f
68daa312bf Fix app not blocked after reinstallation
The package name to UID mapping was not updated after reinstallation,
causing UID matching to fail and subsequent failure to block it.
Now the UID mapping is automatically updated whenever an app is
installed or uninstalled.

Fixes #338
2023-08-11 20:12:24 +02:00
emanuele-f
e2c5b81d4f Fix possible NullPointerException in getNetworkInterfaces
This occurred with non-primary user account.

See #336
2023-07-20 21:56:33 +02:00
emanuele-f
5a139aaf6c Fix crash on invalid IPv6 DNS
Closes #325
2023-06-13 20:35:00 +02:00
emanuele-f
464516409a Only apply TLS decryption to specified connections
TLS decryption is now only applied to connections matching
the user-configured rules. This allows running the decryption
along with the normal capture. The decryption whitelist has
been removed.
2023-05-31 23:16:55 +02:00
emanuele-f
3459d18e3b Capture IPv6 ULA addresses traffic
Closes #321
2023-05-19 09:34:37 +02:00
emanuele-f
6a42e7d988 Log private DNS mode in build info 2023-04-23 18:30:09 +02:00
emanuele-f
8e584fa8c2 Allow configuring SOCKS5 proxy auth
Closes #304
2023-03-16 12:17:52 +01:00
emanuele-f
2bde04c971 Fix incorrect pcap file size in Android 7
The internal dump size is now used instead of the
on-disk size
2023-01-15 10:15:15 +01:00
emanuele-f
6842ef1231 Store decryption secrets into PCAPNG
When both TLS decryption and PCAPNG are enabled, PCAPdroid now embeds
the TLS master secrets directly into the PCAPNG dump, without the need
for a separate SSLKEYLOG file.

Closes #185
2023-01-08 19:20:49 +01:00
emanuele-f
0b322b0941 Implement PCAPNG dump format
It's now possible to dump packets in the PCAPNG format. This mode does
not currently support the PCAPdroid trailer option.
2023-01-07 19:48:20 +01:00
emanuele-f
916e5cf89b Fix PCAP dialog shown on resume 2022-12-27 22:51:49 +01:00
emanuele-f
46889738c7 Rework PCAP dump to file
PCAP dump to file has been reworked as follows:

- File selection dialog is not shown anymore when the capture starts
- The PCAP filea are saved to the Downloads/PCAPdroid folder
- Simplified mechanism to dump to an arbitrary URI (pcap_uri param)
- Add pcap_name parameter to specify PCAP file name

Overall, this simplifies user interaction and make it easier to
access the PCAP file.

Closes #183
2022-12-27 13:59:02 +01:00
emanuele-f
3a89269f79 Implement TLS decryption whitelist
It's now possible to whitelist specific apps, hosts or IP addresses
to exclude them from the TLS decryption. The whitelist is not available
for decryption in root mode.

Beware that since the host is only available after the TLS connection
is in progress, host-based whitelisting only works if a prior DNS reply
for the given host was seen, creating a mapping between the resolved IP
and the host.

Closes #266
2022-12-22 12:59:44 +01:00
emanuele-f
4edd1e7ede Improve log viewer
- reduce logging level of firewall events to debug
- only display the most recent 512 log lines
2022-12-20 12:36:21 +01:00
emanuele-f
1d878c56c8 Fix blacklist loading after latest commit 2022-12-19 12:53:52 +01:00
emanuele-f
553772724d Improve blacklists update process
- Stop blacklist download if it takes more than 10 sec
- Abort downloads if capture is stopped
- Update the UI status during each individual download

Closes #224
2022-12-18 20:05:30 +01:00
emanuele-f
68bd85b615 Add ability to choose DNS servers
The DNS servers used in VPN mode are now configurable. It's now
possible to ignore the system DNS server and use the specified
ones. Cloudflare DNS is now the default DNS server, which has a
no-logs policy.

Closes #275
2022-12-18 19:19:20 +01:00
emanuele-f
85e1ceb88e Ability to disable full payload with TLS decryption
This can be useful to prevent OutOfMemoryError

Closes #273
2022-12-16 01:12:36 +01:00
emanuele-f
6bf8a6bd8b Add ability to manually add rules
It's now possible to define rules manually without first seeing a
related connection. This includes firewall and whitelist rules.

Closes #207
2022-12-13 23:24:08 +01:00
emanuele-f
2a22e89fef Add ability to configure port mapping
In VPN mode, it's now possible to redirect the traffic of specific
ports towards another host and port. This makes it possible to
integrate PCAPdroid with other apps, by forwarding the traffic to
a local server.

Closes #274
2022-12-12 23:48:56 +01:00
emanuele-f
9eed9ed221 Implement firewall whitelist mode
When whitelist mode is enabled, all the connections are blocked unless
an app is manually whitelisted. DNS resolution by netd is always allowed,
since it's not possible to determine the requesting app.

With this mode enabled, the firewall blocklist is still used and has
priority. For example, if an app is whitelisted but a block rule exists
for the given domain, the connection will be blocked.

The app provides a default whitelist with some essential services.

Closes #232
2022-12-01 00:42:41 +01:00
emanuele-f
60460880af Ability to provide custom mitmproxy options
A new preference has been added to provide additional mitmproxy options

Closes #283
2022-11-24 20:02:37 +01:00
emanuele-f
cdafc69902 Write app log to file
See #282
2022-11-23 13:00:15 +01:00
emanuele-f
eccacc9ad8 Exclude unreachable errors from dropped conn count
Network may become temporary unreachable at any time, e.g. while
switching between wifi and mobile
2022-10-05 22:20:05 +02:00
emanuele-f
0b34620233 Rename AppDescriptor getters 2022-09-20 16:23:27 +02:00
emanuele-f
e687380850 Remove deprecated LocalBroadcastManager
Replaced with LiveData

Closes #187
2022-08-17 01:08:23 +02:00
emanuele-f
e9fed41efb Fix PackageManager deprecations
Closes #225
2022-08-17 00:03:34 +02:00
emanuele-f
ae7a06cfa3 Fix getSerializable/Extra deprecations
See #225
2022-08-16 23:22:12 +02:00
emanuele-f
42c9ec389e Fix TooManyRequestsException with NetworkCallbacks
On multiple capture start/stop, a TooManyRequestsException could be
thrown because the registered NetworkCallback was not unregistered,
causing leaks
2022-08-13 11:10:52 +02:00
emanuele-f
ab5bd509d9 Unblock newly installed apps via notification button
Closes #236
2022-07-22 12:49:41 +02:00
emanuele-f
11e860a988 Improve firewall temporary app unblock
- If temporary unblocked, menu will show option to block it again
- Add unblock for 10 min
- Add temporary unblock to the apps view
- Show hourglass in apps view if temporary unblocked
2022-07-22 11:01:55 +02:00
emanuele-f
7e7b4461fb Initial support for TLS decryption in root mode 2022-07-20 17:24:41 +02:00
emanuele-f
53b42af3c7 Ability to block newly installed apps (firewall)
Closes #208
2022-07-09 19:38:29 +02:00
emanuele-f
dd98decfec Ability to temporary unblock an app (firewall)
Closes #226
2022-07-09 18:47:09 +02:00
emanuele-f
ec4cda0a94 Add ability to exclude apps from the VPN
Closes #229
2022-07-05 16:36:13 +02:00