Database Develop

[How-To] Enable internet web access through proxy servers

I have found that you can enable www access through a proxy server by inserting new iptables rules in Android. I have used it successfully to browse internet throughput the wifi at my office, it should be the same for school networks with proxy servers as well.
Requirements:
Root access
Kernel with iptable and netfilter support
Known working kernels:
Doomkernel v10
Have been tested on .368 firmware and Doomkernel v10, all iptable and netfilter modules are included in his kernel.
1. Open a terminal emulator or use a scripting app, I have been using ScriptManager.
2. Add iptables entry, root access is needed to manipulate the iptables.
Replace ip address and port in the --to parameter to match your own proxy server address
$ su
# iptables -t nat -A OUTPUT -p tcp -o wlan0 -d internal.ericsson.com -j ACCEPT
# iptables -t nat -A OUTPUT -p tcp -o wlan0 --dport 80 -j DNAT --to 153.140.40.150:3132
# iptables -t nat -L (to list newly added rule)
All apps will now connect to the proxy when accessing port 80
To remove iptables:
$ su
# iptables -t nat -F OUTPUT
You might see several error messages, they can be ignored
modprobe: module 'ip_tables' not found
getsocket for multiport failed strangely: No such file or directory
FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:378
Please let me know if you know how to improve the ruleset and if other kernels are working as well.

Updated ruleset:
Have added additional rule to configure iptales to bypass proxy for intranet web addresses, it would otherwise try to open up intranet web pages trough the proxy server.

The easy way
http://forum.xda-developers.com/showthread.php?t=766569

w1000i said:
The easy way
http://forum.xda-developers.com/showthread.php?t=766569
Click to expand...
Click to collapse
Thanks for the url, have you tried it? Might give it a try but is sounds like it is just a frontend to manipulating the iptables, I prefer to change it myselft, that gives full flexibility to do whatever I wish with the iptables
Did give DroidProxy a try from the android marked but it did not seem to work which is why I started to setup the proxy manually in iptables.
---------- Post added at 10:08 AM ---------- Previous post was at 09:43 AM ----------
w1000i said:
The easy way
http://forum.xda-developers.com/showthread.php?t=766569
Click to expand...
Click to collapse
Found out that, the transporxy project has been discontinued and replaced with autoproxy which according to the forum members should work very well.
http://forum.xda-developers.com/showthread.php?t=1083284
It should work as long as multiports are not used as this is not included in Doomkernel v10. This only mean that you will have to add a seperate rule for each port you wish to forward ie. one for port 80 and one for port 443 instead of having both included in the same rule.

[webtop] Using cellular network without jumping through hoops

Upfronts: I'm using NottachTrix 1.3.1 with the 2.3.6 Webtop. I'm also a programmer and a network administrator, so I might be a little more comfortable poking around in things that might break my phone than other users. Don't do anything you aren't comfortable with! I'm just reporting my findings. Your phone, your comfort level, your business!
I wanted to get my new lapdock to use the cellular network without jumping through any "enable/disable mobile hotspot" hoops. I finally got all the webtop2sd stuff running, including a working lxterminal and synaptic. I was running synaptic as root from a bash shell ("sudo bash" to give me a root shell, other commands as needed). I noticed that synaptic worked without wifi but firefox didn't. I could also ping various websites with no trouble under the root shell, but the adas user could not. adas COULD ping IP addresses, though, so it seemed like there was a firewall in place that was blocking adas from resolving domain names.
As it turns out, there is a firewall in place that is blocking the adas user from resolving domain names.
Webtop seems to be using iptables to restrict access to the default login user. I typed "iptables -L" to view all the iptables-based firewalling that was going on. Sure enough, three entries existed to block network traffic for the user "adas". After an "iptables -S" to get the commands that were used to turn on the filtering, I was able to reverse the process. (Hint: -A adds a rule, -D deletes one)
From here, I could do a lot of things -- create a script to disable iptables on demand, block the commands from running in the first place, dance a happy little jig... I won't embarrass myself by revealing which I actually did, but hopefully there's enough in this post that will help others resolve their problems in a similar manner!
(By the way, every time the phone is docked, it re-blocks network access, apparently using a file called "syslog-restart".)

If you could fix this would be great, I have the same rom and everything and I use my LapDock in my business and it is always a pain to make it connect and most of the times it fails to connect for me.
Cheers

The following presumes a working lxterminal and synaptic (or apt-get). If you haven't run the webtopscripts to fix the broken dependencies, now's a good time to poke that bear*.
(Type the stuff that's in bold -- comments are in italics)
In lxterminal:
sudo apt-get install nano (Command-line text editor)
iptables -S (generates a list of rules that iptables is currently using)
copy any lines in the "-P OUTPUT ACCEPT" section that start with "-A"
create a new file in nano by typing nano fwdisable.sh
at the top of the new document, type #!/bin/bash and press Enter
paste the copied lines into the resulting screen
insert iptables at the start of each line and change "-A" to "-D" (A for add, D for delete)
once the file looks the way you think it should, exit the program with CTRL-X, saving the file when it asks
at the command prompt, type chmod 755 fwdisable.sh
run your new shell script with sudo ./fwdisable.sh
open up a web browser and enjoy!
* Please don't poke any bears. While they may look fluffy, they react poorly to being poked. There's probably a good metaphor about messing around in the internals of your phone in there somewhere, but for the life of me I just can't find it!

Did you guys can edit a ROM that has it all in a matter of WebTop, I can not make it work on my Atrix in any way.
I do not have the device only the HDMI cable.

Trying to save fwdisable.sh nano give me following error
"Error writing fwdisable.sh Read-only file system"
Please advise

pederb said:
Trying to save fwdisable.sh nano give me following error
"Error writing fwdisable.sh Read-only file system"
Please advise
Click to expand...
Click to collapse
Sounds like you're not root or su
Sent from my MB860 using Tapatalk 2

Ok the drive was write protected, but now I get
" ./fwdisable.sh: line 2: -D: command not found"
" ./fwdisable.sh: line 3: -D: command not found"
I was not able to get it to work with Nano so I used gedit instead but should not make a difference, right?
Any idea?

maybe someone can create a flashable fix so that its easy for some of us noobs lol

studean said:
The following presumes a working lxterminal and synaptic (or apt-get). If you haven't run the webtopscripts to fix the broken dependencies, now's a good time to poke that bear*.
(Type the stuff that's in bold -- comments are in italics)
In lxterminal:
sudo apt-get install nano (Command-line text editor)
iptables -S (generates a list of rules that iptables is currently using)
copy any lines in the "-P OUTPUT ACCEPT" section that start with "-A"
create a new file in nano by typing nano fwdisable.sh
at the top of the new document, type #!/bin/bash and press Enter
paste the copied lines into the resulting screen
insert iptables at the start of each line and change "-A" to "-D" (A for add, D for delete)
once the file looks the way you think it should, exit the program with CTRL-X, saving the file when it asks
at the command prompt, type chmod 755 fwdisable.sh
run your new shell script with sudo ./fwdisable.sh
open up a web browser and enjoy!
* Please don't poke any bears. While they may look fluffy, they react poorly to being poked. There's probably a good metaphor about messing around in the internals of your phone in there somewhere, but for the life of me I just can't find it!
Click to expand...
Click to collapse
Follow this guide guys, it is ridiculously easy, no flashing needed.
I also added a button to the AWN dock with the command:
sudo ./fwdisable.sh
Which will give you one click disabling of the firewall. It will restart the firewall each time you dock/undock it appears, so just dock it, click the firewall disable button and you are good to go.

Norcalz71 said:
Follow this guide guys, it is ridiculously easy, no flashing needed.
I also added a button to the AWN dock with the command:
sudo ./fwdisable.sh
Which will give you one click disabling of the firewall. It will restart the firewall each time you dock/undock it appears, so just dock it, click the firewall disable button and you are good to go.
Click to expand...
Click to collapse
Well I'm still getting my error no matter how many time I try it again

man i cant even get webtop2sd to work. as soon as i run it on my phone it force closes. i havent even got it to open longer then super user request yet.
fingers crossed on a cwm flashable lol.

Thanks for this. I was wondering why apt-get update would work but adas couldn't ping out properly over 3g.
Also, thank you for the walk through in editing iptables there. Interesting that they chose to use that over something more proprietary, or well hidden.

I had this problem at first, too -- I think it was busybox-related. There's a busybox updater or two in the Market (I mean, "Play Store") that will bring you up to speed and let you install webtop2sd.

Sorry it's been so long since my last post! It appears that you didn't insert an "iptables " before the "-D". Check to make sure that each line after the "#!/bin/bash" starts with "iptables -D" instead of just "-D" and see if that takes care of the problem. (Also make sure you execute the script with a "sudo" -- iptables won't work properly as a regular user...)

studean said:
Sorry it's been so long since my last post! It appears that you didn't insert an "iptables " before the "-D". Check to make sure that each line after the "#!/bin/bash" starts with "iptables -D" instead of just "-D" and see if that takes care of the problem. (Also make sure you execute the script with a "sudo" -- iptables won't work properly as a regular user...)
Click to expand...
Click to collapse
should it be,
iptables -D
or
-D iptables
[email protected]:/$ sudo iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
FATAL: Could not load /lib/modules/2.6.32.56-MB860-faux123-GB-024/modules.dep: No such file or directory
FATAL: Could not load /lib/modules/2.6.32.56-MB860-faux123-GB-024/modules.dep: No such file or directory
-A OUTPUT -d 127.0.0.1/32 -p tcp -m tcp --dport 8086 -m owner ! --uid-owner adas -j REJECT --reject-with icmp-port-unreachable
-A OUTPUT -d 127.0.0.1/32 -p tcp -m tcp --dport 8085 -m owner ! --uid-owner adas -j REJECT --reject-with icmp-port-unreachable
This is how it looks before editing

It should be "iptables -D". Based on the output from your "iptables -S" command, the file should look like this:
Code:
#/bin/bash
iptables -D OUTPUT -d 127.0.0.1/32 -p tcp -m tcp --dport 8086 -m owner ! --uid-owner adas -j REJECT --reject-with icmp-port-unreachable
iptables -D OUTPUT -d 127.0.0.1/32 -p tcp -m tcp --dport 8085 -m owner ! --uid-owner adas -j REJECT --reject-with icmp-port-unreachable
I also had a third line (that escapes me at the moment -- I'm on a different machine) that further blocked access, but apparently there is a bit of variation in the configuration... At any rate, create the file using whatever text editor you feel most comfortable using, then "chmod 755" the file to make it executable. If you call it "fwdisable.sh", then you should type "chmod 755 fwdisable.sh" in lxterminal and run the file with "sudo ./fwdisable.sh" to disable the firewall.
Good luck! If you want to know more about the workings of this stuff, google "bash scripting guide" and (for a general overview) read the wikipedia page for "iptables". It will help you understand what's up with all these seemingly weird commands...

That worked, but now I get these error messages?
[email protected]:/$ sudo ./fwdisable.sh
FATAL: Could not load /lib/modules/2.6.32.56-MB860-faux123-GB-024/modules.dep: No such file or directory
FATAL: Could not load /lib/modules/2.6.32.56-MB860-faux123-GB-024/modules.dep: No such file or directory
FATAL: Could not load /lib/modules/2.6.32.56-MB860-faux123-GB-024/modules.dep: No such file or directory
FATAL: Could not load /lib/modules/2.6.32.56-MB860-faux123-GB-024/modules.dep: No such file or directory
[email protected]:/$
Click to expand...
Click to collapse
Please advice
Cheers

You should be okay with those error messages. I'm not entirely sure WHY it's looking for that file, but it's "normal" output. If you'll remember, it's the same output you got in the "iptables -S" command... Something about accessing iptables causes the system to look for that file. (I just haven't been bothered enough over it to check yet...)
To verify, run "sudo iptables -S" again to see if there is anything left. You should just see three lines:
Code:
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
Anything more than that and you might need to edit your script as you did before. If the output from "iptables -S" looks like the above, though, fire up firefox and give it a whirl!

studean said:
You should be okay with those error messages. I'm not entirely sure WHY it's looking for that file, but it's "normal" output. If you'll remember, it's the same output you got in the "iptables -S" command... Something about accessing iptables causes the system to look for that file. (I just haven't been bothered enough over it to check yet...)
To verify, run "sudo iptables -S" again to see if there is anything left. You should just see three lines:
Code:
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
Anything more than that and you might need to edit your script as you did before. If the output from "iptables -S" looks like the above, though, fire up firefox and give it a whirl!
Click to expand...
Click to collapse
[email protected]:/$ sudo iptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
FATAL: Could not load /lib/modules/2.6.32.56-MB860-faux123-GB-024/modules.dep: No such file or directory
FATAL: Could not load /lib/modules/2.6.32.56-MB860-faux123-GB-024/modules.dep: No such file or directory
-A OUTPUT -o ppp0 -m owner --uid-owner adas -j REJECT --reject-with icmp-port-unreachable
[email protected]:/$

Excellent! This means you're almost there! As before, copy/paste that line into your shell script, change the "-A" to "iptables -D" and that SHOULD be the end of it.
No, really. This time for sure. Just re-run the script when you're done (ignoring the "fatal" stuff) and you'll be browsing in no time!

[Q] userinit.sh run at start up help.

Hi there people. I recently found an article about using a VPN set up along with routing tables to get tethering going using the phone in Hotsopt mode. Every thing is working well, but the one thing that I can't get going is to have the userinit.sh run at boot automatically.
The original poster said to put this text in the userinit.sh, and nothing else.
========================================================
iptables -t filter -F FORWARD
iptables -t nat -F POSTROUTING
iptables -t filter -I FORWARD -j ACCEPT
iptables -t nat -I POSTROUTING -j MASQUERADE
ip rule add from 192.168.43.0/24 lookup 61
ip route add default dev tun0 scope link table 61
ip route add 192.168.43.0/24 dev wlan0 scope link table 61
ip route add broadcast 255.255.255.255 dev wlan0 scope link table 61
========================================================
As I say I can execute this manually via root explorer, but can't get it to run automatically on boot. Thanks for any help with this.

Get ROM toolbox or something that runs scripts at boot

Thank you for your help. I will have a look at this app later and give it a go.

Hi there I have had chance to install Rom toolbox. I did the following, but still no luck:
main menu - scripter - add script (plus icon) - hit my userinit.sh and pressed to "set at boot icon". I rebooted the phone but the script did not work. I saw "access to interactive shell" from Rom toolbox popup, so something must have happened. Thanks for any more help.

Updated Sprint M8 Lollipop LTE Tether Hack Help

Hi, Looking for help to update the M8 tether hack to work with lollipop on Sprint stock rooted ROM.
I was able to update the default.xml file ( sprint stock lollipop based) in the attached zip which enabled the hotspot and works great with 3g. The init.d tether script used to get LTE working in the zip worked great on kitkat when set correctly using SManager but it doesn't seem to work on lollipop as everyone is aware. I am not experienced enough to edit the tether script which I suspect is the issue with LTE and was hoping someone else here was. It's below and also attached in the zip file under system/etc/init.d which I am sure you know already. Of course it might be something much harder than a simple update of a script or it probably would have been done already....
(I can't attach the zip I was referring to since I haven't posted 10 posts yet but it's here)
http://forum.xda-developers.com/atta...9&d=1423894001
Thanks!
#!/system/bin/sh
iptables -F
iptables -A bw_FORWARD -i !lo+
iptables -A natctrl_FORWARD -j RETURN -i rmnet+ -o wlan0 -m state --state RELATED,ESTABLISHED
iptables -A natctrl_FORWARD -j DROP -i wlan0 -o rmnet+ -m state --state INVALID
iptables -A natctrl_FORWARD -j RETURN -i wlan0 -o rmnet+
iptables -A natctrl_FORWARD -j DROP
iptables -A natctrl_nat_POSTROUTING -t nat -o rmnet+ -j MASQUERADE

oh yeah, six pack of top shelf NW beer sent to the person that can get this working

robsoprano said:
Hi, Looking for help to update the M8 tether hack to work with lollipop on Sprint stock rooted ROM.
I was able to update the default.xml file ( sprint stock lollipop based) in the attached zip which enabled the hotspot and works great with 3g. The init.d tether script used to get LTE working in the zip worked great on kitkat when set correctly using SManager but it doesn't seem to work on lollipop as everyone is aware. I am not experienced enough to edit the tether script which I suspect is the issue with LTE and was hoping someone else here was. It's below and also attached in the zip file under system/etc/init.d which I am sure you know already. Of course it might be something much harder than a simple update of a script or it probably would have been done already....
(I can't attach the zip I was referring to since I haven't posted 10 posts yet but it's here)
http://forum.xda-developers.com/atta...9&d=1423894001
Thanks!
#!/system/bin/sh
iptables -F
iptables -A bw_FORWARD -i !lo+
iptables -A natctrl_FORWARD -j RETURN -i rmnet+ -o wlan0 -m state --state RELATED,ESTABLISHED
iptables -A natctrl_FORWARD -j DROP -i wlan0 -o rmnet+ -m state --state INVALID
iptables -A natctrl_FORWARD -j RETURN -i wlan0 -o rmnet+
iptables -A natctrl_FORWARD -j DROP
iptables -A natctrl_nat_POSTROUTING -t nat -o rmnet+ -j MASQUERADE
Click to expand...
Click to collapse
Why not post in the tether hack thread?
http://forum.xda-developers.com/showthread.php?t=2712222

'cause they required 10 posts which I now have

hi, please delete this thread, it has been added to this existing one:
http://forum.xda-developers.com/showthread.php?t=2712222&page=20

[GUIDE] How to Change DNS in Android Device (8 methods)

Here is a compilation of different ways to change/set the DNS Server in Android Devices
In this thread, I'll be setting the DNS Servers to 8.8.88 & 8.8.4.4 (Google DNS).
You can use any DNS server of your wish.
FOR NON-ROOTED DEVICES:
Method 1: (by changing WiFi Settings)
Note: For some devices, this will work only if you can set a static IP.
1. Go Settings->WiFi
2. Long press the Network you're connected to, and tap 'Modify Network'.
3. Check 'Advanced'. (may not be required in some phones)
Switch the IP settings from DHCP to Static.
Add required DNS servers to the entries for DNS 1 and DNS 2.
4. Click 'Save'
(Don't worry about the editing the IP address as the Android device may fill in the IP address it has acquired through DHCP.)
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Method 2: (Easiest Method using app)
You could just use any app like:
1. Engelsiz : DNS Changer
2. DNS Changer (NO ROOT)
3. DNS Changer (no root 3G/WiFi)
4. DNSet
5. DNS Changer
(or any other app in Play Store.)
(Some apps may require root access)
FOR ROOTED DEVICES:
Easiest way:
The best apps I would recommend to do this automatically are:
1. Override DNS (Root)
2. Set DNS
3. DNS + DNSCrypt Manager
4. DNS Forwarder
Method 3: (by editing DNS config)
1. Open the file 20-dns.conf from /etc/dhcpcd/dhcpcd-hooks/ using a Text Editor (I use ES File Explorer)
2. Add this line to the beggining & reboot device:
Code:
new_domain_name_servers="8.8.8.8 8.8.4.4 $new_domain_name_servers"
So, finally the script finally looks something like this:
Code:
##THIS CAN VARY slightly FOR DIFFERENT ROM BUILDS
# Set net.<iface>.dnsN properties that contain the
# DNS server addresses given by the DHCP server.
[B]new_domain_name_servers="[I]8.8.8.8[/I] [I]8.8.4.4[/I] $new_domain_name_servers"[/B]
if [[ $interface == p2p* ]]
then
intf=p2p
else
intf=$interface
fi
set_dns_props()
{
case "${new_domain_name_servers}" in
"") return 0;;
esac
count=1
for i in 1 2 3 4; do
setprop dhcp.${intf}.dns${i} ""
done
count=1
for dnsaddr in ${new_domain_name_servers}; do
setprop dhcp.${intf}.dns${count} ${dnsaddr}
count=$(($count + 1))
done
separator=" "
if [ -z "$new_domain_name" ]; then
separator=""
else
if [ -z "$new_domain_search" ]; then
separator=""
fi
fi
setprop dhcp.${interface}.domain "${new_domain_name}$separator${new_domain_search}"
}
unset_dns_props()
{
for i in 1 2 3 4; do
setprop dhcp.${intf}.dns${i} ""
done
setprop dhcp.${interface}.domain ""
}
case "${reason}" in
BOUND|INFORM|REBIND|REBOOT|RENEW|TIMEOUT) set_dns_props;;
EXPIRE|FAIL|IPV4LL|RELEASE|STOP) unset_dns_props;;
esac
This is a permanent change. (& sets only for WiFi)
Remove that added line to undo the changes.
(Source: http://forum.xda-developers.com/showpost.php?p=51650282&postcount=7 )
Method 4: (by changing DNS properties using Terminal Emulator)
Note: This may not work in Android 4.4 and above devices.
1. Open Terminal Emulator and type:
Code:
getprop | grep dns
2. Note down all the properties related to dns1, dns2.
These are the properties you need to set to change the DNS Server.
Use the following commands in Terminal Emulator to set them (using setprop):
Code:
su
setprop dhcp.wlan0.dns1 8.8.8.8
setprop dhcp.wlan0.dns2 8.8.4.4
setprop net.dns1 8.8.8.8
setprop net.dns2 8.8.4.4
Other optional properties for mobile networks (may vary with devices) (rmnet0 for 3G I guess)
Code:
setprop net.ppp0.dns1 8.8.8.8
setprop net.ppp0.dns2 8.8.4.4
setprop net.rmnet0.dns1 8.8.8.8
setprop net.rmnet0.dns2 8.8.4.4
setprop net.pdpbr1.dns1 8.8.8.8
setprop net.pdpbr1.dns2 8.8.4.4
Setting DNS for very older devices:
Code:
setprop ro.kernel.android.ndns 2
setprop dhcp.eth0.dns1 8.8.8.8
setprop dhcp.eth0.dns2 8.8.4.4
(You may similarly set dns3 & dns4, but that's not necessary)
These properties get reset to the original values upon reboot..
So, to keep these changes permanent, add the required commands to init.d
(Source: https://github.com/ukanth/afwall/wiki/DNS#changing-default-dns )
Method 5: (by using iptables command)
1. Open Terminal Emulator and type the following:
Code:
su
iptables -t nat -A OUTPUT -p tcp --dport 53 -j DNAT --to-destination 8.8.8.8:53
iptables -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to-destination 8.8.8.8:53
iptables -t nat -D OUTPUT -p tcp --dport 53 -j DNAT --to-destination 8.8.8.8:53 || true
iptables -t nat -D OUTPUT -p udp --dport 53 -j DNAT --to-destination 8.8.8.8:53 || true
iptables -t nat -I OUTPUT -p tcp --dport 53 -j DNAT --to-destination 8.8.8.8:53
iptables -t nat -I OUTPUT -p udp --dport 53 -j DNAT --to-destination 8.8.8.8:53
(you may also use this as AFWall+ Custom Script)
For more detailed info and better understanding, click here.
These properties get reset to the original values upon reboot..
So, to keep these changes permanent, add the required commands to init.d
Method 6: (by editing resolv.conf)
Note:
I think this method works only for old devices. Nothing wrong in trying
1. Open resolv.conf from /system/etc/ using a Text Editor (I use ES File Explorer)
(If there's no such file, create it and try.)
2. Modify the nameservers in the file to your desired DNS servers.
The file finally looks like this:
Code:
nameserver 8.8.8.8
nameserver 8.8.4.4
This change is permanent..
So, it's better to backup the original resolv.conf before editing.
(Source: https://butterflydroid.wordpress.com/2011/10/19/how-to-set-dns-server-on-android-phone/ )
Method 7: (by using ndc resolver command)
1. Open Terminal Emulator and type the following:
Code:
su
ndc resolver flushif [SIZE="1"][I]## to flush old DNS servers[/I][/SIZE]
ndc resolver flushdefaultif [SIZE="1"][I]## to flush resolver[/I][/SIZE]
ndc resolver setifdns <iface> <domains> <dns1> <dns2> ... [SIZE="1"][I]## Add the new servers[/I][/SIZE]
ndc resolver setdefaultif [SIZE="1"][I]## Set as the default device[/I][/SIZE]
This may vary for different Android Versions, so check this also..
These properties get reset to the original values upon reboot..
So, to keep these changes permanent, add the required commands to init.d
Method 8: (by using DNSCrypt command)
Install DNSCrpt on your Android Device with this instructions here.
Then check this answer here on Android Stack Exchange on how to set DNS using a script.
Hit the 'Thanks!' button if you found this helpful.
Leave a reply if you need any help
Do leave a reply if any of these methods worked on your device...

please tell me how to add init.d. I don't know.

rajarshi kundu said:
please tell me how to add init.d. I don't know.
Click to expand...
Click to collapse
This might help:
[GUIDE] How to use init.d scripts
Or try this app: Universal Init.d

method1
great list tks. re method 1, in my experience you have to give an ip address as otherwise you can't save the settings, which then turns out you have to give the device a static ip at your router.

Great list...
Now how about you tell us which versions of Android these work on?
Since Android 6.1.x you can only change the DNS for tethered devices and nothing else. Everything else is ignored, no matter what you set or which app you use.

Wartickler said:
Now how about you tell us which versions of Android these work on?
Since Android 6.1.x you can only change the DNS for tethered devices and nothing else. Everything else is ignored, no matter what you set or which app you use.
Click to expand...
Click to collapse
DNS + DNSCrypt Manager (root) worked for me in Android 7.1.1

Fast what is the fastest downloader for Android phone as cell phones and tablets also how do you use the DNS changer

S7 Nougat
seems after an upgrade to Nougat I cant view my DNS anymore is this true? Mine is nonrooted

i'm on Android 6.0.1 and the iptables method works!
setprop doesn't work.

Wartickler said:
Since Android 6.1.x you can only change the DNS for tethered devices and nothing else. Everything else is ignored, no matter what you set or which app you use.
Click to expand...
Click to collapse
Modifying the 20-dns.conf file worked for me on 7.0.

Help please,
Do u guys think dns changer app still needed if dns already change through build prop( kernel adiutor)? Or mod app like fly on mod?
Feels like its redundant

Is it possible to change dns host name permanently?
So it wont be changed to default after reboot..

@GokulNC
How to change the DNS ADDRESS with help of creating dumpy VPN service without help of any application .
With help of application -
U list out in non - root app list
Like
https://play.google.com/store/apps/details?id=com.burakgon.dnschanger
That app use dumpy vpn for dns change
But
why we app ??
Please try to discover the configuration of vpn..

Hi, I have a question.
Can you tell me if this changes will be applied also to DNS of Mobile Data?

Dns

I did change Dns regular interface for Android Tv but Dns leak test still shows Isp Dns. Why?

GokulNC said:
Here is a compilation of different ways to change/set the DNS Server in Android Devices
In this thread, I'll be setting the DNS Servers to 8.8.88 & 8.8.4.4 (Google DNS).
You can use any DNS server of your wish.
FOR NON-ROOTED DEVICES:
Method 1: (by changing WiFi Settings)
Note: For some devices, this will work only if you can set a static IP.
1. Go Settings->WiFi
2. Long press the Network you're connected to, and tap 'Modify Network'.
3. Check 'Advanced'. (may not be required in some phones)
Switch the IP settings from DHCP to Static.
Add required DNS servers to the entries for DNS 1 and DNS 2.
4. Click 'Save'
(Don't worry about the editing the IP address as the Android device may fill in the IP address it has acquired through DHCP.)
Method 2: (Easiest Method using app)
You could just use any app like:
1. Engelsiz : DNS Changer
2. DNS Changer (NO ROOT)
3. DNS Changer (no root 3G/WiFi)
4. DNSet
5. DNS Changer
(or any other app in Play Store.)
(Some apps may require root access)
FOR ROOTED DEVICES:
Easiest way:
The best apps I would recommend to do this automatically are:
1. Override DNS (Root)
2. Set DNS
3. DNS + DNSCrypt Manager
4. DNS Forwarder
Method 3: (by editing DNS config)
1. Open the file 20-dns.conf from /etc/dhcpcd/dhcpcd-hooks/ using a Text Editor (I use ES File Explorer)
2. Add this line to the beggining & reboot device:
Code:
new_domain_name_servers="8.8.8.8 8.8.4.4 $new_domain_name_servers"
So, finally the script finally looks something like this:
Code:
##THIS CAN VARY slightly FOR DIFFERENT ROM BUILDS
# Set net.<iface>.dnsN properties that contain the
# DNS server addresses given by the DHCP server.
[B]new_domain_name_servers="[I]8.8.8.8[/I] [I]8.8.4.4[/I] $new_domain_name_servers"[/B]
if [[ $interface == p2p* ]]
then
intf=p2p
else
intf=$interface
fi
set_dns_props()
{
case "${new_domain_name_servers}" in
"") return 0;;
esac
count=1
for i in 1 2 3 4; do
setprop dhcp.${intf}.dns${i} ""
done
count=1
for dnsaddr in ${new_domain_name_servers}; do
setprop dhcp.${intf}.dns${count} ${dnsaddr}
count=$(($count + 1))
done
separator=" "
if [ -z "$new_domain_name" ]; then
separator=""
else
if [ -z "$new_domain_search" ]; then
separator=""
fi
fi
setprop dhcp.${interface}.domain "${new_domain_name}$separator${new_domain_search}"
}
unset_dns_props()
{
for i in 1 2 3 4; do
setprop dhcp.${intf}.dns${i} ""
done
setprop dhcp.${interface}.domain ""
}
case "${reason}" in
BOUND|INFORM|REBIND|REBOOT|RENEW|TIMEOUT) set_dns_props;;
EXPIRE|FAIL|IPV4LL|RELEASE|STOP) unset_dns_props;;
esac
This is a permanent change. (& sets only for WiFi)
Remove that added line to undo the changes.
(Source: http://forum.xda-developers.com/showpost.php?p=51650282&postcount=7 )
Method 4: (by changing DNS properties using Terminal Emulator)
Note: This may not work in Android 4.4 and above devices.
1. Open Terminal Emulator and type:
Code:
getprop | grep dns
2. Note down all the properties related to dns1, dns2.
These are the properties you need to set to change the DNS Server.
Use the following commands in Terminal Emulator to set them (using setprop):
Code:
su
setprop dhcp.wlan0.dns1 8.8.8.8
setprop dhcp.wlan0.dns2 8.8.4.4
setprop net.dns1 8.8.8.8
setprop net.dns2 8.8.4.4
Other optional properties for mobile networks (may vary with devices) (rmnet0 for 3G I guess)
Code:
setprop net.ppp0.dns1 8.8.8.8
setprop net.ppp0.dns2 8.8.4.4
setprop net.rmnet0.dns1 8.8.8.8
setprop net.rmnet0.dns2 8.8.4.4
setprop net.pdpbr1.dns1 8.8.8.8
setprop net.pdpbr1.dns2 8.8.4.4
Setting DNS for very older devices:
Code:
setprop ro.kernel.android.ndns 2
setprop dhcp.eth0.dns1 8.8.8.8
setprop dhcp.eth0.dns2 8.8.4.4
(You may similarly set dns3 & dns4, but that's not necessary)
These properties get reset to the original values upon reboot..
So, to keep these changes permanent, add the required commands to init.d
(Source: https://github.com/ukanth/afwall/wiki/DNS#changing-default-dns )
Method 5: (by using iptables command)
1. Open Terminal Emulator and type the following:
Code:
su
iptables -t nat -A OUTPUT -p tcp --dport 53 -j DNAT --to-destination 8.8.8.8:53
iptables -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to-destination 8.8.8.8:53
iptables -t nat -D OUTPUT -p tcp --dport 53 -j DNAT --to-destination 8.8.8.8:53 || true
iptables -t nat -D OUTPUT -p udp --dport 53 -j DNAT --to-destination 8.8.8.8:53 || true
iptables -t nat -I OUTPUT -p tcp --dport 53 -j DNAT --to-destination 8.8.8.8:53
iptables -t nat -I OUTPUT -p udp --dport 53 -j DNAT --to-destination 8.8.8.8:53
(you may also use this as AFWall+ Custom Script)
For more detailed info and better understanding, click here.
These properties get reset to the original values upon reboot..
So, to keep these changes permanent, add the required commands to init.d
Method 6: (by editing resolv.conf)
Note:
I think this method works only for old devices. Nothing wrong in trying
1. Open resolv.conf from /system/etc/ using a Text Editor (I use ES File Explorer)
(If there's no such file, create it and try.)
2. Modify the nameservers in the file to your desired DNS servers.
The file finally looks like this:
Code:
nameserver 8.8.8.8
nameserver 8.8.4.4
This change is permanent..
So, it's better to backup the original resolv.conf before editing.
(Source: https://butterflydroid.wordpress.com/2011/10/19/how-to-set-dns-server-on-android-phone/ )
Method 7: (by using ndc resolver command)
1. Open Terminal Emulator and type the following:
Code:
su
ndc resolver flushif [SIZE="1"][I]## to flush old DNS servers[/I][/SIZE]
ndc resolver flushdefaultif [SIZE="1"][I]## to flush resolver[/I][/SIZE]
ndc resolver setifdns <iface> <domains> <dns1> <dns2> ... [SIZE="1"][I]## Add the new servers[/I][/SIZE]
ndc resolver setdefaultif [SIZE="1"][I]## Set as the default device[/I][/SIZE]
This may vary for different Android Versions, so check this also..
These properties get reset to the original values upon reboot..
So, to keep these changes permanent, add the required commands to init.d
Method 8: (by using DNSCrypt command)
Install DNSCrpt on your Android Device with this instructions here.
Then check this answer here on Android Stack Exchange on how to set DNS using a script.
Hit the 'Thanks!' button if you found this helpful.
Leave a reply if you need any help
Do leave a reply if any of these methods worked on your device...
Click to expand...
Click to collapse
I am trying to use method #3 but I dont have dhcpcd folder ... What to do? My device is rooted and in es manager root explore is checked...

Nice guide, if you have a Raspberry Pi install Pi-Hole on it, then set your home ip as DNS server on your phone/tablet and you'll have have adblocker on your phone/tablet.:good::good:

syamsoul said:
i'm on Android 6.0.1 and the iptables method works!
Click to expand...
Click to collapse
This thread has no other occurrence of "iptables" - would you mind including a reference.
I'm wasting far too much time reading solutions that don't work on CM13 - Android 6.0.1.

drummond said:
This thread has no other occurrence of "iptables" - would you mind including a reference.
I'm wasting far too much time reading solutions that don't work on CM13 - Android 6.0.1.
Click to expand...
Click to collapse
OP - Rooted Devices - Method 5 - it's right there, page 1.
There's an app too.
How much time can that waste?
(If it takes too long to go back one page, the OP is quoted just above your post)