Opened 2 years ago

Last modified 2 years ago

#18109 new defect

Orbot with Transparent Proxying breaks Hotspot DHCP

Reported by: cyphar Owned by: n8fr8
Priority: Medium Milestone:
Component: Applications/Orbot Version: Tor: 0.2.7.5
Severity: Major Keywords: orbot android dhcp hotspot
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

I'm using the current version of Orbot (15.1.0-RC-2) and CyanogenMod 12.1.

If you enable transparent proxying of all apps ("tor everything"), along with enabling a WiFi hotspot from your phone, any clients attempting to connect to your phone's hotspot will be unable to get a DHCP lease. It seems it might be involved with the iptables rules that Orbot sets up.

Enabling the option "Tor tethering" doesn't appear to make a difference either. Connecting to the network and then enabling Orbot will cause DNS to stop working.

This means that I cannot effectively both have all of my apps Tor-ified on my phone and also have a wifi-hotspot open for my laptop (even if I'm not trying to tor-ify my laptop's internet).

Child Tickets

Change History (2)

comment:1 Changed 2 years ago by teor

This might be because the default SOCKSPort/DNSPort config binds to 127.0.0.1, but other devices accessing a hotspot need to connect to the hotspot IP address.

comment:2 Changed 2 years ago by n8fr8

We had the hotspot / tor tethering + transproxy working at one time, but then Android changed somehow, and it hasn't been the same since.

@Teor I think you are right that it has something to do with that. Before for hotspot mode, we needed to bind to 0.0.0.0.

@Cyphar perhaps for now you don't use transproxy all, and only use it for some apps?

Note: See TracTickets for help on using tickets.