New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adguard app is "disabled" in Apps Management, but I still see some data stats for it #889

Closed
ameshkov opened this Issue Nov 3, 2016 · 4 comments

Comments

Projects
None yet
1 participant
@ameshkov
Member

ameshkov commented Nov 3, 2016

Happens on my device, I should investigate it further.

@ameshkov ameshkov added the Bug label Nov 3, 2016

@ameshkov ameshkov added this to the 2.8 milestone Nov 3, 2016

@ameshkov ameshkov self-assigned this Nov 3, 2016

@ameshkov

This comment has been minimized.

Show comment
Hide comment
@ameshkov

ameshkov Nov 7, 2016

Member

The problem was that instead of the proper connection we were finding AG's own proxy listener socket in /proc/net/tcp. We now check the status field value and ignore sockets with status different from 02 (TCP_SYN_SENT) or 01 (TCP_ESTABLISHED, required for proxy mode to work properly).

Member

ameshkov commented Nov 7, 2016

The problem was that instead of the proper connection we were finding AG's own proxy listener socket in /proc/net/tcp. We now check the status field value and ignore sockets with status different from 02 (TCP_SYN_SENT) or 01 (TCP_ESTABLISHED, required for proxy mode to work properly).

@ameshkov ameshkov closed this Nov 7, 2016

@ameshkov

This comment has been minimized.

Show comment
Hide comment
@ameshkov

ameshkov Feb 15, 2017

Member

Still happens rarely

Member

ameshkov commented Feb 15, 2017

Still happens rarely

@ameshkov ameshkov reopened this Feb 15, 2017

@ameshkov ameshkov modified the milestones: 2.9, 2.8 Feb 15, 2017

@ameshkov

This comment has been minimized.

Show comment
Hide comment
@ameshkov

ameshkov Feb 16, 2017

Member

Here is what happens.

  1. We receive a TCP packet with src=123
  2. Scan the /proc/net/tcp for the matching records
  3. AG finds a record, matching the very same port, that belongs to an excluded app (Adguard for instance)

How is that possible? The thing is that local_address field is different for VPN connections and for connections of the excluded apps.

So, it is possible to have two records with the same port: src=TUN_IP port=123 and src=WIFI_IP port=123

I am not yet sure if we can/should use the src address for /proc/net/* records filtering, though. So, for now, we'll use a simpler approach.

Member

ameshkov commented Feb 16, 2017

Here is what happens.

  1. We receive a TCP packet with src=123
  2. Scan the /proc/net/tcp for the matching records
  3. AG finds a record, matching the very same port, that belongs to an excluded app (Adguard for instance)

How is that possible? The thing is that local_address field is different for VPN connections and for connections of the excluded apps.

So, it is possible to have two records with the same port: src=TUN_IP port=123 and src=WIFI_IP port=123

I am not yet sure if we can/should use the src address for /proc/net/* records filtering, though. So, for now, we'll use a simpler approach.

@ameshkov

This comment has been minimized.

Show comment
Hide comment
@ameshkov

ameshkov Feb 16, 2017

Member

Done, review ID: AJC-CR-168

Member

ameshkov commented Feb 16, 2017

Done, review ID: AJC-CR-168

@ameshkov ameshkov closed this Feb 16, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment