Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Appears to connect to peer and list IP but no actual network activity #56

Open
Ravenstine opened this issue Jan 18, 2024 · 8 comments
Open

Appears to connect to peer and list IP but no actual network activity #56

Ravenstine opened this issue Jan 18, 2024 · 8 comments

Comments

@Ravenstine
Copy link

Ravenstine commented Jan 18, 2024
edited

I want to use the official implementation on Android, but this app has never worked for me on either of my Pixel 5s. I'm stuck using crispa-android, which does successfully connect to my network, but is outdated and has almost no configurable settings.

What I'm experiencing is that the app will tell me I'm connected to my peer (hosted with AWS), and it will list my IP, but I'm not able to actually connect to any peers through the connection. When I sign in to my public peer and run yggdrasilctl getPeers, I don't see my phone's IP listed. In other words, the app acts like it's connected, but that doesn't appear to be the case.

This has been the case for both my old Pixel 5 using the stock Pixel ROM and my new Pixel 5 with GrapheneOS installed. I don't think multicast is the issue, because toggling those settings does nothing.

My version of Android is 14. But I had the same issue back on Android 10 on identical hardware.
@wanderer
Copy link

same here

@neilalexander
Copy link
Member

If you have another VPN configured as always on, then you won't get the prompt to enable the Yggdrasil VPN extension on app startup. Is this the case on your devices?

@Ravenstine
Copy link
Author

Ravenstine commented Jan 24, 2024
edited

@neilalexander The issue occurs when I disable my VPN software and uncheck anything related to always-on or blocking outside connections, as well as on another device with no VPN app installed. In both cases, I'm able to get the Yggdrasil app to prompt me to be added to the VPN slot, which I accept.

If there's any diagnostic data I can try to provide, please let me know.

@neilalexander
Copy link
Member

If you're getting the VPN prompt and still not getting a successful connection then we'd probably need some adb logs from the device to show what the extension is doing. Are you able to extract those?

@Ravenstine
Copy link
Author

@neilalexander Here's the type of thing I'm seeing when I use adb logcat | grep ygg:

01-24 15:23:44.379 10624 10624 I GoLog   : Build name: yggdrasil
01-24 15:23:44.379 10624 10624 W ander.yggdrasil: type=1400 audit(0.0:1222): avc: denied { bind } for scontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tcontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tclass=netlink_route_socket permissive=0 bug=b/155595000 app=eu.neilalexander.yggdrasil
01-24 15:23:44.391  1826  4324 I Vpn     : Established by eu.neilalexander.yggdrasil on tun0
01-24 15:23:44.401  2525  2525 D TileServices: Couldn't find tile for ComponentInfo{eu.neilalexander.yggdrasil/eu.neilalexander.yggdrasil.YggTileService}
01-24 15:23:46.302 10624 10624 W ander.yggdrasil: type=1400 audit(0.0:1223): avc: denied { bind } for scontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tcontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tclass=netlink_route_socket permissive=0 bug=b/155595000 app=eu.neilalexander.yggdrasil
01-24 15:23:47.545 10624 10624 W ander.yggdrasil: type=1400 audit(0.0:1224): avc: denied { bind } for scontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tcontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tclass=netlink_route_socket permissive=0 bug=b/155595000 app=eu.neilalexander.yggdrasil
01-24 15:23:48.799 10624 10624 W ander.yggdrasil: type=1400 audit(0.0:1225): avc: denied { bind } for scontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tcontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tclass=netlink_route_socket permissive=0 bug=b/155595000 app=eu.neilalexander.yggdrasil
01-24 15:23:49.832 10624 10624 W ander.yggdrasil: type=1400 audit(0.0:1226): avc: denied { bind } for scontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tcontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tclass=netlink_route_socket permissive=0 bug=b/155595000 app=eu.neilalexander.yggdrasil
01-24 15:23:51.532 10624 10624 W ander.yggdrasil: type=1400 audit(0.0:1227): avc: denied { bind } for scontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tcontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tclass=netlink_route_socket permissive=0 bug=b/155595000 app=eu.neilalexander.yggdrasil
01-24 15:23:52.599 10624 10624 W ander.yggdrasil: type=1400 audit(0.0:1228): avc: denied { bind } for scontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tcontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tclass=netlink_route_socket permissive=0 bug=b/155595000 app=eu.neilalexander.yggdrasil
01-24 15:23:54.542 10624 10624 W ander.yggdrasil: type=1400 audit(0.0:1229): avc: denied { bind } for scontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tcontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tclass=netlink_route_socket permissive=0 bug=b/155595000 app=eu.neilalexander.yggdrasil
01-24 15:23:54.949  2525  2525 D TileServices: Couldn't find tile for ComponentInfo{eu.neilalexander.yggdrasil/eu.neilalexander.yggdrasil.YggTileService}
01-24 15:23:55.562 10624 10624 W ander.yggdrasil: type=1400 audit(0.0:1230): avc: denied { bind } for scontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tcontext=u:r:untrusted_app:s0:c244,c256,c512,c768 tclass=netlink_route_socket permissive=0 bug=b/155595000 app=eu.neilalexander.yggdrasil

Here is the full log with some things redacted like my peer address and the private key.
ravenstine-yggdrasil-log.txt

This is on a Pixel 5 with Android 13 reset to factory settings, with the only changes being F-Droid and Yggdrasil are installed.

@spacedrone404
Copy link

Have no traffic also. Shows connected, but no net activity.
Android 8.0, rooted device, all other vpn-like apps were stopped by brute force before using Yggdrasil.

@tbitcomb
Copy link

tbitcomb commented Mar 26, 2024
edited

This may have been solved indirectly in one of the more recent Yggdrasil releases. I'm not sure of the exact version where it started working correctly, but I recently upgraded to 0.5.5 on my server peer, upgraded the Android app, and now I am able to connect successfully. It's possible my peer was still on a version before 0.5 that was still using DHT, which would explain why the legacy app still worked but not this one, and even though I had updated Yggdrasil on my peer, the Debian repository might have been lagging behind. Although the app didn't even work for me in the 0.4.x days, so I'm not entirely sure on that theory.

In other words, it seems like this issue can probably be closed.

@wanderer @spacedrone404 I don't suppose either of you could try updating the app and connecting to a peer with v0.5.5 installed? That would help confirm whether this issue has been solved already.

EDIT: Just realized I commented from my work account. I'm the OP (Ravenstine) btw.

@spacedrone404
Copy link

spacedrone404 commented Mar 27, 2024
edited

but I recently upgraded to 0.5.5

Currently i'm on v0.1 (016), based on current Yggdrasil v0.5.4. The newest one from github repo. So, there is no possibility to go further.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@wanderer @neilalexander @Ravenstine @spacedrone404 @tbitcomb