Configure Android to support GAE Proxy

In the past two days, I want to go online on Android! As a result, a Proxy software called GAE Proxy is obtained.

The software provides one-click proxy, but the premise is that the machine must root and support iptables. If iptables is not supported, you can only use the GAE browser to flip it out. The software of the machine itself (such as the browser, youtube client) cannot go over the wall. Our machine is already root and supports the iptables command, but the software of the machine itself cannot be turned over.

Looking for a problem, I tried my machine HUAWEI 8650. Yes, it is normal. I tried 9250 of the stick, and it's okay. Everyone else can. Why can't our products work.

After reading it with lsmod, there is no module in the host machine and 9250, that is to say, all of them are compiled into the kernel, and most of our machines are compiled into modules in non-core mode, load at startup. Is there a problem with the module ?? Iptables is indeed compiled as a module.

After reading the GAE official website, iptables should support at least one of DNAT or REDIRECT. Okay, so do I load it. After loading, it still does not work.

At this time, I was so depressed that it was amazing to compile all the iptables related information into the kernel. The description must be incomplete.

Logcat checks what the GAE Proxy did when it was started. This Proxy is similar to squid and is forwarded by iptables.

D/GAEProxy (1274):/data/org. gaeproxy/iptables-t nat-a output-p tcp-d 10.0.0.0/8-j RETURN
D/GAEProxy (1274):/data/org. gaeproxy/iptables-t nat-a output-p tcp-d 172.16.0.0/12-j RETURN
D/GAEProxy (1274):/data/org. gaeproxy/iptables-t nat-a output-p tcp -- dport 80-j REDIRECT -- to 8123
D/GAEProxy (1274):/data/org. gaeproxy/iptables-t nat-a output-p tcp -- dport 443-j REDIRECT -- to 8124

Then use iptables-L-t nat to check whether a problem occurs at last and the port redirection fails. Prompt

Run iptables-t nat-a output-p tcp -- dport 80-j REDIRECT -- to 8123

Iptables: No chain/target/match by that name

After reading the iptables guide, I wrote:

This indicates that the chain, target, or match you are using do not exist. There are many reasons, but the most common
You spelled the wrong name. This error occurs when you want to use an unavailable module. Module
It may be because you have not loaded the correct module, or the kernel does not contain that module, or
It fails when iptables automatically loads the module. Generally, you should consider more
The solution should also consider the spelling of target in the rule, or other reasons.
Spelling mistakes are impossible, that is, the correct module is not loaded. Yes. I have loaded all the NAT and REDIRECT resources. lsmod shows that all of them are available.

I really can't find out what modules are missing. If I fail, I don't need to tell which modules are missing. The mobile phones are compiled into the kernel and cannot be compared.

At this time, I suddenly thought that my PC was just equipped with a wall flip, and it was normal. lsmod looked at it and it was quite different. The xt_tcpudp module is missing!

Modprobe xt_tcpudp

Then try again.

Conclusion: three modules are required to roll over the wall without restrictions (these modules may depend on other modules)

Modprobe iptable_nat

Modprobe ipt_REDIRECT

Modprobe xt_tcpudp

In this way, you can.