私は私のDNSをGoogle DNSまたはOpenDnsに変更することによってこれを回避できることはほとんど確実ですが、Kitkatについてこれを達成する方法はわかりません。<事前> <コード> ./unyaffs20
I want to avoid censorship from my local mobile ISP (it blocks imgur, for example, for some unknown reason.
Screenshot (click image for larger variant)
I'm pretty certain that I can circumvent this by changing my DNS to Google DNS or OpenDNS, but I'm not really sure how to accomplish this on KitKat.
Info: Device: Nexus 5 Android version: 4.4.2 Device status: rooted
Ok, first of all full disclosure: I'm the author of an app which is now on the Google Play Store and which makes you able to change DNS for any mobile connection on Android 4.4. The app requires root, costs a couple of bucks and is called Override DNS. I was told, on a now deleted answer, that is fair to link to my app as long as I expose it clearly.
The problem I found with this release of Android (4.4) is that, apparently for caching reasons, the system behaviour has been changed to redirect all DNS queries to a system daemon called
netd (here's a link to a presentation related to Android networking before 4.4 which, however, covers part of these topics).
setprop method does not work anymore. Those values, when changed, get simply ignored by the
It's necessary to communicate directly to the daemon via the
/dev/socket/netd socket. In Android it's now present a tool called
ndc which does exactly this job.
The syntax for the DNS related stuff is this:
# ndc resolver flushif <iface> # ndc resolver flushdefaultif # ndc resolver setifdns <iface> <domains> <dns1> <dns2> # ndc resolver setdefaultif <iface>
The app automatically guesses the network device name and applies these commands each time a mobile network gets activated.
I "solved" this problem by using an iptables rule to forward all port 53 connections to an intended DNS server; my experience on Android 4.4.2 with attempting to modify DNS settings while connected to 3G has been exactly as Leo described; ignorance of values in getprop |grep dns[0-9]\]: and dhcpd.conf.
iptables -t nat -A OUTPUT -p udp --dport 53 -j DNAT --to-destination 220.127.116.11:53
The reason is as described here: http://forum.xda-developers.com/showpost.php?p=44722857&postcount=6 All apps do DNS lookups through netd via a /dev/socket/dnsproxyd unix socket. This thread also describes why system properties are being ignored.
To undo this, do
iptables -t nat -L OUTPUT -n -v --line-numbers
, find the line number that corresponds to udp dpt:53 to:xxx.xxx.xxx.xxx:53 and do
iptables -t nat -D OUTPUT *linenumber*
Sadly, it may be impossible to do as of right now, however, it is possible to try DNS Changer. This may work if you are rooted, but there are no guarantees.
A good DNS service to use would be Google's public DNS service. It tends to work out very well for these type of issues right here.
If none of this works, keep looking for answers. A good site for things like this is XDA Developers. They tend to have many answers on things for Android.
I'm on KitKat Cyanogenmod 11, meaning I'm rooted by default. Despite that I can only report failure:
When I try the
adb shell with
setprop net.rmnet0.dns1 18.104.22.168 setprop net.rmnet0.dns2 22.214.171.124 setprop net.rmnet1.dns1 126.96.36.199 setprop net.rmnet1.dns2 188.8.131.52 setprop net.rmnet2.dns1 184.108.40.206 setprop net.rmnet2.dns2 220.127.116.11 setprop net.dns1 18.104.22.168 setprop net.dns1 22.214.171.124
and then test to which IP hjfdkhfjkyuiwnwetbyebvtwgqwdi.tk resolve's... I get an NXDOMAIN response, meaning it didn't came from the OpenDNS nameserver I've set (which would return an answer with an alternative IP, to serve you adds).
getprop | grep dns
I would only see what I've configured. However when switching from WiFi to mobile (3G or 4G/LTE) I see IP's that I recognize as being assigned to my mobile carrier. Apps like "DNSwitch" or "DNS Changer" can re-set those resolvers automaticly at network change. However what
getprop reports me, is still not what's truly doing the resolving.
2nd method [a]:
Another way I tried, is modifieng
/system/etc/dhcpcd/dhcpcd-hooks/20-dns.conf an set things fixed in there (but be aware network names and number of resolvers can differ). Without success.
2nd method [b]:
/system/etc/dhcpcd/dhcpcd.conf I removed the parameter to accept resolvers at DHCP negociation. No success either.
So far the only thing that would work a little is using a "poor man VPN", using the app "SSH Tunnel", using SOCKS4, but using that I did not exactly got a good result.
It seems like either DNS set elsewhere, or all are forwarded (hijacked) as soon the network is mobile.
So, how come? Is it another dirty way to provide carriers with a tool to demolish network neutrality?
In your case your question was because of that. Do you have SSH to try if SSHTunnel is a alternative solution to get around your carriers censoring?
I encountered the same problem today, and thanks to Transfusion. I tried to develop an app "DNS forwarder" to work it out. It does not change dns server on system, but forward dns queries to another server. This workaround works fine for me on Kitkat (Nexus 5/4.4.3 and Moto Razr/CM11). Hope it can help other as well.
Currently I don't think there's any way to change your DNS on your mobile data. But if your phone is rooted you can use apps like Set DNS.