Skip to content

Instantly share code, notes, and snippets.

@mcr

mcr/gist:4c1a46d05474a00f33a59c56946c4c92

Created September 13, 2020 20:25
Show Gist options
  • Save mcr/4c1a46d05474a00f33a59c56946c4c92 to your computer and use it in GitHub Desktop.
Save mcr/4c1a46d05474a00f33a59c56946c4c92 to your computer and use it in GitHub Desktop.
Download ZIP
IPv6 policies and routing tables on Android Oreo
Raw
gistfile1.txt
generic_x86:/ # ip addr ls
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
3: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 02:00:00:44:55:66 brd ff:ff:ff:ff:ff:ff
inet 192.168.232.2/21 brd 192.168.239.255 scope global wlan0
valid_lft forever preferred_lft forever
inet6 fe80::ff:fe44:5566/64 scope link
valid_lft forever preferred_lft forever
5: hwsim0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default
link/ieee802.11/radiotap 12:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
6: sit0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN group default
link/sit 0.0.0.0 brd 0.0.0.0
8: radio0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 02:fb:90:23:a7:b1 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.2/24 brd 192.168.200.255 scope global radio0
valid_lft forever preferred_lft forever
inet6 2607:f0b0:f:2:1935:f47b:b4cd:2a60/64 scope global temporary dynamic
valid_lft 604574sec preferred_lft 85574sec
inet6 2607:f0b0:f:2:fb:90ff:fe23:a7b1/64 scope global mngtmpaddr dynamic
valid_lft forever preferred_lft forever
inet6 fe80::fb:90ff:fe23:a7b1/64 scope link
valid_lft forever preferred_lft forever
generic_x86:/ # ip -6 route ls table all
unreachable default dev lo proto kernel metric 4294967295 error -101
unreachable default dev lo proto kernel metric 4294967295 error -101
unreachable default dev lo proto kernel metric 4294967295 error -101
fe80::/64 dev wlan0 table wlan0 proto kernel metric 256
fe80::/64 dev wlan0 table wlan0 proto static metric 1024
unreachable default dev lo proto kernel metric 4294967295 error -101
2607:f0b0:f:2::/64 dev radio0 table radio0 proto kernel metric 256
fe80::/64 dev radio0 table radio0 proto kernel metric 256
default via fe80::9003:9cff:fe10:c4bb dev radio0 table radio0 proto ra metric 1024 expires 1560sec hoplimit 64
unreachable default dev lo proto kernel metric 4294967295 error -101
unreachable default dev lo proto kernel metric 4294967295 error -101
local ::1 dev lo table local proto none metric 0
local 2607:f0b0:f:2:fb:90ff:fe23:a7b1 dev lo table local proto none metric 0
local 2607:f0b0:f:2:1935:f47b:b4cd:2a60 dev lo table local proto none metric 0
local fe80::ff:fe44:5566 dev lo table local proto none metric 0
local fe80::fb:90ff:fe23:a7b1 dev lo table local proto none metric 0
ff00::/8 dev radio0 table local metric 256
ff00::/8 dev wlan0 table local metric 256
unreachable default dev lo proto kernel metric 4294967295 error -101
generic_x86:/ # ip -6 rule ls
0: from all lookup local
10000: from all fwmark 0xc0000/0xd0000 lookup legacy_system
10500: from all oif wlan0 uidrange 0-0 lookup wlan0
10500: from all fwmark 0x40000/0x40000 oif radio0 uidrange 0-0 lookup radio0
13000: from all fwmark 0x10063/0x1ffff lookup local_network
13000: from all fwmark 0x10065/0x1ffff lookup wlan0
13000: from all fwmark 0x50064/0x5ffff lookup radio0
14000: from all oif wlan0 lookup wlan0
14000: from all fwmark 0x40000/0x40000 oif radio0 lookup radio0
15000: from all fwmark 0x0/0x10000 lookup legacy_system
16000: from all fwmark 0x0/0x10000 lookup legacy_network
17000: from all fwmark 0x0/0x10000 lookup local_network
19000: from all fwmark 0x65/0x1ffff lookup wlan0
22000: from all fwmark 0x0/0xffff lookup wlan0
23000: from all fwmark 0x0/0xffff uidrange 0-0 lookup main
32000: from all unreachable
generic_x86:/ # ip6tables -L -n -v
Chain INPUT (policy ACCEPT 8 packets, 4320 bytes)
pkts bytes target prot opt in out source destination
37 14712 bw_INPUT all * * ::/0 ::/0
37 14712 fw_INPUT all * * ::/0 ::/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 oem_fwd all * * ::/0 ::/0
0 0 fw_FORWARD all * * ::/0 ::/0
0 0 bw_FORWARD all * * ::/0 ::/0
0 0 natctrl_FORWARD all * * ::/0 ::/0
Chain OUTPUT (policy ACCEPT 13 packets, 4600 bytes)
pkts bytes target prot opt in out source destination
71 16996 oem_out all * * ::/0 ::/0
71 16996 fw_OUTPUT all * * ::/0 ::/0
71 16996 st_OUTPUT all * * ::/0 ::/0
71 16996 bw_OUTPUT all * * ::/0 ::/0
Chain bw_FORWARD (1 references)
pkts bytes target prot opt in out source destination
0 0 bw_costly_radio0 all * radio0 ::/0 ::/0
Chain bw_INPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 all * * ::/0 ::/0 ! quota globalAlert: 2097152 bytes
11 5949 bw_costly_radio0 all radio0 * ::/0 ::/0
29 12255 all * * ::/0 ::/0 owner socket exists
Chain bw_OUTPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 all * * ::/0 ::/0 ! quota globalAlert: 2097152 bytes
12 6025 bw_costly_radio0 all * radio0 ::/0 ::/0
51 13791 all * * ::/0 ::/0 owner socket exists
Chain bw_costly_radio0 (3 references)
pkts bytes target prot opt in out source destination
23 11974 bw_penalty_box all * * ::/0 ::/0
0 0 REJECT all * * ::/0 ::/0 ! quota radio0: 9223372036854775807 bytes reject-with icmp6-port-unreachable
Chain bw_costly_shared (0 references)
pkts bytes target prot opt in out source destination
0 0 bw_penalty_box all * * ::/0 ::/0
Chain bw_data_saver (1 references)
pkts bytes target prot opt in out source destination
1 168 RETURN all * * ::/0 ::/0
Chain bw_happy_box (1 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all * * ::/0 ::/0 owner UID match 10011
0 0 RETURN all * * ::/0 ::/0 owner UID match 10013
31 13270 RETURN all * * ::/0 ::/0 owner UID match 0-9999
1 168 bw_data_saver all * * ::/0 ::/0
Chain bw_penalty_box (2 references)
pkts bytes target prot opt in out source destination
32 13438 bw_happy_box all * * ::/0 ::/0
Chain fw_FORWARD (1 references)
pkts bytes target prot opt in out source destination
Chain fw_INPUT (1 references)
pkts bytes target prot opt in out source destination
30 12423 fw_standby all * * ::/0 ::/0
Chain fw_OUTPUT (1 references)
pkts bytes target prot opt in out source destination
51 13791 fw_standby all * * ::/0 ::/0
Chain fw_dozable (0 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all * * ::/0 ::/0 owner UID match 0-9999
0 0 RETURN all lo * ::/0 ::/0
0 0 RETURN all * lo ::/0 ::/0
0 0 RETURN tcp * * ::/0 ::/0 tcp flags:0x04/0x04
0 0 RETURN icmpv6 * * ::/0 ::/0 ipv6-icmptype 2
0 0 RETURN icmpv6 * * ::/0 ::/0 ipv6-icmptype 133
0 0 RETURN icmpv6 * * ::/0 ::/0 ipv6-icmptype 134
0 0 RETURN icmpv6 * * ::/0 ::/0 ipv6-icmptype 135
0 0 RETURN icmpv6 * * ::/0 ::/0 ipv6-icmptype 136
0 0 RETURN icmpv6 * * ::/0 ::/0 ipv6-icmptype 137
0 0 DROP all * * ::/0 ::/0
Chain fw_powersave (0 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all * * ::/0 ::/0 owner UID match 0-9999
0 0 RETURN all lo * ::/0 ::/0
0 0 RETURN all * lo ::/0 ::/0
0 0 RETURN tcp * * ::/0 ::/0 tcp flags:0x04/0x04
0 0 RETURN icmpv6 * * ::/0 ::/0 ipv6-icmptype 2
0 0 RETURN icmpv6 * * ::/0 ::/0 ipv6-icmptype 133
0 0 RETURN icmpv6 * * ::/0 ::/0 ipv6-icmptype 134
0 0 RETURN icmpv6 * * ::/0 ::/0 ipv6-icmptype 135
0 0 RETURN icmpv6 * * ::/0 ::/0 ipv6-icmptype 136
0 0 RETURN icmpv6 * * ::/0 ::/0 ipv6-icmptype 137
0 0 DROP all * * ::/0 ::/0
Chain natctrl_FORWARD (1 references)
pkts bytes target prot opt in out source destination
Chain natctrl_tether_counters (0 references)
pkts bytes target prot opt in out source destination
Chain oem_fwd (1 references)
pkts bytes target prot opt in out source destination
Chain oem_out (1 references)
pkts bytes target prot opt in out source destination
Chain st_OUTPUT (1 references)
pkts bytes target prot opt in out source destination
Chain st_clear_caught (2 references)
pkts bytes target prot opt in out source destination
Chain st_clear_detect (0 references)
pkts bytes target prot opt in out source destination
0 0 REJECT all * * ::/0 ::/0 connmark match 0x2000000/0x2000000 reject-with icmp6-port-unreachable
0 0 RETURN all * * ::/0 ::/0 connmark match 0x1000000/0x1000000
0 0 CONNMARK tcp * * ::/0 ::/0 u32 "0x34>>0x1a&0x3c@0x28&0xffff0000=0x16030000&&0x34>>0x1a&0x3c@0x2c&0xff0000=0x10000" CONNMARK or 0x1000000
0 0 CONNMARK udp * * ::/0 ::/0 u32 "0x30&0xffff0000=0x16fe0000&&0x3c&0xff0000=0x10000" CONNMARK or 0x1000000
0 0 RETURN all * * ::/0 ::/0 connmark match 0x1000000/0x1000000
0 0 st_clear_caught tcp * * ::/0 ::/0 state ESTABLISHED u32 "0x34>>0x1a&0x3c@0x28&0x0=0x0"
0 0 st_clear_caught udp * * ::/0 ::/0
Chain st_penalty_log (0 references)
pkts bytes target prot opt in out source destination
0 0 CONNMARK all * * ::/0 ::/0 CONNMARK or 0x1000000
0 0 NFLOG all * * ::/0 ::/0
Chain st_penalty_reject (0 references)
pkts bytes target prot opt in out source destination
0 0 CONNMARK all * * ::/0 ::/0 CONNMARK or 0x2000000
0 0 NFLOG all * * ::/0 ::/0
0 0 REJECT all * * ::/0 ::/0 reject-with icmp6-port-unreachable
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment