7

根据官方文档:

将网络地址添加到 VPN 接口。支持 IPv4 和 IPv6 地址。在调用建立() 之前必须至少设置一个地址。添加地址隐式允许来自该地址族(即 IPv4 或 IPv6)的流量通过 VPN 路由。@see #allowFamily

但是,我仍然不清楚,挖掘 dns66 的源代码和 Netguard 的源代码也没有多大帮助。

我不确定它应该是服务器地址,但我想不出其他任何有意义的东西。如果我想在之前实施 localVPN,我应该设置什么地址establish()

这是 dns66 的来源,但我不明白为什么它会添加这些地址(如果一切“失败”,它怎么知道 192.168.50.1 会起作用)?:

    // Determine a prefix we can use. These are all reserved prefixes for example
    // use, so it's possible they might be blocked.
    for (String prefix : new String[]{"192.0.2", "198.51.100", "203.0.113"}) {
        try {
            builder.addAddress(prefix + ".1", 24);
        } catch (IllegalArgumentException e) {
            continue;
        }

        format = prefix + ".%d";
        break;
    }

    // For fancy reasons, this is the 2001:db8::/120 subnet of the /32 subnet reserved for
    // documentation purposes. We should do this differently. Anyone have a free /120 subnet
    // for us to use?
    byte[] ipv6Template = new byte[]{32, 1, 13, (byte) (184 & 0xFF), 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};

    if (hasIpV6Servers(config, dnsServers)) {
        try {
            InetAddress addr = Inet6Address.getByAddress(ipv6Template);
            Log.d(TAG, "configure: Adding IPv6 address" + addr);
            builder.addAddress(addr, 120);
        } catch (Exception e) {
            e.printStackTrace();

            ipv6Template = null;
        }
    } else {
        ipv6Template = null;
    }

    if (format == null) {
        Log.w(TAG, "configure: Could not find a prefix to use, directly using DNS servers");
        builder.addAddress("192.168.50.1", 24);
    }
4

1 回答 1

0

您基本上添加了Bridge(提供整个互联网的路由器)的 IP,对我来说,这样做就足够了:

import android.net.VpnService.Builder;

// ...

boolean is_ip_version_6_supported = true;

Builder builder = new Builder();
builder.setSession("My App's session");

// Specify address of the bridge (or router providing the whole internet),
// to use for IP version 4 and 6 connection capturing (like a firewall).
builder.addAddress("10.1.10.1", 32);
if (is_ip_version_6_supported) {
  builder.addAddress("fd00:1:fd00:1:fd00:1:fd00:1", 128);
}

// ...

注意:我也是初学者,所以,请随时编辑和改进我的帖子;-)
无论如何,您的应用程序将负责将本地捕获的数据包转发到 VPN 服务器并将远程的响应数据包注入本地。

于 2020-10-14T13:09:40.953 回答