Maintained by: NLnet Labs

[Unbound-users] Unbound Android port

Petr Spacek
Mon Nov 2 11:59:39 CET 2015


On 31.10.2015 21:32, Marek Sebera via Unbound-users wrote:
> Hello guys,
> 
> I'd like to follow up on Android Unbound DNS porting status.
> 
> - We have working binaries for ARM platform, statically linked and all..
> - We have Android application, which provides UI to configure and control the Unbound DNS service
> 
> !! State of Things report (android screenshots included) can be found here: https://github.com/smarek/android-unbound-dns/issues/6
> 
> ! Binaries and Android application can be downloaded here: https://github.com/smarek/android-unbound-dns/releases
> 
> I'd like to have your opinion on where should the project go next and if anybody is interested in taking part in development.

Hello,

Fedora project and namely Tomas Hozza <thozza at redhat.com> is working on a
module for Unbound which should help with working around local broken DNS
proxies while still maintaining ability to DNSSEC-validate signed domains &
use local DNS view/split-DNS configuration.

It was targeted to laptops/roaming users so Android sounds like a very good
target, too. The module is not part of upstream Unbound yet, but there was a
plan to submit it one day.

Contact Tomas if you are interested!

Petr^2 Spacek

> Thank you
> Best Regards
> Marek Sebera
> 
>> On 11 Aug 2015, at 14:02, Marek Sebera <marek.sebera at gmail.com> wrote:
>>
>> Hello list,
>>
>> I’d like to continue in discussion I’ve started here more than 1 year ago.
>>
>> I was finally able to give it some time, and successfully cross-compiled Unbound DNS in version, and I’ve documented and automated the process a bit, you can see here:
>> https://github.com/smarek/android-unbound-dns
>>
>> So now the real question is, is there still demand for securing Android using Unbound DNS resolver, or did I made this for no one?
>>
>> Final idea is to have Unbound Android application which will start the DNS service on unprivileged port (such as 5353) and will be used as optional DNS resolver for masses.
>> Or, having the installer package, will replace default Android resolver, either through IPTables (re-routing all 53 traffic through unbound on 5353) or modifying actual ROM.
>>
>> Which effectively means, we won’t have to have ROOTed device to run the resolver and option we’ll be able to set it in WIFI/Cell-APN/Proxy/VPN settings.
>>
>> Best Regards
>> Marek Sebera
>>
>>> On 06 May 2014, at 13:21, Marek Sebera <marek.sebera at gmail.com> wrote:
>>>
>>> I think it could be done in two ways:
>>> 1) Library (native possibly) to integrate with applications (not requiring root obviously)
>>> 2) System demon with full unbound-configuration (important for various private networks, requires root device access)
>>>
>>> Also could help us with sneaky ISPs :-)
>>>
>>> On 06 May 2014, at 04:17, benfell at parts-unknown.org wrote:
>>>
>>>> Marek Sebera writes:
>>>>>
>>>>> is there any available Unbound port for ARM/x86 Android devices?
>>>>> I’d really like to have my DNS under control on my handy
>>>>
>>>> I like this idea as well. I assume the device would need to be rooted to take advantage of it, however.
>>>>
>>>> --
>>>> David Benfell
>>>> See https://parts-unknown.org/node/2 if you do not understand the attachment.