Setting System Proxy (IP Switching)¶

In this chapter, you can learn how to set up an IP proxy for your current phone. FIRERPA supports setting up HTTP and SOCKS5 proxies for your current phone. This way, all communication traffic from your phone will be sent through the configured proxy. Currently, this function does not support IPv6.

Connecting to Proxy¶

This interface has many parameters. Assuming the proxy you obtained from your service provider is http://1.x.x.x:8080, you only need a few lines of code to route device traffic through this proxy. You can continue to check the Complete Parameters section below to understand the parameters you can use.

profile = GproxyProfile()
profile.type = GproxyType.HTTP_CONNECT

profile.drop_udp = True
profile.host = "1.x.x.x"
profile.port = 8080

d.start_gproxy(profile)

It’s important to note that after setting up the proxy, applications that are already running will not immediately use the configured proxy. These applications have already established TCP connections before the proxy was set up. So you need to manually close the target application and open it again for the application to establish connections through the proxy.

Closing the Proxy¶

You can use the following to close the proxy set by FIRERPA on the system. This interface is very simple and does not require you to provide additional parameters.

d.stop_gproxy()

Complete Parameters¶

Below is the complete parameter configuration information for the proxy interface. You can choose whether you need to use each parameter based on its description.

You can configure the type of proxy service through the following parameter. If it’s a socks5 proxy, it would be GproxyType.SOCKS5.

profile.type = GproxyType.HTTP_CONNECT

If you need to redirect DNS queries to 114, this parameter will cause all DNS issued by the system to be forwarded to this. If coexisting with OpenVPN, do not set it to OpenVPN’s intranet DNS, otherwise it may completely disconnect from the network. When this configuration is not used, the system default DNS is used by default.

profile.nameserver = "114.114.114.114"

Configuration for the proxy server’s IP and port number.

profile.host = proxy_server_address
profile.port = proxy_server_port

If your proxy server requires login authentication, you can provide it through the following parameters. This depends on your proxy provider.

profile.login = "proxy_server_login_username"
profile.password = "proxy_server_login_password"

Used to block UDP traffic in the system. Why block UDP traffic? Because most public proxy services today do not support proxying UDP traffic within the system. Of course, some SOCKS5 servers support proxying UDP, such as our self-built solution. So disabling system UDP traffic is a good choice. This option is off by default.

profile.drop_udp = False

Used to configure whether to bypass the local network. If configured as True, traffic to router segments such as 192.168.x and 10.x will not go through the proxy. The default is False. Note that if udp_proxy is enabled, this option does not apply to UDP traffic.

profile.bypass_local_subnet = True

Used to configure whether to proxy UDP traffic. This requires your proxy to meet some prerequisites. Your proxy can only be a GproxyType.SOCKS5 proxy, and your SOCKS5 proxy server has enabled UDP proxying. You can install a proxy server that supports SOCKS5 UDP through the documentation we provide. The default is False. When you use an http proxy or the drop_udp option is True, this option will be ignored.

profile.udp_proxy = False

Used to set whether you need to forward all DNS traffic through the proxy. When this option is enabled, all DNS traffic on the device will be sent through the proxy, which can avoid pollution. When using this option, you need to specify the nameserver parameter at the same time. It cannot be used in packet capture scenarios, otherwise, due to the packet capture software’s inability to properly handle DNS packets, it may cause a pseudo-disconnection.

profile.dns_proxy = False

You can configure to set a proxy for only one application in the system through the following configuration. Traffic from applications other than this will not go through the proxy.

# Please choose one of the three ways to select the target application below.
app = d.application("com.android.browser")
app = d.get_application_by_name("Browser")
app = d.application("com.android.browser", user=999) # Multi-instance application

profile.application.set(app)

Automatically Applying Proxy¶

You can make FIRERPA automatically connect to a preset proxy server when it starts up. This ensures that your phone’s traffic always goes through the proxy. Copy the following configuration and modify the relevant configuration to your proxy information. Write it to the properties.local file and then restart FIRERPA. Some fields not described are the same as the field names described in the Complete Parameters section.

gproxy.enable=true
gproxy.type=http-connect
gproxy.host=1.x.x.x
gproxy.port=8080
gproxy.password=
gproxy.login=

Setting Up a Proxy Service¶

FIRERPA provides an out-of-the-box socks5 proxy service docker in the tools directory that also supports UDP. You can learn how to deploy your own proxy server in the related section on deploying proxy services in this documentation.

Installing System Root Certificate

Connecting to Virtual Network (OpenVPN)