blokada icon indicating copy to clipboard operation
blokada copied to clipboard

Published 20 hours ago verified publisher icon blokadaorg

Element voice call connection is blocked

Open waclaw66 opened this issue 4 years ago • 8 comments

Hello.

Blokada 5.6.0 is somehow blocking voice call connection via TURN server (TCP/UDP). Used Element 1.0.14 on various matrix servers. Nothing blocked is visible within activity log, but call connection works only when Blockada is turned off. Bypassing the Element app from Advanced / Apps helps.

waclaw66 avatar Jan 20 '21 22:01 waclaw66

Hi,

Do you face similar issues with another VPN application? Which DNS server did you use when you faced this reported malfunction?

peterroth avatar Jan 21 '21 15:01 peterroth

Hi,

Do you face similar issues with another VPN application? Which DNS server did you use when you faced this reported malfunction?

I have tested AdLock, but there is no such problem. Blokada has default setting, DNS is set to Cloudflare. Is there some verbose mode?

waclaw66 avatar Jan 21 '21 17:01 waclaw66

The log ships every information what is being blocked, what happens with Blokada, etc. There's no more detailed logging/activity listing.

peterroth avatar Jan 21 '21 22:01 peterroth

I've checked the log, but nothing interresting there, no blocking happened, but still call connection (05:17:51) was unsuccessful. Please give it a try on your own or whitelist the Element app. Thanks.

05:15:31.659   Doze       Doze changed: false
05:15:34.675   Blocka     Querying tunnel status
05:15:34.678   SystemTunn Binding SystemTunnel
05:15:34.697 W BlockaRepo Repo config is stale, refreshing
05:15:34.709   BlockaRepo Fetching Blocka repo to check for updates and configuration
05:15:34.799   SystemTunn Bound SystemTunnel
05:15:34.800   Persistenc No persistence, using defaults for: class model.LocalConfig (Kotlin reflection is not available)
05:15:36.170   BlockaRepo Processing config
05:15:36.172   BlockaRepo Using config: Blokada 5: official channel
05:15:36.174   Update     Repo newest version code is: 506000000
05:15:36.717   Apps       Switching bypass for app: im.vector.app
05:15:36.745   Persistenc No persistence, using defaults for: class model.LocalConfig (Kotlin reflection is not available)
05:15:36.747   PacketLoop Requested to stop packet loop
05:15:36.748   SystemTunn Received a request to close tunnel
05:15:36.749   SystemTunn Tunnel turnOff() called
05:15:36.750   SystemTunn Closing tunnel descriptors
05:15:36.752 W Engine     Waiting after stopping system tunnel, before another start
05:15:37.683   PLLibre    Tunnel thread interrupted, stopping
05:15:37.684   PLLibre    Cleaning up resources: Thread[PacketLoopForLibre,5,main]
05:15:37.685   PLForwarde Closing all remaining sockets in Forwarder
05:15:41.760   Persistenc No persistence, using defaults for: class model.LocalConfig (Kotlin reflection is not available)
05:15:41.761   DnsMapper  Using DNS configuration [DoH/PlusMode: false/false]: Dns(id=cloudflare, ips=[1.1.1.1, 1.0.0.1, 2606:4700:4700::1111, 2606:4700:4700::1001], plusIps=null, port=443, name=cloudflare-dns.com, path=dns-query, label=Cloudflare, canUseInCleartext=true)
05:15:41.763   SystemTunn Received a request to open tunnel
05:15:41.764   SystemTunn Tunnel turnOn() called
05:15:41.765   STConfigur Configuring VPN for Libre mode
05:15:41.766   STConfigur Using IP: 203.0.113.69
05:15:41.767   STConfigur Using IPv6: 2001:db8:0:0:0:0:0:0
05:15:41.768   STConfigur Adding DNS server: 1.1.1.1
05:15:41.769   STConfigur Adding mapped DNS server for IPv4
05:15:41.776   STConfigur Adding DNS server: 1.0.0.1
05:15:41.777   STConfigur Adding mapped DNS server for IPv4
05:15:41.778   STConfigur Setting MTU: 1280
05:15:41.779   STConfigur Setting bypass for 33 apps
05:15:41.805   SystemTunn Asking system for tunnel
05:15:41.835   PacketLoop Requested to start packet loop (libre mode)
05:15:41.837   PLLibre    Started packet loop thread: 58010682
05:15:41.837   Metrics    Started metrics
05:15:41.840   AppReposit Fetching apps
05:15:41.906   AppReposit Fetched 193 apps, mapping
05:15:42.025   AppReposit Mapped 193 apps
05:15:42.816   Metrics    DNS-RTT/DNS-ERR/REC-ERR: 136ms/0/0
05:15:43.051   Navigation Destination(org.blokada.origin.alarm:id/advancedFragment) class=ui.advanced.AdvancedFragment
05:15:44.269   Metrics    DNS-RTT/DNS-ERR/REC-ERR: 56ms/0/0
05:15:44.316   Rewriter   Blocked: googleads.g.doubleclick.net
05:15:45.051   Metrics    DNS-RTT/DNS-ERR/REC-ERR: 132ms/0/0
05:15:45.080   Navigation Destination(org.blokada.origin.alarm:id/navigation_home) label= class=ui.home.HomeFragment
05:15:46.733   Navigation Destination(org.blokada.origin.alarm:id/navigation_activity) class=ui.stats.StatsFragment
05:17:10.725   SystemTunn Unbinding SystemTunnel
05:17:10.733   SystemTunn unbindService called
05:17:29.195   Blocka     Querying tunnel status
05:17:29.196   SystemTunn Binding SystemTunnel
05:17:29.254   SystemTunn Bound SystemTunnel
05:17:29.257   Persistenc No persistence, using defaults for: class model.LocalConfig (Kotlin reflection is not available)
05:17:30.643   Navigation Destination(org.blokada.origin.alarm:id/activityDetailFragment) class=ui.stats.StatsDetailFragment
05:17:35.842   Navigation Destination(org.blokada.origin.alarm:id/navigation_activity) class=ui.stats.StatsFragment
05:17:51.876   Metrics    DNS-RTT/DNS-ERR/REC-ERR: 139ms/0/0
05:17:53.769   Metrics    DNS-RTT/DNS-ERR/REC-ERR: 58ms/0/0
05:17:55.639   SystemTunn Unbinding SystemTunnel
05:17:55.715   SystemTunn unbindService called
05:18:05.068   Blocka     Querying tunnel status
05:18:05.069   SystemTunn Binding SystemTunnel
05:18:05.169   SystemTunn Bound SystemTunnel
05:18:05.170   Persistenc No persistence, using defaults for: class model.LocalConfig (Kotlin reflection is not available)
05:18:44.256 W Log        Sharing log
05:18:44.374   SystemTunn Unbinding SystemTunnel
05:18:44.380   SystemTunn unbindService called
05:18:50.807   Metrics    DNS-RTT/DNS-ERR/REC-ERR: 457ms/0/0

waclaw66 avatar Jan 22 '21 05:01 waclaw66

It also happens with Quicksy/ https://github.com/inputmice/conversations Call won't connect till I turn off blokada 4/5 on Android v10. I see nothing in the logs.

subpub avatar Feb 07 '21 12:02 subpub

I have noticed exactly the same problem with Blokada 5 and Element TURN/STUN on my device. I'm using a custom TURN server and the hostname is reported as "green" (not blocked) by Blokada, yet the voice call can never be finalized with Blokada active.

I also tested the same with a Wireguard VPN from the same device and the voice connection is established correctly, so it seems to be Blokada-specific.

kravietz avatar Feb 17 '21 12:02 kravietz

Can you try if you set the app being bypassed the call happens as it expected to happen? Does it happen with v4, v5 or both?

peterroth avatar Feb 17 '21 13:02 peterroth

Yes, if the app is bypassed the call is connected, when it's not bypassed then it times out.

Interestingly, when I enabled activity notification and app is not bypassed, there's literally zero notifications about anything being blocked - quite the opposite, the TURN server is displayed as "green" in the Activity > Recent tab, but the connection still times out.

I will later try to run the connection through a sniffer in LAN and see if there's any difference in connections made with Blokada enabled.

kravietz avatar Feb 17 '21 13:02 kravietz