package org.torproject.android.service;

import android.content.Context;
import android.preference.PreferenceManager;
import android.util.Log;
import java.io.File;
import java.util.ArrayList;
import java.util.Iterator;
import org.torproject.android.TorConstants;
import org.torproject.android.settings.TorifiedApp;

/* loaded from: classes.dex */
public class TorTransProxy implements TorServiceConstants {
    private boolean mBundledFailed;
    private String mSysIptables;
    private TorService mTorService;
    private boolean useSystemIpTables;

    public TorTransProxy() {
        this.useSystemIpTables = false;
        this.mBundledFailed = false;
        this.mSysIptables = null;
        this.mTorService = null;
    }

    public TorTransProxy(TorService torService) {
        this.useSystemIpTables = false;
        this.mBundledFailed = false;
        this.mSysIptables = null;
        this.mTorService = null;
        this.mTorService = torService;
    }

    private String findSystemIPTables() {
        if (this.mSysIptables != null) {
            return this.mSysIptables;
        }
        File file = new File("/system/bin/iptables");
        if (file.exists()) {
            this.mSysIptables = file.getAbsolutePath();
        } else {
            File file2 = new File("/system/xbin/iptables");
            if (file2.exists()) {
                this.mSysIptables = file2.getAbsolutePath();
            }
        }
        return this.mSysIptables;
    }

    private void logMessage(String str) {
        if (this.mTorService != null) {
            this.mTorService.logMessage(str);
        } else {
            Log.w(TorConstants.TAG, str);
        }
    }

    public int clearTransparentProxyingAll(Context context) throws Exception {
        return modifyTransparentProxyingAll(context, "D");
    }

    public int clearTransparentProxyingByApp(Context context, ArrayList<TorifiedApp> arrayList) throws Exception {
        return modifyTransparentProxyingByApp(context, "D", arrayList);
    }

    public int enableTetheringRules(Context context) throws Exception {
        String ipTablesPath = getIpTablesPath(context);
        StringBuilder sb = new StringBuilder();
        StringBuilder sb2 = new StringBuilder();
        String[] strArr = {"usb0", "wl0.1"};
        for (int i = 0; i < strArr.length; i++) {
            sb.append(ipTablesPath);
            sb.append(" -t nat -A PREROUTING -i ");
            sb.append(strArr[i]);
            sb.append(" -p udp --dport 53 -j REDIRECT --to-ports ");
            sb.append(TorServiceConstants.TOR_DNS_PORT);
            sb.append(" || exit\n");
            sb.append(ipTablesPath);
            sb.append(" -t nat -A PREROUTING -i ");
            sb.append(strArr[i]);
            sb.append(" -p tcp -j REDIRECT --to-ports ");
            sb.append(TorServiceConstants.TOR_TRANSPROXY_PORT);
            sb.append(" || exit\n");
        }
        String[] strArr2 = {sb.toString()};
        int doShellCommand = TorServiceUtils.doShellCommand(strArr2, sb2, true, true);
        logMessage(strArr2[0] + ";errCode=" + doShellCommand + ";resp=" + sb2.toString());
        return doShellCommand;
    }

    public String getIpTablesPath(Context context) {
        this.useSystemIpTables = PreferenceManager.getDefaultSharedPreferences(context.getApplicationContext()).getBoolean(TorConstants.PREF_USE_SYSTEM_IPTABLES, false);
        if (this.useSystemIpTables || this.mBundledFailed) {
            return findSystemIPTables();
        }
        String absolutePath = new File(context.getDir("bin", 0), "iptables").getAbsolutePath();
        try {
            if (testOwnerModule(context, absolutePath) == 0) {
                return absolutePath;
            }
            this.mBundledFailed = true;
            return findSystemIPTables();
        } catch (Exception e) {
            String findSystemIPTables = findSystemIPTables();
            this.mBundledFailed = true;
            return findSystemIPTables;
        }
    }

    public int modifyTransparentProxyingAll(Context context, String str) throws Exception {
        String ipTablesPath = getIpTablesPath(context);
        StringBuilder sb = new StringBuilder();
        StringBuilder sb2 = new StringBuilder();
        int i = context.getApplicationInfo().uid;
        if (str.equals("A")) {
            sb.append(ipTablesPath);
            sb.append(" -N ").append("ORBOT");
            sb.append(" || exit\n");
            sb.append(ipTablesPath);
            sb.append(" -A ").append("OUTPUT");
            sb.append(" -j ").append("ORBOT");
            sb.append(" || exit\n");
        }
        sb.append(ipTablesPath);
        sb.append(" -" + str + " ").append("ORBOT");
        sb.append(" -t filter");
        sb.append(" -m owner --uid-owner ");
        sb.append(i);
        sb.append(" -j ACCEPT");
        sb.append(" || exit\n");
        sb.append(ipTablesPath);
        sb.append(" -" + str + " ").append("OUTPUT");
        sb.append(" -t nat");
        sb.append(" -p tcp");
        sb.append(" ! -d 127.0.0.1");
        sb.append(" -m owner ! --uid-owner ");
        sb.append(i);
        sb.append(" -m tcp --syn");
        sb.append(" -j REDIRECT --to-ports ");
        sb.append(TorServiceConstants.TOR_TRANSPROXY_PORT);
        sb.append(" || exit\n");
        sb.append(ipTablesPath);
        sb.append(" -" + str + " ").append("OUTPUT");
        sb.append(" -t nat");
        sb.append(" -p udp -m owner ! --uid-owner ");
        sb.append(i);
        sb.append(" -m udp --dport ");
        sb.append(53);
        sb.append(" -j REDIRECT --to-ports ");
        sb.append(TorServiceConstants.TOR_DNS_PORT);
        sb.append(" || exit\n");
        for (int i2 : new int[]{TorServiceConstants.TOR_DNS_PORT, TorServiceConstants.TOR_TRANSPROXY_PORT, TorServiceConstants.PORT_SOCKS, TorServiceConstants.PORT_HTTP}) {
            sb.append(ipTablesPath);
            sb.append(" -" + str + " ").append("ORBOT");
            sb.append(" -t filter");
            sb.append(" -m owner ! --uid-owner ");
            sb.append(i);
            sb.append(" -p tcp");
            sb.append(" -d 127.0.0.1");
            sb.append(" --dport ");
            sb.append(i2);
            sb.append(" -j ACCEPT");
            sb.append(" || exit\n");
        }
        sb.append(ipTablesPath);
        sb.append(" -" + str + " ").append("ORBOT");
        sb.append(" -t filter");
        sb.append(" -p tcp");
        sb.append(" -o lo");
        sb.append(" -j ACCEPT");
        sb.append(" || exit\n");
        if (TorService.ENABLE_DEBUG_LOG) {
            sb.append(ipTablesPath);
            sb.append(" -" + str + " ").append("ORBOT");
            sb.append(" -t filter");
            sb.append(" -p udp");
            sb.append(" --dport ");
            sb.append(53);
            sb.append(" -j LOG");
            sb.append(" --log-prefix='ORBOT_DNSLEAK_PROTECTION'");
            sb.append(" --log-uid");
            sb.append(" || exit\n");
            sb.append(ipTablesPath);
            sb.append(" -" + str + " ").append("ORBOT");
            sb.append(" -t filter");
            sb.append(" -p tcp");
            sb.append(" -j LOG");
            sb.append(" --log-prefix='ORBOT_TCPLEAK_PROTECTION'");
            sb.append(" --log-uid");
            sb.append(" || exit\n");
        }
        sb.append(ipTablesPath);
        sb.append(" -" + str + " ").append("ORBOT");
        sb.append(" -t filter");
        sb.append(" -m owner ! --uid-owner ");
        sb.append(i);
        sb.append(" -p tcp");
        sb.append(" ! -d 127.0.0.1");
        sb.append(" -j REJECT");
        sb.append(" || exit\n");
        sb.append(ipTablesPath);
        sb.append(" -" + str + " ").append("ORBOT");
        sb.append(" -t filter");
        sb.append(" -m owner ! --uid-owner ");
        sb.append(i);
        sb.append(" -p udp");
        sb.append(" ! -d 127.0.0.1");
        sb.append(" -j REJECT");
        sb.append(" || exit\n");
        if (str.equals("D")) {
            sb.append(ipTablesPath);
            sb.append(" --flush ").append("ORBOT");
            sb.append(" || exit\n");
            sb.append(ipTablesPath);
            sb.append(" -D ").append("OUTPUT");
            sb.append(" -j ").append("ORBOT");
            sb.append(" || exit\n");
            sb.append(ipTablesPath);
            sb.append(" -X ").append("ORBOT");
            sb.append(" || exit\n");
        }
        int doShellCommand = TorServiceUtils.doShellCommand(new String[]{sb.toString()}, sb2, true, true);
        logMessage("Exec resp: errCode=" + doShellCommand + ";resp=" + sb2.toString());
        return doShellCommand;
    }

    public int modifyTransparentProxyingByApp(Context context, String str, ArrayList<TorifiedApp> arrayList) throws Exception {
        String ipTablesPath = getIpTablesPath(context);
        StringBuilder sb = new StringBuilder();
        StringBuilder sb2 = new StringBuilder();
        if (str.equals("A")) {
            sb.append(ipTablesPath);
            sb.append(" -N ").append("ORBOT");
            sb.append(" || exit\n");
            sb.append(ipTablesPath);
            sb.append(" -A ").append("OUTPUT");
            sb.append(" -j ").append("ORBOT");
            sb.append(" || exit\n");
        }
        String str2 = " -" + str + " ORBOT";
        Iterator<TorifiedApp> it = arrayList.iterator();
        while (it.hasNext()) {
            TorifiedApp next = it.next();
            if (next.isTorified() && !next.getUsername().equals(TorServiceConstants.TOR_APP_USERNAME) && !next.getUsername().equals(TorServiceConstants.ORWEB_APP_USERNAME)) {
                logMessage("enabling transproxy for app: " + next.getUsername() + "(" + next.getUid() + ")");
                sb.append(ipTablesPath);
                sb.append(" -" + str + " ").append("OUTPUT");
                sb.append(" -t nat");
                sb.append(" -p tcp");
                sb.append(" ! -d 127.0.0.1");
                sb.append(" -m owner --uid-owner ");
                sb.append(next.getUid());
                sb.append(" -m tcp --syn");
                sb.append(" -j REDIRECT --to-ports ");
                sb.append(TorServiceConstants.TOR_TRANSPROXY_PORT);
                sb.append(" || exit\n");
                sb.append(ipTablesPath);
                sb.append(" -" + str + " ").append("OUTPUT");
                sb.append(" -t nat");
                sb.append(" -p udp -m owner --uid-owner ");
                sb.append(next.getUid());
                sb.append(" -m udp --dport ");
                sb.append(53);
                sb.append(" -j REDIRECT --to-ports ");
                sb.append(TorServiceConstants.TOR_DNS_PORT);
                sb.append(" || exit\n");
                for (int i : new int[]{TorServiceConstants.TOR_DNS_PORT, TorServiceConstants.TOR_TRANSPROXY_PORT, TorServiceConstants.PORT_SOCKS, TorServiceConstants.PORT_HTTP}) {
                    sb.append(ipTablesPath);
                    sb.append(str2);
                    sb.append(" -t filter");
                    sb.append(" -m owner --uid-owner ");
                    sb.append(next.getUid());
                    sb.append(" -p tcp");
                    sb.append(" -d 127.0.0.1");
                    sb.append(" --dport ");
                    sb.append(i);
                    sb.append(" -j ACCEPT");
                    sb.append(" || exit\n");
                }
                sb.append(ipTablesPath);
                sb.append(str2);
                sb.append(" -t filter");
                sb.append(" -m owner --uid-owner ");
                sb.append(next.getUid());
                sb.append(" -p tcp");
                sb.append(" -o lo");
                sb.append(" -j ACCEPT");
                sb.append(" || exit\n");
                sb.append(ipTablesPath);
                sb.append(str2);
                sb.append(" -t filter");
                sb.append(" -m owner --uid-owner ");
                sb.append(next.getUid());
                sb.append(" -p tcp");
                sb.append(" ! -d 127.0.0.1");
                sb.append(" -j REJECT");
                sb.append(" || exit\n");
                sb.append(ipTablesPath);
                sb.append(str2);
                sb.append(" -t filter");
                sb.append(" -m owner --uid-owner ");
                sb.append(next.getUid());
                sb.append(" -p udp");
                sb.append(" ! -d 127.0.0.1");
                sb.append(" -j REJECT");
                sb.append(" || exit\n");
            }
        }
        if (str.equals("D")) {
            sb.append(ipTablesPath);
            sb.append(" --flush ").append("ORBOT");
            sb.append(" || exit\n");
            sb.append(ipTablesPath);
            sb.append(" -D ").append("OUTPUT");
            sb.append(" -j ").append("ORBOT");
            sb.append(" || exit\n");
            sb.append(ipTablesPath);
            sb.append(" -X ").append("ORBOT");
            sb.append(" || exit\n");
        }
        String[] strArr = {sb.toString()};
        int doShellCommand = TorServiceUtils.doShellCommand(strArr, sb2, true, true);
        logMessage(strArr[0] + ";errCode=" + doShellCommand + ";resp=" + sb2.toString());
        return doShellCommand;
    }

    public int setTransparentProxyingAll(Context context) throws Exception {
        return modifyTransparentProxyingAll(context, "A");
    }

    public int setTransparentProxyingByApp(Context context, ArrayList<TorifiedApp> arrayList) throws Exception {
        return modifyTransparentProxyingByApp(context, "A", arrayList);
    }

    public int testOwnerModule(Context context, String str) throws Exception {
        TorBinaryInstaller.assertIpTablesBinaries(context, false);
        int i = context.getApplicationInfo().uid;
        StringBuilder sb = new StringBuilder();
        StringBuilder sb2 = new StringBuilder();
        sb.append(str);
        sb.append(" -A OUTPUT");
        sb.append(" -t filter");
        sb.append(" -m owner --uid-owner ");
        sb.append(i);
        sb.append(" -j ACCEPT");
        sb.append(" || exit\n");
        sb.append(str);
        sb.append(" -D OUTPUT");
        sb.append(" -t filter");
        sb.append(" -m owner --uid-owner ");
        sb.append(i);
        sb.append(" -j ACCEPT");
        sb.append(" || exit\n");
        String[] strArr = {sb.toString()};
        int doShellCommand = TorServiceUtils.doShellCommand(strArr, sb2, true, true);
        String sb3 = sb2.toString();
        if (this.mTorService != null) {
            logMessage(strArr[0] + ";errCode=" + doShellCommand + ";resp=" + sb3);
        }
        return doShellCommand;
    }
}
