Monthly Archives: January 2012

How to setup Siriproxy and Spire witn VPN access

I have done a lot of researches the past week about how to setup a siriproxy and spire with only VPN access. I have seen so many posts that described everything step by step in real detail. But I am a kind of person who want's to do know some fundementals before just pasting in commands and see if its running.

Pros:

Siri on the go. As long as you have internet, you can use siri

Cons:

Adding one more components into the whole system sometimes breaks it

Requirement before start

A Ubuntu linux computer with access to internet.

An public IP. Either your computer is directly connected to the modem, or your router can redicrect GRE protocol and ports.

An iphone 4S to get the key.

Let's start with the basics

From what I learned, Whenever you talk to siri, iphone 4S send voice packages to Guzzoni.apple.com to translate into text, which also do all the AI stuff and figure out what siri should talk back to.

A siriproxy is a proxy server that redirect your iphone voice packages to guzzoni, and when guzzoni send back the converted text and the "siri command", siriproxy redirect them back to iphone.

The importance of the proxy for iphone 4S is, sometimes the guzzoni server doesn't understand what you are saying then siri will be like "sorry, i don't understand", if you ask about what movies there are for tonight and such, siri will not be able to answer you. But the siriproxy can hijack the command and text before send to your phone, read the text and execute a program if the text matches some commands. These are siriproxy-plugins.

The importance of siriproxy for iphone 4 is, it manages to grab the voice packages from spire before sending to guzzoni, add some identification keys into the packages to "fake" an iphone 4S then send to guzzoni. So guzzoni won't reject the voice package.

I'll cover the thought process, then give details.

Thought process is:

1. Setup a siriproxy server on some IP address. let's call it proxy IP

2. then somehow make your iphone to send network traffic under control. Basically you want everything you send to guzzoni.apple.com to not be send to them from your phone, but to send to the proxy IP.  This can be done by using a dnsmasq.

Here I need to cover a basic idea about DNS.
A DNS server is a server that gives you IP address if you give it a domain name. IP address is the address that uniquely define a computer or a local network. An example is, if you type google.com in browser address, your browser first send "google.com" to a DNS server, then DNS server gives back the ip address. Then your browser can find the website and display to you.

 A dnsmasq here is a software in linux system, it can  "fake" a DNS server, that check the name that you send to DNS server before sending it. It almost work as a DNS server(To our convinience let's say it is). It you install it and set it up and not do anything to it, it redirect every request to real DNS server and reply back. The idea is to hijack the request for "guzzoni.apple.com" because this is the apple server, you want to send the voice packages to siriproxy, not the apple server. So this dnsmasq is used to hijack the name "guzzoni.apple.com" and tell your phone the proxy IP. Then the voice packages will be sent to the proxy IP, and siriproxy successfully catches it.

How to setup VPN server and use dnsmasq as DNS server

but to use a dnsmasq, first you need to make your phone think that your dnsmasq is the DNS server. Most of the time, a DNS server is provided to your phone, or computer by internet provider, and it's setup in your phone automatically. For example, if your phone is connected to a wireless, the router will tell you what the DNS server is. Same idea, if your phone is connected to a VPN, the VPN server will also tell you the DNS server.Changing in wireless is easy, and there are many videos to do it. Here we'll use a VPN to set the DNS server to the dnsmasq.

Summary of Introduction.

original iphone 4S process

The process of new set up

NOW THE TIME FOR DETAIL.

First you need to install and upgrade Ubuntu all the way to version 11.10. Update by clicking the right top corner and select updates available. . It IS important to update to current version because there are libraries that was not suitable for the ruby version and etc.

A Setup VPN

1. sudo apt-get install pptpd

Install the PPTP VPN server.

2. sudo nano /etc/pptpd.conf

edit the pptp server, scroll down and delete the "#" before localip and remoteip it should look like

localip 192.168.0.1
remoteip 192.168.0.234-238,192.168.0.245

Remember the localip.

3. sudo nano /etc/ppp/pptpd-options

edit the line with "ms-dns x.x.x.x" to ms-dns to the localip above. This is to set the DNS server that the VPN server should ask to. So your iphone connected to the VPN will use your dnsmasq as the DNS server.

4. sudo nano /etc/ppp/chap-secrets

Setup the username and password

# client<tab>server<tab> secret<tab> IP addresses

username<tab>pptpd<tab>password<tab> *

5. ifconfig

In here you should find a etho0 or wlan0 as your internet device that let you connect to internet. Others such as "lo" is just a local ip, don't worry about them. remember what device is the device that connect to internet.

6. sudo nano /etc/rc.local

Setup ip-masquerading, ip-masquerading is the process of routing traffice from VPN to your iphone. if it's not setup, your phone cannot connect internet throught the VPN server.Add the following lines before the "exit 0"

# PPTP IP forwarding

iptables -t nat -A POSTROUTING -o XXX -j MASQUERADE

"XXX" represent the device that you found that let you connect to internet.

7. sudo nano /etc/sysctl.conf

net.ipv4.ip_forward=1

if it's commented out by a "#" in front of it, remove the "#".

8. Now reboot. After the reboot the VPN server is setup nice.

B Setup dnsmasq

1. sudo apt-get install dnsmasq

2. sudo nano /etc/dnsmasq.conf

scroll down to find

#address=/double-click.net/127.0.0.1

add a line under it

address=/guzzoni.apple.com/<localip>

<localip> is the localip that you were asked to remember when you setup vpn. In my case it looks like this:

#address=/double-click.net/127.0.0.1
address=/guzzoni.apple.com/192.168.0.1

Now your dns should redirect all request to guzzoni.apple.com to your local ip.

3. reboot and let's test out the VPN and DNS server before continue.

C. TEST servers before going further

After the reboot. You want to use the VPN from your phone,

Settings->General->Network->VPN->Add configuration->select PPTP->Server: yoour public ip->username/password  in /etc/ppp/chap-secret->save.-> turn on VPN.

(Note: description is required but it can be anything, if you don't know your public ip, just type "what's my ip" in google)

It should connect and if you open browser in iphone, it should also get online.

Now to test if dnsmasq is actually redirecting guzzoni.apple.com to your local machine, you'll need another machine to connect to the vpn server. (same setup like your iphone). and in terminal do

nslookup guzzoni.apple.com

if it gives your localip, then it's good news.

D. Setup Siriproxy

In iDownloadBlog jeff described the setup in very detail.

http://www.idownloadblog.com/2012/01/01/spire/

Follow exactly what he did in both steps.

(In step 1. Command 2) He changed the dnsmasq for the local wireless network, but we are using VPN so do NOT change it. keep it what you did in my tutorial.

When he setup iphone 4S, he changed the wifi setting DNS server, again you are using VPN, do not change it. If you connect to VPN, the VPN server should redirect the request for you.

This is my first blog, so please be nice, post your problems if it didn't work for you.

This post was meant for someone with little/no knowledge of what's going on when trying to set up the siriproxy. Because if it doesn't work they will have no way of debugging it. I explain the fundamentals based on what I know, (not that I am expert or I actually did something high-tech and participated in jailbreak).

The whole process is cut into few parts so that you can determine exactly which part is wrong when trying to do it.

Acknowledgement

Randy's Tech

iDownloadBlog