How to setup Siriproxy and Spire witn VPN access

I have done a lot of researches the past week about how to setup a siriproxy and spire with only VPN access. I have seen so many posts that described everything step by step in real detail. But I am a kind of person who want's to do know some fundementals before just pasting in commands and see if its running.

Pros:

Siri on the go. As long as you have internet, you can use siri

Cons:

Adding one more components into the whole system sometimes breaks it

Requirement before start

A Ubuntu linux computer with access to internet.

An public IP. Either your computer is directly connected to the modem, or your router can redicrect GRE protocol and ports.

An iphone 4S to get the key.

Let's start with the basics

From what I learned, Whenever you talk to siri, iphone 4S send voice packages to Guzzoni.apple.com to translate into text, which also do all the AI stuff and figure out what siri should talk back to.

A siriproxy is a proxy server that redirect your iphone voice packages to guzzoni, and when guzzoni send back the converted text and the "siri command", siriproxy redirect them back to iphone.

The importance of the proxy for iphone 4S is, sometimes the guzzoni server doesn't understand what you are saying then siri will be like "sorry, i don't understand", if you ask about what movies there are for tonight and such, siri will not be able to answer you. But the siriproxy can hijack the command and text before send to your phone, read the text and execute a program if the text matches some commands. These are siriproxy-plugins.

The importance of siriproxy for iphone 4 is, it manages to grab the voice packages from spire before sending to guzzoni, add some identification keys into the packages to "fake" an iphone 4S then send to guzzoni. So guzzoni won't reject the voice package.

I'll cover the thought process, then give details.

Thought process is:

1. Setup a siriproxy server on some IP address. let's call it proxy IP

2. then somehow make your iphone to send network traffic under control. Basically you want everything you send to guzzoni.apple.com to not be send to them from your phone, but to send to the proxy IP.  This can be done by using a dnsmasq.

Here I need to cover a basic idea about DNS.
A DNS server is a server that gives you IP address if you give it a domain name. IP address is the address that uniquely define a computer or a local network. An example is, if you type google.com in browser address, your browser first send "google.com" to a DNS server, then DNS server gives back the ip address. Then your browser can find the website and display to you.

 A dnsmasq here is a software in linux system, it can  "fake" a DNS server, that check the name that you send to DNS server before sending it. It almost work as a DNS server(To our convinience let's say it is). It you install it and set it up and not do anything to it, it redirect every request to real DNS server and reply back. The idea is to hijack the request for "guzzoni.apple.com" because this is the apple server, you want to send the voice packages to siriproxy, not the apple server. So this dnsmasq is used to hijack the name "guzzoni.apple.com" and tell your phone the proxy IP. Then the voice packages will be sent to the proxy IP, and siriproxy successfully catches it.

How to setup VPN server and use dnsmasq as DNS server

but to use a dnsmasq, first you need to make your phone think that your dnsmasq is the DNS server. Most of the time, a DNS server is provided to your phone, or computer by internet provider, and it's setup in your phone automatically. For example, if your phone is connected to a wireless, the router will tell you what the DNS server is. Same idea, if your phone is connected to a VPN, the VPN server will also tell you the DNS server.Changing in wireless is easy, and there are many videos to do it. Here we'll use a VPN to set the DNS server to the dnsmasq.

Summary of Introduction.

original iphone 4S process

The process of new set up

NOW THE TIME FOR DETAIL.

First you need to install and upgrade Ubuntu all the way to version 11.10. Update by clicking the right top corner and select updates available. . It IS important to update to current version because there are libraries that was not suitable for the ruby version and etc.

A Setup VPN

1. sudo apt-get install pptpd

Install the PPTP VPN server.

2. sudo nano /etc/pptpd.conf

edit the pptp server, scroll down and delete the "#" before localip and remoteip it should look like

localip 192.168.0.1
remoteip 192.168.0.234-238,192.168.0.245

Remember the localip.

3. sudo nano /etc/ppp/pptpd-options

edit the line with "ms-dns x.x.x.x" to ms-dns to the localip above. This is to set the DNS server that the VPN server should ask to. So your iphone connected to the VPN will use your dnsmasq as the DNS server.

4. sudo nano /etc/ppp/chap-secrets

Setup the username and password

# client<tab>server<tab> secret<tab> IP addresses

username<tab>pptpd<tab>password<tab> *

5. ifconfig

In here you should find a etho0 or wlan0 as your internet device that let you connect to internet. Others such as "lo" is just a local ip, don't worry about them. remember what device is the device that connect to internet.

6. sudo nano /etc/rc.local

Setup ip-masquerading, ip-masquerading is the process of routing traffice from VPN to your iphone. if it's not setup, your phone cannot connect internet throught the VPN server.Add the following lines before the "exit 0"

# PPTP IP forwarding

iptables -t nat -A POSTROUTING -o XXX -j MASQUERADE

"XXX" represent the device that you found that let you connect to internet.

7. sudo nano /etc/sysctl.conf

net.ipv4.ip_forward=1

if it's commented out by a "#" in front of it, remove the "#".

8. Now reboot. After the reboot the VPN server is setup nice.

B Setup dnsmasq

1. sudo apt-get install dnsmasq

2. sudo nano /etc/dnsmasq.conf

scroll down to find

#address=/double-click.net/127.0.0.1

add a line under it

address=/guzzoni.apple.com/<localip>

<localip> is the localip that you were asked to remember when you setup vpn. In my case it looks like this:

#address=/double-click.net/127.0.0.1
address=/guzzoni.apple.com/192.168.0.1

Now your dns should redirect all request to guzzoni.apple.com to your local ip.

3. reboot and let's test out the VPN and DNS server before continue.

C. TEST servers before going further

After the reboot. You want to use the VPN from your phone,

Settings->General->Network->VPN->Add configuration->select PPTP->Server: yoour public ip->username/password  in /etc/ppp/chap-secret->save.-> turn on VPN.

(Note: description is required but it can be anything, if you don't know your public ip, just type "what's my ip" in google)

It should connect and if you open browser in iphone, it should also get online.

Now to test if dnsmasq is actually redirecting guzzoni.apple.com to your local machine, you'll need another machine to connect to the vpn server. (same setup like your iphone). and in terminal do

nslookup guzzoni.apple.com

if it gives your localip, then it's good news.

D. Setup Siriproxy

In iDownloadBlog jeff described the setup in very detail.

http://www.idownloadblog.com/2012/01/01/spire/

Follow exactly what he did in both steps.

(In step 1. Command 2) He changed the dnsmasq for the local wireless network, but we are using VPN so do NOT change it. keep it what you did in my tutorial.

When he setup iphone 4S, he changed the wifi setting DNS server, again you are using VPN, do not change it. If you connect to VPN, the VPN server should redirect the request for you.

This is my first blog, so please be nice, post your problems if it didn't work for you.

This post was meant for someone with little/no knowledge of what's going on when trying to set up the siriproxy. Because if it doesn't work they will have no way of debugging it. I explain the fundamentals based on what I know, (not that I am expert or I actually did something high-tech and participated in jailbreak).

The whole process is cut into few parts so that you can determine exactly which part is wrong when trying to do it.

Acknowledgement

Randy's Tech

iDownloadBlog

10 thoughts on “How to setup Siriproxy and Spire witn VPN access

    1. nickrechard

      Great! A week of work helped someone :) btw, since 4 and 4S both can be jailbroken now, you can actually simply change the host file in iphone instead of setting up a dnsmasq now.

      Reply
  1. Firas

    I followed iDownloadBlog jeff tutorial on how to setup siriproxy and it's up and running now :)
    but i wanted siri to be running on my iphone 4 outside the local network, so i did a little google and found your post
    my question is do i need to do something before following your tutorial ?
    Thanks

    Reply
    1. nickrechard Post author

      If your computer is in a local network(connected to a router), there might be problems to set up VPN. Because some router does not support the protocol GRE which pptpd is using. I would suggest you change the host file in iPhone 4. Just like Jeff did, change the ip to your router ip, then forward port 443 to your computer. This will also let your iPhone 4 to connect to siriproxy. I haven't tried host file in iPhone 4s. But I guess it's the same idea. If your router supports the protocol, you can set it up and use insomnia to keep your phone connect to VPN even in lock. Let me know if u have any problems

      Reply
  2. nickrechard Post author

    Check the manual. Or do a google search with the router name. Or go in to the admin page of your router, in the firewall options it usually let you choose to enable VPN(pptpd, IPSec etc) if there isn't this option, then it might be a bad news. One thing to notice is, if the router allow VPN passthrough, it means you can connect to a VPN server outside, but you can't setup pptpd inside your local network. If you really want to de the VPN, you can try the IPSec VPN, which does not use the GRE protocol, only use two regular ports. But it is a lot more complicated to set up than pptpd.

    Reply
  3. lorandd

    Thanks for the post. I followed the instructions and VPN works, but nslookup guzzoni.apple.com doesn't give back the local ip.

    Do you know what might be the issue ? Thanks.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>