hello!
I would like to ask if there is a cheaper way to track data traffic of a smarthphone. while search i came across those 2 articles:
both were using a raspberry pi for tracking data traffic. i would like to track it for both of my devices and compare.
I’m if I created this thread in the wrong place.
Thanks in advance.
You can probably see what traffic goes over your wifi router. Most router software allows to create a detailed log file on the router, including all accessed servers. This can be controlled and accessed by the web front end of the router.
thank you. i will try it
If your main interest is a list of domains that your phones are talking to you might also try a free app such as “blokada” (I use version 5, apk downloaded directly from their website but I just ckecked and you might get it from Fdroid as well). It controls the vpn tunnel of the phone and allows traffic based on blocklists that rule out ads and trackers and else (depending on the lists chosen)
When you activate the app but deactivate the internal blocking lists you should get a simple log (simple list) of whom your phone is talking to / of your phones data traffic.
If you have blocking lists activated you still see all domains that your phone tries to contact directly … only that some of them are (marked as) blocked.
Maybe other apps that work similar (DNS-controlled blocking via the vpn tunnel of the smartphone) have more advanced logging options … (I had quick testruns with “rethinkDNS” and “personalDNS” few months ago but didn’t get into details like logging because blokada (5) works best for me. Only if I experience functional issues for apps/websites I check the log to decide whether I want to black- or whitelist specific domains. pretty much like an onboard-piHole…)
(edit: typos + description)
Thank you so much. Yeah u are right. I’m looking for a way to track to whom my phone is talking. For my thesis i want to check the data traffic of /e/OS and my standard android and compare those to see if eOS delivers on the promises they made.
If you use blokada (or similar apps) for that task You only need to make sure that also (or maybe only?) the system-apps are routed through / controlled by the app.
I don’t know if that scenario is set by default…
Checked rethinkDNS right now, this has a detailed log out of the box, including the names of the apps which caused the requests. I used NetGuard until now, this is very similar but proper logging is not that easy.
agreed, I guess it depends much on the purpose “the log” was originally designed for.
I just gave it a quick try out of curiosity: the the log (list) that “personalDNSfilter” provides can be copied (and thus be “exported” into txt) by “select all” and “copy”.
maybe that´s a good enough approach as long as it is only about comparing the logs of two different devices…
“PCAPdroid” might be an even better solution for @Know_Name ´s purpose, just stumbled over it in Fdroid … it uses the vpn tunnel to simply monitor and log all traffic, export possible as csv…
(would have been very strange anyway if no app would already exist for that specific purpose …
)
BTW: I see entries in this log I can’t explain:
I know 9.9.9.9 is a DNS server. But why does Android request it several times a day even if I don’t do anything? BTW: I choose to take the default DNS server from the network provider, which is probably not 9.9.9.9.
And what is “/e/ Speicher” (/e/ memory) - why does it again and again request a server in Finland?
eDrive talks to ecloud.global / murena.io, stuff is hosted at hetzner which has a finland dc. The Quad9 dns could be hardcoded somewhere, not at a keyboard to do a recursive search
Yeah, but eDrive is dead on my device, it’s completely switched off, I don’t synchronize anything. OK, I have still an account on my device.
This 9.9.9.9 thing remains mysterious.
Would be interesting what happens when I block these requests. I will have an eye on this.
I can revoke my question about 9.9.9.9 (my fault, 
, and blocking the DNS requests is not a good idea …)
I blocked now these eDrive (?) requests to the Finish server. This seems to have no negative effects on a device where synchronization is completely off.
I can recommend everyone to have a look at such a detailed log. Also really unsuspicious apps do unexpected requests. The app “Traffic Monitor & 5G Speedtest” for instance is listed in Aurora as having no trackers until today but requests Google servers in different countries from time to time in background.
Would that be “Traffic Monitor & 4G/5G Speed” app by Treconite? If so, yes, Aurora says it does not have trackers but on the one-line listing it says “Requires GSF”. That there implies it will be doing some kind of contact with Google in some way. In what way I don’t know.
App Manager shows it has four internal trackers (starting with com.vodafone.netperform.runtime...) and probably necessary but will check with them blocked first.
LOL, I guess they are necessary. App crashes with those blocked. Hence why they’re not listed. Like to double check anyway.
InviZible Pro shows Traffic Monitor consulting a bunch of IPs linked to firebaseinstallations.googleapis.com. I guess that explains the Google stuff. Maybe.
Not to mention, if you have Cloud Messaging on in microG the app will prompt for push notifications.
That’s probably because it relies on Google’s Cloud messaging (or MicroG’s) for push notifications
Think so, yes.
Not a big thing. Installed Glasswire now which seems to be clean. I only want a widget with a number of MB on it and an alarm (because of limited data plan …)
This topic was automatically closed after 30 days. New replies are no longer allowed.
