Permissions | Description |
android.permission.ACCESS_NETWORK_STATE | Obtain network status information (such as current network type, connection status, and so on) |
android.permission.READ_PHONE_STATE | Read phone status information (such as device identifier, carrier information, and so on) |
android.permission.INTERNET | Access the internet (perform network probe requests) |
android.permission.CHANGE_NETWORK_STATE | Change network connection status |
android.permission.WRITE_SETTINGS | Write system settings |
Permissions | Description |
android.permission.ACCESS_WIFI_STATE | Obtain Wi-Fi network status information. |
Permissions | Description |
android.permission.ACCESS_NETWORK_STATE | Obtain network status information (duplicate with the detection plugin). |
No | Permissions | Permission Type | Description | Special Requirements |
1 | INTERNET | Normal permission | Core permission used to perform network detection (Ping, Traceroute, and so on) and report data. | None |
2 | ACCESS_NETWORK_STATE | Normal permission | Obtain current network connection status and type. | None |
3 | ACCESS_WIFI_STATE | Normal permission | Obtain Wi-Fi connection information. | None |
4 | READ_PHONE_STATE | Dangerous permission | Read device and carrier information. | Requires runtime dynamic permission request on Android 6.0+. |
5 | CHANGE_NETWORK_STATE | Normal permission | Change network connection status. | None |
6 | WRITE_SETTINGS | Dangerous permission | Write system settings. | Requires guiding users to the system settings page for manual authorization on Android 6.0+. |
<manifest xmlns:android="http://schemas.android.com/apk/res/android"><!-- Core Network Permissions --><uses-permission android:name="android.permission.INTERNET" /><uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" /><uses-permission android:name="android.permission.ACCESS_WIFI_STATE" /><!-- Device Information Reading (Dangerous Permission, Requires Runtime Request) --><uses-permission android:name="android.permission.READ_PHONE_STATE" /><!-- Network State Change --><uses-permission android:name="android.permission.CHANGE_NETWORK_STATE" /><!-- System Settings Write (Dangerous Permission, Requires Guiding Users to Manually Grant) --><uses-permission android:name="android.permission.WRITE_SETTINGS" /></manifest>
Key | Source | Required or Not | Description |
NSAppTransportSecurity | Info.plist | Conditional | Configure only when there is an HTTP plaintext or non-standard TLS target; configuration can be omitted for pure HTTPS. |
<key>NSAppTransportSecurity</key><dict><!-- Globally enabling is not recommended. It is advised to configure on a per-domain granular basis. --><key>NSAllowsArbitraryLoads</key><false/><key>NSExceptionDomains</key><dict><key>example.com</key><dict><key>NSIncludesSubdomains</key><true/><key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key><true/><key>NSTemporaryExceptionMinimumTLSVersion</key><string>TLSv1.0</string></dict></dict></dict>
Key | Source | Required or Not | Description |
NSLocalNetworkUsageDescription | Info.plist | Required | Purpose description for local network access on iOS 14+, triggering a system dialog. |
NSBonjourServices | Info.plist | Required only for Bonjour discovery. | Declare the Bonjour service types to be used. |
NSAppTransportSecurity | Info.plist | Conditional | If HTTP or weak TLS is used, an ATS exception is still required. |
<key>NSLocalNetworkUsageDescription</key><string>Used for discovering and probing the network connectivity and latency of LAN devices.</string><!-- Required only for Bonjour scenarios --><key>NSBonjourServices</key><array><string>_http._tcp</string><string>_https._tcp</string><!-- Supplement according to the actual protocol --></array>
<key>NSLocationWhenInUseUsageDescription</key><string>Used to obtain current network environment information to assist network probing.</string>
Module | Source File | Key/Capability | Required | Triggers Pop-up | Purpose Description |
Network detection plugin | Info.plist | NSLocalNetworkUsageDescription | Yes (Local Network) | Yes | Local network detection |
Network detection plugin | Info.plist | NSBonjourServices | No (Bonjour) | No | Local network service discovery |
Network detection plugin | Info.plist | NSAppTransportSecurity | Conditional | No | HTTP/weak TLS compatibility |
Application layer | Info.plist | NSLocationWhenInUseUsageDescription | No | Yes | Assist in reading Wi-Fi information |
CLS SDK | No additional declarations | Default Networking Capability | Yes | No | Log reporting/connectivity request |
Probe Module | Permission Requirements | Socket Type | Description |
Ping(ICMP) | Administrator permission required. | SOCK_RAW | Creating a RAW Socket requires administrator permission. |
TCPPing | Normal user permission sufficient. | SOCK_STREAM | Standard TCP connection. |
HTTP detection | Normal user permission sufficient. | Standard HTTP connection | No special permission required. |
DNS detection | Normal user permission sufficient. | Standard UDP connection | No special permission required. |
MTR(ICMP) | Administrator permission required. | SOCK_RAW | Creating a RAW Socket requires administrator permission. |
MTR(TCP/UDP) | Administrator permission required. | SOCK_RAW + SIO_RCVALL | Requires RAW IP Socket and SIO_RCVALL permissions. |
Function | Permission Requirements | Description |
Create RAW Socket. | Administrator permission | socket(AF_INET, SOCK_RAW, IPPROTO_ICMP) |
Create RAW IP Socket. | Administrator permission | socket(AF_INET, SOCK_RAW, IPPROTO_IP) |
Enable SIO_RCVALL. | Administrator permission | To receive all IP packets (including ICMP Time Exceeded) |
Scenario | Error Code | Description |
Ping RAW Socket creation failure. | PERMISSION_DENIED = -4 | Returns a permission denied error code. |
MTR SIO_RCVALL enable failure. | error=10013(WSAEACCES) | The log shows: [mtr] FAILED: SIO_RCVALL failed, error=10013. |
Must-Knows | Description |
Firewall Settings | Some firewalls (especially third-party ones) may block RAW Sockets. Even with administrator permission, you need to manually configure an allow rule. |
SQLite Storage | Ensure that the directory where the database file resides has write permissions. Note the UAC permission issue on Windows. |
DLL Deployment | Ensure that cls_network_detect.dll, cls_log_sdk.dll, and sqlite3.dll are located in a searchable path and that the program architecture is consistent (it is recommended to unify to x64). |
Alternative | Description |
Use TCPPing to replace Ping. | TCPPing uses a standard SOCK_STREAM connection and does not require administrator privileges. |
Use HTTP detection. | Standard HTTP connection, which can be executed by a regular user. |
Use DNS detection. | UDP standard connection, which can be executed by a regular user. |
Abandon MTR route tracing. | The MTR feature heavily relies on RAW Socket and cannot run under regular permissions. |
Detection Feature | Android | iOS | Windows |
Ping(ICMP) | INTERNET | Default Networking Capability | Administrator permission required |
TCPPing | INTERNET | Default Networking Capability | Normal user permission sufficient |
HTTP detection | INTERNET | ATS Configuration (As Needed) | Normal user permission sufficient |
DNS detection | INTERNET | Default Networking Capability | Normal user permission sufficient |
MTR route tracing | INTERNET | Default Networking Capability | Administrator permission required |
Local network detection | ACCESS_NETWORK_STATE | NSLocalNetworkUsageDescription | Normal user permission sufficient (firewall must allow) |
Network status obtaining | ACCESS_NETWORK_STATE / ACCESS_WIFI_STATE | No additional permissions required | No additional permissions required |
Data reporting (CLS) | INTERNET / ACCESS_NETWORK_STATE | Default Networking Capability | Normal user permission sufficient |
Esta página foi útil?
Você também pode entrar em contato com a Equipe de vendas ou Enviar um tíquete em caso de ajuda.
comentários