Beryl AX USB iPhone tethering.. mangling TTL doesn't avoid hotspot data?

pcmike · March 24, 2025, 12:19pm

Just looking for a confirmation from someone more knowledgeable than I... can someone confirm that tethering an iPhone (16 Pro, doubt that matters) via USB to a Beryl AX and mangling the TTL/HL to 65 does NOT avoid the data being counted as "hotspot data" on T-Mobile? It doesn't appear to matter in my testing. Is this because the iPhone is using a hardcoded APN when "personal hotspot" is enabled? Or is there something else in play here?

For reference sake here are the rules I'm using to mangle TTL/HL and I can confirm that packets are hitting the v4 rules at least..

iptables -t mangle -I POSTROUTING 1 -o eth2 -j TTL --ttl-set 65
ip6tables -t mangle -I POSTROUTING 1 -o eth2 -j HL --hl-set 65

Chain POSTROUTING (policy ACCEPT 10738 packets, 6604K bytes)
pkts bytes target prot opt in out source destination
58663 6309K TTL all -- * eth2 0.0.0.0/0 0.0.0.0/0 TTL set to 65

bruce · March 25, 2025, 11:30am

The latest firmware of MT3000 can set TTL in GL GUI tethering.
Please try to set it directly in the GUI.

doczenith1 · March 25, 2025, 11:59am

It's been my experience that some cellular carriers are now able to detect hotspot (tethering) data even when the TTL/HL has been mangled. I have however found that combining the mangle with a VPN does allow the hotspot/tether to go undetected when using Visible's network. I have not confirmed on T-Mobile.

pcmike · March 25, 2025, 9:38pm

Ya it doesn't have any effect when USB tethering an iPhone 16 Pro; at least not in terms of bypassing the data being counted as "hotspot" data.

bruce · April 2, 2025, 11:21am

This may require capture the packets to check the reason why tethering can be detected.

In other words, some operators have restriction from the SIM subscription package and do not allow data sharing at all.

dwyeraidan · May 19, 2025, 2:38am

Hi @Bruce, if I want my operator to see TTL 64, do I put 64 in this new gui, or 65?

I've been using iptables rule with 65. But want to make sure which for the GUI.

sfx2000 · May 21, 2025, 12:20am

More like they're closing that loophole - they've known about this for a while, that's not a surprise..

bruce · May 22, 2025, 8:07am

GUI also should be 65 for TTL

bpwl1 · May 24, 2025, 10:29pm

GL.inet router has quite some hiding features , setting TTL is just one of them, "camouflage" is another that will set the upper part of the MAC address, it will also set the DHCP client name, clone MAC will set that DHCP client name to "*" however.
Both devices may each request a DHCP address lease for the same MAC address. Use VPN to avoid packet inspection. Etc etc, detection and hiding is a cat and mouse game .
https://android.stackexchange.com/questions/47819/how-can-phone-companies-detect-tethering-incl-wifi-hotspot

system · November 20, 2025, 10:30pm

This topic was automatically closed 180 days after the last reply. New replies are no longer allowed.