Change outgoing TTL


#1

Hi all,

Cool little router. Having a couple issues though that I hope someone could help with.

I have been messing with the firewall rules to change the outgoing TTL to 65, but I can’t seem to get it to work. Looking at the packages installed, everything is there for mangle and Postrouting… So I am a bit lost… I have tried:

iptables -t mangle -A POSTROUTING -j TTL --ttl-set 65

and

iptables -t mangle -I POSTROUTING -o get_wanface -j TTL --ttl-set 65

but no luck.

Edit: figured out the ssh issue

 


#2

Hooray. I figured it out. Gues posting was just the little nudge I needed to figure it out. For anyone else searching:

 

iptables -t mangle -I POSTROUTING 1 -j TTL --ttl-set 65


#3

thanks for sharing


#4

Thanks for this, you just opened up a whole new world for me. :grinning::+1:t3:


#5

Hi.
Would you kindly explain what you are trying to achieve / why you want to change the TTL?

Presumably this command goes in Network>Firewall>Custom Rules?

TIA,
Glitch


#6

Yes it goes in custom rules.

Certain wireless (cellular) providers filter or determine traffic based on TTL. Others also add in browser user agent filters as well.

By changing the TTL you can make traffic appear to originate from the phone instead of via tether. The implication being full speed and priority tethering without a “plan” that you can share with the house.


#7

Thanks for sharing.
What does the “1” do after POSTROUTING?

The original fix for tethering given in these forums was:

iptables -t mangle -I POSTROUTING -o 3g-modem -j TTL –ttl-set 64

so interesting comparing that to your solution.

Glitch


#8

There are a few issues with that line. First it sets the interface, that is fine but not really necessary also it sets the interface as the modem which is slightly different than tethering. Second, setting ttl of 64 will result in a ttl of 63 leaving the tethered phone. This will result in a throttle since 64 is the usual leaving the phone.

As far as the “1” in my line, it sets the order of precidence. It isn’t required but it is good housekeeping and could avoid issues depending on other rules established.

But feel free to do what you would like.


#9

Thanks for clarification.
Yes, I think I understand it now - the fix I gave appears to set the TTL to 64 for data leaving through the 3G modem (connected to the router), whereas your fix sets the TTL to 65 for data leaving the router > phone hotspot. Thus, data leaving the phone will have a TTL of 64.

The only other thing I notice is two hyphens (instead of one) before the ttl-set 65. Is this intentional?