Change outgoing TTL

Ontheroad · December 15, 2019, 3:06pm

Inserting the line in the rules allowed my Verizon iphone8 to go from 600kbps to 8mbps. However, untethered I get 30 to 70 mbps. I tried using a Visible ZTE R2 and it didn’t work.

swordfish-ii · December 15, 2019, 3:39pm

Verizon uses deep packet inspection and looks at more than just TTL so that may be all the speed you can get. Still very usable.

Some things you can try:
-change your browser user agent on the client side (the computer you are using) to an iphone user agent. It makes your browser look like a different browser.

-Utilize a vpn. The encrypted tunnel should bypass the deep packet inspection.

Johnex · December 15, 2019, 3:40pm

You can also try the following programs that try to bypass DPI:

Ontheroad · December 15, 2019, 7:46pm

swardfish-ii, where do I turn on the VPN - the iphone, the router or the PC? I’m using PIA. Are there any other settings I need to be aware of?

rp201rp · December 16, 2019, 12:10pm

since most hotspots are 192.168.43.1

can someone help us out with a little function that goes phonenetically to autosense if connected to a tethering hotspot.

Hotspot_trick(
if wlan-sta = 192.168.43.
iptables -t mangle -I POSTROUTING 1 -j TTL --ttl-set 65
else
)

Hotspot_trick

rp201rp · December 17, 2019, 7:14am

this checks to see if you have a default gateway of 192.168.43.1
if so that mangling occurs. lemme know if this isn’t the best way by using the default gw. just place in /etc/firewall.user at the very bottom
thanks

checkif_hotspot43(){
#get default gateway ip
dhot=$(/sbin/ip route | awk ‘/default/ { print $3 }’)
# check if it is equal to
if [[ “$dhot” = “192.168.43.1” ]]
then
# profit
iptables -t mangle -I POSTROUTING 1 -j TTL --ttl-set 65
fi
}
#comment the below line to disable
checkif_hotspot43

liangorange · January 15, 2020, 4:49pm

I also have V20 (H918), but I can’t find any kernel supports POSTROUTING ttl change. Can you share what ROM or kernel you’re using to make it work? I’m currently on Lineage OS (Unofficial) 16.0

swordfish-ii · January 16, 2020, 9:35pm

The AOSP kernel and the kali nethunter kernel both support mangle and iptables. I cobbled together a rom with the nethunter kernel (you don’t need the rest of the stuff in the full install) and some stuff to keep the secondscreen working.

I simply run a script then turn on my phone hotspot for an all in one solution.

There is one error I discovered that I didn’t bother to fix, after turning off the hotspot mangle breaks VOIP (aka phone calls come in but when answered I can’t hear them and they can’t hear me.) It requires a full on/off to get calls back to normal, not just a restart.

It wasn’t worth it for me to investigate further.

bman0518 · January 25, 2020, 11:00pm

Which would you recommend?

bman0518 · January 25, 2020, 11:15pm

First off, you are the man!! A great community contributor.
Looking for a bit of help.
I used the firewall settings on a MT300N,
When I ping 8.8.8.8 I get a TTL =65
But my speeds are still throttled.
I am using Visible (over VZN) on their moto e6 phone, native hotspot. Latency around 100ms.
Computer >wifi> Wifi extender >cable> Load Balancing router >cable> MT300N >wifi> Moto e6 phone. (I have been testing on isolated 300N and using full network)
The phone gets 15 - 30 Mbps depending on the day, Im limited to around 5Mbps.
Tried over VPN (CyberVPN), no prize.
Should I look into rooting the phone? I dont believe they will let other devices on their network, I checked unlocked vzn phones and factory unlocked phones. Always get told its not compatible, I pretty sure they lock down access to the bank of IMEI they control.
I am also thinking of changing my Mofi router IMEI to my phones so that maybe I could mask my identity and jump on with it, because it has better networking power, signal, less latency.

Welcome for all feedback, also looking into trying the packet inspection tools posted earlier.
Thanks

rp201rp · January 26, 2020, 6:08am

from where? the router, the phone, a client off the router?
is it from tethering or are you creating a wifi hotspot?
what plan do you have with big red?

bman0518 · January 26, 2020, 5:39pm

This is what i get from both connecting to 300M and to my main wifi.
For some reason all the packet traffic returns with this ttl on all hops when testing.

mtb · June 17, 2020, 1:13am

Hi Swordfish,

I have a Slate GL-AR750S.

I discovered this Topic by chance when searching for information regarding Tethering Quotas and how to prevent Service Providers from monitoring your usage of what is supposed to be an “Unlimited” plan but the amount that can be used for Tethering is restricted.

I have a UMIDIGI Z2 Special Edition (Android 8.1.0) which I imported from China. Hence, my phone does not have any software installed by my Cell Phone Service Provider.

I use Linux on my Laptop. So, with regards to installing software on it and an application on my phone, it appears that EasyTether is the best option if I follow that route for a solution.

However, I would like to try the free approach first both for financial reasons and for learning more about this aspect of computing.

I am a “babe in the woods” when it comes to Cell Phone software and I am not sufficiently experienced with Networking technology in order to make well educated decisions regarding the configuration of Network hardware and software.

According to the APN data on my phone, I have 4 APNs which, based on their names, are associated with the SIM Chip of my Cell Phone Service Provider.

The first one listed has XCAP as the second part of its name and has an APN type of “xcap” and the Radio Button for it is not set on.
None of the following options are “set”.

    Proxy
    Port
    Username
    Password
    Server
    MMSC
    MMS Proxy
    MMS Port
    Authentication type
    Bearer - unspecified
    MVNO type - None
    MVNO value

The rest of the options are as follows.
    MCC - 716
    MNC - 10
    APN protocol - IPv4/IPv6 - can be changed to IPv4 or IPv6
    APN roaming protocol - IPv4/IPv6 - can be changed to IPv4 or IPv6
    APN enable/disable - APN enabled - can NOT be changed

The second one listed has Datos (= Data) as the second part of its name and has an APN type of “default,supl” and the Radio Button for it is set on.
None of the following options are “set”.

    Proxy
    Port
    Username
    Password
    Server
    MMSC
    MMS Proxy
    MMS Port
    Bearer - unspecified
    MVNO type - None
    MVNO value

The rest of the options are as follows.
    MCC - 716
    MNC - 10
    Authentication type - PAP
    APN protocol - IPv4 - can be changed to IPv6 or IPv4/IPv6
    APN roaming protocol - IPv4 - can be changed to IPv6 or IPv4/IPv6
    APN enable/disable - APN enabled - can NOT be changed

The third one listed has IMS as the second part of its name and has an APN type of “ims”. The is NO Radio Button for it.
None of the following options are “set”.

    Proxy
    Port
    Username
    Password
    Server
    MMSC
    MMS Proxy
    MMS Port
    Authentication type
    Bearer - unspecified
    MVNO type - None
    MVNO value

The rest of the options are as follows.
    MCC - 716
    MNC - 10
    APN protocol - IPv4/IPv6 - can be changed to IPv4 or IPv6
    APN roaming protocol - IPv4/IPv6 - can be changed to IPv4 or IPv6
    APN enable/disable - APN enabled - can NOT be changed

The fourth one listed has MMS as the second part of its name and has an APN type of “mms”. The is NO Radio Button for it.
None of the following options are “set”.

    Proxy
    Port
    Server
    Authentication type
    Bearer - unspecified
    MVNO type - None
    MVNO value

The rest of the options are as follows.Port
    Username - Has the Name of the Service Provider
    Password - Is the same as the Name of the Service Provider
    MMSC - http://Name of the Service Provider/servlets/mms
    MMS Proxy - 192.168.231.30
    MMS Port - 80
    MCC - 716
    MNC - 10
    APN protocol - IPv4 - can be changed to IPv6 or IPv4/IPv6
    APN roaming protocol - IPv4 - can be changed to IPv6 or IPv4/IPv6
    APN enable/disable - APN enabled - can NOT be changed

Are you able to say which of those APNs would be the one used for monitoring the use of Tethering? What changes for my case secario, if deemed necessary, can be made to prevent any monitoring?

I read elsewhere on the Internet that setting the APN protocol to IPv4 is one configuration option that can help. Did you need to do that for any of your APNs?

Thanks!!, MTB.

swordfish-ii · June 17, 2020, 1:51am

MTB,

A lot of this depends on who your service provider is and what methods they use for detecting tethering. My solution was for a very specific provider. I have heard other providers have additional protections but can be circumvented by a dns change and/or VPN but again I haven’t had to dive into that so I don’t really know.

That said I would recommend setting your APN to IPv4 it would likely be the data APN (also why??? they could do it all in one APN). You can also just set all of them to IPv4, it wont hurt anything.

For testing:

Connecting to your linux computer via usb, using usb tethering, change your computer networking to usb and in terminal type

sudo sysctl net.ipv4.ip_default_ttl=65

You may have to use the mangle version of the command depending on the version/type of linux you are running.

IF that provides full speed then great! You can buy one of these fantastic little routers or not since this will work on that specific computer until rebooted (issue the same command again). This will only (potentially) provide full speed to that computer.

I use the gli router to change outgoing ttl on all my devices since there are streaming devices etc that I don’t want to, or cant change the ttl locally, (also who wants to issue commands on every device each time it is restarted?) on so the router does it for me on all outgoing packets.

mtb · June 17, 2020, 2:29am

I’m using Devuan Ascii soon to be upgraded to Devuan Beowulf & I also have MX Linux installed both of which are based on Debian.

How do I determine if the mangle version is required?

I have the Slate GL-AR750S. I assume from your earlier postings that the mangle version IS required for the router. Correct?

I agree that it’s more useful to configure the router than each of my Linux distros. It can also then be easily used with the phone with other computers too.

Thanks, MTB.

swordfish-ii · June 17, 2020, 2:45am

If you already have the router might as well just try with that.

Change apn to ipv4 on the phone, connect to the router, put the line further up in the thread in the firewall rules, usb tether the phone to the router and give it a whirl.

mtb · June 17, 2020, 3:05am

The Custom Rules already has the following code in it. Are you suggesting I place it before the force_dns function, immediately after the function or elsewhere?

force_dns() {
	# lanip=$(ifconfig br-lan |sed -n 's/.*dr:\(.*\) Bc.*/\1/p')
	lanip=$(uci get network.lan.ipaddr)
	[ "$1" = "add" ] && {
		ip=$(uci get glconfig.general.ipaddr)
		[ -z "$ip" ] && ip=$(uci get network.lan.ipaddr)
		iptables -t nat -D PREROUTING -s 0/0 -p udp --dport 53 -j DNAT --to $ip
		iptables -t nat -D PREROUTING -s 0/0 -p tcp --dport 53 -j DNAT --to $ip
		
		uci set glconfig.general.ipaddr=$lanip
		uci commit glconfig
		iptables -t nat -C PREROUTING -s 0/0 -p udp --dport 53 -j DNAT --to $lanip
		[ ! "$?" = "0" ] && iptables -t nat -I PREROUTING -s 0/0 -p udp --dport 53 -j DNAT --to $lanip
 		iptables -t nat -C PREROUTING -s 0/0 -p tcp --dport 53 -j DNAT --to $lanip
 		[ ! "$?" = "0" ] && iptables -t nat -I PREROUTING -s 0/0 -p tcp --dport 53 -j DNAT --to $lanip

 		
	}
	[ "$1" = "remove" ] && {
		lanip=$(uci get glconfig.general.ipaddr)
		[ -z "$lanip" ] && lanip=$(uci get network.lan.ipaddr)
		iptables -t nat -C PREROUTING -s 0/0 -p udp --dport 53 -j DNAT --to $lanip
		[ "$?" = "0" ] && iptables -t nat -D PREROUTING -s 0/0 -p udp --dport 53 -j DNAT --to $lanip
 		iptables -t nat -C PREROUTING -s 0/0 -p tcp --dport 53 -j DNAT --to $lanip
 		[ "$?" = "0" ] && iptables -t nat -D PREROUTING -s 0/0 -p tcp --dport 53 -j DNAT --to $lanip
	}
}

force=$(uci get glconfig.general.force_dns)
if [ -n "$force" ]; then
    force_dns add
else
    force_dns remove
fi
gl-firewall

# PPTP Passthrough
iptables -t raw -D OUTPUT -p tcp -m tcp --dport 1723 -j CT --helper pptp
iptables -t raw -A OUTPUT -p tcp -m tcp --dport 1723 -j CT --helper pptp

swordfish-ii · June 17, 2020, 3:21am

Those lines are for tcp/udp routing ports and dns. Iptables has a lot of tools.

Put it at the very top or very bottom. Shouldn’t matter as I put a priority in my line.

swordfish-ii · December 5, 2020, 4:24am

Lol hak5 all of a sudden posted a “hack” to do this exact thing. On this exact branded router. Using my exact line. Also interesting that the third post is from “glitch” asking what it does and the hak5 guy is “glytch”

How do I know? The 1 after postrouting isn’t strictly necessary and can be omitted if you aren’t using other iptable functions. Most people wouldnt use it at all. I do for good housekeeping since I do use iptables for other functions while testing various things.

No problem with him bringing it up, but he literally claims it as his idea. Lol I posted this almost 4 years ago. What a tool.

Johnex · December 5, 2020, 4:15pm

It’s not the same guy. The glitch here was from UK, and not a very smart guy.

The guy in the video can’t even say TTL, Time To Live properly. He says live like “hey im live on the internet” not live as it is supposed to be said in this case, how long the packets will be alive.

He should watch this video

He also doesn’t know how to install nano. He is basically a script kiddie. Copy pasting things from the web