PSA to GL.iNet regarding Cruise ships

For GL.iNet… I’m sure you guys see the huge issue of Cruise Ships (esp. MSC) figuring out how to block Travel Routers.

At least over the last few months there are tons of post online regarding this major issue.

People have tried everything in terms of a networking solution and it doesn’t work.

I think the manufacturers have to figure this out.
Since one of the major use case for these products is the ability to use them at hotel and cruise ships to avoid this exact issue, it is in their best interest.

Please guys, I love the products… But if they don’t work… No reason to recommend or use anymore.

1 Like

Look at my post please :slight_smile:

I appreciate it… Yeah I made sure I was using my Phone MAC… not private/randomization

1 Like

To be honest, I highly doubt that they “find out” how to block devices like Travel routers. It’s nearly impossible (at least very difficult) to detect NATting devices.

One big issue is that testing this requires at least a holiday on a cruise ship. :smiley:
I could imagine that they detect TTL changes and setting a correct TTL might solve the mystery already. But it’s hard to say from my side, sitting in front of a PC 1000km away from any cruise ship.

Nah, people tried only the stuff you can reach by pressing a button. Nothing of this was like everything in terms of networking

2 Likes

I will disagree with this one a little. User-agent in browsers often give away client information. For instance, if you clone an iPhone MAC address, and they see a UA string showing a Windows machine running Firefox, that could be an indicator of misuse. And all it takes is injecting an http tracker or even perhaps a cookie, that notifies them of the UA.

There are ways around that, but most folks are not going to do that. This is where using a VPN behind the router may help out so that the internet provider does not get a clear look at the UA passing through it.

If the operators do something like this, it’s best to forget about the WLAN. It’s almost like an integrated Trojan. The only thing missing is that you have to accept a CA certificate so that they can read all the traffic.

It isn’t all that nefarious, though. Most websites do this nowadays, they use pixel tracking or some other method to try to track you. Not saying it is desirable, but it is happening almost everywhere you browse. Cruise lines stand to lose a lot of money if folks are using travel routers, and to that end, I expect they will do whatever they can to try to prevent their use.

Poor cruise line companies. We should start a fundraising campaign :money_mouth_face:

2 Likes

After some testing (via virtual machine with DPI) this should help:

  1. Change your User Agent to your actual user agent of your phone.
  • Use this website to check your user agent
  • Use this addon (with custom mode) to change User Agent
  1. It is better hide your referer via this addon
  2. Change TTL to 64.
  • Login via SSH and run nano /etc/config/firewall
  • Add this:
config rule
        option name 'Set TTL to 64'
        option src 'wan'
        option proto 'ip'
        option target 'ACCEPT'
        option ttl '64'

Important information:

  • Save copy of configuration before editing it
  • It is tested using DPI on virtual machine. I cannot guarantee that this will work in your case.

If not worked:

  • Try to use VPN directly on router
  • Try ProtonVPN on phone connected to router with “Stealth” mode or “WebTunnel” bridge in Tor
  • Your phone must be disconnected from main WiFi before connecting it to router

P.S: No, I can’t share DPI config. Personal reasons, sorry.

2 Likes

True… Agree with that point