So now in 2025 is there any way left to avoid using my cellular plan’s hotspot data on any of these routers? Or basically all options are gone now.
Hi
I believe you’re using tethering rather than a cellular router?
Essentially yes—Android and iOS create separate APN Context for tethering/hotspot, which are counted toward hotspot data usage.
Even with a cellular router, it can still be difficult to bypass certain carriers’ strict policies.
Some carriers also use DPI to detect whether traffic originates from multiple devices.
I’m using T-mobile with a phone sim. I have set IMEI to the Android phone that registered the account. So far, I’m not seeing data being logged as Hotspot, even though I didn’t set TTL and HL on the GL-iNet router. I haven’t seen throttling but that may be because I haven’t hit the 50 GB threshold this month. I don’t use the builtin TTL and HL settings because they apply to all IP traffic which others point out interferes with tracerouting. Instead I’m using the following four rules added to Luci’s Custom Firewall Rules.
iptables -t mangle -I POSTROUTING -o eth0 -p tcp -j TTL --ttl-set 65
iptables -t mangle -I POSTROUTING -o eth0 -p udp -j TTL --ttl-set 65
ip6tables -t mangle -I POSTROUTING -o eth0 -p tcp -j HL --hl-set 65
ip6tables -t mangle -I POSTROUTING -o eth0 -p udp -j HL --hl-set 65
Note that I’m specifying TCP and UDP traffic and avoiding ICMP used for traceroute.
Developers should take note and fix the problem in firewall.ethernet_ttl.
So I discovered that my first attempt shown above didn’t work as expected. Traceroute was still failing. Some research with the help of Grok and I found out that Traceroute on Linux uses TCP packets for the probes, not ICMP like other’s (Windoze). Anyway a different set of rules was required to achieve the goal.
# IPv4 – three lines only iptables -t mangle -A POSTROUTING -o rmnet_mhi0 -p icmp -j RETURN iptables -t mangle -A POSTROUTING -o rmnet_mhi0 -p udp -m ttl --ttl-lt 31 -j RETURN iptables -t mangle -A POSTROUTING -o rmnet_mhi0 -m ttl ! --ttl 65 -j TTL --ttl-set 65 # IPv6 – three lines only (most cellular is still IPv4-only, but safe to keep) ip6tables -t mangle -A POSTROUTING -o rmnet_mhi0 -p ipv6-icmp -j RETURN ip6tables -t mangle -A POSTROUTING -o rmnet_mhi0 -p udp -m hoplimit --hoplimit-lt 31 -j RETURN ip6tables -t mangle -A POSTROUTING -o rmnet_mhi0 -m hoplimit ! --hoplimit 65 -j HL --hl-set 65
The first rule of each set. IPv4 and IPv6, simply passes ICMP packets unmodified.
Traceroute defaults to a hop count of 30, so the second rule passes packets with TTL < 31 unmodified.
The third rule in each set modifies the remaining packets setting TTL to 65, unless it’s already 65. This keeps packets from getting stuck in a loop or being processed multiple times.
If 65 is not the value needed for your carrier, feel free to set it to whatever value works for you.
1 Like
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.