FORUMS

WiFi tethering with OpenVPN for Android

24 posts
Thanks Meter: 3
 
By deed02392, Junior Member on 15th November 2012, 10:53 AM
Post Reply Email Thread
Download a terminal client, e.g. ConnectBot and connect to your local shell.

Enter `su` to become root. (Double check with whoami afterwards).

Enable wifi tethering and ensure your data connection is working (connect to VPN)

Run `netcfg` and note your interface names (typically tun0 and wlan0 (ignore m.wlan0 or similar, only take the one with a real mac address), as is on my SGSII)

Double check the subnet for your wlan0 device and enter the following commands:

iptables -A POSTROUTING -s 192.168.43.0/24 -j MASQUERADE -t nat
(setup a postrouting entry for the tethered devices subnet, implementing NAT)
iptables -A FORWARD -j ACCEPT -i wlan0 -o tun0
forward packets from tethered devices across the tunnel
iptables -A FORWARD -j ACCEPT -i tun0 -o wlan0
forward packets from the tunnel to the tethered devices

Note, because you are using NAT, you will need to configure port forwards on your Android device to be able to run servers etc on tethered devices. Unlikely you'll need to worry about that though. Feedback if it worked or not. Posting this now from my home IP thanks to OpenVPN for Android and these iptable rules!
11th December 2012, 05:58 AM |#2  
Junior Member
Thanks Meter: 0
 
More
Quote:
Originally Posted by deed02392

Download a terminal client, e.g. ConnectBot and connect to your local shell.

Enter `su` to become root. (Double check with whoami afterwards).

Enable wifi tethering and ensure your data connection is working (connect to VPN)

Run `netcfg` and note your interface names (typically tun0 and wlan0 (ignore m.wlan0 or similar, only take the one with a real mac address), as is on my SGSII)

Double check the subnet for your wlan0 device and enter the following commands:

iptables -A POSTROUTING -s 192.168.43.0/24 -j MASQUERADE -t nat
(setup a postrouting entry for the tethered devices subnet, implementing NAT)
iptables -A FORWARD -j ACCEPT -i wlan0 -o tun0
forward packets from tethered devices across the tunnel
iptables -A FORWARD -j ACCEPT -i tun0 -o wlan0
forward packets from the tunnel to the tethered devices

Note, because you are using NAT, you will need to configure port forwards on your Android device to be able to run servers etc on tethered devices. Unlikely you'll need to worry about that though. Feedback if it worked or not. Posting this now from my home IP thanks to OpenVPN for Android and these iptable rules!

I'm complete newbie here, just want to ask, is this change permanent? Can I revert back to the default iptables? How to forward using usb tethering?
25th February 2013, 11:43 PM |#3  
Junior Member
Thanks Meter: 0
 
More
Unhappy quick response
Quote:
Originally Posted by deed02392

Download a terminal client, e.g. ConnectBot and connect to your local shell.

Enter `su` to become root. (Double check with whoami afterwards).

Enable wifi tethering and ensure your data connection is working (connect to VPN)

Run `netcfg` and note your interface names (typically tun0 and wlan0 (ignore m.wlan0 or similar, only take the one with a real mac address), as is on my SGSII)

Double check the subnet for your wlan0 device and enter the following commands:

iptables -A POSTROUTING -s 192.168.43.0/24 -j MASQUERADE -t nat
(setup a postrouting entry for the tethered devices subnet, implementing NAT)
iptables -A FORWARD -j ACCEPT -i wlan0 -o tun0
forward packets from tethered devices across the tunnel
iptables -A FORWARD -j ACCEPT -i tun0 -o wlan0
forward packets from the tunnel to the tethered devices

Note, because you are using NAT, you will need to configure port forwards on your Android device to be able to run servers etc on tethered devices. Unlikely you'll need to worry about that though. Feedback if it worked or not. Posting this now from my home IP thanks to OpenVPN for Android and these iptable rules!

Hi there...

I'm a total rookie, I just follow instructions carefully.

I've been searching for a solution to this problem on my s3mini
Rooted.

I used Terminal Emulator, still my wifi connected laptop didn't connect to the internet. My openvpn log showed something like routes adding and stuff

still didn't work


Then I used ConnectBot to retry the same exact steps, still nothing happened

On my phone, i think the subnet is 192.168.43.1/24. Do you think that could be a reason it did not work?
I've tried so many options so far for this issue.


I really hope you come back to this thread.
Attached Thumbnails
Click image for larger version

Name:	Screenshot_2013-02-26-00-14-10[1].jpg
Views:	17663
Size:	60.6 KB
ID:	1760936  
18th April 2016, 11:55 PM |#4  
GbizzleMcGrizzle's Avatar
Senior Member
Flag Brooklyn
Thanks Meter: 47
 
More
I've read dozens of these threads and pages on making this work and I can't do it I just can't figure it out, is there something different on 6.0 Marshmallow I know there's no netcfg I've been using ip link show

HELP
27th April 2016, 04:45 PM |#5  
Junior Member
Thanks Meter: 1
 
More
I tried this solution to hide my tether usage from ThreeUK. While it did work I was having some evil DNS issues. I could download at a few mb/s but then would take 180 seconds to load some basic pages etc.

However, thinking upon it I realised you don't even need to use a VPN client to hide the usage, just use the same method as OP posted but send all traffic via wlan0.

Worked perfectly all week for me, streamed a good 5gb of TV and if I need a VPN I can iniate the VPN on the end device.

---------- Post added at 03:45 PM ---------- Previous post was at 03:43 PM ----------

Works with USB Tethering too, and bluetooth

Obviously change IP/Adapter names etc.
21st September 2016, 05:30 PM |#6  
Senior Member
Thanks Meter: 30
 
More
Quote:
Originally Posted by Pantho86

However, thinking upon it I realised you don't even need to use a VPN client to hide the usage, just use the same method as OP posted but send all traffic via wlan0.

Apologies for resurrecting an old thread, but is this still working for you? Would it be possible for you to provide some instructions as it isn't clear what commands you've used.
21st September 2016, 05:41 PM |#7  
Junior Member
Thanks Meter: 1
 
More
Apologies but I cannot test it anymore as I'm not wanting to root my Nexus device, I enjoy using Android Pay & My Banking app too much.

Now if I'm remembering correctly I ran as :

Code:
iptables -t filter -F FORWARD
iptables -t nat -F POSTROUTING
iptables -t filter -I FORWARD -j ACCEPT
iptables -t nat -I POSTROUTING -j MASQUERADE
ip rule add from 192.168.43.0/24 lookup 61
ip route add default dev rmnet0 scope link table 61
ip route add 192.168.43.0/24 dev wlan0 scope link table 61
ip route add broadcast 255.255.255.255 dev wlan0 scope link table 61
The only issues I was having was when using dual-3g connections, there are 2 connections outgoing in those scenarios and sometimes Three will say "Tether limit hit", at that point just turn flight mode off/on to toggle the connection and rerun the routing.

Read the thread I linked and poke at it for a while, you should be able to get it working. This was the only way I managed to hide wifi tether usage. USB tethering for Windows & Unix is easy enough to hide with free apps, but for a chromebook or other such devices it's trickier and this is the only way.

(I had to remove the link, XDA blocked it... google wifi tether iptables and it's the thread on digiex)
The Following User Says Thank You to Pantho86 For This Useful Post: [ View ] Gift Pantho86 Ad-Free
21st September 2016, 05:51 PM |#8  
Senior Member
Thanks Meter: 30
 
More
OK that's great, thanks.
22nd February 2017, 08:24 PM |#9  
Member
Thanks Meter: 11
 
More
Quote:
Originally Posted by Pantho86

I tried this solution to hide my tether usage from ThreeUK. While it did work I was having some evil DNS issues. I could download at a few mb/s but then would take 180 seconds to load some basic pages etc.

However, thinking upon it I realised you don't even need to use a VPN client to hide the usage, just use the same method as OP posted but send all traffic via wlan0.

Worked perfectly all week for me, streamed a good 5gb of TV and if I need a VPN I can iniate the VPN on the end device.

---------- Post added at 03:45 PM ---------- Previous post was at 03:43 PM ----------

Works with USB Tethering too, and bluetooth

Obviously change IP/Adapter names etc.

Hey... I was just wondering how you modified the original commands to get tethering to work undetected without VPN. I've been trying to figure this out for weeks!
Post Reply Subscribe to Thread

Tags
howto, tethering, vpn, wifi

Guest Quick Reply (no urls or BBcode)
Message:
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes