[MOD][MAGISK][ANDROID 11] Iptables TTL/Unthrottled Hotspot

Search This thread

elesbb

Senior Member
Jun 20, 2010
7,864
5,311
Would these work on another device?

Also, what about IPV6 makes this more difficult? There is an ip6tables but it looks like its just a symbolic link to iptables.. HL should work to hide IPV6 hotspot right?
 

andrew2432

Senior Member
@kevin71246

Hey, installed and went from 3-5mbps on my comp to 10+ regularly. It seems semi random as far as if it catches up to my phones speed. But this worked some for sure, my streaming is running and its HD now and not kinda buffering?! So this is good. Took me a whole to hide my hotspot use and then found this and was able to get it running. Awespme

Isn't 64 the detected amount? Wouldn't you want to change it to 63 or 65?
 
Last edited:

andrew2432

Senior Member
Would these work on another device?

Also, what about IPV6 makes this more difficult? There is an ip6tables but it looks like its just a symbolic link to iptables.. HL should work to hide IPV6 hotspot right?
Am I allowed to link? This was an interesting article. He also used 64 on TTL, but I'm still confused why you wouldn't use 65...

Here's what he has...

Code:
# Popular TTL values: 64 for Visible. 65 for Verizon, ATT and Tmobile. 117 is sometimes a working TTL for Verizon.
# When changing values, first place # on all the TTL value lines beginning, like this line itself has. Then click Restart Firewall.
# Then change all of the TTL values to what you need and then delete the #s at their lines beginning.
# Then click Restart Firewall. Changes should then be applied properly.
 
# Start-IP6-TTL-Fix
ip6tables -t mangle -I POSTROUTING -o wwan0 -j HL --hl-set 65
# End-IP6-TTL-Fix
 
# Start-IP4-TTL-Fix
iptables -t mangle -I POSTROUTING -o wwan0 -j TTL --ttl-set 64
# End-IP4-TTL-Fix
 

elesbb

Senior Member
Jun 20, 2010
7,864
5,311
Am I allowed to link? This was an interesting article. He also used 64 on TTL, but I'm still confused why you wouldn't use 65...

Here's what he has...

Code:
# Popular TTL values: 64 for Visible. 65 for Verizon, ATT and Tmobile. 117 is sometimes a working TTL for Verizon.
# When changing values, first place # on all the TTL value lines beginning, like this line itself has. Then click Restart Firewall.
# Then change all of the TTL values to what you need and then delete the #s at their lines beginning.
# Then click Restart Firewall. Changes should then be applied properly.
 
# Start-IP6-TTL-Fix
ip6tables -t mangle -I POSTROUTING -o wwan0 -j HL --hl-set 65
# End-IP6-TTL-Fix
 
# Start-IP4-TTL-Fix
iptables -t mangle -I POSTROUTING -o wwan0 -j TTL --ttl-set 64
# End-IP4-TTL-Fix
TTL/HL 64 is default android device TTL. That means, every packet that originates from the device data (IE: Facebook app, browser app, etc) has a TTL of 64. When using "POSTROUTING" as the mangle chain, this modifies packets BEFORE they are sent out. This means any packet that is going through the interface, will be changed to 64 before leaving that interface. And since android uses a default of 64, any packet (or less, I do believe) will NOT be flagged as hotspot but regular data.

Also, I have never seen "-I" used with a chain, usually its "-A: Append the rule, -C: Check the rule, -D: Delete the rule", my only guess is "-I" is insert the rule?

You would only use 65 if you are doing a "PREROUTING" rule, or if you are using a router.
 
  • Like
Reactions: andrew2432

Top Liked Posts

  • There are no posts matching your filters.
  • 1
    Am I allowed to link? This was an interesting article. He also used 64 on TTL, but I'm still confused why you wouldn't use 65...

    Here's what he has...

    Code:
    # Popular TTL values: 64 for Visible. 65 for Verizon, ATT and Tmobile. 117 is sometimes a working TTL for Verizon.
    # When changing values, first place # on all the TTL value lines beginning, like this line itself has. Then click Restart Firewall.
    # Then change all of the TTL values to what you need and then delete the #s at their lines beginning.
    # Then click Restart Firewall. Changes should then be applied properly.
     
    # Start-IP6-TTL-Fix
    ip6tables -t mangle -I POSTROUTING -o wwan0 -j HL --hl-set 65
    # End-IP6-TTL-Fix
     
    # Start-IP4-TTL-Fix
    iptables -t mangle -I POSTROUTING -o wwan0 -j TTL --ttl-set 64
    # End-IP4-TTL-Fix
    TTL/HL 64 is default android device TTL. That means, every packet that originates from the device data (IE: Facebook app, browser app, etc) has a TTL of 64. When using "POSTROUTING" as the mangle chain, this modifies packets BEFORE they are sent out. This means any packet that is going through the interface, will be changed to 64 before leaving that interface. And since android uses a default of 64, any packet (or less, I do believe) will NOT be flagged as hotspot but regular data.

    Also, I have never seen "-I" used with a chain, usually its "-A: Append the rule, -C: Check the rule, -D: Delete the rule", my only guess is "-I" is insert the rule?

    You would only use 65 if you are doing a "PREROUTING" rule, or if you are using a router.
  • 3
    Obviously we all know this, but I'll say it anyway: I bear no responsibility for your device!

    Background:
    Initially I recompiled the kernel, but thanks to @fddm I was able to get this into a Magisk module. This is a take-off from https://forum.xda-developers.com/t/...-tether-lineageos-18-1.4295601/#post-86183959 Feel free to read that (minimal reading) for additional details.

    What is this?
    This Magisk mod adds the required iptables kernel module for TTL/Tether/unmetering for using your phone as a hotspot. I have Tmobile & with my plan, when I connect any device to the phone it is extremely throttled to around 0.5Mbps. With this mod and the settings below, you can get around that limitation. I go from 0.5Mbps=>80+Mbps with this mod. Root is required (look at above thread for details on that if needed).

    Compatibility:
    • ROMs: At this point I can't indicate what ROMs this will be compatible with, but it appears LineageOS18.1 works. I'm attaching that as well as a Android/AOSP12 version if anyone wants to test that. I'm also not sure if this is exclusive to the bramble/Pixel 4a5g device (If anyone knows what they're doing or wants to get ballsy, test & report your results!)
    • Carrier: I tested this against Tmobile. It depends on how your carrier throttles your hotspot connected devices; Tmobile uses the TTL to determine if its the phone vs a connected device. If your carrier uses that method this should work.
    • xt_HL.ko: This is the kernel module we're inserting to allow the "iptables ttl set" command. I tested the Android12 xt_HL.ko file on my LineageOS18.1 OS and it does NOT work. This tells me there is some type of versioning. OR: there's an issue with the A12 file...
    InCompatibility: (as reported by users in the thread)
    • ProtonAOSP 12, pixel 4a5g

    Steps:
    • Install Magisk module & read the output; Verify it installed successfully.
    • Download Termux app from playstore
    • Termux App:
      • su (Grant permissions)
      • iptables -t mangle -A POSTROUTING -j TTL --ttl-set 64 (should be no errors - if you have errors my kernel is not installed)
    • Test: Turn on phone Hotspot, connect any device, do a speed test comparing speed on phone should be similar to the connected device.
    • If any limitations/blocks: (Not sure but maybe http vs https is blocked sometimes)
      • Install VPN Hotspot app (Green key icon): "Wi-Fi hotspot" ON, wlan1 ON, DISABLE "Tethering HW Acceleration" in settings
    Issues:
    • After running the iptables command you get this error: iptables v1.8.4 (legacy): unknown option "--ttl-set" Try 'iptables -h' or 'iptables --help' for more information. This means the module was not loaded (or isn't compatible. Assuming the correct version was selected, there's no fix. Likely your OS isn't compatible with this module. If anyone has additional troubleshooting to add feel free to chime in.

    Technical Additional Info:
    • ttl_magisk_L18.1: This contains the xt_HL.ko file compiled from the lineage-18.1-20220102-nightly-bramble-signed repo
    • ttl_magisk_A12: This contains the xt_HL.ko file compiled from AOSP kernel: android-msm-redbull-4.19-android12
    1
    hi, I am on ProtonAOSP 12, pixel 4a5g, tested the ttl A12 zip file. But it gave me error when trying to run the iptables command as per your instruction. So I guess it is not loading the module maybe
    Apologies for your results. I just updated the OP with an "Issues" section I'll update with issues reported, and any fixes if we discover any. I've only successfully tested this against LineageOS18.1, and was only hopeful it would work against other OS's. Just for kicks, since it's a pretty simple/quick process, you may want to try the ttl_magisk_L18.1 version. BTW that entire command is case-sensitive in case someone didn't know (Eg. Iptables... will not work; iptables... will).

    Regarding the fix for your issue...I think Proton is based just on AOSP, and nothing to do with LineageOS. I wouldn't think that would matter but pointing. I would've made an Android12/LineageOS19.0 module but it isnt official yet for this device. I'm not sure how willing the Proton folks would be, but the next logical step would be to have them add the following options to their ProtonAOSP12 "redbull_defconfig" file (or equivalent), build it, and send me over the xt_HL.ko file. Then I'll add a magisk module for that for you to test.

    Side note: there are 4 recent AOSP kernel versions for this device. So if there are compatibility restraints with versions, I'd guess we'd have a maximum of 4 to deal with, depending on what OS you have. I don't know for sure, but wouldn't think your ROM being AOSP, LIneageOS, or Proton would make a difference, since typically custom ROMs only customize overlays, features, preferences, 3rd party SW, etc - they don't typically rewrite the kernel for example. But we'll find out. The modules I posted reflect LineageOS18.1 (should be android-msm-redbull-4.19-android11-qpr3 but I didn't verify; though this does work with a June 2021 build which is likely android-msm-redbull-4.19-android11-qpr2 or before) & Android12 (android-msm-redbull-4.19-android12). I don't have one for android-msm-redbull-4.19-android12-qpr1 yet, but there's a chance that's what you need. Recent bramble kernels:
    android-msm-redbull-4.19-android11-qpr2
    android-msm-redbull-4.19-android11-qpr3
    android-msm-redbull-4.19-android12
    android-msm-redbull-4.19-android12-qpr1
    1
    yes its running according to magisk log. I was previously on pixel exp. rom android 12 and termux cmd ended in error
    that is why I switched for the kernel. and from what i can tell all data is used as talk text data.... as my wifi hotspot 15GB still shows i have only used 2GB (which i have). as far as my B.S. problem I think it has something to do with multiplayer servers. it works fine on wifey's hotspot same carrier LG stylo 6 stock..
    If I'm understanding - it works, but some devices connected have random results? TMobile, or any cell phone provider, are known for issues with VPN, etc, so that doesn't surprise me. And a total guess, but TMobile uses cgnat & ip6, so maybe that's causing issues as well - but not sure what provider u have.
    1
    Am I allowed to link? This was an interesting article. He also used 64 on TTL, but I'm still confused why you wouldn't use 65...

    Here's what he has...

    Code:
    # Popular TTL values: 64 for Visible. 65 for Verizon, ATT and Tmobile. 117 is sometimes a working TTL for Verizon.
    # When changing values, first place # on all the TTL value lines beginning, like this line itself has. Then click Restart Firewall.
    # Then change all of the TTL values to what you need and then delete the #s at their lines beginning.
    # Then click Restart Firewall. Changes should then be applied properly.
     
    # Start-IP6-TTL-Fix
    ip6tables -t mangle -I POSTROUTING -o wwan0 -j HL --hl-set 65
    # End-IP6-TTL-Fix
     
    # Start-IP4-TTL-Fix
    iptables -t mangle -I POSTROUTING -o wwan0 -j TTL --ttl-set 64
    # End-IP4-TTL-Fix
    TTL/HL 64 is default android device TTL. That means, every packet that originates from the device data (IE: Facebook app, browser app, etc) has a TTL of 64. When using "POSTROUTING" as the mangle chain, this modifies packets BEFORE they are sent out. This means any packet that is going through the interface, will be changed to 64 before leaving that interface. And since android uses a default of 64, any packet (or less, I do believe) will NOT be flagged as hotspot but regular data.

    Also, I have never seen "-I" used with a chain, usually its "-A: Append the rule, -C: Check the rule, -D: Delete the rule", my only guess is "-I" is insert the rule?

    You would only use 65 if you are doing a "PREROUTING" rule, or if you are using a router.