Hello everybody. Today I come to you with an AOSP fix for tethering over LTE brought to us from Wozman at the XDA forums.
Basically some of us using AOSP were only able to tether using 3G and +HSPA and it would never work using just LTE. The issue was the phone was not bridging the interfaces properly.
Always remember to perform a nandroid backup before attempting anything you're unfamiliar with.
This has been successfully tested on:
Samsung Galaxy S3
Samsung Galaxy S4
Enter the following in Android Terminal Emulator ( http://play.google.com/store/apps/details?id=jackpal.androidterm ) to fix Tethering over LTE:
iptables -A bw_FORWARD -i !lo+
iptables -A natctrl_FORWARD -j RETURN -i rmnet+ -o wlan0 -m state --state RELATED,ESTABLISHED
iptables -A natctrl_FORWARD -j DROP -i wlan0 -o rmnet+ -m state --state INVALID
iptables -A natctrl_FORWARD -j RETURN -i wlan0 -o rmnet+
iptables -A natctrl_FORWARD -j DROP
iptables -A natctrl_nat_POSTROUTING -t nat -o rmnet+ -j MASQUERADE
The only downside to this process is it must be performed every time you reboot. A simple way around this issue is to save the code into a script (or shortcut) and run it every time you reboot.
To do this, download Gscript Lite from the Play Store
http://play.google.com/store/apps/details?id=nl.rogro.GScriptLite
Copy and paste the lines of code as text to a *.sh* file in a folder on your internal SDcard named "gscript"
Or
Download the file from here:
http://www.sendspace.com/file/nh37av
And place it in:
/Sdcard0/gscript/
Open Gscript Lite, hit your menu button and then 'add script' at the bottom left
Now hit *load file* and pick *tether.sh* from the list (you might have to do this quickly as the app might FC, no worries, if it does just start over)
or
You can paste the lines of code into the large white box. Name it in the top box, be sure to check the *needs su?* box and then hit save.
You should now see a fourth blank option now at the main menu under *CPU Information*. Hit that blank option and it'll run the script.
Now you should be able to tether using LTE
To make this process even easier, you can create a shortcut and place it on your home screen instead of having to enter the app every time
(You might have Gscript Lite FC on you after running the script from the app or shortcut itself, its nothing to worry about)
Happy tethering!
Echo.....
Sent from my SGH-I337M
Here's the fix for 4.3
#!/system/bin/sh
iptables -F
iptables -A bw_FORWARD -i !lo+
iptables -A natctrl_FORWARD -j RETURN -i rmnet+ -o wlan0 -m state --state RELATED,ESTABLISHED
iptables -A natctrl_FORWARD -j DROP -i wlan0 -o rmnet+ -m state --state INVALID
iptables -A natctrl_FORWARD -j RETURN -i wlan0 -o rmnet+
iptables -A natctrl_FORWARD -j DROP
iptables -A natctrl_nat_POSTROUTING -t nat -o rmnet+ -j MASQUERADE
may eyselfy
djbrotherson said:
Hello everybody. Today I come to you with an AOSP fix for tethering over LTE brought to us from Wozman at the XDA forums.
Basically some of us using AOSP were only able to tether using 3G and +HSPA and it would never work using just LTE. The issue was the phone was not bridging the interfaces properly.
Always remember to perform a nandroid backup before attempting anything you're unfamiliar with.
This has been successfully tested on:
Samsung Galaxy S3
Samsung Galaxy S4
Enter the following in Android Terminal Emulator ( http://play.google.com/store/apps/details?id=jackpal.androidterm ) to fix Tethering over LTE:
iptables -A bw_FORWARD -i !lo+
iptables -A natctrl_FORWARD -j RETURN -i rmnet+ -o wlan0 -m state --state RELATED,ESTABLISHED
iptables -A natctrl_FORWARD -j DROP -i wlan0 -o rmnet+ -m state --state INVALID
iptables -A natctrl_FORWARD -j RETURN -i wlan0 -o rmnet+
iptables -A natctrl_FORWARD -j DROP
iptables -A natctrl_nat_POSTROUTING -t nat -o rmnet+ -j MASQUERADE
The only downside to this process is it must be performed every time you reboot. A simple way around this issue is to save the code into a script (or shortcut) and run it every time you reboot.
To do this, download Gscript Lite from the Play Store
http://play.google.com/store/apps/details?id=nl.rogro.GScriptLite
Copy and paste the lines of code as text to a *.sh* file in a folder on your internal SDcard named "gscript"
Or
Download the file from here:
http://www.sendspace.com/file/nh37av
And place it in:
/Sdcard0/gscript/
Open Gscript Lite, hit your menu button and then 'add script' at the bottom left
Now hit *load file* and pick *tether.sh* from the list (you might have to do this quickly as the app might FC, no worries, if it does just start over)
or
You can paste the lines of code into the large white box. Name it in the top box, be sure to check the *needs su?* box and then hit save.
You should now see a fourth blank option now at the main menu under *CPU Information*. Hit that blank option and it'll run the script.
Now you should be able to tether using LTE
To make this process even easier, you can create a shortcut and place it on your home screen instead of having to enter the app every time
(You might have Gscript Lite FC on you after running the script from the app or shortcut itself, its nothing to worry about)
Happy tethering!
Click to expand...
Click to collapse
Work on MF3? been looking for a way to tether my LTE. I have Unlimited.
DrXTC said:
Work on MF3? been looking for a way to tether my LTE. I have Unlimited.
Click to expand...
Click to collapse
Not sure off the top of my head what device the MF3 is but I know this works for the HTC One as well. You could give it a shot, it reverts back after a reboot
Sent from my SGH-I337M using XDA Premium 4 mobile app
djbrotherson said:
Not sure off the top of my head what device the MF3 is but I know this works for the HTC One as well. You could give it a shot, it reverts back after a reboot
Sent from my SGH-I337M using XDA Premium 4 mobile app
Click to expand...
Click to collapse
Ok thanks it's the latest Update on Jflteatt before 4.3 update. Ill try at my risk thanks.
Goal: Only allow outgoing cellular data to specific DNS servers and a specific webserver using cellular mode on rooted android device.
Android phone #1: VkWorld F1 (Chipset. MT6580) running Android 5.1
Android phone #2: HUAWEI Y560-L01 running Android 5.1
Active interfaces on Android #1 when cellular mode is on.
Code:
lo UP 127.0.0.1/8
ccmni0 UP x.x.x.x/x
Active interfaces on Android #2 when cellular mode is on.
Code:
lo UP 127.0.0.1/8
rmnet_data0 UP x.x.x.x/x
This is my current simple iptables for testing on Android #1 and #2
Code:
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -d 8.8.8.8 -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT //DNS
-A OUTPUT -d x.x.x.x -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT //webserver
-A OUTPUT -j DROP
These iptables rules works on Android device #2 or any Android phone that has 'rmnet' interface (from my own testing).
These iptables rules DO NOT work on Android device #1 or any Android phone that has 'ccmni' interface (from my own testing)
And if I add or change in my android #1 to
Code:
-A OUTPUT -o ccmni0 -d x.x.x.x -p tcp -m state --state NEW,ESTABLISHED -j ACCEPT
it can NOT still contact the destination ip.
However if I add this line before the last -j DROP rule it works
Code:
iptables -A OUTPUT -o ccmni0 -j ACCEPT
but this allows ccmni interface to talk freely to any website and makes my dns and webserver rule pointless.
Once again:
Devices rmnet interfaces = rules works.
Devices with ccmni interfaces = rules do not work.
[EDIT/SOLVED]
I used tcpdump and wireshark to see what might have gone wrong traffic, apparently my traffic had to go through a proxy from my provider that I blocked off in iptables. Why it still works fine with rmnet interfaces I have no clue.
volleb said:
I used tcpdump and wireshark to see what might have gone wrong traffic, apparently my traffic had to go through a proxy from my provider that I blocked off in iptables. Why it still works fine with rmnet interfaces I have no clue.
Click to expand...
Click to collapse
This is because in short it uses a different way to connect and this is only on MSM chipsets see this link while rmnet is and standard android fare
I am trying to port SailfishOS to the Asus Zenfone 2 (Z00A) which has an x86 cpu.
I got up to point 7.2.1 in this: https://sailfishos.org/wp-content/uploads/2016/10/SailfishOS-HardwareAdaptationDevelopmentKit-1.1.2.pdf
Running rpm/dhd/helpers/build_packages.sh gives me the following error:
Code:
Exit reason and status: signal 6 (core dumped)
Exit reason and status: signal 6 (core dumped)
!! command failed at Tue Nov 22 19:23:06 UTC 2016, dying...
Looking through the files, I found out it was caused by the following command:
Code:
mb2 -t $VENDOR-$DEVICE-$ARCH -s rpm/droid-hal-$DEVICE.spec build
which gives the first 2 lines of the error above.
From there something lead me to believe that it was related to sb2.
I set up sb2 using the following command:
Code:
sb2-init -d -L "--sysroot=/" -C "--sysroot=/" \
-m sdk-build \
-n -N -t / $VENDOR-$DEVICE-$PORT_ARCH \
/opt/cross/bin/i486-meego-linux-gnu-gcc
I use i486 as PORT_ARCH
EDIT: installing the i486 toolchain using
Code:
sdk-manage --toolchain --install Mer-SB2-i486
and then changing the toolchain from
/usr/bin/gcc
to
/opt/cross/bin/i486-meego-linux-gnu-gcc fixed it.
My questions are:
--How do I properly set-up sb2 for x86?
--How do I solve the error?
--Where can I get more information related to porting SailfishOS to x86 hardware?
I would like to run the command
Code:
iptables -t mangle -I POSTROUTING -o rmnet_data0 -j TTL --ttl-set 64
The command fails on the LOS 7.1.2 kernel with error: iptables: No chain/target/match by that name.
Checking the kernel for iptables TTL target support shows that it isn't present:
Code:
1|clark:/ # cat /proc/net/ip_tables_targets
HARDIDLETIMER
IDLETIMER
TRACE
NFQUEUE
NFQUEUE
NFQUEUE
NFQUEUE
NFLOG
CLASSIFY
DNAT
SNAT
CONNMARK
MARK
REJECT
MASQUERADE
ERROR
TCPMSS
TPROXY
TPROXY
REDIRECT
NETMAP
DNAT
SNAT
Is there/can someone compile a kernel with the iptables TTL target? I lack the ability to compile my own kernel.
Can some people try running
Code:
cat /proc/net/ip_tables_targets
and posting the result for their kernels?
Thanks!
I would like to run the command
Code:
iptables -t mangle -I POSTROUTING -o rmnet_data0 -j TTL --ttl-set 64
The command fails with error: iptables: No chain/target/match by that name.
Checking the kernel for iptables TTL target support shows that it isn't present.
Is there/can someone compile a kernel with the iptables TTL target? I tried to make my own kernel, but I did not succeed.
OP5, OO 4.5.10 (stock)
Thanks!
This is just a guess but maybe the Kali Nethunter kernel has it enabled? It's a kernel centered around pentesting and has all forms of packet monitoring and capturing enabled so it may work.
You could try the Official Nethunter kernel or the Unofficial one, Burgerhunter.
Nethunter Download:
https://build.nethunter.com/nightly/3.20-20170903-2143/
Burgerhunter Thread:
https://forum.xda-developers.com/oneplus-5/development/burgerhunter-t3638810
Thx, but does not support (work).