no-tethering-restrictions/README.adoc
2021-06-13 18:12:02 -07:00

97 lines
3.7 KiB
Plaintext

:experimental:
:imagesdir: imgs
:icons:
ifdef::env-github[]
:tip-caption: :bulb:
:note-caption: :information_source:
:important-caption: :heavy_exclamation_mark:
:caution-caption: :fire:
:warning-caption: :warning:
endif::[]
== Requirements
* Magisk; link:https://github.com/ghost-420/Best-way-to-flash-Magisk[installing Magisk (my guide, cause the others sucked)]
* link:https://github.com/Magisk-Modules-Repo/MagiskHidePropsConf#installation[MagiskHide Props Config] module installed
* A terminal emulator; the built-in (LineageOS) or link:https://f-droid.org/en/packages/com.termoneplus/[TermOnePlus] work fine
- Want to use Linux software? Install link:https://f-droid.org/en/packages/com.termux/[Termux]
* link:https://f-droid.org/en/packages/dev.ukanth.ufirewall/[AFWall+ from F-Droid]
== Recommended/optional
* link:https://play.google.com/store/apps/details?id=com.draco.ktweak[KTweak for higher network speeds], using its 'latency' profile.
* Kernel with the "xt_HL.ko" module (netfilter's TTL packet mangling) enabled
** Known kernels with support:
*** kdrag0n's link:https://github.com/kdrag0n/proton_kernel_redbull[ProtonKernel] for Pixel 4A 5G/Pixel 5
* Busybox Magisk module
.Installing Busybox Magisk module
[%collapsible]
====
. image:MV1iA.png[]
. Search for 'Busybox' to find "Busybox for Android NDK", then install it.
====
NOTE: Testing xt_HL support: +
1. Launch a terminal emulator. +
2. ``su`` +
3. ``iptables -t mangle -A POSTROUTING -o wlan+ -j TTL --ttl-set 64;ip6tables -t mangle -A POSTROUTING -o wlan+ -j HL --hl-set 64`` +
-> If your custom kernel does not support "--ttl-set" and/or "--hl-set", inform them of this repository publicly (to increase exposure of these instructions).
TIP: For kernel tweakers: link:https://web.archive.org/web/20210423030541/https://forum.xda-developers.com/t/magisk-stock-bypass-tether-restrictions.4262265/[A reference for enabling xt_HL support through Magisk].
== 1. Configure props
NOTE: ↵ is the kbd:[Enter / Return] key.
. Launch a terminal emulator.
. ``su``
. ``settings delete system tether_entitlement_check_state;settings delete global tether_dun_required``
. ``props``
** "Select an option below." (4 for "Add/edit custom props") kbd:[4 ↵]
** Select "New custom prop" with kbd:[n ↵]
*** `net.tethering.noprovisioning` kbd:[↵] -> kbd:[true ↵] -> kbd:[y ↵]
** "Do you want to reboot now?" kbd:[n ↵]
** Select "New custom prop" with kbd:[n ↵]
*** `tether_entitlement_check_state` kbd:[↵] -> kbd:[0 ↵] -> kbd:[y ↵]
** Select "New custom prop" with kbd:[n ↵]
*** `tether_dun_required` kbd:[↵] -> kbd:[0 ↵] -> kbd:[y ↵]
***** "Do you want to reboot now?" -> kbd:[y ↵]
== 2. Adjust TTL & HL
.Best method; "xt_HL.ko" support required
[%collapsible]
====
. Open AFWall+ -> 3 vertical dots (hamburger menu) -> Preferences
- UI Preferences
** Confirm AFWall+ disable -> Enabled
- Binaries
** Iptables binary -> System iptables
** **[optional]** BusyBox binary -> System BusyBox
* Open AFWall+ -> 3 vertical dots (hamburger menu) -> Set custom script
////
Blanket setting \*rmnet* might be a bad idea? +
rndis* is specific to USB tethering; \*rmnet* still has business with USB tethering, along with all other tether types.
////
TIP: Put in "Enter custom script below".
[source]
----
iptables -t mangle -A POSTROUTING -o +rmnet+ -j TTL --ttl-set 64
iptables -t mangle -A POSTROUTING -o rndis+ -j TTL --ttl-set 64
ip6tables -t mangle -A POSTROUTING -o +rmnet+ -j HL --hl-set 64
ip6tables -t mangle -A POSTROUTING -o rndis+ -j HL --hl-set 64
----
====
== 3. Test for TTL 64 (desired) on the tethered device
* Windows:
- IPv4/iptables: `ping -4 gnu.org`
- IPv6/ip6tables: `ping -6 gnu.org`
If the TTL & HL is 64, you've successfully completed this guide.
TIP: If this works, then Star this repository!