Fun with IPtables, router refuses to change TTL value?

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware
Author Message
unexpectedpie
DD-WRT Novice


Joined: 28 Feb 2018
Posts: 5

PostPosted: Thu Mar 01, 2018 19:03    Post subject: Fun with IPtables, router refuses to change TTL value? Reply with quote
I'm trying to bridge my 4G hotspot onto a R7000 so I can have a home network where all the devices aren't being throttled (Tmobile).

My original success was only through my PC by changing the PC's default TTL to 65. A simple regedit trick.

I thought the obvious thing was to take a dd-wrt router and command line:
iptables -t mangle -I POSTROUTING -o `get_wanface` -j TTL --ttl-set 65

But it spits back that the value 65 is invalid.

if I just increase the TTL by one (as is the rational behind the PC trick):
iptables -t mangle -I POSTROUTING -o `get_wanface` -j TTL --ttl-inc 1
The command is accepted, but my tablets and other devices are still throttled. Should I be changing wanface as I'm using a virtual log in through the repeater bridge?

The repeater bridge also has the firewall disabled and I'm unsure if that will contribute to the problem. I'm following the instructions from here: http://highonandroid.com/android-smartphone-news/how-to-super-extend-range-of-your-android-wifi-hotspot-using-dd-wrt/2/

I don't know if there's a more elegant way to do all this. I'm in way over my head because I don't understand the difference between the repeater bridge and the iptable commands. Any help would be much appreciated!
Sponsor
jxm
DD-WRT User


Joined: 23 Jul 2017
Posts: 276
Location: Brisbane, Australia

PostPosted: Fri Mar 02, 2018 0:32    Post subject: Re: Fun with IPtables, router refuses to change TTL value? Reply with quote
unexpectedpie wrote:
I'm trying to bridge my 4G hotspot onto a R7000 so I can have a home network where all the devices aren't being throttled (Tmobile).

My original success was only through my PC by changing the PC's default TTL to 65. A simple regedit trick.

I thought the obvious thing was to take a dd-wrt router and command line:
iptables -t mangle -I POSTROUTING -o `get_wanface` -j TTL --ttl-set 65

But it spits back that the value 65 is invalid.

if I just increase the TTL by one (as is the rational behind the PC trick):
iptables -t mangle -I POSTROUTING -o `get_wanface` -j TTL --ttl-inc 1
The command is accepted, but my tablets and other devices are still throttled. Should I be changing wanface as I'm using a virtual log in through the repeater bridge?

The repeater bridge also has the firewall disabled and I'm unsure if that will contribute to the problem. I'm following the instructions from here: http://highonandroid.com/android-smartphone-news/how-to-super-extend-range-of-your-android-wifi-hotspot-using-dd-wrt/2/

I don't know if there's a more elegant way to do all this. I'm in way over my head because I don't understand the difference between the repeater bridge and the iptable commands. Any help would be much appreciated!



The iptables command is a firewall command, so you need the firewall running. You are running your router as a repeater bridge, and you cannot run the firewall in this mode as the router is running as a switch instead of a router.

You should configure the router to be running in client mode. The router then runs as a router, your outgoing packets go via a wireless WAN port and you can run the firewall and add your POSTROUTING command.

Some details with links can be found here:
https://www.dd-wrt.com/wiki/index.php/Linking_Routers

You may need to add a virtual wireless access point on the band used to connect the router to the hotspot to be able to connect other devices on that band.
Cheers.
unexpectedpie
DD-WRT Novice


Joined: 28 Feb 2018
Posts: 5

PostPosted: Fri Mar 02, 2018 1:41    Post subject: Reply with quote
I thought client and client bridge are only for routers making hard line connections to each client. I'm trying to do it completely wireless.
jxm
DD-WRT User


Joined: 23 Jul 2017
Posts: 276
Location: Brisbane, Australia

PostPosted: Fri Mar 02, 2018 2:39    Post subject: Reply with quote
Sorry, there is some confusion with the terminology used.

What you need is Wireless WAN or WANWiFi, but in the link I posted prevuiusly they call the link “Repeater”, probably this naming is incorrectly used in the Configuration. It will work for you though.

Cheers.
unexpectedpie
DD-WRT Novice


Joined: 28 Feb 2018
Posts: 5

PostPosted: Fri Mar 02, 2018 19:44    Post subject: Reply with quote
Ok, thanks for the input. I am happy to report that I got it to work, I'll detail the steps I took. This is specific to tmobile one cell plans.

Caveats: I have not tried with with an unrooted yet or with WPA security enabled. All I can say is that I've set my cell's dun global hotspot to 0 and set my cell's ttl to 65 after rooting it. The rest is through the router.

Follow the steps here:
https://www.dd-wrt.com/wiki/index.php/Repeater
until you get to step 5, do NOT disable your firewall, you need the IP tables to mangle the TTL.
If your connection is stable, you can proceed to the Run Command scripting area of the Administration tab. Enter the following codes:
iptables -t mangle -I POSTROUTING -o `get_wanface` -j TTL --ttl-set 65
iptables -t mangle -I PREROUTING -i `get_wanface` -j TTL --ttl-set 65
And hit Run Command. as far as I can understand, this sets the TTL for packets going out and in of the router to a setting Tmobile sniffs to determine if you're using 'desktop mode' in your browser. Or something like that.
Hit Save Startup after
Hit Apply (don't know if you need to but I always do).

I'll continue to experiment with details and follow up for the thread. This has been a long process of months of head scratching and I'm hoping this will stick.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum