Slow Teathering With PinePhone

Slow Teathering With PinePhone - Printable Version

+- PINE64 (https://forum.pine64.org)
+-- Forum: PinePhone (https://forum.pine64.org/forumdisplay.php?fid=120)
+--- Forum: General Discussion on PinePhone (https://forum.pine64.org/forumdisplay.php?fid=127)
+--- Thread: Slow Teathering With PinePhone (/showthread.php?tid=17355)

Pages: 1 2

RE: Slow Teathering With PinePhone - treebeard - 10-08-2022

(10-07-2022, 02:00 PM)treebeard Wrote: There are various posts suggesting some nftables magic can change the TTL to evade the sniffing but I haven't been able to get that to work.

For what it's worth, I did find a way to "fix" the TTL but it was not enough to avoid Verizon's tether-block. After starting tether (or hotspot) do

Code:
sudo nft add rule ip nm-shared-usb0 filter_forward index 0 ip saddr 10.42.0.0/24 iifname "usb0" ip ttl set 64 accept

This will make the filter_forward chain look like:

Code:
chain filter_forward {

    type filter hook forward priority filter; policy accept;

    ip daddr 10.42.0.0/24 oifname "usb0" ct state { established, related } accept

    ip saddr 10.42.0.0/24 iifname "usb0" ip ttl set 64 accept

    ip saddr 10.42.0.0/24 iifname "usb0" accept

    iifname "usb0" oifname "usb0" accept

    iifname "usb0" reject

    oifname "usb0" reject

}

... where rule #3 becomes redundant but harmless. This is quite a bit different than the other techniques I ran across, and perhaps it's not the best approach. I leave it here in case someone else finds it useful.