I've been doing some digging - I noticed something was strange when the Three IP I was given on my desktop and other tethered devices was different to the one on my phone...
When tethering is on, there are three 'network interfaces' at play on the phone. Without tethering on, there's just one really that we're concerned with - 'rmnet0' - which is the connection to three. When tethering comes on, however, two are created - 'rndis0' which is the interface that deals with the internal tethered network that it sets up (192.168.42.x range) BUT an additional rmnet interface - 'rmnet1' then appears with a different internal (on the 10.x.x.x range) and external three IP address to rmnet0.
You guessed it, anything tethered goes through rndis0, and everything on that interface gets forwarded to this newly created rmnet1 interface which, during the 3pm-midnight hours, is painfully slow.
I'm looking into what I can do to change this by altering the iptables but this is a bit beyond my skillset. I'll report anything I can find out.
So after a bit of experimentation, I was able to stop rmnet1 being generated by adding net.tethering.noprovisioning=true to the end of my build.prop file. Unfortunately, while this technically worked to stop rmnet1 being generated, devices tethered wouldn't receive internet, making it useless. So, I reverted and looked again.
EDIT: I have now managed to get net.tethering.noprovisioning=true to work - please see my reply below.
What then did work was fixing the iptables so that - even with this second 'tethering' interface being generated - all the traffic goes through the original interface instead. Same external IP for my phone, same for all my attached devices. Fantastic!
To do this, you need a rooted device (in my instance, I'm running Android 5.1 on a Moto G with a PAYG Three SIM - YMMV! Attempt at your own risk!) with SuperSU and busybox installed, and adb installed on your computer (as well as the required drivers for your phone).
First, set up tethering on your phone - USB or Wifi hotspot, the process should be the same. Just make sure it's turned on and your data is on, too.
Then, at a terminal/command line, run 'adb shell'. If your device connects, you should see something like 'shell@android:/'. Then type su, which gives the shell root privileges. Check what interfaces you have - 'busybox ifconfig' should give you a list. If you have rmnet0, rmnet1 and rndis0, proceed!
Following that, run the commands 'ip rule show' and 'iptables -S' to make sure that the commands I have below will remove/change what you have.
Then, in order, run the following commands:
ip rule del iif rndis0 lookup rmnet1
ip rule add iif rndis0 lookup rmnet0
iptables -F
iptables -A natctrl_FORWARD -i rmnet0 -o rndis0 -m state --state RELATED,ESTABLISHED -g natctrl_tether_counters
iptables -A natctrl_FORWARD -i rndis0 -o rmnet0 -m state --state INVALID -j DROP
iptables -A natctrl_FORWARD -i rndis0 -o rmnet0 -m ttl --ttl-lt 2 -j DROP
iptables -A natctrl_FORWARD -i rndis0 -o rmnet0 -g natctrl_tether_counters
iptables -A natctrl_FORWARD -j DROP
iptables -A natctrl_tether_counters -i rndis0 -o rmnet0 -j RETURN
iptables -A natctrl_tether_counters -i rmnet0 -o rndis0 -j RETURN
iptables -t nat -A POSTROUTING --out-interface rmnet0 -j MASQUERADE
iptables -A FORWARD --in-interface rndis0 -j ACCEPT
The first two ip rule commands point your phone in the better direction!
iptables -F clears your iptables list, but again, YMMV - you may get away with just removing sections such as natctrl_FORWARD and/or nat_ctrl_tether_counters.
The rest, bar the last two, adds back in some of what was in the iptables list, with changes to reflect 'rmnet0' instead of 'rmnet1'.
The final two I added in as an attempt, running from what was listed here. I can't say for sure if it helped but, it's in my iptables and isn't causing any problems, so!
The good (and bad?) news is that these will only stay in place until/unless you restart your phone. So, if you mess it up, just reboot and you should be fine to try again/try something else.
Unfortunately, I really am no expert with iptables so I can't offer any guidance (and if I'm honest, I have no idea what in particular has made all of this work), but I found that adding some of these back in stopped strange errors popping up. If anyone with more knowledge of these matters wants to chip in and offer any additional references or comments, please do! And again, please be aware while this worked for me, it might not for you - so really do be careful.
I shall report again tomorrow to let you know if the throttle has indeed been beaten!
Last edited:
Upvote
0