1. HUGE Androidforums.com UPDATE! Learn what's new (and download the new app!)
    Dismiss Notice

How to bypass "tethering block" on Three network?


Last Updated:

  1. hmmoo

    hmmoo Member

    Joined:
    Jan 6, 2017
    Messages:
    6
    Likes Received:
    1
    So after a bit of experimentation, I was able to stop rmnet1 being generated by adding net.tethering.noprovisioning=true to the end of my build.prop file. Unfortunately, while this technically worked to stop rmnet1 being generated, devices tethered wouldn't receive internet, making it useless. So, I reverted and looked again.

    EDIT: I have now managed to get net.tethering.noprovisioning=true to work - please see my reply below.

    What then did work was fixing the iptables so that - even with this second 'tethering' interface being generated - all the traffic goes through the original interface instead. Same external IP for my phone, same for all my attached devices. Fantastic!

    To do this, you need a rooted device (in my instance, I'm running Android 5.1 on a Moto G with a PAYG Three SIM - YMMV! Attempt at your own risk!) with SuperSU and busybox installed, and adb installed on your computer (as well as the required drivers for your phone).

    First, set up tethering on your phone - USB or Wifi hotspot, the process should be the same. Just make sure it's turned on and your data is on, too.

    Then, at a terminal/command line, run 'adb shell'. If your device connects, you should see something like 'shell@android:/'. Then type su, which gives the shell root privileges. Check what interfaces you have - 'busybox ifconfig' should give you a list. If you have rmnet0, rmnet1 and rndis0, proceed!

    Following that, run the commands 'ip rule show' and 'iptables -S' to make sure that the commands I have below will remove/change what you have.

    Then, in order, run the following commands:

    ip rule del iif rndis0 lookup rmnet1
    ip rule add iif rndis0 lookup rmnet0
    iptables -F
    iptables -A natctrl_FORWARD -i rmnet0 -o rndis0 -m state --state RELATED,ESTABLISHED -g natctrl_tether_counters
    iptables -A natctrl_FORWARD -i rndis0 -o rmnet0 -m state --state INVALID -j DROP
    iptables -A natctrl_FORWARD -i rndis0 -o rmnet0 -m ttl --ttl-lt 2 -j DROP
    iptables -A natctrl_FORWARD -i rndis0 -o rmnet0 -g natctrl_tether_counters
    iptables -A natctrl_FORWARD -j DROP
    iptables -A natctrl_tether_counters -i rndis0 -o rmnet0 -j RETURN
    iptables -A natctrl_tether_counters -i rmnet0 -o rndis0 -j RETURN
    iptables -t nat -A POSTROUTING --out-interface rmnet0 -j MASQUERADE
    iptables -A FORWARD --in-interface rndis0 -j ACCEPT

    The first two ip rule commands point your phone in the better direction!
    iptables -F clears your iptables list, but again, YMMV - you may get away with just removing sections such as natctrl_FORWARD and/or nat_ctrl_tether_counters.
    The rest, bar the last two, adds back in some of what was in the iptables list, with changes to reflect 'rmnet0' instead of 'rmnet1'.
    The final two I added in as an attempt, running from what was listed here. I can't say for sure if it helped but, it's in my iptables and isn't causing any problems, so!

    The good (and bad?) news is that these will only stay in place until/unless you restart your phone. So, if you mess it up, just reboot and you should be fine to try again/try something else.

    Unfortunately, I really am no expert with iptables so I can't offer any guidance (and if I'm honest, I have no idea what in particular has made all of this work), but I found that adding some of these back in stopped strange errors popping up. If anyone with more knowledge of these matters wants to chip in and offer any additional references or comments, please do! And again, please be aware while this worked for me, it might not for you - so really do be careful.

    I shall report again tomorrow to let you know if the throttle has indeed been beaten!
     

    Advertisement
    Last edited: Jan 10, 2017
  2. andyroochoo

    andyroochoo Member

    Joined:
    Feb 2, 2016
    Messages:
    18
    Likes Received:
    4
    I take no credit for the following post

    Google made a change in Android 4.4 which allows operators to know when users are using tethering and conveniently block tethered devices from accessing internet.

    This can be fixed permanently using the following procedure (UPDATE: no root required):

    1. Enable developer mode (Go to Settings -> About phone, and click on the build number until the developer mode is enabled).
    2. Enable USB debugging under Settings -> Developer options
    3. Connect the device with a USB cable to a computer with the Android SDK platform tools installed
    4. Start an adb shell: adb shell
    5. In the adb shell, run this command: settings put global tether_dun_required 0
     
  3. andyroochoo

    andyroochoo Member

    Joined:
    Feb 2, 2016
    Messages:
    18
    Likes Received:
    4
    anything running 4.4.4 seems to have the most reliable results
     
  4. hmmoo

    hmmoo Member

    Joined:
    Jan 6, 2017
    Messages:
    6
    Likes Received:
    1
    This was the first thing I did and unfortunately it had no effect on my phone in stopping the throttling taking place - I'm sure it has an effect on the tether block, but not the throttle. I checked the value of 'tether_dun_required' was 0 on reboot and it was - but the way android works (at least on this phone, on 5.1) meant that when tethering is active, a separate connection to three is created (with a separate external IP) and tethered traffic is sent through that.

    I do however have an update. Returning to adding 'net.tethering.noprovisioning=true' to build.prop, I discovered the problem for no internet access - external DNS requests aren't forwarded to clients when this tethering is active. I set my DNS manually to google's servers (8.8.8.8 and 8.8.4.4) and I had internet, tethered through my phone, with the same external IP as my phone. Only one network interface is created - rmnet0. Success!

    I'm now, just on the safe side, running all my traffic through a VPN.

    I will report back in the afternoon to let you know if that manages to defeat the throttling that three has been forcing.
     
  5. hmmoo

    hmmoo Member

    Joined:
    Jan 6, 2017
    Messages:
    6
    Likes Received:
    1
    So, its past 3pm, and I have unthrottled speeds (for the moment, at least.) Mission accomplished!

    So, to recap:

    I have a three PAYG sim with AYCE data (but 'technically' can't tether.) I have the APN set simply as three.co.uk with no extra information. I am tethering this over USB to an OpenWRT flashed router so that the wifi traffic has its own seperate device, with the phone acting as the routers 'WAN'.

    Settings put global tether_dun_required 0 made no difference to tethering in so much as that the traffic from tethered devices went through a second generated connection to three on my phone. Its possible that this alongside the APN settings prevent the tether block from having an effect.

    Editing build.prop to ensure that net.tethering.noprovisioning=true means that tethered devices pass their traffic through the same interface as the phone traffic, rather than a second generated connection. (At least on Android 5.1)

    DNS doesn't work doing this, so setting the DNS servers to googles public servers (8.8.8.8 and 8.8.4.4) allowed web access to work properly.

    A combination of all of these (and, to be sure, running traffic through a VPN which is set up on the router) seems to have defeated the 3pm-midnight throttling from having an effect. For now!

    I hope this helps other users.
     

Share This Page

Loading...