Tethering tips for those who rely on it - Android General

This thread is pretty much an attempt to provide people with a good resource for tethering, and things to help them tether better in some way. It's aimed at people who have no other normal internet connections, but a 4G phone or something. I'll add things as I go, or if people have good suggestions.
Routing your traffic through OpenVPN - Thread by a man who knows his iptables. :good:
In a nutshell:
Open up a terminal, run `su`, and allow access. Make sure you're root (`whoami` should tell you.)
Start your tethering and OpenVPN. I've found that the built-in tethering menu in Settings, and the OpenVPN Settings app (NOT the built-in VPN settings menu) work the best.
Run `netcfg` and make note of your tethering interface (wlan0, usb0, something like that), and your TUN adapter's interface (usually tun0).
Run these:
iptables -A POSTROUTING -s 192.168.43.0/24 -j MASQUERADE -t nat
iptables -A FORWARD -j ACCEPT -i usb0 -o tun0
iptables -A FORWARD -j ACCEPT -i tun0 -o usb0​
Google Code project that made (and still makes?) a great Wi-Fi tethering app. - android-wifi-tether You'll need to be rooted.
Helpful app that either starts tethering after a delay, or shows a menu - Auto USB Tethering. Good for people who don't like mucking around in Settings. Delayed tether feature is a paid option, though.
Got something to add? Shoot! I'll listen.

Thank you so much. The VPN thing I didn't know about how to do it until now. T-Mobile restrict access to my PC unless I'm connect it by usb. I will try this and see how it works as I rather use my phone as a router for tethering over the air instead of USB.
Sent from my Atrix HD using Carbon rom and XDA 4 Premium

SVLAN said:
Thank you so much. The VPN thing I didn't know about how to do it until now. T-Mobile restrict access to my PC unless I'm connect it by usb. I will try this and see how it works as I rather use my phone as a router for tethering over the air instead of USB.
Click to expand...
Click to collapse
Wi-Fi tethering + OpenVPN can be a bit of a security risk if you're using WEP, and someone who knows what they're doing is nearby with the right tools. Be careful.

ArghArgh200 said:
Wi-Fi tethering + OpenVPN can be a bit of a security risk if you're using WEP, and someone who knows what they're doing is nearby with the right tools. Be careful.
Click to expand...
Click to collapse
thanks but as a network cracker myself i dont see this coming.lol

Oh.
Oh, another tip for T-Mo: they check by browser user-agent, and only have regexps for .*win%d%d.* and .*windows.* (Probably other stuff too), so if you switch your browser UA to "Linux Desktop", or strip it completely you might be fine.

Related

Real Tethering via Bluetooth!

Disconnect from #android on freenode figured out how to get bluetooth tethering to work. It requires root access of course.
http://www.gotontheinter.net/node/515
Enjoy!
BTW, I just tried and this *does* work for windows. Once you run the pand command on the phone, then go back to your computer and right click on the bluetooth icon in the system tray and select "Join a Personal Area Network". Then click "Refresh" in the dialog that pops up, then select the G1 and click connect.
Now you should have a "Bluetooth Network Connection", and you have to set it up with a static ip like Disconnect's post describes.
Wow the Real Hacking is started !
Rock and Roll!
That's pretty nice
Will wait for the DHCP version though, and I am still hoping for a USB way to do it, since Server 2008 and Bluetooth is a nightmare >.<
I keep getting read-only errors when copying into /system/xbin. I've remounted /system as read-write too. (RC30 v1.2)
And if I try to execute pand from /sdcard, I get Permission Denied errors.
Any thoughts, anyone?
The /system/xbin folder is a mounted cramfs image. So is /system/modules. Cramfs is a readonly file system.
I had to use cramfs to compress those two folders because it wouldn't all fit in /system otherwise.
If you really want to add/change something, unmount the folder, and you'll see an xbin.cramfs file in the folder instead. Download that to your computer and use the tools provided by the cramfs project to extract and repack it. Keep in mind the space limitations in /system. There isn't much space left at all
When I run this, the network interface bnep0 isn't created. Here's what happened:
I modified the tether script over in the iptables thread to load the bnep.ko module and run pand, etc.
When I ran my new script, I got an error because I forgot to set the execute permissions on pand. So, I changed the permissions.
Before I went to run the script again, I wanted to get back to my original state, so I tried to 'rmmod bnep'. That failed. I ran 'ps', and saw this process: kbnepd bnep0. I tried to kill it, which didn't work. I turned off BT from the UI, and the process ended. Then I did an rmmod bnep, and it worked.
I re-enabled BT from the UI, and went to run my script again. This time I got a new error and discovered it came from ifconfig. Sure enough, if i run 'busybox ifconfig -a' there is no interface named bnep0. When I did a 'ps' there was no longer this process called kbnepd bnep0.
I have rebooted the phone several times, recopied the module, and even upgraded to JF's v1.2 ROM (from v1.1). Still, whenever I do an 'insmod pathtomodule/bnep.ko', no network interface is created (there are no errors that output to the screen either and 'rmmod bnep' works as well with no errors).
Any ideas?
P.S. In the "Wireless controls" UI, when you tap the Bluetooth checkbox, does the text below remain "Select to turn on Bluetooth" when BT is enabled?
jbruer said:
When I run this, the network interface bnep0 isn't created.
Click to expand...
Click to collapse
Doh... the network interface isn't created until pand gets an incoming connection. pand has an option to run a script when the interface comes up, so I'll try to use that to run the rest of my setup script.
FYI..
I played around with this setup today and the adhoc-wifi tethering is much easier to setup and a lot faster.
Tethering via bluetooth I was only seeing about 70Kb/s, while Tethering via wifi I'm seeing 300+Kb/s.
Not sure if this is a bluetooth issue or what, but getting the bluetooth connection up and running is a pain in the ass compared to adhoc wifi.
Like others have stated, you have to start the pand service(also make sure in bluetooth settings the g1 is discoverable, only lasts 120 seconds) once the connection is established you can complete the other setups...
Hey, thanks for the tip about the calling the script. The connection speed sucks, but at least the setup is easier.. You still need to turn on bluetooth, and make it discoverable so windows can see the NAP and connect to it..
Here's my setup: I use dsnmasq for DHCP...
(blue.sh)
#!/system/bin/sh
insmod /data/local/bin/bnep.ko
/data/local/bin/pand --listen --role NAP --devup /data/local/bin/blue2.sh
(blue2.sh)
#!/system/bin/sh
ifconfig bnep0 192.168.2.1 netmask 255.255.255.0
ifconfig bnep0 up
/data/local/bin/iptables -F
/data/local/bin/iptables -I INPUT -s 192.168.2.254 -j DROP
/data/local/bin/iptables -I FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
/data/local/bin/iptables -I FORWARD -s 192.168.2.0/24 -j ACCEPT
/data/local/bin/iptables -I FORWARD -s 192.168.2.254 -j DROP
/data/local/bin/iptables -P FORWARD DROP
/data/local/bin/iptables -t nat -I POSTROUTING -s 192.168.2.0/24 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
/data/local/bin/dnsmasq -x /data/local/bin/dnsmasq.pid
parrothd said:
FYI..
Tethering via bluetooth I was only seeing about 70Kb/s, while Tethering via wifi I'm seeing 300+Kb/s.
Click to expand...
Click to collapse
Can anyone else reproduce this? (FYI it will share a wifi link but unfortunately, I'm in EDGE and my wifi is WPA2 .. so my wifi connectivity only lasts 5-10 seconds at a time, and edge is.. well.. edge..)
Disconn3ct said:
Can anyone else reproduce this? (FYI it will share a wifi link but unfortunately, I'm in EDGE and my wifi is WPA2 .. so my wifi connectivity only lasts 5-10 seconds at a time, and edge is.. well.. edge..)
Click to expand...
Click to collapse
I can confirm this. I'm in an EDGE area this weekend, so I tested by sharing a Wifi connection. Speedtest on the phone gave 4 Mbps down. Sharing over BT gave 89 kbps down. Also, when I ping the phone while connected to the PAN, I get latency around 30-50ms. Latency to google.com using the shared Wifi was around 250ms.
This may not be related, but if you look in the git for the Dream platform, init.trout.rc has this section: (http://android.git.kernel.org/?p=platform/vendor/htc/dream.git;a=blob;f=init.trout.rc;h=de41a72986890868b07d34c347245396be9f8f90;hb=HEAD)
Code:
64 service hciattach /system/bin/hciattach \
65 -n -s 115200 /dev/ttyMSM0 texas 115200 flow
66 user bluetooth
67 group bluetooth net_bt_admin
68 disabled
I know that hciattach is the BT service, and it appears that its creating a 115k baud serial port. The module we load emulates an ethernet adapter (bnep0), but I'm not sure if this serial device has any relation. Anybody around here know what the deal with this is?
Hmm. that's a good point. I'll play around with it a bit today and see if it's related
Just a quick update on this, google is working on a faster bluetooth driver, which will (automagically) make this faster too.
parrothd said:
Hey, thanks for the tip about the calling the script. The connection speed sucks, but at least the setup is easier.. You still need to turn on bluetooth, and make it discoverable so windows can see the NAP and connect to it..
Here's my setup: I use dsnmasq for DHCP...
...
/data/local/bin/dnsmasq -x /data/local/bin/dnsmasq.pid
Click to expand...
Click to collapse
WOW! Nice job. Could you please put your compiled dnsmasq somethere?
Strange thing. I setuped everything. Seeing iface on my phone via busybox ifconfig. Phone could ping himself via it's bluetooth IP.
Also PC could itself. Ifaces up and active on both sides.
But on PC I am having 0 recieved packets thru virtual bluetooth nic. While on phone i am having both RX and TX. And funny thing what RX on phone is exactly equal to TX on PC. So actually connection working but only one way...
WTF is what? Haven't even idea which way to look into this problem. Anyone have any idea about that?
hmepas said:
WOW! Nice job. Could you please put your compiled dnsmasq somethere?
Click to expand...
Click to collapse
i didn't compile it, but it's available in the iptables thread, if you can't find it I'll post it, having said that, you can also use udhcpd from busybox as well...
parrothd said:
i didn't compile it, but it's available in the iptables thread, if you can't find it I'll post it, having said that, you can also use udhcpd from busybox as well...
Click to expand...
Click to collapse
Oh thanks. I found it easily.
Btw could explain those two lines in your script:
Code:
/data/local/bin/iptables -I INPUT -s 192.168.2.254 -j DROP
/data/local/bin/iptables -I FORWARD -s 192.168.2.254 -j DROP
any secret here? for me those lines is complete useless. Or it's just your local issue which you didn't clean up before publishing script?
They're not needed, but you may want them.
dnsmasq and probably busybox udhcp will only start if you have at least 1 ip available for DHCP assignment(as far as I can tell).
This allows anyone to connect to your G1 mobile when in ad-hoc wifi mode and get access to the internet. Probably something you don't want to allow, with the limited speed and caps.
I use dnsmasq to staticly assign my laptop 192.168.2.30(cux I'm lazy and don't want to manually assign my IP), while assigning everyone else that connects to my G1 IP 192.168.2.254 which I then drop all access via iptables, so they have no access.
If you can figure out how to get dnsmasq or busybox udhcp to provide only static IP assignments then this is not needed...
My dnsmasq.conf changes..
# Uncomment this to enable the integrated DHCP server, you need
# to supply the range of addresses available for lease and optionally
# a lease time. If you have more than one network, you will need to
# repeat this for each network on which you want to supply DHCP
# service.
dhcp-range=192.168.2.254,192.168.2.254,30m
# Always allocate the host with ethernet address 11:22:33:44:55:66
# The IP address 192.168.0.60
dhcp-host=00:13:ce:b7:a8:0e,192.168.2.30
I found that if you set the lease time to 0, dnsmasq will not assign an IP address unless it's statically assigned. You still should setup some filtering to keep people of your network, but most users won't bother trying to figuring that out.
# Uncomment this to enable the integrated DHCP server, you need
# to supply the range of addresses available for lease and optionally
# a lease time. If you have more than one network, you will need to
# repeat this for each network on which you want to supply DHCP
# service.
dhcp-range=192.168.2.254,192.168.2.254,0

[REQ] Reverse wired tethering

Before i start i want to let people know YES I DO HAVE A WIRELESS ROUTER!! So please do not respond telling me to just go buy a router.
REQUEST - Reverse wired tethering. I.E. Sharing PC's iNet connection with your phone via USB.
REASON - My university's wireless is locked down and does not allow mobile phones, pda's to connect up to our wireless without submitting MAC for approval. Looking to sync certain apps without using my data connection.
I dont know if anyone has played around with trying to get this working or not. I know its a small market of people who may be interested in this, but for certain places (CANADA) where data charges are WAY to expensive this could be handy for students at UNI where wireless is not an option.
get a second wifi adapter on your laptop, and share your uni wireless network connection with the second wifi adapter. Use a hidden SSID, then no one will know what is going on
This was asked a couple of times before here and I remember people saying you couldn't reverse the tethering.You could try though.
alexperkins said:
get a second wifi adapter on your laptop, and share your uni wireless network connection with the second wifi adapter. Use a hidden SSID, then no one will know what is going on
Click to expand...
Click to collapse
Thats a good idea xD
Hey guys,
I have been trying to find a way to do this for a long time.
The best solution i have found (actually the only solution) is Connectify. The only downside is you must have Win7.
What it does is turns your wifi adapter into a HotSpot, even if you are using wifi to get the net in the first place. Its a great tool and should be what your after.
http://www.connectify.me/
memphisraynz said:
Hey guys,
I have been trying to find a way to do this for a long time.
The best solution i have found (actually the only solution) is Connectify. The only downside is you must have Win7.
What it does is turns your wifi adapter into a HotSpot, even if you are using wifi to get the net in the first place. Its a great tool and should be what your after.
http://www.connectify.me/
Click to expand...
Click to collapse
thank you so much for this
Your best solution is the WiFi adapter. You could most likely get away with a SOCKS proxy over USB, possibly using adb, but it would be complicated, unstable, and messy.
I still don't know you just don't use your wireless router. I assume they have wired. Clone your PC's mac address and hook it up. Universities are retarded with that crap. They have the worst networks and security.
If no wired, then what podunk place is it? haha
Even if they had only wireless , you could set up a wlan client and repeat it. DDWRT, etc, ftw.
Just get backtrack for your laptop and spoof your mac to all 0 then grab connect to the network at your school the spoofed mac will allow you to browse so long as no other encyption is on the network such as WEP or WPA.
then you can try to flood all the ports on the network so no one else can connect then spoof your phones mac by conneecting to your laptop through wireless as an adhoc connection and while staying connected through adhoc load a second server through the same wireless network card and you can connect to the achools network again. and walla...
death1246 said:
Just get backtrack for your laptop and spoof your mac to all 0 then grab connect to the network at your school the spoofed mac will allow you to browse so long as no other encyption is on the network such as WEP or WPA.
then you can try to flood all the ports on the network so no one else can connect then spoof your phones mac by conneecting to your laptop through wireless as an adhoc connection and while staying connected through adhoc load a second server through the same wireless network card and you can connect to the achools network again. and walla...
Click to expand...
Click to collapse
so simple, i dunno why i didnt think of that. thanks! lol
Well its quit simple once you learn your way around linux...
If you have any experience with *nix, you may want to look at Cyanogen's original usb tether shell script:
http://github.com/cyanogen/android_vendor_cyanogen/blob/master/bin/usb-tether
Basically you could use the internet connection sharing function that comes with all popular OSes and access your uni's network on your phone. You must have Cyanogen mod or another mod using his kernel. Not yet working on OSX for some reason. Tested under Windows 7.
First you'll need to figure out what IP address range your computer's DHCP server is using. This is normally fixed for each OS. For Windows 7, it's always 192.168.137.0/24.
For OSX or Linux, you can setup connection sharing (for some other connection because we don't have the USB interface yet) and ifconfig.
Second is to enable the USB connection on the phone's side. Type the following command in any console program, like Connectbot. (You must use a console program as opposed to adb because you will lose USB debugging once the USB network interface is enabled.)
Code:
su
cd /sys/devices/virtual/net/usb0
ifconfig usb0 192.168.137.200 mask 255.255.255.0
echo 1 > enable
The first line makes you the superuser. (Skip if the command prompt is #)
The second line land you in usb0's directory under sys. We'll need to type the disable command later, so it's easier if we're here.
The third line brings up the virtual usb network interface and sets its IP address.
The IP address should be in the same network (i.e. IP address range) you obtained in step 1. Say if the original is 192.168.137.1 in a /24, you can use 192.168.137.2 through 192.168.137.254
This actually enables the usb interface.
You will now see a new network adapter is recognized by your computer. Set up connection sharing to share your internet TO that adapter.
Make sure you have connection by pinging your computer from your phone.
For example:
ping 192.168.137.1
Now you'll have to change the routes so traffic go through the USB cable instead of the mobile network.(# is the command prompt, do not enter)
# busybox route
check the line starting with "default". Write down the ip address after it; call it IP1.
# getprop net.dns1
Call the IP returned IP2.
Code:
busybox route del default gw IP1
busybox route add -host IP2 rmnet0
busybox route add default gw 192.168.137.1
The first line deletes the old default route via the mobile network.
The second line adds an "exception" for your carrier's DNS server.
The third line adds the new route via USB. You should replace the address at the end with the IP address from the first step.
Your network should be working now. Test by visiting some website that is only available on campus or by traceroute.
You must make sure the mobile network is always connected though. This is because domain names are still resolved by your mobile carrier. If you ever lose your mobile connection, the routing table will be changed as well.
To disconnect:
Make sure you're still in /sys/devices/virtual/net/usb0.(Use pwd if unsure.)
Code:
netcfg usb0 down
echo 0 > enable
The usb interface will disappear on your computer.
Now switch the phone to airplane mode and back to re-enable mobile network.
The disconnect step should always restore your phone's state.
// This is written at 3am, so use it at your own risk...
help?
look at this
http://superuser.com/questions/91699/spoof-mac-address-from-ip-command
bg
It's really sad that Android can't reverse tether. If you want to use your laptop's AdHoc connection you have to do serious hacking to the tiwlan.ini and the wpa_supplicant.conf. There is no way to connect via bluetooth ar USB.
I'm seriously considering WP7 now for my next OS of choice... A nd for everyone saying "go buy a router" - go buy a router and stick it up your .... nose.
Hi,
I have the same problem. No WiFi in my work and no WiFi in my current home (a Resident Hall). There's no possibility to buy a WiFi router, of course. I tried to hack the system to connect ad-hoc networks but it didn't work.
I have found some interesting resources:
sluniverse.com/php/vb/blogs/psyke+phaeton/1042-making-android-phone-use-your.html
letsgoustc.spaces.live.com/blog/cns!89AD27DFB5E249BA!877.entry
I have a HTC Magic with the ADP-DRC83 hacked ROM with Usb tethering integrated. But usb0 interface in the mobile is configured to provide Internet connection (as gateway) to the PC, not the reverse functionality: connecting the mobile to Internet through the PC. So, all I need is to change the gateway in Android and then configure a NAT-DNS in my linux PC (easy with iptables and dnsmasq). But, I don't know how automatize the process exactly.
digitaljeff said:
but for certain places (CANADA) where data charges are WAY to expensive this could be handy for students at UNI where wireless is not an option.
Click to expand...
Click to collapse
Wind will be launching in vancouver soon.
$35 unlimited data.
Silly ragin' cajun.
Ok, now it works. Here it's my procedure for a HTC Magic (Sapphire) without any APN previously configured from Telecom provider and ROM CSDIv4.
In the mobile by using Better Terminal:
Code:
su
cd /sys/devices/virtual/net/usb0
echo 1 > enable
ifconfig usb0 192.168.2.2 mask 255.255.255.0
busybox route add default gw 192.168.2.1
setprop net.dns1 8.8.8.8
In the linux computer:
Code:
sudo sysctl -w net.ipv4.ip_forward=1
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sudo iptables -A FORWARD -i usb0 -j ACCEPT
sudo ifconfig usb0 192.168.2.1 netmask 255.255.255.0
Android Market downloads and location service don't work but I think is possible if you switch on the WiFi.
Update: Syncronization, Android Market downloads and location service don't work even the WiFi antenna is switched on. I have added the iptables commands also.
Well gosh, reverse wireless tethering is so much simpler
There are another similar thread: http://forum.xda-developers.com/showthread.php?t=522498

Tethering

Has anyone tried any of the wired tethering apps like easytether or pdanet?
Pdanet free works great on my DI
-------------------------------------
Sent via the XDA Tapatalk App
mikewanda1971 said:
Pdanet free works great on my DI
-------------------------------------
Sent via the XDA Tapatalk App
Click to expand...
Click to collapse
I have tried Easytether on Windows 7. It connects but cant get to the internet. I checked the developers web site and their solution was to disconnect all other network connections to get it to work. Since I have a need to keep my network connection as well as a tethered internet connection, I went with PDANET.
So far PDANET has been stable and it works well. I did have to manually adjust my routing table and add a few persistent routes because local traffic that should go to my network card was being routed to PDANET instead (file servers, intranet addresses, etc.).
bishop0114 said:
I have tried Easytether on Windows 7. It connects but cant get to the internet. I checked the developers web site and their solution was to disconnect all other network connections to get it to work. Since I have a need to keep my network connection as well as a tethered internet connection, I went with PDANET.
So far PDANET has been stable and it works well. I did have to manually adjust my routing table and add a few persistent routes because local traffic that should go to my network card was being routed to PDANET instead (file servers, intranet addresses, etc.).
Click to expand...
Click to collapse
When I finally get mi D.I. I was going to root it (when root is available) for wifi tether, thats pretty much all I wanted root for, but if i can use an app to do that (only wired) then there's really no need for ME to root.
So would you recommend pdanet?
i have used pdanet for blackberry and android. Works great, free, after trial is over, secured connections are not allowed I believe.
This Post is being done over a pdanet tethered connection!!! straightforward no BS.. and free..!!
1wingangel said:
Has anyone tried any of the wired tethering apps like easytether or pdanet?
Click to expand...
Click to collapse
I have used easy tether and works perfect, pdanet did not work for me.
PDANet works great for me!
PDANet works great for me!!!
If you are on Ubuntu, proxoid works well. I googled my rear off to figure it out.
First dl proxoid from market. Then You need to enable usb debugging on the phone. Then download and untar adb. Next go to system>preferences>network proxy, and set the manual field to localhost:8080. You need to tell firefox to use system proxy settings edit>preferences(advanced tab)(network tab) settings button> radiobutton use system settings.
The rest I wrote scripts for:
tether.sh
Code:
#!/bin/bash
echo "is proxoid running?"
cd /home/$USER/Downloads/android-sdk-linux_86/tools
./adb kill-server
./adb start-server
./adb devices
./adb forward tcp:8080 tcp:8080
cd /home/$USER
sh /home/$USER/proxyup.sh
proxyup.sh
Code:
#!/bin/bash
gconftool-2 --set /system/proxy/mode --type string manual
gconftool-2 --set /system/http_proxy/use_http_proxy --type bool true
untether.sh
Code:
#!/bin/bash
echo "Turn off proxoid if you like"
cd /home/$USER/Downloads/android-sdk-linux_86/tools
./adb kill-server
sh /home/$USER/proxydown.sh
proxydown.sh
Code:
#!/bin/bash
gconftool-2 --set /system/proxy/mode --type string none
gconftool-2 --set /system/http_proxy/use_http_proxy --type bool false
for the life of me I can't get the tether/untether scripts to do their related proxy switch, I tried adding the commands, and also running the script within a script with
Code:
sh /home/$USER/proxyup.sh
Does anyone have an idea how they could be merged?
Edit Never mind, if figured it out.
You can tether over dun too without those apps.
You can also WiFi tether in a way too if you have a laptop to act as the WiFi access point. Tether the phone with usb to the laptop. Use ics to share that connection with your firewall off. Setup an adhoc connection on the laptop to allow ipods and such to get on the net.
Many things are possible if you are creative enough.
Forgive me if this is a completely noob question but I figured a thread on tethering would be an appropriate place for this. Whenever I connect to my PC I see an option for "Mobile Broadband Connect." I never bothered to click on that and see what it does. I imagine its some form of tethering. Is it the Verizon paid type of tethering? Anyone care to shed some light?

[FIXED] Adhoc working without any file editing !!!

Just tried this out and it connected to my laptop adhoc wireless fine. Wish the rom creators will put this in their builds...
http://forum.xda-developers.com/showthread.php?t=754961
Use the one at the bootom of the page as it has a newer wpa_supplicant 0.6.10
Sounds great, have to try this out!
why would we need this when we have the HTC mobile hotspot app?
neowlchaz said:
why would we need this when we have the HTC mobile hotspot app?
Click to expand...
Click to collapse
Mobile hostpot is to use the desire's wifi as a hotspot for connecting *other* devices to use the 2g/3g network.
This is for connecting the desire to a adhoc network like the wifi network on your laptop. Some laptop wifi cards for example can set them selves into AP mode so they are a true access point and the desire can connect to it, however most cards don't support that mode (well mine doesn't anyhow) so you need to create a ad-hoc network on your laptop that ultimately routes out to the internet via your wired network connection. This is where the desire cannot connect to that ad-hoc network without this 'hack'.
When you are roaming this is invaluable with extortionate roaming data charges so this is a way to reuse your wired connection on your laptop as a gateway for your desire. It's in effect a reverse hotspot.
Wonderful!!!!!
Finally!!!!I'm searching it from a lot of time!!!!
Now all works wonderful!!!
Thanks a lot to all!!
Sent from my HTC Desire using Tapatalk
I noticed that the binary in the link above was for an older wpa_supplicant (0.5.11) and Desire and the new froyo's are on 0.6.10 of wpa_supplicant so i repatched and compiled.
For those with the writeable /system hack, just disable wifi, push this on your /system/bin and reenable wifi. Else push this at recovery time
Code:
adb push wpa_supplicant /system/bin/
I also changed the "(*)" prefix for adhoc networks as i didn't like the look of the wifi list so now it's changed to "(adhoc)" suffix for adhoc networks it sees.
Diff and binary attached below.
daveba said:
so i repatched and compiled.
Click to expand...
Click to collapse
Why not provide as Update.zip ? Thanks!
daveba said:
I noticed that the binary in the link above was for an older wpa_supplicant (0.5.11) and Desire and the new froyo's are on 0.6.10 of wpa_supplicant so i repatched and compiled.
For those with the writeable /system hack, just disable wifi, push this on your /system/bin and reenable wifi. Else push this at recovery time
Code:
adb push wpa_supplicant /sytem/bin/
I also changed the "(*)" prefix for adhoc networks as i didn't like the look of the wifi list so now it's changed to "(adhoc)" suffix for adhoc networks it sees.
Diff and binary attached below.
Click to expand...
Click to collapse
Thank you, it seems to work, but no possibility to set a protection on the wifi, no ask for password...
Orphee said:
Thank you, it seems to work, but no possibility to set a protection on the wifi, no ask for password...
Click to expand...
Click to collapse
Strange, works for me. I've set up a WEP on my linux lappie wifi card and it works fine and pops up the password dialog.
bleh815 said:
Why not provide as Update.zip ? Thanks!
Click to expand...
Click to collapse
Ok, try this
daveba said:
Strange, works for me. I've set up a WEP on my linux lappie wifi card and it works fine and pops up the password dialog.
Click to expand...
Click to collapse
I tried WPA AES ...
daveba said:
Ok, try this
Click to expand...
Click to collapse
Kudos 10char
Orphee said:
I tried WPA AES ...
Click to expand...
Click to collapse
http://www.sprintusers.com/forum/archive/index.php/t-195868.html
try tkip ?
Can anyone post a complete guide what to do in my desire and what to do in my pc using WinXp or Win7.
*With Ad-hoc I can share my internet connection from notebook with desire and inverted ?
daveba said:
http://www.sprintusers.com/forum/archive/index.php/t-195868.html
try tkip ?
Click to expand...
Click to collapse
WPA AES works well in AP mode (I can switch my PCI can into AP mode)
Orphee said:
WPA AES works well in AP mode (I can switch my PCI can into AP mode)
Click to expand...
Click to collapse
Strange, then this must be a generic bug with ad-hoc networks (i.e. not something this patch/hack has introduced) so you will see the same results if you edit the wpa_supplicant.conf files manually correct ? It looks from this that adhoc supports only open or WEP encrypted network (in wifi tether too you can only use WEP). See the thread here:
http://forum.xda-developers.com/showthread.php?p=7726880
Lior84 said:
Can anyone post a complete guide what to do in my desire and what to do in my pc using WinXp or Win7.
*With Ad-hoc I can share my internet connection from notebook with desire and inverted ?
Click to expand...
Click to collapse
Yeah I need that too. I have gone through the thread but I didnt understand how to go about connectiong my HTC Desire to my laptop's internet...Pls help!
tochie009 said:
Yeah I need that too. I have gone through the thread but I didnt understand how to go about connectiong my HTC Desire to my laptop's internet...Pls help!
Click to expand...
Click to collapse
Flash the zip provided in the thread, and google 'windows setting up adhoc network'
Ensure not to choose WPA2-AES key for the password, but a WEP password. Then select wifi networks on your phone and choose your network and put in the password you selected.
For linux it's easy too. First disable wifi scanning on your applet in the top right as you want to disable it as a client and make it as a server. So as root do this (assuming your wireless interface is called wlan0) and want to create a network on 10.0.0.x
Code:
DEV=wlan0
iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
echo 1 >/proc/sys/net/ipv4/ip_forward
ifconfig $DEV down
iwconfig $DEV essid 'Laptop WiFi'
iwconfig $DEV mode ad-hoc
iwconfig $DEV key s:mykey
ifconfig $DEV 10.0.0.1 netmask 255.255.255.0
/usr/sbin/dnsmasq --dhcp-range=10.0.0.2,10.0.0.10 -x /tmp/dnsmasq-$DEV.pid -i $DEV
Thank you very much for this hack, Daveba! Don't really need this as of now, but could be handy in the future. One, probably silly question, does it have any negative impact when connecting to a standard Wi-Fi router, or it just provides additional functionality?
Hopefully we can see this included in various Roms soon.
Good day!
Sent from my DynaTAC 8000X.
phunkycow said:
Thank you very much for this hack, Daveba! Don't really need this as of now, but could be handy in the future. One, probably silly question, does it have any negative impact when connecting to a standard Wi-Fi router, or it just provides additional functionality?
Hopefully we can see this included in various Roms soon.
Good day!
Sent from my DynaTAC 8000X.
Click to expand...
Click to collapse
Well please don't credit me with the work. As noted in the first post, the initial patch was released for an older version of wpa_supplicant. I've just updated it for wpa_supplicant 6 and changed some aesthetics on the wifi list page on the phone. Remember again this is a hack and should really be inherently supported by the OS. I suggest people read issue 82 and star the issue for greater visibility.
I would like to know if anyone sees any negative impact with this hack. The only thing i see is that the phone doesn't automatically disconnect from the ad-hoc network if i take it down on my laptop or i move away from the signal range. It will drain the battery if not manually disconnected. This is a small 'bug' for what (in my opinion) is such a hugely important function. Hell even the iphone, the nokia E71, etc can do this out of the box and i get laughed at at work (until now).

Solution to Tethering + OpenVPN issues on KitKat/4.4

I was previously using a stock rooted Nexus 4 (with 4.3) with "OpenVPN Connect" (net.openvpn.openvpn) and android built-in wifi tethering to tunnel tethered clients through the OpenVPN connection. This required some iptables modifications but worked fine.
With a stock rooted Nexus 5 (with 4.4.0) and OpenVPN Connect 1.1.12, this stopped working and that was really annoying.
Part of the issue was the one described here
But it was more complicated. It seems that there are routing table issues that I had to research a bunch.
Here are the iptables commands that I already had to run even on the Nexus 4 (with 4.3), which I got from here
Code:
iptables -t filter -F FORWARD
iptables -t nat -F POSTROUTING
iptables -t filter -I FORWARD -j ACCEPT
iptables -t nat -I POSTROUTING -j MASQUERADE
These (above) are somewhat liberal firewall rules that you may what to refine for more security.
But below are additional routing entries that I needed to add specifically for the Nexus 5 (with 4.4.0). They force tethered clients to route through the VPN, unless their traffic is a broadcast or designated for the wifi LAN. Those exceptions are required for DHCP to work on the tethered client. They assume the tethered LAN is 192.168.43.XYZ and the OpenVPN interface is tun0.
Code:
ip rule add from 192.168.43.0/24 lookup 61
ip route add default dev tun0 scope link table 61
ip route add 192.168.43.0/24 dev wlan0 scope link table 61
ip route add broadcast 255.255.255.255 dev wlan0 scope link table 61
This seems to all work best if I start OpenVPN after activating tethering, not before.
I'm not entirely clear whether this is a result of some change/bug in KitKat, or an incompatibility in "OpenVPN Connect", or both. I wonder if it would work ok with other OpenVPN clients like "OpenVPN for Android" (de.blinkt.openvpn)
Other Notes:
* Server is OpenVPN 2.3.2
* Server has this line set in its config:
Code:
push "redirect-gateway autolocal def1"
Running android 4.4.2 google stock image with SuperSU on LG Nexus 4. These routing commands worked great and allowed me to tunnel all WiFi tethered traffic through my VPN. Thanks for figuring this out it was bugging me!
Im stock 4.4.2 no root or anything just pure stock i download install openvpn from google play and imported my config files click connect then open PDAnet connect and the Ip is changed.
OK, so I'm having a bit of trouble understanding and implementing the fix for my nexus 5. I've already got WiFi tethering working through the sqlite db fix but now I can't get my connection to work when my VPN (PIA official app) is broadcasting. These commands you're sending, are they done on the phone terminal or computer and is that EXACTLY how theyre being entered. For rules in red where would I find the IP I would use. Thanks guys Id really appreciate any help given.
Worked!
scootley said:
This seems to all work best if I start OpenVPN after activating tethering, not before.
Click to expand...
Click to collapse
Thanks scootley! These worked me on 4.3. I activated my hotspot before OpenVPN, but I used
Code:
iptables --flush
first before entering your commands. Seems to help. My OpenVPN server config also has the following in addition to push redirect:
Code:
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "redirect-gateway autolocal def1"
Jrock2t5 said:
OK, so I'm having a bit of trouble understanding and implementing the fix for my nexus 5. I've already got WiFi tethering working through the sqlite db fix but now I can't get my connection to work when my VPN (PIA official app) is broadcasting. These commands you're sending, are they done on the phone terminal or computer and is that EXACTLY how theyre being entered. For rules in red where would I find the IP I would use. Thanks guys Id really appreciate any help given.
Click to expand...
Click to collapse
These commands are entered on the phone. You can download Terminal Emulator or something similar through the app store.
First make sure you're connect to your hotspot from your computer. Next, let's find your local IP address. Here are the instructions for Windows:
Click on the Start menu and type cmd. When you see the cmd applications in Start menu panel, click it or just press enter.
A command line window will open. Type ipconfig and press enter.
You'll see a bunch of information, but the line you want to look for is "IPv4 Address." The number across from that text is your local IP address.
Here's how to do the same thing on a Mac:
Open System Preferences (via the Apple menu at the top lefthand corner of your screen).
When System Preferences opens, click on the icon labeled Network.
You should see a few options on the left with labels like Wi-Fi, Ethernet, Bluetooth, etc. The ones with green dots have IP addresses assigned to them. Click the one on top (if it isn't already selected) and look to the right. There should be a sentence that reads something like "Wi-Fi is connected to Chocolate and has the IP address 192.168.1.102." The number at the end of that sentence is your local IP address.
Thanks for this thread, I've nearly got tethering working through Private Internet Access/Open VPN.
When running the commands
Code:
ip rule add from 192.168.43.0/24 lookup 61
ip route add default dev tun0 scope link table 61
ip route add 192.168.43.0/24 dev wlan0 scope link table 61
ip route add broadcast 255.255.255.255 dev wlan0 scope link table 61
i get an error "RTNETLINK answers: File exists"
I tethered up while connected to the VPN and could ping out to external IP addresses but no DNS resolution. So in my windows settings I manually specified DNS settings and can now browse the web through the VPN on my Galaxy s4!
But how do I fix the DNS issue? I want the clients that connect to pick up the DNS settings that actually work, without having to manually specify.
Thanks for any help
Vpn problem
Hi I havent tried the above options..yet
I have a sgs3 sgh-t999 . a comercial vpn account with the xxx.ovpn cert files.
after getting the details entered into open vpn and importing the cert file all is good untill I go to connect [see attachment]
phone is v4.3, baseband mjc, kernel v 3.0.31, rom S3rx v3.0 1-27-14
any suggestions on how to proceed?
RXP said:
Thanks for this thread, I've nearly got tethering working through Private Internet Access/Open VPN.
When running the commands
Code:
ip rule add from 192.168.43.0/24 lookup 61
ip route add default dev tun0 scope link table 61
ip route add 192.168.43.0/24 dev wlan0 scope link table 61
ip route add broadcast 255.255.255.255 dev wlan0 scope link table 61
i get an error "RTNETLINK answers: File exists"
I tethered up while connected to the VPN and could ping out to external IP addresses but no DNS resolution. So in my windows settings I manually specified DNS settings and can now browse the web through the VPN on my Galaxy s4!
But how do I fix the DNS issue? I want the clients that connect to pick up the DNS settings that actually work, without having to manually specify.
Thanks for any help
Click to expand...
Click to collapse
1) RTNETLINK answers: File exists
This just means you already ran the command before during this reboot session and it's saved into the route table. If you restart your phone, and run the commands again, it will go through first time, but repeated commands will yield same error. Should be normal. Table clears on reboot.
2) Please see the thread at http://forum.xda-developers.com/galaxy-s2/help/solved-wifi-hotspot-issue-samsung-t1689242
It seems like in order for OpenVPN DNS push to work, you have to change your APN settings on your phone to have it automatically register and push out to your other devices. I had the same problem and came across this during a search.
Massive thanks to the OP for posting this here and to everyone helping out in this thread.
The above rules route wifi tethered traffic via the vpn but I was wondering if there are similar rules to route usb tether too?
Cheers
It seems to work once, but when Data connection is lost or openvpn reconnects, wifi tathering stops working, need to do everything again (switch all off, connect to 3G, vpn, create wifi hotspot and apply fix script). And somehow DNS doesn't work. Tryed on Galaxy S5, LG L70, both on 4.4.2
But in general, this workaround is working, just needs a little bit of tweaking
This is fantastic.
For those of you using VPN on your phone as well, does it seem to stay connected? My VPN (OpenVPN) was flawless on 4.3 ... I mean smooth as ice with no disconnects.
When I upgraded to Kitkat, I wanted to immediately hide in a hole from embarrassment. Only after trying to connect and stay connected did I start to read around to check what the heck was going on. Biggest mistake ever. But then again, who would have thought right? I mean come on...who would have thought it would make using VPN a nightmare after an update that's suppose to be improved? Whatever...
Anyhow, lesson learned. Now I'm waiting desperately for someone to figure out how to downgrade from 4.4 back to 4.3 and/or to find a patch/fix for this issue so we don't have to run a script on every boot or reset.
At the end of the day, at least there is a solution thanks to folks like you. Kudos to the OP and everyone else who has contributed to the work around...for the time being lets hope...
:good:
For anyone interested, I played with the commands to have it work over a USB tether instead of Wifi. Why? Because my battery life stinks and this way my phone is charging also. What the heck. works great.
The only change was in the two spots where it has "wlan0" change them to "usb0". Another change was that the subnet of the USB connection is 192.168.42.0/24 (versus 192.168.43.0/24 on wifi). I get it working in this order:
1) reboot phone (to make sure to other lingering route tables are wiped out
2) turn off wifi
3) establish VPN connection
4) start USB tethering (and have your phone usb connected to your computer
5) After eveything is hooked up, open a terminal window, make sure you have superuser access (su) and execute the commands below. I just have them saved in a text file on my phone's sd card, copy them and just paste them all at once into the terminal window. Haven't figured out how to get this to run automatically using init.d (yet - assuming you can because upon phone reboot, I have to assuming that it will spit out errors because the tun0 and usb0 devices will not exist!)
iptables -t filter -F FORWARD
iptables -t nat -F POSTROUTING
iptables -t filter -I FORWARD -j ACCEPT
iptables -t nat -I POSTROUTING -j MASQUERADE
ip rule add from 192.168.42.0/24 lookup 61
ip route add default dev tun0 scope link table 61
ip route add 192.168.42.0/24 dev usb0 scope link table 61
ip route add broadcast 255.255.255.255 dev usb0 scope link table 61
Vpn api delete route joy downgraded
@grogargh
Have you tried Tasker, run shell
To run after booting [or from widget or otherwise]
http://forum.xda-developers.com/showthread.php?t=1110775

Categories

Resources