I have a computer connected to the Internet. I'd like to connect my rooted Nexus 5X to it, get internet on my mobile through USB (reverse tethering) and share it wirelessly creating a hotspot. The Nexus 5X is running the stock ROM, Android 6.0.1.
The computer with an Internet connection (let's call it gateway) is correctly configured to share internet to its usb0 interface.
Android is receiving internet (from the USB interface: rndis0) but only the command line applications are able to use it: I can download anything using busybox's wget, but the graphical apps (e.g. Google services - I don't have any other app installed ATM) cannot.
Android is also able to share the connection through its hotspot on wlan0, but it doesn't work properly: the devices connected to my mobile's WiFi (let's call them clients) can resolve hostnames and ping IPs on the Internet (thus ICMP and UDP packets are working), but cannot download anything (TCP connections are broken).
I tried to monitor the traffic on the gateway's usb0 and on a client's wlan0 while trying to download some HTTP data..
On the client's wlan0 I can only see the TCP SYN packets and nothing else, while on the gateway I see many ICPM, DNS (UDP) and ARP packets flying through, but nothing about the HTTP connection. Something unusual that I noticed is that the gateway sees some ICMP "Destination unreachable (Port unreachable)" packets going from android to my DNS server (8.8.8.8).
In order to configure Android to share Internet from rndis0 to wlan0 I did the following:
Code:
# flushing iptables
iptables -F
iptables -X
iptables -t nat -F
iptables -t nat -X
# forwarding (natting) the traffic
iptables -t nat -A POSTROUTING -o rndis0 -j MASQUERADE
iptables -A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i wlan0 -o rndis0 -j ACCEPT
I found some threads on the internet suggesting to set the IP address of the 3G interface on the mobile to 0.0.0.0 (this, if I understood correctly, should fool Android's graphical apps into believing there's internet, through 3G), but I couldn't find what interface would be the 3G one... The following interfaces are up (I believe also sit0 was up, but I pulled it down to experiment):
Code:
# # ifconfig | grep '^[^ ]'
dummy0 Link encap:Ethernet HWaddr 02:EF:5A:*CENSORED*
lo Link encap:Local Loopback
rmnet_ipa0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
rndis0 Link encap:Ethernet HWaddr 6A:EE:F8:*CENSORED*
wlan0 Link encap:Ethernet HWaddr 64:BC:0C:*CENSORED*
And the following are all the interfaces
Code:
# ifconfig -a | grep '^[^ ]'
dummy0 Link encap:Ethernet HWaddr 02:EF:5A:*CENSORED*
lo Link encap:Local Loopback
r_rmnet_data0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
r_rmnet_data1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
r_rmnet_data2 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
r_rmnet_data3 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
r_rmnet_data4 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
r_rmnet_data5 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
r_rmnet_data6 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
r_rmnet_data7 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
r_rmnet_data8 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
rmnet_data0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
rmnet_data1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
rmnet_data2 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
rmnet_data3 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
rmnet_data4 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
rmnet_data5 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
rmnet_data6 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
rmnet_data7 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
rmnet_ipa0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
rndis0 Link encap:Ethernet HWaddr 6A:EE:F8:*CENSORED*
sit0 Link encap:IPv6-in-IPv4
wlan0 Link encap:Ethernet HWaddr 64:BC:0C:*CENSORED*
No idea what the rmnet interfaces are; I tried to set the IP of rmnet_ipa0 to 0.0.0.0, but it seemed to have no effect...
Any clues?
Did you solve the problem?
I have the same problem. Apps doesn't work, only browser and cli
Related
This is used when you wish to share a wired ethernet connection from a laptop/desktop to the Transformer Prime via the USB cable.
Ethernet -> Laptop -> USB -> Transformer Prime
All shell commands are issued from your Debian system.
This assume that your ethernet interface is eth1. You can find out this way:
Code:
/sbin/ifconfig -a
On the Transformer Prime activate USB Tethering
Settings > Wireless & Networks > More > Tethering & portable hotspot > USB tethering
On your Debian GNU Linux system:
Code:
su
ifconfig eth1 0.0.0.0
ifconfig usb0 0.0.0.0
brctl addbr br0
brctl addif br0 eth1
brctl addif br0 usb0
ifconfig br0 up
dhclient br0
adb shell netcfg rndis0 dhcp
adb shell netcfg|grep rndis0
The final command should show your rndis0 interface with an IP address. Your Debian system will no longer have an IP for eth1, intead it will use br0
At this pont you should be able to browse the web from the Transformer Prime.
To shut down the bridge:
Code:
su
ifconfig eth1 down
ifconfig usb0 down
ifconfig br0 down
brctl delbr br0
ifconfig eth1 up
dhclient eth1
ifconfig eth1
You may now disable tethering on the Transformer Prime.
Script it
To make this easier you can simply put these commands in a bash script and execute the script.
Code:
# more tetheron
Code:
#!/bin/bash
# Enable reverse USB tethering
ifconfig eth1 0.0.0.0
ifconfig usb0 0.0.0.0
brctl addbr br0
brctl addif br0 eth1
brctl addif br0 usb0
ifconfig br0 up
dhclient br0
adb shell netcfg rndis0 dhcp
adb shell netcfg
Code:
# more tetheroff
Code:
#!/bin/bash
# Disable reverse USB tethering
ifconfig eth1 down
ifconfig usb0 down
ifconfig br0 down
brctl delbr br0
ifconfig eth1 up
dhclient eth1
Know issues:
network-manager in GNOME wants to control the ethernet interface. I found it easiest to disable it.
Code:
service network-manager stop
Note - All of this knowledge is freely available via google although I did not find a specific reference to the Transformer Prime and the rndis0 interface.
Fantastic!
You seem like a great candidate for my question lol
Is there any way we could do this same thing but from another Android device?
I would love nothing more than to be able to use my phone to USB tether to my Prime so that I can avoid using up all my battery broadcasting WiFi.
Now before I get flamed for a duplicate post, I have already searched this topic. I found 2 threads here, one of which has a few different methods, and a few others elsewhere on the net. I've tried all of them, literally. Every guide I could find relating to passing USB Tethered traffic through my phone's OpenVPN connection. I figure I must be doing something wrong somewhere in my iptables.
Some info about my setup:
Phone: Samsung Galaxy S5 - Rooted via Towelroot, SuperUser updated, RootCheck confirmed rooted
Interfaces from 'netcfg': wifi = wlan0, usb tether = rndis0, Cellular data = rmnet0, OpenVPN tunnel = tun0
VPN network = 10.0.1.0/24
USB Tethered network = 192.168.42.0/24
Wifi Tethered network = 192.168.43.0/24
LAN network (on other side of VPN) = 10.0.0.0/8
Firewall/OpenVPN server = pfSense
OS of Client attempting to connect through VPN = Windows 7
I am trying to use my phone as an OpenVPN gateway because I require a connection to my home network, and I have insufficient permission to install the OpenVPN client on the machine I am trying to connect back home with. Even though I cannot install the OpenVPN client/Tun/tap network interface, it does allow my phone's rndis interface to be installed.
And this is what I have tried so far:
iptables -- flush
iptables -A POSTROUTING -o tun0 -j MASQUERADE -t nat
iptables -A FORWARD -i tun0 -o rndis0 -m state --state RELATED,ESTABLISHED -j RETURN
iptables -A FORWARD -i rndis0 -o tun0 -m state --state INVALID -j DROP
iptables -A FORWARD -i rndis0 -o tun0 -j RETURN
And This:
iptables --flush
iptables -A POSTROUTING -s 192.168.42.0/24 -j MASQUERADE -t nat
iptables -A FORWARD -j ACCEPT -i rndis0 -o tun0
iptables -A FORWARD -j ACCEPT -i tun0 -o rndis0
Neither one seems to work. I tried the former earlier and couldnt tell if it worked or just screwed everything up, as I couldnt connect to anything on my home LAN or the internet.
Any help is greatly appreciated. I don't know if I need to add a rule on the pfSense firewall to handle traffic from 192.168.42.0/24 or not, I havn't seen that mentioned anywhere.
Hey, I know this is a little old, but did you get anywhere?
I'm too trying to get traffic from the tethered device to be routed via the phone's VPN connection.
Thanks
I have modified this script to make my wifi hotspot run through my VPN connection but every time my internet connection changes towers, or changes from LTE to 3G and vice versa, or my vpn disconnects and reconnects, this script has to be run again or my tethering activity stops going through my vpn. I think if I make this script loop every 10 seconds my problem will be solved (Not ideal I know, but I am desperately noobish). Does anyone know what to add to the script to make it loop with a timer? Or any suggestions for a better way to accomplish what I am trying to do?
iptables -t filter -F FORWARD
iptables -t nat -F POSTROUTING
iptables -t filter -I FORWARD -j ACCEPT
iptables -t nat -I POSTROUTING -j MASQUERADE
ip rule add from 192.168.1.0/24 lookup 61
ip route add default dev tun0 scope link table 61
ip route add 192.168.1.0/24 dev wlan0 scope link table 61
ip route add broadcast 255.255.255.255 dev wlan0 scope link table 61
Someone at stackoverflow answered my question.
Here is a working timer loop. Now my wifi hotspot through vpn is reconfigured when my network reconnects and cycles.
while sleep 10; do
iptables -t filter -F FORWARD
iptables -t nat -F POSTROUTING
iptables -t filter -I FORWARD -j ACCEPT
iptables -t nat -I POSTROUTING -j MASQUERADE
ip rule add from 192.168.1.0/24 lookup 61
ip route add default dev tun0 scope link table 61
ip route add 192.168.1.0/24 dev wlan0 scope link table 61
ip route add broadcast 255.255.255.255 dev wlan0 scope link table 61
done
The Android 4.4 device (radxa rock) in question has a broken ethernet socket due to forcing a slightly oversized plug in it.
Im replacement I have a Usb-ethernet dongle connected fairy successfully - using adb I can do stuff like:
netcfg eth0 down
netcfg eth1 up
netcfg eth1 dhcp
setprop dhcp.eth1.dns1 8.8.8.8
netcfg
lo UP127.0.0.1/8 0x00000049 00:00:00:00:00:00
eth0 DOWN 0.0.0.0/0 0x00001002 6e:47:fe:70:62:00
sit0 DOWN 0.0.0.0/0 0x00000080 00:00:00:00:00:00
ip6tnl0 DOWN 0.0.0.0/0 0x00000080 00:00:00:00:00:00
eth1 UP 192.168.1.101/24 0x00001043 00:0e:c6:c3:4b:2d
Click to expand...
Click to collapse
After this I can ping my local network from an adb shell:
ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=5.51 ms
Click to expand...
Click to collapse
But external pings fail.
My question is how can I get the ethernet interface recognised in the Android 4.4 Setup app? What I see there is no IP address or other parameter populated.
Ideally I would like to disable the on-board eth0 hardware.
Thanks
I try to get internet on my phone from my computer without installing any tools.
In short when I try a ping to youtube.com it work but the youtube application on the phone
tells me I have no connection.
My configuration looks like :
Code:
mybox -----(Ethernet)------[my computer]------(USB)-----[the phone]
and my phone is in airplane mode to prevent wifi or mobile connections.
I enabled usb tethering so I have two interface on my computer : eth0 and usb0.
Then I have done on the computer:
Code:
sudo ifconfig eth0 0.0.0.0
sudo ifconfig usb0 0.0.0.0
sudo brctl addbr br0
sudo brctl addif br0 eth0
sudo brctl addif br0 usb0
sudo ifconfig br0 up
sudo dhclient br0
and on the phone :
Code:
su
netcfg rndis0 dhcp
After that i have the following configuration :
Code:
IP of rndis0 on the phone : 192.168.1.35/24
IP of br0(eth0 + usb0) on my computer : 192.168.1.17/24
IP of the box : 192.168.1.1/24
If i try to ping the ip adress 8.8.8.8 or any other adresse, it works.
But if I try with a domain it doesn't work :
Code:
[email protected]:/ # ping google.com
ping: unknown host google.com
It look like a DNS problem but i don't understand why because rndis0 give its address from dhcp which also give dns server address.
getprop | grep dns give me
Code:
[dhcp.wlan0.dns1]: [192.168.1.1]
[dhcp.wlan0.dns2]: []
[dhcp.wlan0.dns3]: []
[dhcp.wlan0.dns4]: []
[net.change]: [net.rndis0.dns2]
[net.dns1]: [fe80::8ef8:13ff:fe02:50ea]
[net.dns2]: [192.168.1.1]
[net.rndis0.dns1]: [192.168.1.1]
[net.rndis0.dns2]: []
I know these variables are ignored.
Then I try :
Code:
ndc resolver flushnet rndis0
ndc resolver clearnetdns rndis0
ndc resolver setnetdns rndis0 "" 8.8.8.8 8.8.4.4
and ping google.com now work. I don't understand why the dhcp doens't work...if you can explain.
If I try to connect to any website from google chrome application on my smartphone, it works !
But now when I try to use Youtube application on my smartphone it tell me "No connection".
Do you know why ?