Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

It does not work... #13

Open
Zibri opened this issue Sep 29, 2022 · 12 comments
Open

It does not work... #13

Zibri opened this issue Sep 29, 2022 · 12 comments

Comments

@Zibri
Copy link

Zibri commented Sep 29, 2022

I am connected to the phone using USB tethering.

Ping from phone to google:
64 bytes from 172.217.21.14: icmp_seq=1 ttl=106 time=94.7 ms
Ping from pc to same address:
64 bytes from 172.217.21.14: icmp_seq=1 ttl=105 time=87.0 ms
output of iptables-save:

# Generated by iptables-save v1.8.4 on Thu Sep 29 19:41:25 2022
*security
:INPUT ACCEPT [5684:1493109]
:FORWARD ACCEPT [12589:8945513]
:OUTPUT ACCEPT [6007:1139629]
COMMIT
# Completed on Thu Sep 29 19:41:25 2022
# Generated by iptables-save v1.8.4 on Thu Sep 29 19:41:25 2022
*raw
:PREROUTING ACCEPT [14092:10551427]
:OUTPUT ACCEPT [5475:1097508]
:bw_raw_PREROUTING - [0:0]
:clat_raw_PREROUTING - [0:0]
:idletimer_raw_PREROUTING - [0:0]
:nm_mdmprxy_raw_pre - [0:0]
:qcom_htimer_PREROUTING - [0:0]
:tetherctrl_raw_PREROUTING - [0:0]
-A PREROUTING -j qcom_htimer_PREROUTING
-A PREROUTING -j clat_raw_PREROUTING
-A PREROUTING -j bw_raw_PREROUTING
-A PREROUTING -j idletimer_raw_PREROUTING
-A PREROUTING -j tetherctrl_raw_PREROUTING
-A bw_raw_PREROUTING -i ipsec+ -j RETURN
-A bw_raw_PREROUTING -m policy --dir in --pol ipsec -j RETURN
-A bw_raw_PREROUTING -m bpf --object-pinned /sys/fs/bpf/prog_netd_skfilter_ingress_xtbpf
-A idletimer_raw_PREROUTING -i rmnet_data1 -j IDLETIMER --timeout 10 --label 0 --send_nl_msg 1
-A nm_mdmprxy_raw_pre -p tcp -m multiport --ports 5060 -j NOTRACK
-A nm_mdmprxy_raw_pre -p udp -m multiport --ports 5060 -j NOTRACK
-A tetherctrl_raw_PREROUTING -i rndis0 -p tcp -m tcp --dport 21 -j CT --helper ftp
-A tetherctrl_raw_PREROUTING -i rndis0 -p tcp -m tcp --dport 1723 -j CT --helper pptp
-A tetherctrl_raw_PREROUTING -i wlan1 -p tcp -m tcp --dport 21 -j CT --helper ftp
-A tetherctrl_raw_PREROUTING -i wlan1 -p tcp -m tcp --dport 1723 -j CT --helper pptp
COMMIT
# Completed on Thu Sep 29 19:41:25 2022
# Generated by iptables-save v1.8.4 on Thu Sep 29 19:41:25 2022
*nat
:PREROUTING ACCEPT [4671:645532]
:INPUT ACCEPT [699:48478]
:OUTPUT ACCEPT [1331:92813]
:POSTROUTING ACCEPT [355:24668]
:nm_mdmprxy_masquerade_skip - [0:0]
:oem_nat_pre - [0:0]
:tetherctrl_nat_POSTROUTING - [0:0]
-A PREROUTING -j oem_nat_pre
-A POSTROUTING -j tetherctrl_nat_POSTROUTING
-A tetherctrl_nat_POSTROUTING -o rmnet_data1 -j MASQUERADE
COMMIT
# Completed on Thu Sep 29 19:41:25 2022
# Generated by iptables-save v1.8.4 on Thu Sep 29 19:41:25 2022
*mangle
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [5239:1341244]
:FORWARD ACCEPT [12562:8943624]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [18156:10040806]
:bw_mangle_POSTROUTING - [0:0]
:idletimer_mangle_POSTROUTING - [0:0]
:nfqttli - [0:0]
:nfqttlo - [0:0]
:nm_mdmprxy_icmp_pkt_marker - [0:0]
:nm_mdmprxy_mark_prov_chain - [0:0]
:nm_mdmprxy_mngl_post - [0:0]
:nm_mdmprxy_mngl_pre - [0:0]
:nm_mdmprxy_mngl_pre_ex - [0:0]
:nm_mdmprxy_mngl_pre_spi - [0:0]
:nm_mdmprxy_mngl_pre_tee - [0:0]
:nm_mdmprxy_pkt_forwarder - [0:0]
:nm_mdmprxy_pkt_marker - [0:0]
:nm_mdmprxy_pkt_skmark - [0:0]
:oem_mangle_post - [0:0]
:qcom_htimer_POSTROUTING - [0:0]
:qcom_qos_filter_POSTROUTING - [0:0]
:qcom_qos_reset_POSTROUTING - [0:0]
:routectrl_mangle_INPUT - [0:0]
:tc_idletimer - [0:0]
:tc_wmm - [0:0]
:tetherctrl_mangle_FORWARD - [0:0]
:wakeupctrl_mangle_INPUT - [0:0]
-A PREROUTING -j nfqttli
-A INPUT -j wakeupctrl_mangle_INPUT
-A INPUT -j routectrl_mangle_INPUT
-A FORWARD -j tetherctrl_mangle_FORWARD
-A OUTPUT -j nfqttlo
-A POSTROUTING -j qcom_htimer_POSTROUTING
-A POSTROUTING -j oem_mangle_post
-A POSTROUTING -j bw_mangle_POSTROUTING
-A POSTROUTING -j idletimer_mangle_POSTROUTING
-A POSTROUTING -j qcom_qos_reset_POSTROUTING
-A POSTROUTING -j qcom_qos_filter_POSTROUTING
-A bw_mangle_POSTROUTING -o ipsec+ -j RETURN
-A bw_mangle_POSTROUTING -m policy --dir out --pol ipsec -j RETURN
-A bw_mangle_POSTROUTING -j MARK --set-xmark 0x0/0x100000
-A bw_mangle_POSTROUTING -m owner --uid-owner 1029 -j RETURN
-A bw_mangle_POSTROUTING -m bpf --object-pinned /sys/fs/bpf/prog_netd_skfilter_egress_xtbpf
-A idletimer_mangle_POSTROUTING -o rmnet_data1 -j IDLETIMER --timeout 10 --label 0 --send_nl_msg 1
-A nfqttli -j NFQUEUE --queue-num 6464
-A nfqttlo -j NFQUEUE --queue-num 6464
-A nm_mdmprxy_mark_prov_chain -p udp -m socket --transparent --nowildcard --restore-skmark -j nm_mdmprxy_pkt_skmark
-A nm_mdmprxy_mark_prov_chain -p tcp -m socket --transparent --nowildcard --restore-skmark -j nm_mdmprxy_pkt_skmark
-A nm_mdmprxy_mngl_post -m mark --mark 0xf0002 -j MARK --set-xmark 0x0/0xffffffff
-A nm_mdmprxy_pkt_marker -j CONNMARK --restore-mark --nfmask 0xffffffff --ctmask 0xffffffff
-A nm_mdmprxy_pkt_marker -j nm_mdmprxy_mngl_pre
-A nm_mdmprxy_pkt_marker -j nm_mdmprxy_mark_prov_chain
-A nm_mdmprxy_pkt_marker -j nm_mdmprxy_mngl_pre_spi
-A nm_mdmprxy_pkt_marker -j nm_mdmprxy_mngl_pre_ex
-A nm_mdmprxy_pkt_marker -p udp -m udp --dport 7275 -j MARK --set-xmark 0xf0002/0xffffffff
-A nm_mdmprxy_pkt_marker -p tcp -m tcp --dport 5060 -j MARK --set-xmark 0xf0002/0xffffffff
-A nm_mdmprxy_pkt_marker -p udp -m udp --dport 5060 -j MARK --set-xmark 0xf0002/0xffffffff
-A nm_mdmprxy_pkt_marker -m mark --mark 0xf0002 -j nm_mdmprxy_pkt_forwarder
-A nm_mdmprxy_pkt_marker ! -p icmp -m mark --mark 0xf0002 -j DROP
-A nm_mdmprxy_pkt_skmark -j RETURN
-A qcom_qos_reset_POSTROUTING -o rmnet_data+ -j MARK --set-xmark 0x0/0xffffffff
-A routectrl_mangle_INPUT -i rmnet_data0 -j MARK --set-xmark 0xf0001/0xffefffff
-A routectrl_mangle_INPUT -i rmnet_data1 -j MARK --set-xmark 0x30064/0xffefffff
-A routectrl_mangle_INPUT -i rndis0 -j MARK --set-xmark 0x30063/0xffefffff
-A routectrl_mangle_INPUT -i wlan1 -j MARK --set-xmark 0x30063/0xffefffff
-A tetherctrl_mangle_FORWARD -p tcp -m tcp --tcp-flags SYN SYN -j TCPMSS --clamp-mss-to-pmtu
COMMIT
# Completed on Thu Sep 29 19:41:25 2022
# Generated by iptables-save v1.8.4 on Thu Sep 29 19:41:25 2022
*filter
:INPUT ACCEPT [14:3814]
:FORWARD ACCEPT [72:4900]
:OUTPUT ACCEPT [27:7518]
:bw_FORWARD - [0:0]
:bw_INPUT - [0:0]
:bw_OUTPUT - [0:0]
:bw_costly_rmnet_data1 - [0:0]
:bw_costly_shared - [0:0]
:bw_data_saver - [0:0]
:bw_global_alert - [0:0]
:bw_happy_box - [0:0]
:bw_penalty_box - [0:0]
:fw_FORWARD - [0:0]
:fw_INPUT - [0:0]
:fw_OUTPUT - [0:0]
:nm_mdmprxy_doze_mode_skip - [0:0]
:nm_mdmprxy_iface_pkt_fwder - [0:0]
:nm_qti_filter_ssdp_dropper - [0:0]
:oem_fwd - [0:0]
:oem_out - [0:0]
:st_OUTPUT - [0:0]
:st_clear_caught - [0:0]
:st_clear_detect - [0:0]
:st_penalty_log - [0:0]
:st_penalty_reject - [0:0]
:tc_limiter - [0:0]
:tc_mobile_limiter - [0:0]
:tetherctrl_FORWARD - [0:0]
:tetherctrl_counters - [0:0]
-A INPUT -j bw_INPUT
-A INPUT -j fw_INPUT
-A FORWARD -j oem_fwd
-A FORWARD -j fw_FORWARD
-A FORWARD -j bw_FORWARD
-A FORWARD -j tetherctrl_FORWARD
-A OUTPUT -j nm_qti_filter_ssdp_dropper
-A OUTPUT -j oem_out
-A OUTPUT -j fw_OUTPUT
-A OUTPUT -j st_OUTPUT
-A OUTPUT -j bw_OUTPUT
-A bw_FORWARD -i rmnet_data1 -j bw_costly_rmnet_data1
-A bw_FORWARD -o rmnet_data1 -j bw_costly_rmnet_data1
-A bw_INPUT -j bw_global_alert
-A bw_INPUT -i rmnet_data1 -j bw_costly_rmnet_data1
-A bw_INPUT -p esp -j RETURN
-A bw_INPUT -m mark --mark 0x100000/0x100000 -j RETURN
-A bw_INPUT -j MARK --set-xmark 0x100000/0x100000
-A bw_OUTPUT -j bw_global_alert
-A bw_OUTPUT -o rmnet_data1 -j bw_costly_rmnet_data1
-A bw_costly_rmnet_data1 -j bw_penalty_box
-A bw_costly_rmnet_data1 -m quota2 ! --name rmnet_data1  --quota 9223372036854775807  -j REJECT --reject-with icmp-port-unreachab
le
-A bw_costly_shared -j bw_penalty_box
-A bw_data_saver -j RETURN
-A bw_global_alert -m quota2 ! --name globalAlert  --quota 2097152
-A bw_happy_box -m bpf --object-pinned /sys/fs/bpf/prog_netd_skfilter_whitelist_xtbpf -j RETURN
-A bw_happy_box -j bw_data_saver
-A bw_penalty_box -m bpf --object-pinned /sys/fs/bpf/prog_netd_skfilter_blacklist_xtbpf -j REJECT --reject-with icmp-port-unreach
able
-A bw_penalty_box -j bw_happy_box
-A nm_qti_filter_ssdp_dropper -o r_rmnet_data+ -p udp -m udp --dport 1900 -j DROP
-A nm_qti_filter_ssdp_dropper -o rmnet_data+ -p udp -m udp --dport 1900 -j DROP
-A st_clear_detect -m connmark --mark 0x2000000/0x2000000 -j REJECT --reject-with icmp-port-unreachable
-A st_clear_detect -m connmark --mark 0x1000000/0x1000000 -j RETURN
-A st_clear_detect -p tcp -m u32 --u32 "0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x0&0xffff0000=0x16030000&&0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x
4&0xff0000=0x10000" -j CONNMARK --set-xmark 0x1000000/0x1000000
-A st_clear_detect -p udp -m u32 --u32 "0x0>>0x16&0x3c@0x8&0xffff0000=0x16fe0000&&0x0>>0x16&0x3c@0x14&0xff0000=0x10000" -j CONNMA
RK --set-xmark 0x1000000/0x1000000
-A st_clear_detect -m connmark --mark 0x1000000/0x1000000 -j RETURN
-A st_clear_detect -p tcp -m state --state ESTABLISHED -m u32 --u32 "0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x0&0x0=0x0" -j st_clear_caugh
t
-A st_clear_detect -p udp -j st_clear_caught
-A st_penalty_log -j CONNMARK --set-xmark 0x1000000/0x1000000
-A st_penalty_log -j NFLOG
-A st_penalty_reject -j CONNMARK --set-xmark 0x2000000/0x2000000
-A st_penalty_reject -j NFLOG
-A st_penalty_reject -j REJECT --reject-with icmp-port-unreachable
-A tetherctrl_FORWARD -j bw_global_alert
-A tetherctrl_FORWARD -i rmnet_data1 -o rndis0 -m state --state RELATED,ESTABLISHED -g tetherctrl_counters
-A tetherctrl_FORWARD -i rndis0 -o rmnet_data1 -m state --state INVALID -j DROP
-A tetherctrl_FORWARD -i rndis0 -o rmnet_data1 -g tetherctrl_counters
-A tetherctrl_FORWARD -i rmnet_data1 -o wlan1 -m state --state RELATED,ESTABLISHED -g tetherctrl_counters
-A tetherctrl_FORWARD -i wlan1 -o rmnet_data1 -m state --state INVALID -j DROP
-A tetherctrl_FORWARD -i wlan1 -o rmnet_data1 -g tetherctrl_counters
-A tetherctrl_FORWARD -j DROP
-A tetherctrl_counters -i rndis0 -o rmnet_data1 -j RETURN
-A tetherctrl_counters -i rmnet_data1 -o rndis0 -j RETURN
-A tetherctrl_counters -i wlan1 -o rmnet_data1 -j RETURN
-A tetherctrl_counters -i rmnet_data1 -o wlan1 -j RETURN
COMMIT
# Completed on Thu Sep 29 19:41:25 2022
sweet:/ #
@cyborg-one
Copy link
Owner

cyborg-one commented Sep 30, 2022
edited
Loading

To view the values in the packet headers, use network traffic sniffers.
In your log, the rules for iptables are set correctly.

@Zibri
Copy link
Author

Zibri commented Oct 26, 2022
edited
Loading

I repeat: it does not work. TTL is still decreased.
I found a different solution for that, a simple patch to any kernel would just avoid the ttl decrease.
Just unpack a boot image then search for C9220039C816007968F24039E8002836 and replace it with 1F2003D51F2003D568F24039E8002836.

If you have magiskboot binary:

magiskboot unpack -h boot.img
magiskboot hexpatch kernel C9220039C816007968F24039E8002836 1F2003D51F2003D568F24039E8002836
magiskboot repack boot.img boot_ttlfix.img

fastboot boot boot_ttlfix.img (to test it)
or
fastboot flash boot boot_ttlfix.img to flash it.

@cyborg-one
Copy link
Owner

Nfqttl does not process all packets, only incoming packets with ttl values of 64 and 128 are processed on hotspot device. Therefore, the ttl value in ping is not indicative. In version 2.8, packet filtering is done in code, in version 2.1.2, packet filtering is done by iptables rules. Both versions are worth trying. The value of ttl look tcpdump.

@cyborg-one
Copy link
Owner

cyborg-one commented Oct 27, 2022
edited
Loading

If you have magiskboot binary:

magiskboot unpack -h boot.img
magiskboot hexpatch kernel C9220039C816007968F24039E8002836 1F2003D51F2003D568F24039E8002836
magiskboot repack boot.img boot_ttlfix.img
fastboot boot boot_ttlfix.img (to test it)

I try this on device redmi 4x.

/data/adb/magisk/busybox dd if="/dev/block/bootdevice/by-name/boot" of="boot.img" conv=notrunc <

131072+0 records in
131072+0 records out
67108864 bytes (64.0MB) copied, 5.402307 seconds, 11.8MB/s
santoni:/data/data/com.termux/files/home/tmp #
/data/adb/magisk/magiskboot unpack -h boot.img <
Parsing boot image: [boot.img]
HEADER_VER [0]
KERNEL_SZ [26950316]
RAMDISK_SZ [2761311]
SECOND_SZ [0]
EXTRA_SZ [0]
OS_VERSION [7.1.2]
OS_PATCH_LEVEL [2018-10]
PAGESIZE [2048]
NAME []
CMDLINE [console=ttyHSL0,115200,n8 androidboot.console=ttyHSL0 androidboot.hardware=qcom msm_rtb.filter=0x237 ehci-hcd.park=3 lpm_levels.sleep_disabled=1 androidboot.bootdevice=7824900.sdhci earlycon=msm_hsl_uart,0x78B0000 buildvariant=user]
CHECKSUM [92a488f4658ece83714982c130fb01d6c07cd76d000000000000000000000000]
KERNEL_DTB_SZ [16967923]
KERNEL_FMT [gzip]
RAMDISK_FMT [gzip]

data/adb/magisk/magiskboot hexpatch kernel C9220039C816007968F24039E8002836 1F2003D51F2003D568F24039E8002836 <
1|santoni:/data/data/com.termux/files/home/tmp #
1|santoni:/data/data/com.termux/files/home/tmp #
data/adb/magisk/magiskboot repack boot.img new.img <
Parsing boot image: [boot.img]
HEADER_VER [0]
KERNEL_SZ [26950316]
RAMDISK_SZ [2761311]
SECOND_SZ [0]
EXTRA_SZ [0]
OS_VERSION [7.1.2]
OS_PATCH_LEVEL [2018-10]
PAGESIZE [2048]
NAME []
CMDLINE [console=ttyHSL0,115200,n8 androidboot.console=ttyHSL0 androidboot.hardware=qcom msm_rtb.filter=0x237 ehci-hcd.park=3 lpm_levels.sleep_disabled=1 androidboot.bootdevice=7824900.sdhci earlycon=msm_hsl_uart,0x78B0000 buildvariant=user]
CHECKSUM [92a488f4658ece83714982c130fb01d6c07cd76d000000000000000000000000]
KERNEL_DTB_SZ [16967923]
KERNEL_FMT [gzip]
RAMDISK_FMT [gzip]
Repack to boot image: [new.img]

HEADER_VER [0]
KERNEL_SZ [26950316]
RAMDISK_SZ [2761311]
SECOND_SZ [0]
EXTRA_SZ [0]
OS_VERSION [7.1.2]
OS_PATCH_LEVEL [2018-10]
PAGESIZE [2048]
NAME []
CMDLINE [console=ttyHSL0,115200,n8 androidboot.console=ttyHSL0 androidboot.hardware=qcom msm_rtb.filter=0x237 ehci-hcd.park=3 lpm_levels.sleep_disabled=1 androidboot.bootdevice=7824900.sdhci earlycon=msm_hsl_uart,0x78B0000 buildvariant=user]
CHECKSUM [92a488f4658ece83714982c130fb01d6c07cd76d000000000000000000000000]
santoni:/data/data/com.termux/files/home/tmp #
/data/adb/magisk/busybox dd if="new.img" of="/dev/block/bootdevice/by-name/boot" conv=notrunc <

131072+0 records in
131072+0 records out
67108864 bytes (64.0MB) copied, 9.078945 seconds, 7.0MB/s
santoni:/data/data/com.termux/files/home/tmp #

Reboot and
Ping on the receiving device and tcpdump on the hotspot device.

santoni:/ # /data/data/com.termux/files/usr/bin/tcpdump -vvvni any host 8.8.8.8 -c 4
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked v1), capture size 262144 bytes
22:46:46.281844 IP (tos 0x0, ttl 64, id 45282, offset 0, flags [DF], proto ICMP (1), length 84)
192.168.42.24 > 8.8.8.8: ICMP echo request, id 14760, seq 1, length 64
22:46:46.281982 IP (tos 0x0, ttl 63, id 45282, offset 0, flags [DF], proto ICMP (1), length 84)
192.168.1.100 > 8.8.8.8: ICMP echo request, id 14760, seq 1, length 64
22:46:46.355923 IP (tos 0x20, ttl 106, id 0, offset 0, flags [none], proto ICMP (1), length 84)
8.8.8.8 > 192.168.1.100: ICMP echo reply, id 14760, seq 1, length 64
22:46:46.356115 IP (tos 0x20, ttl 105, id 0, offset 0, flags [none], proto ICMP (1), length 84)
8.8.8.8 > 192.168.42.24: ICMP echo reply, id 14760, seq 1, length 64
4 packets captured
4 packets received by filter
0 packets dropped by kernel
santoni:/ #

@Zibri
Copy link
Author

Zibri commented Nov 1, 2022
edited
Loading

@cyborg-one
it didn't work because your kernel image was NOT patched.
if magiskboot finds the searchstring it outputs the patching had effect. In your case it outputs nothing, meaning it didn't find the search string.
it works on my kernel for "redmi note 10 pro".
if you send me your kernel, I can look into it... just attach here or send me a link to your stock recovery.img or boot.img

nevermind.. I did it for you:

use this:

magiskboot unpack -h boot.img
magiskboot hexpatch kernel A0160079A022403900040051A0220039 1F2003D5A0224039000400511F2003D5
magiskboot repack boot.img boot_ttlfix.img

@Zibri
Copy link
Author

Zibri commented Nov 2, 2022

@cyborg-one did that work?

@cyborg-one
Copy link
Owner

magiskboot unpack -h boot.img
magiskboot hexpatch kernel A0160079A022403900040051A0220039 1F2003D5A0224039000400511F2003D5
magiskboot repack boot.img boot_ttlfix.img

It worked like it should.

patch kernel A0160079A022403900040051A0220039 1F2003D5A0224039000400511F2003D5 <
Patch @ 00B957A0 [A0160079A022403900040051A0220039] -> [1F2003D5A0224039000400511F2003D5]

santoni:/ # /data/data/com.termux/files/usr/bin/tcpdump -vvvni any host 8.8.8.8 -c 4
tcpdump: listening on any, link-type LINUX_SLL (Linux cooked v1), capture size 262144 bytes
17:02:11.958672 IP (tos 0x0, ttl 64, id 28689, offset 0, flags [DF], proto ICMP (1), length 84)
192.168.42.79 > 8.8.8.8: ICMP echo request, id 12111, seq 1, length 64
17:02:11.958864 IP (tos 0x0, ttl 64, id 28689, offset 0, flags [DF], proto ICMP (1), length 84)
192.168.1.100 > 8.8.8.8: ICMP echo request, id 12111, seq 1, length 64
17:02:12.031352 IP (tos 0x20, ttl 105, id 0, offset 0, flags [none], proto ICMP (1), length 84)
8.8.8.8 > 192.168.1.100: ICMP echo reply, id 12111, seq 1, length 64
17:02:12.031534 IP (tos 0x20, ttl 105, id 0, offset 0, flags [none], proto ICMP (1), length 84)
8.8.8.8 > 192.168.42.79: ICMP echo reply, id 12111, seq 1, length 64

You can show tcpdump output when running nfqttl?

@Zibri
Copy link
Author

Zibri commented Nov 2, 2022
edited
Loading

It worked like it should.

patch kernel A0160079A022403900040051A0220039 1F2003D5A0224039000400511F2003D5 <
Patch @ 00B957A0 [A0160079A022403900040051A0220039] -> [1F2003D5A0224039000400511F2003D5]

Good! I didn't test it because I own a different phone and for some reason the compiled code is totally different from my kernel. Good to know it worked. I'll add the patch to my module.

You can show tcpdump output when running nfqttl?

hmm.. no... I can't use nfqttl with my patch in place.

@cyborg-one
Copy link
Owner

cyborg-one commented Nov 3, 2022
edited
Loading

@Zibri
From the first post in the iptables output, you can see that netfilter sends packets to the queue and since the Internet is working, this means that nfqttl processed the packets. Without tcpdump output, I don't see nfqttl not working properly.

@Zibri
Copy link
Author

Zibri commented Nov 4, 2022
edited
Loading

@Zibri From the first post in the iptables output, you can see that netfilter sends packets to the queue and since the Internet is working, this means that nfqttl processed the packets. Without tcpdump output, I don't see nfqttl not working properly.

I can just tell you I downloaded and used it on my Redmi Note 10 pro.
Then tried pinging the same address from phone and wifi or usb tehered pc and the TTL differed by 1.
So I decided to write my patch which is simpler and IMHO more effective.

@LunaWuna
Copy link

Hello, I see the module isn't compatible with the OnePlus 11, how easy would it be to support it?

@cyborg-one
Copy link
Owner

cyborg-one commented Mar 26, 2023
edited
Loading

@LunaWuna

Hello, I see the module isn't compatible with the OnePlus 11, how easy would it be to support it?

Hi. What exactly is the incompatibility?
Installation errors?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Zibri @cyborg-one @LunaWuna