i cannot set the firewall because there is no custom firewall tab. my fw is 22.03.3. pls advice hot to set firewall ttl 65 by using command in ssh, thx
i want to ask something... did you tried this on the AP(Anti tethering) that has a TTL=1 and an outbound of TTL=65? Eg. AP TTL=1 -> Openwrt custom NAT firewall for TTL Outbound on WLAN0/ETH0 -> Outbound TTL=65
Hi, I haven't try that. Actually most of my connection is Fiber now, so I don't really care about setting TTL. If you have any finding, please share :)
@@VanTechCorner finally i got the solution to my question last week 😀 #!/bin/sh /etc/rc.local iptables -F iptables -t mangle -F # Append the ttl before prerouting and postrouting (prerouting from ttl=1 into ttl=64) to bypass anti-tethering iptables -t mangle -A POSTROUTING -o wlan0 -j TTL --ttl-set 64 iptables -t mangle -A PREROUTING -i wlan0 -j TTL --ttl-set 64 # Redirect all traffic from wlan0 to br-lan and vice versa iptables -A FORWARD -i wlan0 -o br-lan -j ACCEPT iptables -A FORWARD -i br-lan -o wlan0 -j ACCEPT
Yes, if you are using the normal unlimited plan that does not allow hotspot, you can change the TTL and all connected devices will be able to surf the internet.
I've this same router installed openwrt but bricked due to I pressed the reset button and it no longer boot. Tried to put it into recovery mode also failed. Can you make tutorial? Thanks
hello van can you explain for COD cold war nat rules firewall rules and port forward internal port and external port destination i heard is 3074 and 30000-450000 , i'm use cake piece of cake on my sqm :) thanks
very informative. what value do i need to put on my android system if my phone is rooted, so i can tether my data to another 2nd phone without tweaking the 2nd phone?
Hi, if you want to do this with your phone, you can either setup a proxy server on the main phone or install pdanet+. Here is the playlist, just in case you need it ruclips.net/p/PL58__w3t_eTbaPnGpJu9CArOtZGLEzVJ8
@@VanTechCorner i just follow your guide... but nevermind, I fixed it with the rule below, but the speed become dropped, can you advise? # flush tables iptables -F iptables -t nat -F -t mangle # apply routing iptables -t nat -A POSTROUTING -o eth0.2 -j MASQUERADE iptables -t mangle -A PREROUTING -j TTL --ttl-set 65 iptables -A FORWARD -i eth0.2 -o br-lan -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -i eth0.2 -o br-lan -j ACCEPT
Hi, you just need to change the Firewall rule according to what you need. The syntax is already there "iptables -t mangle -I POSTROUTING -o wan-interface -j TTL --ttl-set 65" => POSTROUTING is set to 65 in this case.
It should be ttyUSB for the modem serial interface. You can check the QMI / 3G tutorial on this playlist as well - ruclips.net/p/PL58__w3t_eTbcBQ9oJ8jXCxPtBiac59vC
Hello, it had been stated in the video and the description: If you are using USB tethering, there is a specific TTL value that need to be configured. The common TTL value used by the mobile network operator is 65 while the default value on the computer is 128. We need to change this to have a working internet connection or to be able to use the hotspot.
It is base on your network operator. But my answer is yes. You can follow the 2nd way by editing the configuration file and the TTL will be applied to all.
@@VanTechCorner I have a question how about android phone limiting its hotspot capability? i dont now were to put TTL 2 on the firewall settings. my target is to limit of using the hotspot capability of the android phone either via Bluetooth and wifi hotspot sharing it self. hope you will notice this.
@@VanTechCorner arount 2.48 - 2.50 in video after put net.ipv6.ip_default_ttl=65 and press button ESC..but in my case after push button ESC nothing happen..
if i ping android ip (pc - 65 ttl --> android 64 ttl) it gives me the android ip ttl of 64 / but if i do it like this (pc - 66 ttl -> openwrt 65 ttl -> android "technically 64") it gives me ttl of 63.
Hey, if IPTV is running on VLAN you will need to create VLAN on the router. The steps is almost the same with setting up LAN interface as WAN interface and you just need to setup the VLAN ID correctly. If it is running multicast then we have something more to talk about.
@@VanTechCorner I have tried several times to play free iptv chanes on the openwrt system. In VLC format on the phone. But that did not work. I'm waiting for you to post a video explaining the steps of setting up iptv. thanks in advance🙂
As I mentioned, you need to know if IPTV is running on VLAN or VLAN + multicast. If it work on multicast, you will need to setup IGMP proxy as well. For some internet service providers, IPTV only works on their GPON router and there is no way to setup it up on the third party router. If you have any question, please join the group "Van Tech Corner & Friends" on FB.
Videos with no directions verbally and small print are impossible to follow. This is an awful video. Try actually adding verbal instructions or zooming in so that it can actually be seen. I’m looking at this on a large iPad and it is still not legible
Are you going to configure your router with your iPad? My videos are made for desktop users with optimal resolution of 1920x1080. Still, you can find the script/command line in the video description.
I was trying several other ways, I didn't realize OpenWRT had iptables. You saved me alot of headache. Thanks
Glad to help
Great work! Do you know how to change the TTL for both IPV4 and IPV6 in FW4 openWRT vs 22.03?
Love it, finally solve my problem, I used the last method via Mac terminal, easy
A very useful tutorial. Thanks bro. U r really awesome
Glad you liked it!
THANKYOU i appreciate this just noticed you did this video
You are welcome. Editing the sysctl.conf file is faster and I always use it :D
@@VanTechCorner okay cool brother ill be sure to do so next time I’ll continue to watch a lot more of your videos very educational thanks 😊
i cannot set the firewall because there is no custom firewall tab. my fw is 22.03.3. pls advice hot to set firewall ttl 65 by using command in ssh, thx
i want to ask something... did you tried this on the AP(Anti tethering) that has a TTL=1 and an outbound of TTL=65?
Eg. AP TTL=1 -> Openwrt custom NAT firewall for TTL Outbound on WLAN0/ETH0 -> Outbound TTL=65
Hi, I haven't try that. Actually most of my connection is Fiber now, so I don't really care about setting TTL. If you have any finding, please share :)
@@VanTechCorner finally i got the solution to my question last week 😀
#!/bin/sh /etc/rc.local
iptables -F
iptables -t mangle -F
# Append the ttl before prerouting and postrouting (prerouting from ttl=1 into ttl=64) to bypass anti-tethering
iptables -t mangle -A POSTROUTING -o wlan0 -j TTL --ttl-set 64
iptables -t mangle -A PREROUTING -i wlan0 -j TTL --ttl-set 64
# Redirect all traffic from wlan0 to br-lan and vice versa
iptables -A FORWARD -i wlan0 -o br-lan -j ACCEPT
iptables -A FORWARD -i br-lan -o wlan0 -j ACCEPT
@@VanTechCorner finally i got the solution to my question last week.
# Flush existing table rules
iptables -F
iptables -t nat -F
iptables -t mangle -F
# Apply TTL 64 for outbound traffic (leaving interface wlan0)
iptables -t mangle -A POSTROUTING -o wlan0 -j TTL --ttl-set 64
# Apply TTL 64 for inbound traffic (entering interface wlan0) this will bypass anti-tethering AP
iptables -t mangle -A PREROUTING -i wlan0 -j TTL --ttl-set 64
# Allow forwarding of traffic from wlan0 to eth0
iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
# Allow returning traffic from eth0 to wlan0
iptables -A FORWARD -i eth0 -o wlan0 -m state --state ESTABLISHED,RELATED -j ACCEPT
# Optionally, if eth0 is connected to the internet, masquerade outbound traffic on eth0
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
exit 0
@@VanTechCorner finally got the solution to my question last week 😁
# Flush table rules
iptables -F
iptables -t nat -F
iptables -t mangle -F
# Apply TTL 64 for outbound traffic (leaving interface wlan0)
iptables -t mangle -A POSTROUTING -o wlan0 -j TTL --ttl-set 64
# Apply TTL 64 for inbound traffic (entering interface wlan0)
iptables -t mangle -A PREROUTING -i wlan0 -j TTL --ttl-set 64
# Allow forwarding of traffic from wlan0 to eth0
iptables -A FORWARD -i wlan0 -o eth0 -j ACCEPT
# Allow returning traffic from eth0 to wlan0
iptables -A FORWARD -i eth0 -o wlan0 -m state --state ESTABLISHED,RELATED -j ACCEPT
# Optionally, if eth0 is connected to the internet, masquerade outbound traffic on eth0
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
exit 0
iptables: command not found
i also dont have custom firewall rules
An update would be missing since now they changed iptables to nftables.
I have a question, if my router has a sim card slot, does the sysctl method allows all of the device connected use the same ttl?
Yes, if you are using the normal unlimited plan that does not allow hotspot, you can change the TTL and all connected devices will be able to surf the internet.
@@VanTechCorner Alright noted, thanks for answering. 👍
You're welcome!
I've this same router installed openwrt but bricked due to I pressed the reset button and it no longer boot. Tried to put it into recovery mode also failed. Can you make tutorial? Thanks
hello van can you explain for COD cold war nat rules firewall rules and port forward internal port and external port destination i heard is 3074 and 30000-450000 , i'm use cake piece of cake on my sqm :) thanks
in openwrt 22.03, the custom rules is missing.
Hello, you can follow the 2nd guide, starts at 2:04
what are you using to edit the file after adding the firewall rule?
Sometime in wisp mode , the inbound packet has ttl=1 can we use this to passing packet to next hop ?
i heard ipv6 not using ttl but hop limit (hl) , is that okay using "ttl" to fix hop limit? yes i know theres no much differen, just term...im curious
yes corrent. ttl for ipv4, hl for ipv6
very informative. what value do i need to put on my android system if my phone is rooted, so i can tether my data to another 2nd phone without tweaking the 2nd phone?
Hi, if you want to do this with your phone, you can either setup a proxy server on the main phone or install pdanet+. Here is the playlist, just in case you need it ruclips.net/p/PL58__w3t_eTbaPnGpJu9CArOtZGLEzVJ8
for example should the ttl on windows be 66, then openwrt 65, then android 64?
I went through the whole procedure and it still doesn't connect me to the internet, why?
my isp limited ttl=2 to prevent secondary router share.can i bypass this by this video?
Hi sir, I have follow your guide, but why the hotspot still leak? Using B618 to Dir 842 router
Hi, I am not really understand your question. What do you mean by leak? Did you change the TTL for all interfaces or just the WAN interface?
@@VanTechCorner i just follow your guide... but nevermind, I fixed it with the rule below, but the speed become dropped, can you advise?
# flush tables
iptables -F
iptables -t nat -F -t mangle
# apply routing
iptables -t nat -A POSTROUTING -o eth0.2 -j MASQUERADE
iptables -t mangle -A PREROUTING -j TTL --ttl-set 65
iptables -A FORWARD -i eth0.2 -o br-lan -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth0.2 -o br-lan -j ACCEPT
Please make TTL in prerouting is 10 for more stable and make TTL in postrouting is 65 or u can set it like windows is 128.
Thanks
Hi, you just need to change the Firewall rule according to what you need. The syntax is already there "iptables -t mangle -I POSTROUTING -o wan-interface -j TTL --ttl-set 65" => POSTROUTING is set to 65 in this case.
cho mình hỏi bản openwrt 22.03 không có mục Custom Rules trong Firewall nữa thì mình phải chỉnh sửa nó ntn vậy bn ?
Có hai cách để thay đổi TTL, bạn làm theo cách hai không cần custom rules nha.
hi if using QMI is it using eth0 or USB0 or according to ttyUSB?
It should be ttyUSB for the modem serial interface. You can check the QMI / 3G tutorial on this playlist as well - ruclips.net/p/PL58__w3t_eTbcBQ9oJ8jXCxPtBiac59vC
Any idea on how to run a custom http header request using DD-WRT or openWRT?
Hey, no idea for now I am looking for it. I'll let you know if there is anything new.
Sorry for the noob question, what is this all about?
Hello, it had been stated in the video and the description: If you are using USB tethering, there is a specific TTL value that need to be configured. The common TTL value used by the mobile network operator is 65 while the default value on the computer is 128. We need to change this to have a working internet connection or to be able to use the hotspot.
It is base on your network operator. But my answer is yes. You can follow the 2nd way by editing the configuration file and the TTL will be applied to all.
@@VanTechCorner I have a question how about android phone limiting its hotspot capability? i dont now were to put TTL 2 on the firewall settings. my target is to limit of using the hotspot capability of the android phone either via Bluetooth and wifi hotspot sharing it self. hope you will notice this.
This works if i have a bridge between wan0 and usb0 ?
Yes it work. You can follow the 2nd way to modify the configuration file and the TTL will be applied for all interfaces.
hello van, why after edit on terminal, i can't Esc
Hi, do you mean when editing the text with Vi editor? Can you tell me which time in the video so I can help.
@@VanTechCorner arount 2.48 - 2.50 in video after put net.ipv6.ip_default_ttl=65 and press button ESC..but in my case after push button ESC nothing happen..
Yes that's normal. Did you press :wq and Enter after that?
bác ơi mở giao diện ssh bằng cmd được không bác ?
Được nha bạn. Trên Windows 10 bạn có thể dùng lệnh ssh để kết nối tới router. Ngoài ra bạn có thể tải Putty.
if i ping android ip (pc - 65 ttl --> android 64 ttl) it gives me the android ip ttl of 64 / but if i do it like this (pc - 66 ttl -> openwrt 65 ttl -> android "technically 64") it gives me ttl of 63.
how to set it in asus router pls?
ssh change cmd ?
i believe there should be something wrong with the openwrt config
Can’t see...
Hi, please try to watch it on your PC or turn on the CC feature in RUclips and you can see the text in bigger size.
How to watch IPTV channels on an openwrt system 🙄
Hey, if IPTV is running on VLAN you will need to create VLAN on the router. The steps is almost the same with setting up LAN interface as WAN interface and you just need to setup the VLAN ID correctly. If it is running multicast then we have something more to talk about.
@@VanTechCorner I have tried several times to play free iptv chanes on the openwrt system. In VLC format on the phone. But that did not work. I'm waiting for you to post a video explaining the steps of setting up iptv. thanks in advance🙂
As I mentioned, you need to know if IPTV is running on VLAN or VLAN + multicast. If it work on multicast, you will need to setup IGMP proxy as well. For some internet service providers, IPTV only works on their GPON router and there is no way to setup it up on the third party router. If you have any question, please join the group "Van Tech Corner & Friends" on FB.
Videos with no directions verbally and small print are impossible to follow. This is an awful video. Try actually adding verbal instructions or zooming in so that it can actually be seen. I’m looking at this on a large iPad and it is still not legible
Are you going to configure your router with your iPad? My videos are made for desktop users with optimal resolution of 1920x1080. Still, you can find the script/command line in the video description.
@@VanTechCorner lmaooo