How to route all traffic coming from tethering?

About

Asked 29/4, 2014 at 17:12 Answered 8/5, 2014 at 22:36

android proxy dns android-wifi tethering

I'm working on some test project, basically I want to route all traffic when I'm in hotspot mode into a fixed address. I have the IP range for example 192.168.0.0/24 I don't know if I can use iptables without root or JNI functions (can't find any that match what I want) Thinking out of the box is very welcomed (DNS, low level packet broadcast on client connect etc...)

Any Idea?

EDIT: How Android and iOS detect a Network Portal?

source : https://sudoroom.org/wiki/Mesh/Firmware/Splash_page They try to HTTP GET on

iOS: http://www.apple.com/library/test/success.html and expect a 200 if not behind portal

Android: http://clients3.google.com/generate_204 and expect a 204 status when not behind portal, any other status is a portal

So, how can I respond correctly to those detections?

Wilbertwilborn answered 29/4, 2014 at 17:12 Comment(4)

Also, the user won't have root access – Wilbertwilborn 29/4, 2014 at 22:14

AFAIK there is no iptables api on android, please look at this similar question #4659119 – Haul 5/5, 2014 at 8:56

@Haul thx, i've seen this answer but it needs root access. I thought maybe there is another way like setting DNS to a fake one or anything like this. as long as it does the job I just need a way – Wilbertwilborn 5/5, 2014 at 8:57

yes the point is you need root to use iptables if android doesn't exposes an api :( – Haul 5/5, 2014 at 11:44

The easiest approach is to enable a socks proxy when configuring the wifi AP you are connecting to. This varies depending on the version of android, but it is typically something like:

Touch and hold the wifi network you want to connect to.
A dialogue box should pop-up. In that dialogue box, select advanced.
Find the proxy option and enter in the IP and port of the server you want to forward traffic to.

Android speaks SOCKS and so long as your proxy speaks SOCKS as well, you are good to go. If you root the device you can (depending on your version of Android), configure this proxy automatically. See, for instance, AdBlock Plus for Android which does exactly that.

If you don't want to go the proxy route you may be able to manually set ebtables rules if your device is rooted. This is significantly more work as you have to be careful not to mess up the NAT'ing that your device is already doing.

Kreda answered 8/5, 2014 at 22:36 Comment(3)

All of this will be done by my application, I do not want to depend of any other app. But the proxy idea is cool, now suppose I make this proxy, how should I do to advice a newly connected device that he needs to go to my portal? Like you can see when you connect to a Hotspot – Wilbertwilborn 9/5, 2014 at 7:21

For that you would need captive portal software which is easiest to use when bundled as part of a routing package (like pfSense). I suppose you could do something like run pfSense (or other offering) in the cloud, point your proxy to that IP and then if everything is configured correctly you should be good to go. – Kreda 9/5, 2014 at 14:9

It's between 2 phones, no infrastructure whatsoever between them – Wilbertwilborn 9/5, 2014 at 14:17

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags