Tuesday, November 11, 2008

Howto: Tether your Android G1 phone with iptables (no proxy needed)

First grab the iptables binary for you G1:
Download Here
Then push the binary to your android G1 device:
./adb push iptables /data/local/iptables
Now lets mount /system read/write and copy iptables to /system/bin/iptables
mount -o remount,rw -t yaffs2 /dev/block/mtdblock3 /system
cat /data/local/iptables >/system/bin/iptables
chmod 4755 /system/bin/iptables


Now Disable wifi menu->settings->Wireless Control's Then Uncheck wifi

Either use ./adb Shell or telnet or Terminal Emulator to issue these commands, it is preferrable to use a telnet shell or ./adb with the SDK because you can copy/paste faster:

insmod /system/lib/modules/wlan.ko

wlan_loader -f /system/etc/wifi/Fw1251r1c.bin -e /proc/calibration -i /system/etc/wifi/tiwlan.ini

cd /data/local/tmp
wpa_supplicant -f -Dtiwlan0 -itiwlan0 -c/data/misc/wifi/wpa_supplicant.conf &

sleep 5
ifconfig tiwlan0 192.168.2.30 netmask 255.255.255.0
ifconfig tiwlan0 up

We just used a static ip, so make sure to change your ip to a ip in your lan:

Now lets enable/configure ip forwarding
iptables -I FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -I FORWARD -s 192.168.2.0/24 -j ACCEPT
iptables -P FORWARD DROP

iptables -t nat -I POSTROUTING -s 192.168.2.0/24 -j MASQUERADE

echo 1 > /proc/sys/net/ipv4/ip_forward

6 comments:

  1. Fyi, windows doesn't support WPA mode in ad-hoc mode. Skip the:

    wpa_supplicant -f -Dtiwlan0 -itiwlan0 -c/data/misc/wifi/wpa_supplicant.conf &

    Unless you're wifi card supports WPA in ad-hoc mode...

    ReplyDelete
  2. Thanks for this writeup. I used it to help diagnose the problems I was having, connecting to my wifi with WPA-Enterprise.

    The Android GUI doesn't support it, but you can manually edit your wpa_supplicant.conf to include the necessary bits.

    I added this stanza for my network:

    network={
    ssid="HighlandSun" <-- use your SSID of course
    scan_ssid=1 <-- dunno if this is needed
    proto=WPA <-- (pretty sure this is needed otherwise it will try WPA2)
    key_mgmt=WPA-EAP
    eap=PEAP
    identity="hyc" <-- use your own...
    password="xxx" <-- ...
    ca_cert="/system/etc/security/Symas.pem"
    }

    Also, none of this worked until I updated the firmware in my Linksys WRT54G router from 3.06.x to 4.21.1. That was mentioned here:
    Bug#1372

    ReplyDelete
  3. Hey hyc,

    I also need to connect to a wpa enterprise network and was wondering how you edited the file. through terminal or adb or somthing?

    Any help would be appreciated.

    ReplyDelete
  4. I used busybox vi in the terminal.

    ReplyDelete
  5. the link for iptables binary not workinng...(not found error).
    please update and correct the link.

    ReplyDelete
  6. i get this error :
    failed to copy 'iptables/extensions/tos_values.c -> data/local/extensions/tos_values.c':no such file or directory.
    any one know the cause !!!!!!!!

    ReplyDelete