I use used to use my mobile phone for internet access. My provider's Unlimited data plan
discouragesd tethering (using the phone as a hotspot), though, by throttling
traffic it sees coming from other devices.
A fairly simple and robust solution is was to run a proxy server on the phone, and
then set up the router to send all traffic through the proxy.
I no longer use this setup, and do not have access to the mobile account or router that is described here. The comments section below may have further updates. If you can suggest improvements I will integrate them into the gist, but am not able to troubleshoot or verify changes.
There are several apps in the Play store which can do this on a stock phone (root not required). I've used Socks Server Ultimate. It's best to get this running first, and manually configure the browser on your laptop to use it, to verify that it's working properly. Then procede to the router setup.
On my TP-Link Archer C7 1750 router, I can use the 5Ghz radio as a client to
talk to my phone, and the 2.4Ghz radio as the access point. OpenWRT makes it
easy to configure via the Scan button in the UI.
If your phone has locked down Hotspot, you may be able to install adb tools and
run adb forward tcp:12345 tcp:12346 on the router to forward traffic from the
router's port 12345 to the proxy running on the phone's port 12346.
I use redsocks and iptables to send all the traffic on the router to the
SOCKS5 proxy running on the phone.
I use OpenWRT on my router, but any OS that lets you run redsocks
should do fine. For OpenWRT, opkg install redsocks gets it done.
Edit /etc/redsocks.conf to have this:
// send all traffic to a remote SOCKS5 proxy
base {
log_info = on;
log = "file:/var/log/proxy_vpn.log";
daemon = on;
redirector = iptables;
}
redsocks {
// Use iptables to redirect traffic here
local_ip = 0.0.0.0;
local_port = 12345;
// Remote proxy info
// Use 127.0.0.1 if using adb forward; otherwise use the
// Phone's hotspot IP
ip = 192.168.43.1;
port = 12346;
type = socks5;
}
The package should automatically install /etc/init.d/redsocks and enable it
in /etc/rc.d so it will run when the router boots up.
Next, put the following in /etc/init.d/proxy_vpn:
#! /bin/sh /etc/rc.common
# Modified from https://github.com/darkk/redsocks#iptables-example
# Tested on OpenWRT 18.06, TP-LINK Archer C7 v2.0, redsocks 0.4
# Prereq: opkg install redsocks
START=91
REDSOCKS_PORT=37419
start () {
# Redsocks should be running already, but just in case...
/etc/init.d/redsocks start
#
# Set up iptables
#
echo "Routing traffic to redsocks on port $REDSOCKS_PORT"
#
# Create the chain of rules to send non-local traffic through redsocks
#
iptables -t nat -N REDSOCKS
# Don't proxy local or private traffic
iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN
# Send everything else through the redsocks daemon
iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-ports $REDSOCKS_PORT
#
# Jump to the REDSOCKS chain if packet is going out on wlan (to phone)
#
iptables -t nat -A PREROUTING -i br-lan -p tcp -j REDSOCKS
# XXX It seems that OUTPUT is too late?
#iptables -t nat -A OUTPUT -o wlan0 -p tcp -j REDSOCKS
}
stop () {
iptables -t nat -F REDSOCKS
iptables -t nat -F PREROUTING
iptables -t nat -F POSTROUTING
iptables -F INPUT
iptables -F FORWARD
iptables -t nat -X REDSOCKS
/etc/init.d/firewall restart
}
restart () {
stop
start
}
@softmoth can you give direction, how to send UDP traffic over proxy?