This file describes how to set up connection sharing (specifically, LTE->WLAN and VPN(@LTE)->WLAN) on Android 8.1. The two cases differ a bit, though.
All commands need to be run on Android as root, and make sure your phone can connect to LTE and WLAN simultaneously. Making the WLAN failing captive portal check is a cheap way to do so.
This has to be done before any further steps:
iptables -F natctrl_FORWARD
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQUERADE
where 192.168.1.0/24 is LAN subnet. You can also make it single IP if needed.
Suppose LTE connection is available on the interface rmnet_data1.
ip route add table rmnet_data1 192.168.1.0/24 dev wlan0
Same note for 192.168.1.0/24 applies.
Change gateway of any host in 192.168.1.0/24 to the phone, that's it.
Suppose VPN connection is available on tun0 (don't think this can differ)
Unlike sharing LTE when our goal matches default route by chance, we need a new routing table for your single LAN host. Otherwise traffic from phone (on WLAN) and the host will be indistinguishable.
ip rule add from 192.168.1.10 lookup 61
ip route add table 61 192.168.1.10 dev wlan0
ip route add table 61 default dev tun0
ip route add table local_network 192.168.1.10 dev wlan0
61 is a random number, and 192.168.1.10 is your LAN host. You're free to fly.
What's the trick to make WLAN fail captive portal? My android 10 device does not have the natctrl_FORWARD chain, any tips?