if you use android tethering, masquerade makes client device's TTL decrease.
- so Telco can detect what packet is used with tethering.
this means that if your kernel doesn't decrease TTL with hop, telco can't detect tethering packet by TTL value.
- but, there's another way to detect. however, I think that TTL is enough to use. maybe, maybe...
bascially tethering use 'masquerade' and it use 'ip_forward'. and it is linux's net function.
and, it count one hop. so ip_forward must obey ip specification. this means that decrease ttl with passing hop.
bingo! if decrease code is by-passed, all ok!!!
default TTL for android is 64. so, forwarded packet's TTL must be fixed 64.
- default TTL can be set with sysctl. but, non-rooted device does not use that feature. so it's no worth to talk.
- patents(korean language): https://patents.google.com/patent/KR20130072734A/ko
- 테더링 트래픽 분석장치 및 방법
- How to block tethering packet by SKT (korean language): https://www.clien.net/service/board/park/7796305?
- 테더링 차단의 비밀 2편(SKT)