01-16-2014, 11:44 AM | #1 |
Junior Member
Posts: 7
Karma: 10
Join Date: May 2012
Device: Kindle Touch
|
Can't connect via wifi, but wifi works
Hello.
I had a jailbroken Kindle Touch with working bearbox/ssh server. I installed usbnetwork package because i needed rsync and it installed properly, but for some reason i can no longer connect ot kindle via WIFI. Connecting through usbnet works, wifi form kindle works and i can access inter, I can ping my comptuer from kinde, but I cannot ping Kindle from my computer, nor connect (it timeouts) iptables allow all connections. I've run out of ideas, where should I look for the source of this problem? Any hints welcome, and by the way: thanks for all the great work on Kindle hacking! Best regards, m. |
01-16-2014, 01:31 PM | #2 |
BLAM!
Posts: 13,494
Karma: 26047188
Join Date: Jun 2010
Location: Paris, France
Device: Kindle 2i, 3g, 4, 5w, PW, PW2, PW5; Kobo H2O, Forma, Elipsa, Sage, C2E
|
Did you ever tweak iptables yourself, and how did you configure USBNet?
|
Advert | |
|
01-16-2014, 01:46 PM | #3 |
Junior Member
Posts: 7
Karma: 10
Join Date: May 2012
Device: Kindle Touch
|
I didn't touch iptables, just checked if maybe there are some rules.
I placed update_usbnet_0.15.N_install_touch_pw.bin in /mnt/us using SCP and updated via standard settings->update procedure (i had to enable "lipc-set-prop com.lab126.ota startUpdate 1" for the menu option to be enabled ). Then i couldn't connect via ssh anymore, so i trind USB cable and managed to log into device. I found usbnet to be installed where it should, with logfile saying: Code:
[root@kindle usbnet]# cat usbnetwork_install.log usbnetwork v0.15.N, Thu Jan 16 22:15:55 GMT+10:19100 2014 symbolic link /usr/local/bin/dbclient -> /usr/local/bin/dropbearmulti exists, deleting... symbolic link /usr/local/bin/dropbearconvert -> /usr/local/bin/dropbearmulti exists, deleting... symbolic link /usr/local/bin/dropbearkey -> /usr/local/bin/dropbearmulti exists, deleting... symbolic link /usr/local/sbin/dropbear -> /usr/local/bin/dropbearmulti exists, deleting... symbolic link /usr/local/bin/scp -> /usr/local/bin/dropbearmulti exists, deleting... /usr/local/etc/dropbear/dropbear_rsa_host_key exists, deleting... /usr/local/bin/dropbearmulti exists, deleting... /usr/local/bin/usbnetwork.sh exists and is not a symlink, deleting... Binary /usr/sbin/lsof already exists, skipping... S/N B011140714771FD1 => NIC 111FD1 mac is valid kdb keyfile looks ok Done! m. |
01-16-2014, 01:48 PM | #4 |
Junior Member
Posts: 7
Karma: 10
Join Date: May 2012
Device: Kindle Touch
|
also I don't think it's the router problem - It worked this morning without changing anything, I have of course restarted it.
|
01-16-2014, 02:17 PM | #5 | |
Going Viral
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
|
Quote:
Normally, it drops all incoming (original) connections. Install the Kindle Firewall - Add an "accept" statement to the top of the chain appropriate to what you want to allow and from which device. Our (my) firewall is structured a chain-per-device and any exceptions go in as rule #1 (each time an exception is made). |
|
Advert | |
|
01-16-2014, 02:32 PM | #6 |
Junior Member
Posts: 7
Karma: 10
Join Date: May 2012
Device: Kindle Touch
|
does it look right?
Code:
iptables -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:40317 ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT udp -- anywhere anywhere state ESTABLISHED ACCEPT udp -- anywhere anywhere state ESTABLISHED ACCEPT udp -- anywhere anywhere udp spt:40317 ACCEPT udp -- anywhere anywhere udp spt:49317 ACCEPT udp -- anywhere anywhere udp spt:33434 ACCEPT all -- localhost.localdomain anywhere ACCEPT all -- anywhere anywhere ACCEPT icmp -- anywhere anywhere state RELATED,ESTABLISHED Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere localhost.localdomain |
01-16-2014, 04:52 PM | #7 |
BLAM!
Posts: 13,494
Karma: 26047188
Join Date: Jun 2010
Location: Paris, France
Device: Kindle 2i, 3g, 4, 5w, PW, PW2, PW5; Kobo H2O, Forma, Elipsa, Sage, C2E
|
What knc1 said. On a vanilla device, you shouldn't have been able to connect over WiFi. USBNet doesn't touch that by default.
There's a dedicated setting in USBNet that makes a hole in iptables for SSH over WiFi [and only that] (aptly title 'Enable SSH over WiFI' in the KUAL extension) , but if you want more control over the whole rule set, follow knc1's advice, it's his baby . |
01-16-2014, 09:04 PM | #8 |
Junior Member
Posts: 7
Karma: 10
Join Date: May 2012
Device: Kindle Touch
|
Yes! That's right.
There's even USE_WIFI option. I guess my previous usbnet did that by default. Thank You! |
01-17-2014, 12:00 AM | #9 |
BLAM!
Posts: 13,494
Karma: 26047188
Join Date: Jun 2010
Location: Paris, France
Device: Kindle 2i, 3g, 4, 5w, PW, PW2, PW5; Kobo H2O, Forma, Elipsa, Sage, C2E
|
Err, no, that has *never* been the default, because it also disables the 'no password' code path in dropbear .
|
01-17-2014, 08:36 AM | #10 | |
Going Viral
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
|
Quote:
#2 - consistent with the behavior you describe - drops any new incoming connections (except to Amazon's control ports). #3 - When (If) you install the KUAL firewall, you can disable the BBB (Block Big Brother) feature and still have the more detailed (and easily changed) firewall structure. |
|
Tags |
kindle, ssh, touch, wifi |
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Can't get the WiFi to connect | kjturner71 | Kobo Reader | 59 | 12-06-2019 01:43 PM |
Calibre connection only works using wifi (?) | roadstar | Calibre | 1 | 12-28-2012 10:20 AM |
Kobo WiFi will not connect | csylvest | Kobo Reader | 1 | 03-20-2012 07:40 PM |
can't connect to wifi!!! | aycn602 | Kobo Tablets | 2 | 11-29-2011 01:50 AM |
PE - WiFi will not connect | Richard443 | enTourage eDGe | 21 | 07-06-2011 06:04 PM |