Internet access over usb

[brianinmaine]

so I want to apt-get my debian.ext3 image file in Debian Linux (HostPC).
I followed:https://wiki.mobileread.com/wiki/Inte...Kindle_via_USB

Setup on Host PC Add the following to /etc/network/interfaces

iface usb0 inet static
address 192.168.15.201
netmask 255.255.255.0
up echo 1 > /proc/sys/net/ipv4/ip_forward
up iptables -P FORWARD ACCEPT
up iptables -A POSTROUTING -t nat -j MASQUERADE -s 192.168.15.0/24
down echo 0 > /proc/sys/net/ipv4/ip_forward
down echo 0 > /proc/sys/net/iptables -t nat -F POSTROUTING

Setup in Kindle
echo "nameserver 4.2.2.1" > /etc/resolv.conf
route add default gw 192.168.15.201

I had network-manager, but I couldn't figure out how to have both eth0 and usb0 up at the same time with that, so I disabled and installed wicd. I added "iface eth0 inet dhcp" to the interfaces file and restarted the network service. Both eth0 and usb0 now have IP addresses - so far so good.

Now I still can't ping anything on the internet, so it might be the MASQUERADE thing? Is there a way to trace how far packets go or what?

Next step, please?

edit: pinging from the host to the internet shows my usb0 ip is the one trying to reach the internet, not my eth0?

[ixtab]

IIRC, that looks very familiar, so you got that information from one of the Wiki pages (though I can't remember which). Please insert a link to it in your post.

Anyway, two suggestions:
1. I wouldn't stuff these commands into an interface configuration script, but that's personal preference. I'd put it into a simple shell file that can be run when needed.

2. Refer to http://www.revsys.com/writings/quicktips/nat.html for the (IMO) cleanest description and easiest way to set up IP masquerading. (eth0 is the interface to the world, eth1 the internal one. You'll need to sustitute the latter by usb0, the former... according to your setup, but it's probably eth0).

In particular, the script that you posted does NOT seem to designate the outgoing interface ("-o" parameter), so that may be the reason. The Kindle setup looks correct though.

3. (Bonus tip ) - if you're unsure about what exactly is happening, you can run "tcpdump -i eth0 -nX -s 100 icmp" or similar to determine which (ICMP, in this case) packets are going through eth0. Pay special care to the source and destination addresses - if masquerading works correctly, then it will be your local IP, otherwise it will be 192.168.15.244 (which will fail, of course).

EDIT:
Here's a quick and dirty shell script which works for me:

Code:

#!/bin/sh -ex

# This script must be run as root.

# Adapt to your setup
OUTSIDE=eth1
KINDLE=usb0

echo 1 > /proc/sys/net/ipv4/ip_forward

# to delete these rules, use the same command, but with "-D" instead of "-A"
iptables -A FORWARD -i $KINDLE -o $OUTSIDE -j ACCEPT
iptables -A FORWARD -i $OUTSIDE -o $KINDLE -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -t nat -A POSTROUTING -o $OUTSIDE -j MASQUERADE

ssh root@192.168.15.244 'echo "nameserver 4.2.2.1" > /etc/resolv.conf; route add default gw 192.168.15.201'

[brianinmaine]

Code:

# echo 1 > /proc/sys/net/ipv4/ip_forward  

# /sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
# /sbin/iptables -A FORWARD -i eth0 -o usb0 -m state
   --state RELATED,ESTABLISHED -j ACCEPT
# /sbin/iptables -A FORWARD -i usb0 -o eth0 -j ACCEPT

OK- ran these on the host, then used the tcpdump program suggested. While that was open I ssh'ed into the kindle touch, and made sure to add the default gateway. I tried to ping the local router from the kindle and am unable. tcpdump didn't show any activity? I then checked to see how tcpdump works by changing the eth0 to usb0 and see activity when I ping. I can, of course, reach the internet fine from the host (I had to install tcpdump Thanks for advice and ideas! Any more?

edit: your script sure looks the same to me? I just can't seem to get it working. The real weird thing is that I can boot to XP and share the links just fine! I can't do a debootstrap from there, but I can do the apt-get stuff if I'm ssh'd into the kindle and chrooted.
It has to be something minor that I'm missing!? Maybe it's Debian on my host? What are you running?

[ixtab]

I'm running Ubuntu here, but 've used that (or something similar) on tons of different distros.

My guess is that you have some sort of funky iptables configuration (firewall?).

Maybe the easiest approach is to try and insert ("-I") the iptables rules instead of appending ("-A") - when appending them, another rule (DROP/REJECT) may bail out earlier.

Try to disable the firewall (if any). Try to flush the iptables configuration. Try to set the iptables policies to ACCEPT.

In any case, it's your iptables configuration which prevents this from working...

[brianinmaine]

Hurrayyy! The problem was in the "echo 1 > .." statement. I'm not sure why I didn't see it before, but when I tried all the commands again, it said permission denied! I was using sudo but it didn't work. I did a 'sudo su', tried it again, and no more permission problem. I still had a session open on the kindle and now it works perfect! THANK YOU! I hope this can help someone else!

[ixtab]

Code:

user$ sudo echo 1 > /tmp/test

will execute "echo 1" as root, and write it to /tmp/test as user.

A simple workaround is to either log in as root (as you did), or, quick and dirty:

Code:

echo 1|sudo tee /tmp/test

[knc1]

Quote:

Originally Posted by brianinmaine

so I want to apt-get my debian.ext3 image file in Debian Linux (HostPC).
I followed:https://wiki.mobileread.com/wiki/Inte...Kindle_via_USB

Setup on Host PC Add the following to /etc/network/interfaces

iface usb0 inet static
address 192.168.15.201
netmask 255.255.255.0
- - -

Setup in Kindle
echo "nameserver 4.2.2.1" > /etc/resolv.conf
route add default gw 192.168.15.201
- - -
I added "iface eth0 inet dhcp" to the interfaces file and restarted the network service.
- - -
edit: pinging from the host to the internet shows my usb0 ip is the one trying to reach the internet, not my eth0?

Because that is what you told your routing table to do, read above quote again.

Either change your routing instructions in the routing table or specify the device to use to reach the default gateway.