Thread: Connecting to internet throug my computer with usbNet, KT
View Single Post
Old 05-15-2012, 11:45 AM   #13
knc1
Going Viral
knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.knc1 ought to be getting tired of karma fortunes by now.
 
knc1's Avatar
 
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
This one is tested and known to work - I'm writing to you through it at this moment.
This post shows a bit more of the details.

Quote:
Originally Posted by geekmaster View Post
Okay, so we just need a simple set of instructions on how to set up the host PC as an internet gateway to use with the kindle.

In that case, *I* would like to know the answer to this question too (I do not have time to "RTFM" right now)...
On the Kindle - set the default route to use /dev/usb0
(It may be set by the usbnet start, but if not, set it)

On the PC -
With "WORLD" set to the output device (sometimes: eth0);
With "IPT" set to /sbin/iptables (or its location on your machine):
Code:
# Default policy
DEF_POLICY='ACCEPT'

# NIC that connects to the outside world (via modem, cable, aDSL, whatever)
# Or if using dial-up and ppp - set WORLD to the name of the ppp interface (ppp0).
# Whereas, on the Kindle, you would prohibit using the ppp interface (that's the 3G card).
WORLD='eth0'

# Set default policy
$IPT -P INPUT   $DEF_POLICY   # Packets arriving
$IPT -P OUTPUT  $DEF_POLICY   # Packets locally generated
$IPT -P FORWARD $DEF_POLICY   # Packets in transit

# Anything output to world must masquerade
$IPT -t nat -A POSTROUTING -o $WORLD -j MASQUERADE

# Anything on input chain established or related is acceptable
$IPT -t filter -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# Anything on input chain that's new is acceptable EXCEPT from world
$IPT -t filter -A INPUT -m state --state NEW -i '!'$WORLD -j ACCEPT

# Now handle any packets that where not handled by the above rules
$IPT -t filter -A INPUT -p tcp -i $WORLD -j REJECT --reject-with tcp-reset
$IPT -t filter -A INPUT        -i $WORLD -j DROP
Which turns the firewall into a one-way, network address translation, firewall. No __NEW__ connections allowed in-bound, only replies to out-bound traffic.

Then poke the box into "router mode":
Code:
# Enable IPv4 forwarding 0 == Disable, 1 == Enable
echo 1 > /proc/sys/net/ipv4/ip_forward
Note 1: If the PC already has iptable rules - then intellegently merge the above functions into them.

Note 2: Do not do the above on the Kindle. The above is too simple to keep you out of trouble.

Edit:
When did this forum turn into a Linux Newbie site?
Hello Web Masters - Better just put up a "Linux Newbie" forum - these questions will never go away.
Last edited by knc1; 05-15-2012 at 12:17 PM.
knc1 is offline   Reply With Quote