IIRC, that looks very familiar, so you got that information from one of the Wiki pages (though I can't remember which). Please insert a link to it in your post.
Anyway, two suggestions:
1. I wouldn't stuff these commands into an interface configuration script, but that's personal preference. I'd put it into a simple shell file that can be run when needed.
2. Refer to
http://www.revsys.com/writings/quicktips/nat.html for the (IMO) cleanest description and easiest way to set up IP masquerading. (eth0 is the interface to the world, eth1 the internal one. You'll need to sustitute the latter by usb0, the former... according to your setup, but it's probably eth0).
In particular, the script that you posted does NOT seem to designate the outgoing interface ("-o" parameter), so that may be the reason. The Kindle setup looks correct though.
3. (Bonus tip
) - if you're unsure about what exactly is happening, you can run "tcpdump -i eth0 -nX -s 100 icmp" or similar to determine which (ICMP, in this case) packets are going through eth0. Pay special care to the source and destination addresses - if masquerading works correctly, then it will be your local IP, otherwise it will be 192.168.15.244 (which will fail, of course).
EDIT:
Here's a quick and dirty shell script which works for me:
Code:
#!/bin/sh -ex
# This script must be run as root.
# Adapt to your setup
OUTSIDE=eth1
KINDLE=usb0
echo 1 > /proc/sys/net/ipv4/ip_forward
# to delete these rules, use the same command, but with "-D" instead of "-A"
iptables -A FORWARD -i $KINDLE -o $OUTSIDE -j ACCEPT
iptables -A FORWARD -i $OUTSIDE -o $KINDLE -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -t nat -A POSTROUTING -o $OUTSIDE -j MASQUERADE
ssh root@192.168.15.244 'echo "nameserver 4.2.2.1" > /etc/resolv.conf; route add default gw 192.168.15.201'