you can acomplish this with iptables on your kindle (this has to be done on each reboot)
you can see the current rules with
and you can apply rules from a file with
Code:
iptables-restore <filename
here is an example iptables-restore file that i use for only local access.
Code:
# Generated by iptables-save v1.4.15
*raw
:PREROUTING ACCEPT [13475:13447552]
:OUTPUT ACCEPT [6181:2633532]
COMMIT
# Completed
# Generated by iptables-save v1.4.15
*nat
:PREROUTING ACCEPT [9:848]
:INPUT ACCEPT [1:60]
:OUTPUT ACCEPT [286:18952]
:POSTROUTING ACCEPT [286:18952]
COMMIT
# Completed
# Generated by iptables-save v1.4.15
*mangle
:PREROUTING ACCEPT [13475:13447552]
:INPUT ACCEPT [13467:13446764]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [6181:2633532]
:POSTROUTING ACCEPT [6181:2633532]
COMMIT
# Completed
# Generated by iptables-save v1.4.15
*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT DROP [0:0]
-A INPUT -s 127.0.0.1/32 -i lo -j ACCEPT
-A INPUT -i usb0 -j ACCEPT
-A OUTPUT -o usb0 -j ACCEPT
-A INPUT -p icmp -m state --state RELATED,ESTABLISHED -j ACCEPT
-A OUTPUT -p icmp -j ACCEPT
-A INPUT -i wlan0 -p tcp -m tcp --dport 22 -j ACCEPT
-A OUTPUT -o wlan0 -p tcp -m tcp --sport 22 -j ACCEPT
-A OUTPUT -d 127.0.0.1/32 -o lo -j ACCEPT
-A INPUT -i wlan0 -p tcp -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i wlan0 -p udp -m state --state ESTABLISHED -j ACCEPT
-A OUTPUT -o wlan0 -d 192.168.0.1/24 -j ACCEPT
COMMIT
# Completed
The important part is the filter section.