07-25-2017, 02:43 AM | #121 |
Expecto Patronum!
Posts: 137
Karma: 342260
Join Date: May 2017
Location: Chennai, India
Device: Kindle PW2(9017) 4GB, FW 5.7.4
|
|
11-14-2017, 11:21 PM | #122 | |
Member
Posts: 16
Karma: 12
Join Date: Oct 2017
Device: KT3 5.8.10
|
Can I whitelist a certain IP in the rules? If yes, how?
Thank you! edit: I've try to enable the firewall but it returns error Quote:
Last edited by ivegotkindle; 11-14-2017 at 11:30 PM. |
|
Advert | |
|
11-15-2017, 07:22 AM | #123 | |
Going Viral
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
|
Quote:
You must have KUAL installed. Read the directions. Read /extensions/bbb/frags/fw-base.txt - Every entry whitelists or blacklists one or more IP addresses. Hint: look for the words "ACCEPT" and "DROP". You should be able to figure out how to add one with that many examples. Last edited by knc1; 11-15-2017 at 07:26 AM. |
|
11-15-2017, 08:53 AM | #124 | ||
Member
Posts: 16
Karma: 12
Join Date: Oct 2017
Device: KT3 5.8.10
|
Quote:
-- My question is, if the fw-base content is 35.176.0.0/13 --> its gonna block ip from 35.176.0.1 to 35.183.255.254 right? Then, if I for example, want to whitelist one IP address 35.176.1.1: should I just make a new entry with that IP or should I change the whole IP range (just add that specific IP or edit 35.176.0.0/13)? Or to rephrase the question: Can a rule override another (if placed after the whole ip range rules of course)? -- Quote:
Last edited by ivegotkindle; 11-15-2017 at 08:59 AM. |
||
11-15-2017, 01:37 PM | #125 | |
Going Viral
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
|
Quote:
So reverse the order you just wrote them in. I.E: In the order you wrote them in, *.1.1 would have been dropped before it got to the next rule to be accepted. |
|
Advert | |
|
11-15-2017, 10:15 PM | #126 | |
Member
Posts: 16
Karma: 12
Join Date: Oct 2017
Device: KT3 5.8.10
|
Quote:
Thank you very much! |
|
12-11-2019, 01:35 AM | #127 |
Enthusiast
Posts: 34
Karma: 10
Join Date: Sep 2017
Device: PW3/4
|
Is it still working in 2019? Will it block OTA updates? Does it have conflicts with KUAL -> Helper+ > Prevent OTA?
|
12-11-2019, 01:38 PM | #128 | |
Going Viral
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
|
Quote:
Did at the time and probably still does but it should really be tested again. None. |
|
12-12-2019, 04:34 AM | #129 | |
Enthusiast
Posts: 34
Karma: 10
Join Date: Sep 2017
Device: PW3/4
|
Quote:
Oh, it seems like it's using static IPs\subnets - not sure how often they can be changed or already changed. It may make sense to figure out amazon servers URIs (if any on a kindle). I'm wondering if there is an easy way to log requests (especially ones that happen during receiving kindle updates) and automatically update the rules. |
|
12-12-2019, 11:07 AM | #130 | |
Going Viral
Posts: 17,212
Karma: 18210809
Join Date: Feb 2012
Location: Central Texas
Device: No K1, PW2, KV, KOA
|
Quote:
Those are the blocks assigned by IANA for Amazon's use. Since all of the IPv4 blocks where assigned years ago, with none available for new assignment, it is unlikely that Amazon will be buying any new blocks. There is a market among owners of assigned blocks (like when a company goes out of business and sells off their block), but it isn't all that frequent. I have heard that Amazon has acquired one new assigned block since the table was last updated. But neither I nor anyone else has had the time to go through the Amazon assignments since the table was created. Maybe I should publish an update at least once every six years, but don't bet on it. The table exists inside of visible USB storage and the package contains all the information needed to change/update that table. |
|
12-12-2019, 11:19 PM | #131 | |
Enthusiast
Posts: 34
Karma: 10
Join Date: Sep 2017
Device: PW3/4
|
Quote:
|
|
11-11-2020, 03:21 PM | #132 |
Enthusiast
Posts: 27
Karma: 10
Join Date: Jun 2020
Device: Kobo Libra H20, Kindle PW3, PW2
|
Is there today any shared approach to auto-enable the iptables after a reboot?
Usbnetwork and Cover services seem to be capable of clutching into the bootstrap of the device. So can't I just call 'mnt/us/extensions/bbb/bin/load-bbb.sh' somewhere? I'm a little afraid that I'll do a reboot somewhen and forget to re-apply the rules. Any ideas? |
11-11-2020, 04:33 PM | #133 |
BLAM!
Posts: 13,478
Karma: 26012494
Join Date: Jun 2010
Location: Paris, France
Device: Kindle 2i, 3g, 4, 5w, PW, PW2, PW5; Kobo H2O, Forma, Elipsa, Sage, C2E
|
That's upstart's job (pun intended) on the Kindle, and I suggest being fairly familiar both with upstart and the Kindle's fairly insane depgraph so that you don't screw it up, because screwing it up *will* soft-brick it.
|
06-09-2021, 10:38 PM | #134 |
Junior Member
Posts: 4
Karma: 10
Join Date: Jun 2021
Device: Kindle Basic 2 (2016) KT3
|
I get the following error in my last action log.
FATAL:Module ip_tables not found. iptables-restore v.1.4.15: iptables-restore: unable to initialize table 'filter' Error occured at line: 5 Try 'iptables-restore -h' or 'iptables-restore --help' for more information. Failed to install basic BBB firewall! |
06-10-2021, 12:56 AM | #135 |
BLAM!
Posts: 13,478
Karma: 26012494
Join Date: Jun 2010
Location: Paris, France
Device: Kindle 2i, 3g, 4, 5w, PW, PW2, PW5; Kobo H2O, Forma, Elipsa, Sage, C2E
|
Look at the age of the thread, maybe?
(Also, fix your device info block. "Kindle" doesn't help anyone, we're up to 122 variants and counting). Last edited by NiLuJe; 06-10-2021 at 12:59 AM. |
Tags |
firewall, kual extension |
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
KUAL: Kindle Unified Application Launcher (v2.7) | twobob | Kindle Developer's Corner | 2316 | 03-27-2024 06:23 PM |
KUAL DateTime Button | knc1 | Kindle Developer's Corner | 65 | 11-17-2023 01:16 PM |
A helpful list of Extensions for KUAL | twobob | Kindle Developer's Corner | 135 | 01-23-2023 11:20 PM |
[KUAL] Button Def. Packages (SUPERSEDED) | knc1 | Kindle Developer's Corner | 6 | 09-27-2013 07:56 PM |
HELP ME - with data for Big Brother Blocker (BBB) | knc1 | Kindle Developer's Corner | 12 | 02-11-2013 08:58 PM |