Dummy [HOWTO] - Blocking Amazon Firmware Updates

Search This thread

arcwick08

Member
Feb 22, 2012
14
10
There seems to be a ton of confusion/re-posting on the Bounty Root thread about how to block the Fire TV from pulling down new OTA firmware. As we wait patiently for the existing root exploit to be patched and released, blocking the auto-update is critical to maintaining that root.

There are two URLs reported to need blocking. The first is http://amzdigitaldownloads.edgesuite.net. However there have been reports elsewhere that blocking this URL breaks some of the apps/services on the device as well.

A forum member suggests that this address be blocked instead; http://firs-ta-g7g.amazon.com
They report that most streaming services are still functional when blocking this address. This is the address I'm using and so far, so good.

How to;

If you are using a DD-WRT based router, life is easy. Log into your router and go to Access Restrictions > WAN Access (on v24sp2mega at least). Set it up like this, clicking save and apply after you're done;
ddwrtfiretv.jpg


If you are using stock Linksys/Cisco firmware, your page will look more like the one in this post (thanks to retroben for the image)

I know it's basic, but maybe this will help those with questions (and prevent the 1529th person from asking the question in the root thread :p )

Cheers
 

retroben

Senior Member
May 19, 2014
510
60
Fultondale
Sorry for the umpteenth posts of mine in the rooting thread,and you're welcome.
Feel free to use my troubles as an example of unwitty stupidity.

First,you should either make your Fire TV forget the network if you know the password to log back in,or unplug it while it is idle,this is my extra step of security when setting up OpenDNS.

For those of you out there like me who don't have any other Wi-Fi accessing device,you will not see the openDNS service as enabled.
To enable it and make presets safely after setting the router's DNS numbers appropriately,you can change your computer's DNS numbers temporarily from "internet options" so you can manage the OpenDNS settings after the "success" message without putting your Fire TV at risk for the OTA update.

I reccommend not changing the router connection type to "static ip" since I had so much trouble with the Cisco Linksys E2500 killing all internet access until switching back to auto.
 
Last edited:

roligov

Senior Member
Dec 29, 2012
308
110
London
For Netgear routers go to: http://www.routerlogin.net/adv_index.htm

Go to "Security" on the left hand side column.
Then "Block Sites".
Set "Keyword Blocking" to the "Always" radio button.
Add the keyword: firs-ta-g7g.amazon.com
Click Apply

It should look like this when you are done:

V1txbIB.png
 
Last edited:

krasny2k5

Senior Member
Feb 24, 2011
141
43
For routers with tomato firmware (I'm using tomato shibby)

Go to access restriction and create a new rule as the following:

 
  • Like
Reactions: kario

alwaysbless

Senior Member
Nov 24, 2012
125
26
San Diego
nzM5VSH.png


Heres how to set up Open DNS filtering on an Asus RT-N66U running Merlin FW (Must also have dns-o-matic configured under DDNS so any wan ip changes will update on open-dns's side - or if you have a static dont worry youre good to go)
 
Last edited:

droider137

Member
Jul 11, 2012
34
12
Having trouble blocking using a Verizon fios actiontec router. I think I have it set ok. To test I reset the fire tv and it updates. When I check the router config, te fire tv has a different device name so now the rule does not apply. How can I test?
 

roligov

Senior Member
Dec 29, 2012
308
110
London
Having trouble blocking using a Verizon fios actiontec router. I think I have it set ok. To test I reset the fire tv and it updates. When I check the router config, te fire tv has a different device name so now the rule does not apply. How can I test?

To be safe it, set it as a global block or block it at a mac level, not at a device name level.
 

droider137

Member
Jul 11, 2012
34
12
To be safe it, set it as a global block or block it at a mac level, not at a device name level.

On the phone now with verizon/ actiontec...just got disconnected!!!!! Unable to find a way to block all. Seems like when the fire tv is reset it generates a new device name on the router. So, the old rule will not apply. Tech support sucks!
 

{ParanoiA}

Senior Member
Apr 20, 2011
1,043
174
Ocean View, NJ
If possible get your own router that way you have more options. Pretty much all major brands have been covered in this thread now. The few Verizon routers I have looked around on are very limited on what they can do...
 

droider137

Member
Jul 11, 2012
34
12
If possible get your own router that way you have more options. Pretty much all major brands have been covered in this thread now. The few Verizon routers I have looked around on are very limited on what they can do...

Looks like I will have to figure out how to use open dns or buy a new router. According to Actiontec, even if I set up a rule to block access, the router ignores all rules from 1145-1259 am. It does this so the router can update, check world time... When this happens ALL device blocks are lifted.
 

vyktym

Member
May 31, 2014
8
1
Thanks for the guide. I blocked the suggested URLs, but is there any way to test that I have done so correctly? I would hate an auto-update to remove my ability to root in the future.
 

retroben

Senior Member
May 19, 2014
510
60
Fultondale
I have an easy way that I used successfully.
Just set a computer's "internet options" dns to the OpenDNS numbers and try to visit a webpage that is blocked to see if the site gets blocked.
When the amzdigitaldownloads edgesuite site is blocked properly,you will see a page that says so instead of the "file not found" message.
If you use the services on the Fire TV,even something sideloaded like the "Polaris Go" app,you will have to block only the other mentioned link.
I could not get it to load Table Flip or any videos to show up anymore,but the website's videos work fine on a browser.

I am additionally using the DNS-O-Matic,a partner site of OpenDNS to make sure it keeps my router IP address up to date for keeping the sites blocked properly. (static ip causes network failure issues for me)
I keep the page loaded on an Opera Browser tab at all times to make sure it remains logged in.
 

deshwasi

Senior Member
Mar 20, 2006
72
1
i have to select a time period for rule to be active. actiontec model only allows in 15min increments. so... do i select 12am to 12am or 12am to 11:45pm? does the firetv keeping checking every second if there is an update?
 

jljaries42@gmail.com

Senior Member
May 11, 2014
69
21
Verify blocking

I have a TP-Link R860 router,

I set it to block firs-ta-g7g.amazon.com.
I also have openDNS blocking that site.

Is there way to verify that it's blocked.
Clicking 'Check for updates' still seems to work.

Thanks
 
Just received Myne in Greece through reship.... now I had all ready cut the address through ddwrt .. i will light it up when I go home. I can upgrade to latest firmware and after I stop the updates? I think jcase had stated we can update to current latest and root when it will published will work.

Please advice

send from my N9005 with tapatalk
 

Top Liked Posts

  • There are no posts matching your filters.
  • 3
    There seems to be a ton of confusion/re-posting on the Bounty Root thread about how to block the Fire TV from pulling down new OTA firmware. As we wait patiently for the existing root exploit to be patched and released, blocking the auto-update is critical to maintaining that root.

    There are two URLs reported to need blocking. The first is http://amzdigitaldownloads.edgesuite.net. However there have been reports elsewhere that blocking this URL breaks some of the apps/services on the device as well.

    A forum member suggests that this address be blocked instead; http://firs-ta-g7g.amazon.com
    They report that most streaming services are still functional when blocking this address. This is the address I'm using and so far, so good.

    How to;

    If you are using a DD-WRT based router, life is easy. Log into your router and go to Access Restrictions > WAN Access (on v24sp2mega at least). Set it up like this, clicking save and apply after you're done;
    ddwrtfiretv.jpg


    If you are using stock Linksys/Cisco firmware, your page will look more like the one in this post (thanks to retroben for the image)

    I know it's basic, but maybe this will help those with questions (and prevent the 1529th person from asking the question in the root thread :p )

    Cheers
    1
    For routers with tomato firmware (I'm using tomato shibby)

    Go to access restriction and create a new rule as the following: