Hacking How does the Switch test internet connectivity?

OriginalCopycat · Sep 16, 2020

Hi,

I'd like to connect my Switch to my LAN so that I can enable FTP access to it from my PC. I only want LAN access (plus maybe some select online addresses), so I'm going to block all internet access from the Switch using my router's firewall ACL rules. The trouble is that I can't save a networking configuration on the Switch because it fails the Internet Connection test.

Does anybody know exactly what it does in this test (e.g. "It pings 8.8.8.8" or "it connects to https://ninty123.com/test.php")? If I knew that I could allow it to access only that one thing to get the config saved and then be happy it won't talk to anything else. I don't trust DNS solutions - I want to create a set of explicit outbound-allow rules.

Presumably one of you already has the knowledge and could skool me? :teach:

Thanks.

OriginalCopycat · Sep 17, 2020

Anyone?

Worldblender · Sep 17, 2020

From https://switchbrew.org/wiki/Network#Others and https://switchbrew.org/wiki/Internet_Browser#WifiWebAuthApplet:

It's basically an enhanced ping test to the domain "ctest.cdn.nintendo.net" (replaces "conntest.nintendowifi.net", is more likely). The response must include the "X-Organization: Nintendo" HTTP header for the response to succeed normally.

OriginalCopycat · Sep 18, 2020

Worldblender said:
From https://switchbrew.org/wiki/Network#Others and https://switchbrew.org/wiki/Internet_Browser#WifiWebAuthApplet:

It's basically an enhanced ping test to the domain "ctest.cdn.nintendo.net" (replaces "conntest.nintendowifi.net", is more likely). The response must include the "X-Organization: Nintendo" HTTP header for the response to succeed normally.

Fantastic - thank you

for anyone else interested I used the information from Worldblender to find this on Reddit:

The best solution is to run your own ctest server which is very easy to do, and Also using incognito to protect you from accidentally connecting to internet.

I prefer a small linux server running BIND and nginx and just point my switch DNS to that server. I have a firewall chain on my router that selects the MAC address of the switch and drops all non-white listed traffic. You can whitelist specific IP addresses such as switchbru hbloader.

The setup is the most complicated so you may actually learn something if you aren't careful.

Snip of nginx sites-enabled config for ctest:

server {
listen 80;
server_name conntest.nintendowifi.net;
location / {
return 200 '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html><head><title>HTML Page</title></head><body bgcolor="#FFFFFF">This is test.html page</body></html>';
add_header Content-Type text/html;
add_header X-Organization Nintendo;
}
}
server {
listen 80;
server_name ctest.cdn.nintendo.net;
location / {
return 200 'ok';
add_header Content-Type text/plain;
add_header X-Organization Nintendo;
}
}

Hacking How does the Switch test internet connectivity?

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Similar threads

Popular threads in this forum