Adblock for specific devices, tutorial to create multiple dnsmasq instances?

It requires another subnet to avoid routing collision, but it seems there's another issue, so I temporary put this method on hold.

Looks like the destination IP is the first one which the device is reached on the related interface, so we need to workaround it with another port.

This is a firewall-based method:

  • Either configure a static lease or change the rule to depend on MAC address instead of IP.
  • If you need IPv6, it will require additional configuration.
opkg remove kmod-dummy
rmmod dummy

uci -q delete network.adblock
uci commit network
service network restart

uci -q delete dhcp.adblock
uci -q delete dhcp.adblock_dns.interface
uci -q delete dhcp.adblock_dns.notinterface
uci add_list dhcp.adblock_dns.interface="lan"
uci set dhcp.adblock_dns.port="5333"
uci commit dhcp
service dnsmasq restart

uci -q delete firewall.adblock
uci set firewall.adblock="redirect"
uci set firewall.adblock.name="Adblock-Intercept"
uci set firewall.adblock.src="lan"
uci set firewall.adblock.src_ip="SOURCE_HOST_IP"
uci set firewall.adblock.src_dport="53"
uci set firewall.adblock.dest_port="5333"
uci set firewall.adblock.family="ipv4"
uci set firewall.adblock.proto="tcpudp"
uci set firewall.adblock.target="DNAT"
uci commit firewall
service firewall restart
3 Likes