Block DNS for specific MAC address

Hello there!
I'm sure, the solution is already somewhere out there but searching in the forum and googling around gave me nothing yet.
So I would be glad for some help/ideas and specific advise from you.

What I'm trying to do.

I want to block a specific URL (let's say youtube.com) for a specific device in my wireless network. In the best case, this blocking is only during a specific time. Purpose is parental control to limit access during homework time etc.

What I found out yet.

To archive blocking of a specific URL, I will have to use a DNS rule or ASN lists.
This could be done by Adblock or banIP packages. This blocking would be for all clients within my WiFi network.

Questions:

  • Is there a way to limit the rule to a specific MAC Address?
  • Can these rules be timed?

Cheers,
Laenan

https://openwrt.org/docs/guide-user/firewall/fw3_configurations/fw3_parent_controls

1 Like

Hey,
yep, found that a while ago. That works fine for the timed rules to block all connections, but I cannot wrap my head around the ASN rules to block for a specific MAC address.
Do you know, if there are any hints out there?
Cheers

The example at the bottom of the page is using a source mac address to block.
Regarding ASN, I've seen it in banIP, but I have never used it.

trendy is correct - you can do this via banIP, which supports ASN.
The ASN section is the last bit before the "Extra settings" near the bottom, and you just add in the ASNs you want to block. eg. facebook is ASN 32934.
...but...
This blocks ALL their related things...so if you kill facebook, it also kills whatsapp etc.
If you were to use google's ASN to block youtube (which falls within there), you will probably also kill google [duckduckgo.com is better anyway :nerd_face:]

Give me some days to check this. :slight_smile: