If you manage to do it on the tv, then it can work.
Otherwise you'll need to add them in a blacklist.
tcpdump -i br-lan ether host 00:11:22:33:44:55:66
adapt lan interface name and mac address of the tv.
If you manage to do it on the tv, then it can work.
Otherwise you'll need to add them in a blacklist.
tcpdump -i br-lan ether host 00:11:22:33:44:55:66
adapt lan interface name and mac address of the tv.
I think there's more than just those sites to block.
Check out this set of lists https://perflyst.github.io/PiHoleBlocklist/
You can use them with something like simple-adblock or AdGuardHome or Pihole.
Just install addblock mate. You can have addblock set to just block adds for the IP of the TV. There is a list that was made just for this.
Interesting topic @alexmelSC
@darksky, if I understand correctly, VLAN will allow the device to access the internet, but not to "see" the rest of the network (which was one of my question in my post here: Wireless bridge with ASUS RT-10 B1). Does VLAN reduce the performances of the connection?
Would it be equivalent to some VPN services that offer some DNS filtering?
Thank you
Yes and yes.
Yes but you can install it on your router and provide LAN wide blocking/filtering.
See this thread for more details.
Thanks for the quick reply.
I should keep that in my when I update my material then (besides being old and slow, my ASUS RT seems not compatible with VLAN, according to the page here: Wireless bridge with ASUS RT-10 B1) . I will try to learn more about VLANs, but it seems that some interesting things can be managed (separation between different wifi clients; work and home PCs... Apologies if I am just discovering this, routing is a new world to me)
Communication with third parties is mentioned in the optional agreements you can chose to accept when you initialise/set your TV up. If you change your mind, and wish to revoke those agreements, you should be able to "remove" your agreement from the configuration screens, but this will likely disable some features.
Thank you.
For that, I guess I need to upgrade
Although I have really appreciated you reply, since it helps me along the path of starting to understand what I regarded as "black boxes", I need much more work before being ready for such a configuration. Let's hope in the future ...
Thank you, I have just started it
I don't trust these agreements so i want to do it technically. I just don't believe any manufacturer as its just not in their DNA to care about things like this.
Legally speaking you are right.
Not what you asked for, but I operate my nominally smart tv as simple hdmi monitor... in my case that just moves the problem around a bit, but apple was spying on me anyways (I use 'itunes', erm apple movies as it seems to be called currently).
@alexmelSC - I spun up a guest wireless for my Samsung TV. Look a this:
Of the 5,950 blocked queries:
2 log-config.samsungacr.com
4 device-metrics-us-2.amazon.com
4 oempprd.samsungcloudsolution.com
4 static.doubleclick.net
36 customerevents.netflix.com
44 ichnaea.netflix.com
50 config.samsungads.com
590 lcprd1.samsungcloudsolution.net
5216 tvpnlogopus.samsungcloud.tv
Really puts things into perspective when you see actual data on how "chatty" tv or other devices are.
Hi,
I am back to the topic because I need to plan my update of the wireless bridge.
I have few questions:
Thank you very much in advance
Any suggestions here?
Thank you
Apart from what everyone else tells (any type of dns based adblock),
you might also need to do "DNS Hijacking", since many TV's these days have hardcoded DNS/DOT/DOH endpoints for specific tracking/ad domains.
Refer here: https://openwrt.org/docs/guide-user/firewall/fw3_configurations/intercept_dns
You can redirect standard DNS to your adblock.
for DOT, you can simply block all DOT access.
for DOH, you will need banIP and use it's DOH filter list.
The above link has very clear instructions.
a Note: i recently did all the steps i mentioned above to hijack DNS and i noticed that one of my Xiaomi camera stopped working. Turns out it had hardcoded 8.8.8.8, and it pings that google's DNS to check if there's working internet available, and if not, it just stops working. So i had to whitelist that specific device to allow pings to 8.8.8.8 via iptables.
Just keep in mind, that by using banIP or similar services (in my case adblock) you are putting important decisions about what can be reached in the internet into the hands of who ever compiles these lists... that is nothing bad per se, but something to keep in mind as it clearly is something that could be abused...