Blocking websites without using an external packages

karimhi · February 2, 2023, 11:26am

hi guys i use and old openwrt version which is 12.09 attitude adjustment because it's the most stable for my router but i want block adult content websites.
but i there's no AdBlock package on this old version.

is there any way to block websites with no pacakges ?

frollic · February 2, 2023, 11:28am

use an external DNS like AdGuardHome
or add the entries to the dnsmasq.conf, if it was used in 12.09.
adding them to the hosts file might work too

karimhi · February 2, 2023, 11:37am

i tried with dns and it's working but if you set manually google dns on your phone you will bypass and get to those website i want like a permanent block

karimhi · February 2, 2023, 11:37am

how to add hosts?

frollic · February 2, 2023, 11:38am

then you catch all DNS traffic not going to your DNS, and redirect them, in your firewall.
or just block everything not going to your DNS, forcing the devices to use it.

you'll have a bigger headache with DoH though.
there's also DoT, but that's easy to block in the fw.

frollic · February 2, 2023, 11:41am

edit it ?

https://www.ibm.com/docs/en/aix/7.1?topic=formats-hosts-file-format-tcpip

put 0.0.0.0 as IP for the FQDNs you'd like to block.

pretty sure the banip package is using ipset, check if you have ipset,
then you can do the same as banip, without actually using the package.

Fossi18 · February 2, 2023, 11:48am

I use DNS this

karimhi · February 2, 2023, 11:51am

it's easy to bypass just puy 8.8.8.8 in your phone and that's all

karimhi · February 2, 2023, 11:56am

@frollic should i copy this https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/porn/hosts
and past it in host file ?

frollic · February 2, 2023, 11:56am

append it, assuming your DNS reads the hosts file.

karimhi · February 2, 2023, 11:58am

i'll use OpenDNS Family Shield dns

frollic · February 2, 2023, 11:59am

then you dont't need the hosts file, but need to make sure the clients don't bypass your DNS.

also, phones can always just switch off wifi, and you can't do anything about it.
or sign up for some free VPN.

it's a cat and mouse game, in the end, a game you'll lose.

karimhi · February 2, 2023, 12:02pm

i'm blocking those sites from myself lol , and i KNOW bypass it
i want a method that can't be bypassed from phone only if settings changed in router.
do u know how ?

frollic · February 2, 2023, 12:04pm

too bad I just told you how

not sure what this means, but you already received several suggestions ...

karimhi · February 2, 2023, 12:26pm

should i put the adule content hosts in etc/hosts or etc/dnsmasq.conf ?

frollic · February 2, 2023, 12:28pm

you already asked this, and received an answer.

karimhi · February 2, 2023, 12:29pm

IM ASKING cuz i tried and it's blocking nothing

frollic · February 2, 2023, 12:30pm

then you're probably facing Blocking websites without using an external packages - #5 by frollic

karimhi · February 2, 2023, 12:33pm

should i select accept on forward ??

frollic · February 2, 2023, 12:35pm

which rule is it ?
the top one ?
or are you adding a new one ?