yes it does have dhcp cuz it's wireless there's no cable between the 2 routers
What os do you use? Can you run a trace route to 8.8.8.8 please?
I guess 192.168.11.1 is your ISP router?
As I understand it, youâre trying to block websites from being accessed from a phone?
Doesnât the phone have its own internet connection? And therefore its user (you) can just disconnect the phone from your wifi and access anything you want via the cellular network?
Thereâs nothing any router can do to stop that.
You are looking at this all wrong, to stop your devices being used for purposes you want blocked you need to use the devices own block options, like Family Safety in windows and Parental blocking in apple devices.
That will get you the outcome you want and not be able to be bypassed by changing network
i use just this wifi network and don't use data
And what will stop you changing your mind if, by some miracle, you do work out how to implement flawless dns blocking on an ancient version of openwrt?
How about this then, these are devices controlled by you that you want to enable blocking on.
Why not go the simplest route and hardcode the dns for your devices to be 1.1.1.3 and 1.0.0.3 - the cloudflare adult and malware blocking dns service.
These work great, are very fast and almost effortless to set up.
If you need ipv6 then add 2606:4700:4700::1113
Problem solved.
i'm blocking thos sites from myself but i think i know evey way to bypass them that's why i want a method to block them the router
If you are the one setting up the router with these blocking methods, you'll also know how to circumvent them. So it's not clear how this is any different than setting up parental controls on the devices themselves or having those devices use a 'family-safe' DNS server?
The only way this really works is if the user who is being blocked from sites/services does not have access to change the blocking mechanisms. So, unless you'll be asking someone to change the password on your router, you can just as easily log back in and revert/circumvent the blocks as you can with local controls on your devices.
1 Like
Some ISPs offer adult content blocking. Does your ISP offer this service?
nope it doesn't
Just FYI.
The test information given by @d687r02j8g for https://1.1.1.1/help doesn't do anything to test to see if you're even using 1.1.1.1 for plain DNS services. What it tests for is listed:
- "Connected to 1.1.1.1" - tests WARP
- "Using DNS over HTTPS (DoH)" and "Using DNS over TLS (DoT)" - self-explanatory
- "Using DNS over WARP" - self-explanatory
Perhaps @d687r02j8g can explain why he gave this test.
Apologies, you're right, I should have been clearer.
In the "AS Name" section it will say who the DNS provider is you're currently using.
So if the firewall rules are working, it will always show the router configured DNS server and not the overridden servers on the device.
E.g. if you're using Google DNS on the router and you have a firewall rule to redirect all traffic to the router. Then on a device you set DNS to 1.1.1.1, on the https://1.1.1.1/help page, the "AS Name" section will either say "Cloudflare" if the firewall rule isn't working or "Google" if it is working.
Hope this makes sense. I'm open to learning better ways of doing things!
1 Like