Hello after spending months trying to get DDWRT to meet my needs I have finally given up realizing that it is not all it is was hyped up to be. So what do I need that DD cant do, well I am glad you asked.
Immediately what I need either out of the box sort of speak or via a supported package is the following:
- Ability to restrict internet access via deny and or filter rules and assign based on MAC addresses.
- Ability to set access restrictions to enable and disable based on a schedule (Day/Time) the schedule must support crossing into next day (cross over midnight). Example I may want to deny access from 8pm on a Monday to 8am Tuesday. (DDWRT can not do this)
- Firewall with controls to deny access to a single IP address, a range of IP addresses, or entire networks via subnet masking and allow exclusions to rule based on MAC address.
- Firewall that allows for enabling and disabling rules on a schedule (Day/Time).
- Firewall that can identify and restrict access to URLs with the HTTPS: protocol. (May be a long shot).
With kids at home for school, I need to tighten up access and controls so the time I wasted with DDWRT has put me behind schedule and hope you all can help me avoid wasting more time. If you can just let me know what is possible and what is not with OpenWRT and supported packages it would be much appreciated. Obviously any constructive advice is always welcome.
Thank you in advance for your help.
If helpful I am running a Netgear Nighthawk R7000 and have another as backup.
The parental controls docs might be worth looking into, it sounds like it should meet your needs.
The chips in the R7000 do not have good open wifi drivers so it should be considered only for a wired role with OpenWrt.
It's much better to put restricted users into whole separate networks so then even if they figure out how to set a static IP and/or change their MAC addresses they are still blocked by a rule that affects the whole network they are on.
The cross over midnight time you might have to do with two rules, one for the evening leading up to midnight and one from midnight until the morning.
Crossover works fine in my experience.
What you want is all in Gargoyle. https://www.gargoyle-router.com/index.php I don't know if it runs on the r7000 tho.
Openwrt really turns your router in to a "linux box".
Giving a quick look into my router, i can't easily find any of your requests.... so i think you wanna sail clear of Openwrt.
Not everything is easy configurable with a browser interface, you kinda need to know some network "lingo".
BUT if your handy with scripts (or want to figure things out yourself with research) it is a rom you gonne love, essentially you can change/edit/create any thing you want!
I am a system administrator by trade, and even i had to take my time to figure stuff out when i flashed it....
Personally i use openwrt because my router is end of life by the manufacturer.
But after using it for a year now, im really hooked! And thinking about adopting it for any future router i may buy!
Thank you all for your input it is very much appreciated. I am a former network engineer but have little time to become the family help desk and infrastructure engineer so I need something quick and painless which is sounding more and more like a firewall appliance or router with ACL and firewall will be the path for me. If anyone has a referral for a device to meet my needs I would be happy to take any feedback. Thank you again for your input it was very much appreciated.
This should meet most of your criteria.
Once configured with CLI, you should be able to customize it later using WebUI.
There's no specific hardware requirements.