Help block certain domain with certain MAC address client via DNS

Dear experts,

I'm having a problem and need to receive advice from your site. I completed the block access domain from all clients connected to the Router in OpenWrt from this: https://openwrt.org/docs/guide-user/base-system/dhcp_configuration#dns_filtering

Now, I'm having a problem blocking access to certain MAC clients connected to a certain domain, I tried several ways but it still blocks all clients connected to the router.

Based on your expertise, could you please advise me on some solutions can I come up with?

I"m using TP-Link Archer C50 of OpenWrt version 21
Thank you so much,

Is this not the same thing as was being discussed in your other thread (Block domain not update after dnsmasq restart - #54 by frollic)?

And why was the thread posted in the developers section ?

hi @krazeh
Thank you for your reminder, that the problem block domain is solved. Now I'm raising new questions for certain domains with certain MAC separately due to I'm not yet find out a good solutions and looking support from experts

hi expert, I don't know this is suitable for developer or not. In my opinion this problems I am not yet clear how to solve by software configuration. So I raised in developer part, if it is not correct, please correct to me.
Thank you so much

Just because you don't know what's wrong/how to fix it, doesn't automatically make it a bug.

yes, I think so. maybe I need a reference from OpenWrt for this case. I referred other questions from the forum, unfortunately, it seems not clear and I don't know which one is correct

You already go one, you posted it yourself.

What's different from your old thread?
What are you trying to do this time?

I tried with previous recommendation, but it not work. Now I came up with this reference:

it also not working, based on your expertise could you please help me some references?

No, because you don't say what's not working...

And the question is as always, are you sure your client actually uses your DNS ?

let me produce my process as below:

1. I'm just following instruction for block domain https://openwrt.org/docs/guide-user/base-system/dhcp_configuration#dns_filtering
   

   

   image1112×870 43.8 KB

2. I'm trying to setup filter MAC address by link I shared before under IP address: 192.168.1.125 of my client device connect to router.
   

   

   image1436×726 105 KB
   
   below is list of device connected to router:
   
   

   image1442×698 123 KB

after that I tested to connect Youtube, all clients device blocked as picture below:

image1920×1445 183 KB

My expectation should only block access to my Phone and my laptop can access Youtube.

That is all the processes I did, Could you please help me with which part am I wrong?
Thank you so much

I'd make sure to add UDP to the firewall rules.

If your rules are as in your old thread, then they're wrong, you've been told this already, at least twice, in the old thread.

What's the 2nd fw rule for, if you only want to block one device/IP?

Yes expert, even I added UDP to the firewall rules as you recommended. it is still false wit that

image1450×798 124 KB

image1920×1438 197 KB

It'll be applied for all devices, so no, it isn't.

The 1st rule is wrong too.

Forward UDP and TCP port 53 from IP .125 to 192.168.1.1.

regarding your expertise, do you have any recommendations for this case?
Result I changed IP from .125 to .1, it seems not working

image1460×806 122 KB

image1920×1439 132 KB

You just got them, and you didn't follow them.

that's right expert!! YOU are so expertise, I got it~~ Let me test more~~~

oh, so sorry expert. it seems not working Sir~~

1. I changed setup for from 192.168.1.125 and it MAC address to plan IP 192.168.1.1
   
   

   image1446×802 128 KB
2. I tested with 2 clients phones, it is blocked all 2 clients and the laptop can access as expected.
   
   

   image1920×1441 205 KB

As you've been told, delete the 2nd rule.

Yes expert, I removed the 2nd line, It also failed

image1440×672 106 KB

image1920×1398 157 KB