Help block certain domain with certain MAC address client via DNS

Dear experts,

I'm having a problem and need to receive advice from your site. I completed the block access domain from all clients connected to the Router in OpenWrt from this:

Now, I'm having a problem blocking access to certain MAC clients connected to a certain domain, I tried several ways but it still blocks all clients connected to the router.

Based on your expertise, could you please advise me on some solutions can I come up with?

I"m using TP-Link Archer C50 of OpenWrt version 21
Thank you so much,

Is this not the same thing as was being discussed in your other thread (Block domain not update after dnsmasq restart - #54 by frollic)?

And why was the thread posted in the developers section ?

hi @krazeh
Thank you for your reminder, that the problem block domain is solved. Now I'm raising new questions for certain domains with certain MAC separately due to I'm not yet find out a good solutions and looking support from experts

hi expert, I don't know this is suitable for developer or not. In my opinion this problems I am not yet clear how to solve by software configuration. So I raised in developer part, if it is not correct, please correct to me.
Thank you so much

Just because you don't know what's wrong/how to fix it, doesn't automatically make it a bug.

1 Like

yes, I think so. maybe I need a reference from OpenWrt for this case. I referred other questions from the forum, unfortunately, it seems not clear and I don't know which one is correct

You already go one, you posted it yourself.

What's different from your old thread?
What are you trying to do this time?

1 Like

I tried with previous recommendation, but it not work. Now I came up with this reference:

it also not working, based on your expertise could you please help me some references?

No, because you don't say what's not working...

And the question is as always, are you sure your client actually uses your DNS ?

1 Like

let me produce my process as below:

  1. I'm just following instruction for block domain

  2. I'm trying to setup filter MAC address by link I shared before under IP address: of my client device connect to router.

    below is list of device connected to router:

after that I tested to connect Youtube, all clients device blocked as picture below:

My expectation should only block access to my Phone and my laptop can access Youtube.

That is all the processes I did, Could you please help me with which part am I wrong?
Thank you so much

I'd make sure to add UDP to the firewall rules.

If your rules are as in your old thread, then they're wrong, you've been told this already, at least twice, in the old thread.

What's the 2nd fw rule for, if you only want to block one device/IP?


Yes expert, even I added UDP to the firewall rules as you recommended. it is still false wit that

What's the 2nd fw rule for, if you only want to block one device/IP?
=> I only want to block one device/IP, that is correct. However, I don't know if this rule is correct or not expert

It'll be applied for all devices, so no, it isn't.

The 1st rule is wrong too.

Forward UDP and TCP port 53 from IP .125 to


regarding your expertise, do you have any recommendations for this case?
Result I changed IP from .125 to .1, it seems not working

You just got them, and you didn't follow them.

1 Like

that's right expert!! YOU are so expertise, I got it~~ Let me test more~~~

oh, so sorry expert. it seems not working Sir~~

  1. I changed setup for from and it MAC address to plan IP
  2. I tested with 2 clients phones, it is blocked all 2 clients and the laptop can access as expected.

As you've been told, delete the 2nd rule.

1 Like

Yes expert, I removed the 2nd line, It also failed