How do I block an entire domain with OpenWrt?

How do I block an entire domain with Lede WRT?

I tried adding the following custom rule to the firewall tab, but the site is still accessible.

/usr/sbin/iptables -A FORWARD -m string --algo bm --string "domain.com" -j DROP

I can confirm the file is correctly placed into the /etc/firewall.user directory, but as I said, it doesn't do anything.

@TomJones, welcome to the community!

Placing domain in iptables like that doesn't work.

The easiest ways would be to:

  • Use Adblock to blacklist the domain (will prodice an NXDOMAIN response)
  • Redirect lookups to a nonexistent DNS server (long timeout period after failed resolution)

Screenshot%20from%202019-10-28%2017-52-21

3 Likes

Thanks, I tried redirecting DNS and didn't work. I've put in a bogus DNS in that field and turned the router's own IP into a ipv6. I don't know what happened, but had to do a hard reset as I couldn't access the configuration page anymore. I'll try adblock next.

Not sure what that means. Odd, I tested the bogus DNS server before I posted.

Hopefully Adblock works for you.

Router started to dish out ipv6 addresses to computers connected on the network. Also its own config page received an ipv6 address, instead of the nice 192.168.1.1

Weird, I know. Adblock works though, so all good.

1 Like