im on a archer c7 with lede. It works relay good, no doubts.
The one thing what me let leave the system is the question how to enable parental controlls EASY.
YES: I can write some block lists. But thats not easy. Im an it-guy, but i cant know everything and everytime.
Now i have her a Synology RT2600ac. They implenet a google-safer search for a device i can select and they have blocking lists (dont no what source) for a light blocking and for heavy blocking and so on - depend on the device, and not the whole system.
The performance of that Mu-Mimo router is great, but the old archer c7 is not so bad over all. So i have to think about my 200bucks. The one and only thing i dont like to make by hand are that parental controlls and they race my mind.
Dont kill my, its a serious question. Is there a way to enable this in an easy way?
What I did is that I forced everybody to get through OpenDNS, then I've whitelisted the stations that I didn't want to be using OpenDNS and replaced their preferred DNS by pushing the GoogleDNS with DHCP option 6.
If you want to restrict everybody except some stations, be sure to whilelist devices like Bluray players, XBox, Audio amplifiers, IP-Phones, NAS and all other IoT-alike devices otherwise you might end up having problems with them.
Then I've created hostnames for Google and Youtube to force them in to "low restricted mode". My technique is not perfect, but it get most of the job done. Here are the hostnames that I've forced:
I've followed the following guide, but I used the "reverse behaviour, i.e. all devices use OpenDNS except the ones you tag" method (see replies on the main post):
I have to admit that it looks harder than it is , and it might not fit your definition of "easy"...
Google which used have safe search IPs in it's support pages, has lately changed it to CNAMEs (restrictmoderate.youtube.com). Probably because domains could resolve to IPv6 as well. Above, Google, YouTube, and DuckDuckgo provide cnames, and the rest IPs. LEDE Docs: DNS config - cname (each cname has it's own entry)
The above link for dnsmasq tagging @nicolas314.wordpress.com is a good way to selectively enable( or not enable) OpenDNS/Norton/Comodo network-wide.
thats tons of infos. Im not sure what i like to do.
The problem is that i fu..ing love lede/openwrt but im not able to check and proof that all that stuff works.
If i setup Bing oder YT....what if there are some things in another portal. Safer search should run into the router and not on the device from a kid - if there are some friend and they are connected to my guestnetwork, they HAVE to be safe, also if they dont like :D. These link to nicolas are great.
I let my mondey decide :D. Mu-Mimo is also not the baddest solution
Just an update after month. Im on synology right now. There have a working parental controll (without doing a lot). As a source they working with that: http://dsi.ut-capitole.fr/blacklists/index_en.php
I've done all the things I can find on using OpenDNS and none of them seem to work. They still let inappropriate sites through. Even tried Adblock which reports that a site is found in one of the lists (even added to blacklist and still came through), but allows it through on the browser. Not sure some of it's not getting through on IP6, and I've tried to turn all that off, but still it gets through. I'm okay with some simple settings that have ALL DNS requests go through OpenDNS, maybe at some point I'd make some exceptions, but I just want to put this router in place.
I've done a lot of flashes getting the modem to work, so have that down. If a DNS fix is fairly easy I may reflash just to get back to a proper/fully configured router. I've made A LOT of changes, surprise the internet still works.
I'm running rOOter, Firmware Version GoldenOrb_2017-07-01 ( LEDE 17.01.2 r3435-65eec8bd5f ) / LuCI branch (git-17.152.82987-7f6fc16)
wwan0 appears to be getting the ISP DNS settings. I have the OpenDNS set in the ModemInfo page for the first modem.
The problem ist? For a normal Dad or a mum this is to difficult.
My Archer C7 will go active as soon as possible if i see a easy solution. So it is a extender behaind my Synology. If i look to linksys or some others? There are "parental" controlls who arfe not acceptable. You can block websites by typing her names.....yeah, pretty easy. Some otheres say "Do this on the computer/smartphone from the person who need this" - NOOOO. Why? A central point with an easy to use parental control is important for a lot of parents.
Im able to setup this - but im not willing to check this
, and it might not fit your definition of "easy"...
