Adblock is working for my internal network.
I have added Port Forwarding rules to redirect ports 53 & 853 to my OpenWrt router. That is working well for 'Desktop Chrome' with 'Secure DNS' enabled in the application.
Android Chrome isn't playing ball and is circumventing the DNS rules.
I've tried redirecting 8.8.8.8 and 8.8.4.4 ports 53 & 853 to OpenWRT, but it's still failing.
Any ideas how to fix this?
Android uses DoT on OS-level, you need to disable it too, under Settings -> More connections -> Private DNS.
Or what vgaetera wrote.
Everything works with 'secure DNS' disabled in Android, but I'd rather not disable it globally because I use my phone outside the home.
I tried this:
But it is still bypassing my router.
You also need to block/disable DoH since Chrome uses it by default.
It's either secure or it isn't.
Yes the whole point is to prevent a man in the middle, such as your router, from being able to redirect DNS.
I installed 'ipset' and followed the DoH instructions. Secure DNS is now being intercepted and adblock is being invoked.
Thanks for your help.
One last thing - is there a 'use secure DNS' setting that I can apply on the router?
Security is relative and depends on what we consider to be a threat or not.
Moreover, security that silently falls back to an insecure protocol is questionable.
I installed this package and it is now working.
luci-app-https-dns-proxy
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.
