Which dropdowns? My custom fields in DNSFilter are without dropdowns.Thank you Dave,
The drop down filters seem to support the backup IP's. Possibly I'm asking for an enhancement. I'm could wrong about the dropdown's redundant IP and in that case an enhancement for this would be good as well.
Morris
You can create multiple DNS filters for a given client based on its MAC address using multiple entries. However, it will NOT work as expected, because all the DNS filter does is create a redirect rule w/ iptables, which intercepts any DNS requests to port 53 and changes the destination IP to the requested DNS server. If that fails, the client loses DNS! It's NOT like DNSMasq, where if a given DNS server is unavailable, it will try another DNS server. That's why DNS filters are NOT a panacea. It assumes the DNS server will always be available and working. There is no backup!
Hmm. I see distinct services listed with variations for different filtering levels (e.g. OpenDNS Home vs Family, Cleanbrowsing Family vs Adult vs Security). No allusion to the backup IPs.
As you say, clients are specified by their MAC addresses rather than IP. So to do what you want you'd have to write aThis got me thinking. Say all my devices has manually assigned IP using Global filter mode router. Now I set LAN DHCP ip pool from 192.168.1.225 to 192.168.1.238 for my guest. Is there anyway I can predefine 192.168.1.224/28 to Custom DNS 1? As of now it seems I can only add it once the router learned their MAC address?
nat-start
script.#!/bin/sh
iptables -t nat -I DNSFILTER -s 192.168.1.224/28 -j DNAT --to-destination 8.8.8.8
8.8.8.8
to be whatever DNS server you want. This rule will take priority over any clients that may be specified in the GUI.Just to add... 192.168.1.224/28 would be 192.168.1.224 to 192.168.1.239 inclusive as it's an IP range not a network (where .224 is the network and .239 is the broadcast).Now I set LAN DHCP ip pool from 192.168.1.225 to 192.168.1.238 for my guest. Is there anyway I can predefine 192.168.1.224/28 to Custom DNS 1?
Thanks @ColinTaylor , it works very well. I substituteAs you say, clients are specified by their MAC addresses rather than IP. So to do what you want you'd have to write anat-start
script.
Obviously changeCode:#!/bin/sh iptables -t nat -I DNSFILTER -s 192.168.1.224/28 -j DNAT --to-destination 8.8.8.8
8.8.8.8
to be whatever DNS server you want. This rule will take priority over any clients that may be specified in the GUI.
8.8.8.8
with $(nvram get dnsfilter_custom1)
.Dumb question, in this case can I assign the first and last ip in the dhcp pool?Just to add... 192.168.1.224/28 would be 192.168.1.224 to 192.168.1.239 inclusive as it's an IP range not a network (where .224 is the network and .239 is the broadcast).
Yes, if your pool is 192.168.1.224 to 192.168.1.239.Dumb question, in this case can I assign the first and last ip in the dhcp pool?
Typo.Code:iptables -t nat -I DNSFILTER -m iprange --src-range 192.168.1.224-238 -j DNAT --to $(nvram get dnsfilter_custom1)
iptables -t nat -I DNSFILTER -m iprange --src-range 192.168.1.224-192.168.1.238 -j DNAT --to $(nvram get dnsfilter_custom1)
Typo.
Should be:
Or whatever IP range he desires.
Great. In this case I can make use of nvram get dhcp_start and nvram get dhcp_end in the source range. Then I don’t need to manually edit this in nat-start next time I change the dhcp pool?Typo.
Should be:
Or whatever IP range he desires.Code:iptables -t nat -I DNSFILTER -m iprange --src-range 192.168.1.224-192.168.1.238 -j DNAT --to $(nvram get dnsfilter_custom1)
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!