Menu
What's new
By:
Filters Better Search

Recent content by Dux

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. D

    Blocking GoogleDNS & others via Diversion, Firewall-NSF &/or static routing

    OK, i haven't gotten into VPN on the router, hopefully won't have to. I'm trying to keep things simple & reliable.
  2. D

    Blocking GoogleDNS & others via Diversion, Firewall-NSF &/or static routing

    Thank you again. since as far as i can tell, firewall NSF + Diversion block what I want (and preventing DNS DoH/DoT bypassing of the same) and nothing more I'll stick with that for now. If the devices manage to bypass that I can try static routing again and if that doesn't work I'll use the...
  3. D

    Diversion Diversion device exclusion & Unbound

    I'm not sure if I should be asking this here or the Unbound threads. I have been using Diversion lite with a device exclusion for a while, the device skips Diversion ad-blocking & uses WAN DNS as expected. I tried using Unbound via AMTM, default settings, devices globally use Diversion...
  4. D

    Blocking GoogleDNS & others via Diversion, Firewall-NSF &/or static routing

    Thank you for your suggestions. I made some changes, so hopefully I'll get this right. All port 53 traffic is going through router. For blocking hardcoded DoT & Google DoH, in Network Services Filter, if I just want this to apply to my Rokus only (each with manually-assigned IPs), and nothing...
  5. D

    Blocking GoogleDNS & others via Diversion, Firewall-NSF &/or static routing

    I'm blocking content on specific clients by setting DNS Director to "Router" & using Diversion filters. Some apps on these devices are hardcoded to use Google DNS. I'm trying to determine if the following is the best way to prevent these devices from using DNS to bypass my router's DNS &...
  6. D

    WAN DNS Setting: Using different DoT servers

    Thank you.
  7. D

    WAN DNS Setting: Using different DoT servers

    RT-AX86S, 512 MB RAM. Both approaches are subjectively the same performance wise for now, but I've seen a number of arguments against using the router for anything but routing. If I was using a huge blocklist I'd just use NextDNS or Control D, but with streaming devices blocking more than you...
  8. D

    WAN DNS Setting: Using different DoT servers

    Drinkingbird: Your advice has been very helpful. It looks like just using the ISP or a fast public DNS at the router and avoiding non-essential router features like DoT, DNSSEC, IPv6 etc. will cause the least friction. I do have a somewhat related question, I'm using DNS Director + Diversion...
  9. D

    WAN DNS Setting: Using different DoT servers

    OK, thank you for clearing that up. OK, thank you all for your insights. It looks like I'll just forget about DoT via the router for now. DoH at the browser or device level doesn't cause these hangups or noticeable latency issues for my usage, but does it provide any benefit at all for home...
  10. D

    WAN DNS Setting: Using different DoT servers

    Is there any benefit or detriment to using different DNS-over-TLS servers, eg: Quad9 & Cleanbrowsing? My issue is similar to: https://www.snbforums.com/threads/dns-filtering-brakes-reddit.78907/post-762580 I am currently using Quad9 DoT, Opportunistic profile. In Firefox some sites randomly...
  11. D

    Diversion Is it possible to only use custom wildcard filters and remove all hosts filters?

    Thank you for your reply! Yes, Diversion does seem to be working properly. Following up, in the Diversion terminal menu some of my custom wild card blacklist entries are appended with #(forced entry) which I believe indicates overlap with a hosts list, however, all hosts lists here should...
  12. D

    Diversion Is it possible to only use custom wildcard filters and remove all hosts filters?

    I attempted to exclusively use just a small number of custom wildcard blockers, however uiDivStats still shows blocking by hosts lists. I started with the minimal list, in Diversion terminal menu, Blocking list options -> Change composition -> Customizable hosts lists, I deleted the single...
  13. D

    Diversion Should I use Diversion Standard or Lite for streaming devices?

    Thank you for your assistance previously. Diversion Lite is working as expected for blocking ads in streaming devices and for excluding ad blocking globally as follows: IP Pool Starting Address: 192.168.50.3 Ad-blocking exclusion IP Address: 192.168.50.2...
  14. D

    Diversion Diversion 4.3.3 - the Router Ad-Blocker, released April 02 2023

    I have IPv4 requests mapped to 192.168.50.3 using generic Diversion-Lite blocking, if I also want to apply it to IPv6 requests, what exactly should I specify in the for IPv6 box? Should I leave it blank or do I specify a code (I'm not clear on what you meant by [::])? Thank you.
  15. D

    Diversion Should I use Diversion Standard or Lite for streaming devices?

    I am using Diversion in standard mode exclusively with some Roku Ultras, it is working as expected. I am unaware of any means of installing certifications on these devices. Is there any performance advantage to using Diversion standard with pixelserv-tls in this situation or would using...
See more
Top