Thank you. Adding the Cloudflare dns to the LAN did work. I still don't understand why it won't work when entered in the WAN settings, but then again, my knowledge about this is very limited.
Adding the dns to the LAN does enable filtering, however, it's still a bit like whack a mole. It's impossible to filter everything.
You're welcome. I'm happy it's working for you. And you're correct, whack-a-mole is a great analogy. If I may make a suggestion, try out AdGuard's Family Protection DNS.
IPv4:
176.103.130.132
176.103.130.134
IPv6:
2a00:5a60::bad1:0ff
2a00:5a60::bad2:0ff
Their GitHub Team's main page is here:
https://github.com/AdguardTeam
From there you can find all the info you need including links to their standard website and forum. There are some who believe that since the developers are Russian-born and began the company in Russia - it's now Cyprus based however the founder, Andrey, as well as a majority of devs still have residences in Moscow (mainly) - that the services they provide must somehow be tainted, to state it politely.
However, relative to any other DNS providers within but not limited to the U.S. and it's (n)Eyes parter nations, it's simply not true. Excepting one OpenNIC provider (luggs) who only accepts whitelisted connections and has logging disabled on the two servers they run out of Canada. Note that their may be others within OpenNIC but I've known them since they first put the servers online in 2014 so I
personally trust them. And that's what it comes down to unless you run a LAN DNS server. That in addition to Provider's complete privacy policies as well as their actual privacy track records. Take Google as a main example, but CloudFlare itself cannot be excluded either, despite the public claims regarding "privacy". Take the time to read their entire Privacy Policy and you'll see that what's on the front if the box doesn't match what's on the back.
I've been a beta tester for a few products they offer and currently beta test AdGuard iOS which offers DoT, DoH, and DNSCrypt plus system wide "adblocking". It's the only product for iOS / iPadOS that offers DoT with adblocking. I sound like a salesman here but it's just my way of preemptively halting any possible anti-anything-Russian trolling.
Give it a try to compare the effectiveness. The results will speak volumes for you to make an informed decision.