What's new

Forcing restricted mode for youtube and google search

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I have finally tested on the 384.8 firmware. It does not work for me.

Code:
RT-AC88U-C1E8:/jffs/configs# cat dnsmasq.conf.add
no-resolv
strict-order
server=208.67.222.123
server=208.67.220.123
address=/www.google.com/216.239.38.120
address=/www.google.fr/216.239.38.120
address=/explicit.bing.net/216.239.38.120
address=/www.yahoo.com/216.239.38.120
RT-AC88U-C1E8:/jffs/configs# service restart_dnsmasq
ok

RT-AC88U-C1E8:/jffs/configs# ping www.google.com
PING www.google.com (216.239.38.120): 56 data bytes
64 bytes from 216.239.38.120: seq=0 ttl=54 time=3.640 ms
64 bytes from 216.239.38.120: seq=1 ttl=54 time=3.553 ms
^C
--- www.google.com ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 3.553/3.596/3.640 ms

DIEU@RT-AC88U-C1E8:/jffs/configs# ping www.google.fr
PING www.google.fr (216.239.38.120): 56 data bytes
64 bytes from 216.239.38.120: seq=0 ttl=54 time=3.717 ms
^C
--- www.google.fr ping statistics ---
1 packets transmitted, 1 packets received, 0% packet loss
round-trip min/avg/max = 3.717/3.717/3.717 ms

RT-AC88U-C1E8:/jffs/configs#
on the router it works but not on the PC.

I would think you need a reboot to make the added conf file take.
Is the PC just doing normal DHCP, no static DNS settings? Same for the DHCP options in the router, no manually defined DNS settings to pass to clients?


Sent from my iPhone using Tapatalk
 
Read this whole thread as there are a number of pitfalls other users have encountered in doing this
I can’t see why any fw version would have any impact


Sent from my iPhone using Tapatalk
 
I would think you need a reboot to make the added conf file take.
Is the PC just doing normal DHCP, no static DNS settings? Same for the DHCP options in the router, no manually defined DNS settings to pass to clients?


Sent from my iPhone using Tapatalk

The Global Filtering to Router > does not work Any more: See below: What do you think?

 
Definitely having the custom DNS is the issue. Hopefully switching the UI to English allows you to set it back to Router.


Sent from my iPhone using Tapatalk
 
But does not work from my pc:
Code:
crosh> ping www.google.com
PING www.google.com (216.58.209.228) 56(84) bytes of data.
64 bytes from par10s29-in-f4.1e100.net (216.58.209.228): icmp_seq=1 ttl=53 time=4.30 ms
64 bytes from par10s29-in-f4.1e100.net (216.58.209.228): icmp_seq=2 ttl=53 time=4.82 ms
^C
--- www.google.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 4.303/4.565/4.827/0.262 ms
crosh>
 
Work from the router

Code:
RT-AC88U-C1E8:/tmp/home/root# ping www.google.com
PING www.google.com (216.239.38.120): 56 data bytes
64 bytes from 216.239.38.120: seq=0 ttl=54 time=3.593 ms
64 bytes from 216.239.38.120: seq=1 ttl=54 time=3.440 ms
64 bytes from 216.239.38.120: seq=2 ttl=54 time=3.225 ms
^C
--- www.google.com ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 3.225/3.419/3.593 ms
 
Here we are:

You must remove the DNS servers from the DHCP Server page. Your PCs are using OpenDNS directly because DNSFilter is forcing all DNS traffic to the router, but in your case, "Router" means the "LAN DHCP DNS 1" server.
 
It seems to work!
Code:
crosh> ping www.google.com
PING www.google.com (216.239.38.120) 56(84) bytes of data.
64 bytes from forcesafesearch.google.com (216.239.38.120): icmp_seq=1 ttl=53 time=4.29 ms
64 bytes from forcesafesearch.google.com (216.239.38.120): icmp_seq=2 ttl=53 time=4.68 ms
64 bytes from forcesafesearch.google.com (216.239.38.120): icmp_seq=3 ttl=53 time=4.33 ms
64 bytes from forcesafesearch.google.com (216.239.38.120): icmp_seq=4 ttl=53 time=4.47 ms
64 bytes from forcesafesearch.google.com (216.239.38.120): icmp_seq=5 ttl=53 time=4.39 ms

Thank you
 
Now I want to do better : forward my name request to a opendns family shield DNS : 208.67.222.123, 208.67.220.123.

here is my dnsmasq.conf.add
Code:
RT-AC88U-C1E8:/jffs/configs# cat dnsmasq.conf.add
no-resolv
strict-order
server=208.67.222.123
server=208.67.220.123
address=/www.google.com/216.239.38.120
address=/www.google.fr/216.239.38.120
address=/explicit.bing.net/216.239.38.120
address=/www.yahoo.com/216.239.38.12

It does not forward to family shield DNS
Code:
RT-AC88U-C1E8:/jffs/configs# ping www.playboy.com
PING www.playboy.com (66.254.119.42): 56 data bytes
64 bytes from 66.254.119.42: seq=0 ttl=54 time=91.703 ms
^C
--- www.playboy.com ping statistics ---
2 packets transmitted, 1 packets received, 50% packet loss
round-trip min/avg/max = 91.703/91.703/91.703 ms
Any idea?

Code:
RT-AC88U-C1E8:/jffs/configs# cat /etc/dnsmasq.conf
pid-file=/var/run/dnsmasq.pid
user=nobody
bind-dynamic
interface=br0
interface=pptp*
no-dhcp-interface=pptp*
no-resolv
servers-file=/tmp/resolv.dnsmasq
no-poll
no-negcache
cache-size=1500
min-port=4096
dhcp-range=lan,192.168.3.2,192.168.3.254,255.255.255.0,86400s
dhcp-option=lan,3,192.168.3.1
dhcp-option=lan,252,"\n"
dhcp-authoritative
interface=tun21
interface=tun22
dhcp-name-match=set:wpad-ignore,wpad
dhcp-ignore-names=tag:wpad-ignore
no-resolv
strict-order
server=208.67.222.123
server=208.67.220.123
address=/www.google.com/216.239.38.120
address=/www.google.fr/216.239.38.120
address=/explicit.bing.net/216.239.38.120
address=/www.yahoo.com/216.239.38.12


Code:
cat /tmp/resolv.dnsmasq
server=192.168.1.1
I dont know why we have this line!
 
Last edited:
Now I want to do better : forward my name request to a opendns family shield DNS : 208.67.222.123, 208.67.220.123.

here is my dnsmasq.conf.add
Code:
RT-AC88U-C1E8:/jffs/configs# cat dnsmasq.conf.add
no-resolv
strict-order
server=208.67.222.123
server=208.67.220.123
address=/www.google.com/216.239.38.120
address=/www.google.fr/216.239.38.120
address=/explicit.bing.net/216.239.38.120
address=/www.yahoo.com/216.239.38.12

It does not forward to family shield DNS
Code:
RT-AC88U-C1E8:/jffs/configs# ping www.playboy.com
PING www.playboy.com (66.254.119.42): 56 data bytes
64 bytes from 66.254.119.42: seq=0 ttl=54 time=91.703 ms
^C
--- www.playboy.com ping statistics ---
2 packets transmitted, 1 packets received, 50% packet loss
round-trip min/avg/max = 91.703/91.703/91.703 ms
Any idea?
Remove the server= lines in your dnsmasq.conf.add and just put the OpenDNS Family IP addresses in the DNS 1 and 2 fields on your WAN page. That's how my router is setup and when I ping from my router, it's giving me the OpenDNS blocking IP.
Code:
admin@RT-AC68U-8C78:/tmp/home/root# ping www.playboy.com
PING www.playboy.com (146.112.61.106): 56 data bytes
64 bytes from 146.112.61.106: seq=0 ttl=55 time=15.970 ms
64 bytes from 146.112.61.106: seq=1 ttl=55 time=16.414 ms
 
Here is my final config that seems to work with current Firmware Version:384.8 :

Code:
RT-AC88U-C1E8:/jffs/configs# cat dnsmasq.conf.add
no-resolv
strict-order
address=/google.com/216.239.38.120
address=/google.fr/216.239.38.120
address=/explicit.bing.net/216.239.38.120
address=/www.yahoo.com/216.239.38.120





Then I test:

Code:
RT-AC88U-C1E8:/jffs/configs# ping www.google.fr
PING www.google.fr (216.239.38.120): 56 data bytes
64 bytes from 216.239.38.120: seq=0 ttl=54 time=3.229 ms
64 bytes from 216.239.38.120: seq=1 ttl=54 time=3.098 ms
^C
--- www.google.fr ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 3.098/3.163/3.229 ms

RT-AC88U-C1E8:/jffs/configs# ping www.playboy.com
PING www.playboy.com (146.112.61.106): 56 data bytes
64 bytes from 146.112.61.106: seq=0 ttl=56 time=11.776 ms
64 bytes from 146.112.61.106: seq=1 ttl=56 time=11.561 ms
^C
--- www.playboy.com ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 11.561/11.668/11.776 ms
 
Hi..
I use Tomato firmware and I use the following script under Administration/Init

tlds="com ac ad ae com.af com.ag com.ai al am co.ao com.ar as at com.au az ba com.bd be bf bg com.bh bi bj com.bn com.bo com.br bs bt co.bw by com.bz ca com.kh cc cd cf cat cg ch ci co.ck cl cm cn www.g.cn com.co co.cr com.cu cv com.cy cz de dj dk dm com.do dz com.ec ee com.eg es com.et fi com.fj fm fr ga ge gf gg com.gh com.gi gl gm gp gr com.gt gy com.hk hn hr ht hu co.id ir iq ie co.il im co.in io is it je com.jm jo co.jp co.ke ki kg co.kr com.kw kz la com.lb com.lc li lk co.ls lt lu lv com.ly co.ma md me mg mk ml com.mm mn ms com.mt mu mv mw com.mx com.my co.mz com.na ne com.nf com.ng com.ni nl no com.np nr nu co.nz com.om com.pa com.pe com.ph com.pk pl com.pg pn com.pr ps pt com.py com.qa ro rs ru rw com.sa com.sb sc se com.sg sh si sk com.sl sn sm so st com.sv td tg co.th com.tj tk tl tm to tn com.tn com.tr tt com.tw co.tz com.ua co.ug co.uk us com.uy co.uz com.vc co.ve vg co.vi com.vn vu ws co.za co.zm co.zw"

mkdir -m 777 -p /tmp/etc/dnsmasq/hosts

{

for tld in $tlds

do

echo "216.239.38.120 www.google.$tld"

done

} > /tmp/etc/dnsmasq/hosts/safesearh.hosts


This covers all of google's domains and redirects them to SafeSearch.
I hope this helps someone here.
 
I've just found this old thread of mine. It's been quite a while since I tried to create a script for an ASUS router as I've been using a different brand in the meantime. Having finally managing to log in to my RT-AC86U after several failed attempts, I note that the jffs folder appears to be empty. Is that normal as I'm sure there were a lot of sub folders the last time I delved into this kind of thing?
 

Attachments

  • Screenshot - 29_05_2019 , 19_55_13.png
    Screenshot - 29_05_2019 , 19_55_13.png
    16.3 KB · Views: 228
I've just done a second reboot and everything seems more familiar now.
 

Attachments

  • Screenshot - 29_05_2019 , 20_17_49.png
    Screenshot - 29_05_2019 , 20_17_49.png
    35.5 KB · Views: 216

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top