Menu
What's new
By:
Filters Better Search

Guiderails - an auxiliary whitelist only Merlin add-on

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

WhyNetworkAtAll

WhyNetworkAtAll

Occasional Visitor
Guiderails is an add-on to Merlin's AsusWRT firmware. It adds a an auxiliary DNS service that blacklists everything and then selectively whitelists specific servers for a fully controlled and curated internet experience. The typical use case is to enable online education for young kids by blocking ALL internet sites, except for a dozen or two sites manually added by parents/teachers for an online experience that's safe and avoids time wasters.

This is unlike existing parental controls that follow a probabilistic approach based on keywords or based on large lists (e.g. OpenDNS). Note that this does NOT alter your routers primary DNS service, so the rest of your home devices are free to do whatever they want. This means you can use your ISPs/Google's/CloudFlare/PiHole/Diversion DNS service as your router's primary DNS service and Guiderails as your auxiliary DNS service for the little ones.

Please refer to https://github.com/SidShetye/guiderails for installation and usage.
 
Last edited:
I like this approach to blacklisting everything by default. I have a few customers that may find it useful for their young ones (or the older ones too when they need to be 'in school' and not just surfing). :)
 
I don't see a check for Entware being installed in your script.
While Diversion installs Entware by default, amtm has an independent Entware installer.
 
thelonelycoder said:
I don't see a check for Entware being installed in your script.
While Diversion installs Entware by default, amtm has an independent Entware installer.
Click to expand...

Good point. Do you have some reference code on how to perform that check? I can simply error out with a help text like "Please install Entware via amtm (see https://github.com/RMerl/asuswrt-merlin.ng/wiki/Entware)". I also think I shouldn't be overwriting the guiderails.conf during installation. because for re-installs, it'll overwrite a user's customized version.
 
WhyNetworkAtAll said:
Good point. Do you have some reference code on how to perform that check? I can simply error out with a help text like "Please install Entware via amtm (see https://github.com/RMerl/asuswrt-merlin.ng/wiki/Entware)". I also think I shouldn't be overwriting the guiderails.conf during installation. because for re-installs, it'll overwrite a user's customized version.
Click to expand...
I run two tests that might be useful to you.

This is a basic test for Asuswrt-Merlin:
Code: 
[ -f /usr/sbin/curl ]
And this checks for Entware being present:
Code: 
[ -f /opt/bin/opkg ]

Also, since you use a virtual IP, a check needs to be run against Access restriction in Administration > System.
If set, a rule needs to be added, the code is in the Diversion install.div file set_access_restriction() function to add an exception.
To remove the access restriction, see functions.div at the bottom in function remove_diversion().

When re-installing, do a test if the config file is present and prompt the user with an option to overwrite or not.

And think ahead and add a menu driven user interface so less technical users are able to use your script, with the advantage of your script being ready to be added to amtm at some point.
 
thelonelycoder said:
I run two tests that might be useful to you.

This is a basic test for Asuswrt-Merlin:
Code: 
[ -f /usr/sbin/curl ]
And this checks for Entware being present:
Code: 
[ -f /opt/bin/opkg ]

Also, since you use a virtual IP, a check needs to be run against Access restriction in Administration > System.
If set, a rule needs to be added, the code is in the Diversion install.div file set_access_restriction() function to add an exception.
To remove the access restriction, see functions.div at the bottom in function remove_diversion().

When re-installing, do a test if the config file is present and prompt the user with an option to overwrite or not.

And think ahead and add a menu driven user interface so less technical users are able to use your script, with the advantage of your script being ready to be added to amtm at some point.
Click to expand...

The entware check is simple but the rest starts snowballing. IMHO, a better option would be if Guiderails was simply another option on your Diversion 'b' (blocking) menu. The code for Guiderails is small and configuration is fully independent. I hope you consider it.
 
WhyNetworkAtAll said:
The entware check is simple but the rest starts snowballing. IMHO, a better option would be if Guiderails was simply another option on your Diversion 'b' (blocking) menu. The code for Guiderails is small and configuration is fully independent. I hope you consider it.
Click to expand...
I like the idea, though it diverts from Diversions main purpose.
May have to bend my conservative rules a bit there ;)

As this requires a separate set of whitelist and blacklist and maybe even a third blocking list, this will take some time to add to Diversion.
 
You must log in or register to reply here.

Similar threads

aru
Skynet Practice displaying a world map on a webpage using an addon-api.
2
Replies
33
Views
2K
Quoc Huynh
Q
john9527
  • Locked
Release [Fork] Asuswrt-Merlin 374 LTS release 46E9 (DNSpooq)
Replies
9
Views
6K
Raul_77
R
john9527
  • Locked
Release [Fork] Asuswrt-Merlin 374 LTS release 46E8 (Superseded)
3 4 5
Replies
80
Views
24K
nev39
N
ftahumour
[AsusWrt-Merlin] DNS Resolution Issue with Netflix service only when connected to VPN server?
Replies
2
Views
3K
ftahumour
ftahumour
RMerlin
  • Locked
Beta Asuswrt-Merlin 386.2 Beta is now available
33 34 35
Replies
688
Views
172K
RMerlin
RMerlin
Similar threads
Thread starter Title Forum Replies Date
Q [Feature Request] Schedule DoS Protection state and/or whitelist option Asuswrt-Merlin 5
J TWO WAY IPS AIPROTECTION - Whitelist ? Asuswrt-Merlin 4
B ASUS AiProtection - Can't add a (some) domain to whitelist Asuswrt-Merlin 3

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 714 (members: 20, guests: 694)
Top