What's new

NOOB questions regarding advanced setup

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Hugga Wugga

New Around Here
I've been reading through some of the threads on scripts such as Diversion, Unbound, Skynet, etc and I'm a little confused on what exactly I need to support the setup I want - or its even possible. I'm just wondering if one of you seasoned pros could point me in the right direction. I've been looking at the DNS filter functionality but I'm not when this happens. Would scripts still work with the devices that were filtered? Basically I'm looking for a setup as follows:

all devices.
-----------
Unbound DNS Server (with stubby or preferably DNSCrypt)
Blocking of adblock and malware

kids devices
------------
Additional blocking of adult sites, and proxy sites (to prevent bypassing - I want to at least make them work for their freedom!)
Intercepted DNS to prevent them setting their own DNS on client devices
Tor blocked

adults devices.
--------------
Ability to bypass DNS with settings on client devices
Policy based OpenVPN
Tor allowed

With regards to the blocking of proxy sites, I've not seen anything in the threads I've read that suggest this could be done with any of the available scripts. The cleanbrowsing DNS server would be a possibility, but if I used DNS filter to send the kids devices to this DNS server, would they still be able to take advantage of diversion? Is it possible to enforce (intercept) DNS for select devices and allow other clients to bypass it? Is it possible to restrict OpenVPN traffic on certain devices? With regards to tor - I guess the best bet would be to use a regularly updated ipset of known exit points and use it to block outgoing traffic from select devices

I have a DSL-AC68U modem/router and am planning on installing the gnuton firmware in the next week. I'm just trying to familiarise myself as much as possible beforehand and have some kind of plan of action. I don't mind getting my hands dirty if necessary... I may be a noob to routers and this firmware but I'm very familiar with Linux (server and desktop)
 
I have a DSL-AC68U modem/router

What you ask for is all possible, but the router is a wrong choice IMHO. First, there is no need to tie the router to DSL tech and specific ISP. DSL is being replaced with faster connections. Second, this is not a popular model and is not supported directly by Merlin. There is a fork of Merlin maintained by another person. Third, this router is from ~2014 and better options exist in 2020. Even the cheapest Merlin supported router RT-AC66U B1 is a bit better than yours and more universal. DSL-AC68U doesn't have a WAN port. You'll need to activate Dual WAN as workaround in order to use it as a normal router with different non-DSL ISP.
 

Similar threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top