Hello guys, i am trying to setup a guest-network (wireless) br1 which is forced to use OpenDNS (for filtering purposes, e.g. block torrent sites), but at the same time have a private network br0 that can use a different DNS provider. Should that work by using custom dnsmasq config? Example: dhcp-option=br0,6,220.127.116.11 dhcp-option=br1,6,18.104.22.168 To have br0 use Google´s DNS and br1 OpenDNS. I expect that to conflict with the "Intercept DNS" option tho, but if i disable that, there is nothing stopping the user in br1 from simply adding his own DNS provider. Also, i assume the dnsmasq config is processed from top to bottom, so when i add the custom part, it will overwrite the options that are already added from the gui? Edit: As i assumed, the "Intercept DNS" option is making this difficult. I think the easiest and also efficient way is by doing this through iptables: Code: iptables -t nat -I PREROUTING -i br1 -p udp --dport 53 -j DNAT --to 22.214.171.124 iptables -t nat -I PREROUTING -i br1 -p tcp --dport 53 -j DNAT --to 126.96.36.199 That should redirect all DNS requests from br1 (guests) to OpenDNS, and everyone else on br0 will use whatever DHCP is giving them etc.