Selectively using Getflix DNS servers for specific domains?

Discussion in 'Networking Issues' started by Realjohny, Jul 8, 2018.

  1. Realjohny

    Realjohny New Member Member

    Hi,

    I want to use guide provided here to selectively use DNS servers for specific domains but I am not sure from where to start.

    I am not totally naive and currently using iptables to send all DNS requests to Getflix servers but I do not want that. In future I want to use a Raspberry Ad blocking solution with local DNS server but I want Getflix DNS service as well for specific domains.

    Can someone help me how to configure DNSmashq looking at the guide, please?
     
  2. Sean B.

    Sean B. LI Guru Member

    Use the server directive, adding a line for each domain and the server IP you wish queries for that domain to use in the custom config box under Advanced->DHCP/DNS:

    Code:
    server=/google.com/1.2.3.4
    That line would have dnsmasq forward queries for google.com and all of it's subdomains to the DNS server IP 1.2.3.4 . Using the root domain will encompass all subdomains, but you can also be specific to a subdomain if you want:

    Code:
    server=/www.google.com/1.2.3.4
    That line will forward queries for www.google.com to server 1.2.3.4 .. but any queries for just google.com or a different subdomain such as ftp.google.com will be forwarded to your standard DNS server. You can stack these options as well, the more specific domains take precedence over the less specific ones:

    Code:
    server=/test.www.google.com/1.2.3.4
    
    server=/www.google.com/2.3.4.5
    
    server=/google.com/4.5.6.7
    I'm sure you get the idea.

    **NOTE** A similar option can be used as an easy ( but not hard to get around for the computer savvy ) way to block domains/websites from being accessed by clients on your network, such as guests or children etc. Simply put a line for the domain or website and direct it to the loopback IP using the address directive:

    Code:
    address=/youtube.com/127.0.0.1
     
    Last edited: Jul 8, 2018
  3. Realjohny

    Realjohny New Member Member

    Sean,
    Very grateful for your help. I will try and update.

    Regards.
     
  4. Realjohny

    Realjohny New Member Member

    I used below configuration

    server=/getflix.com.au/netflix.com/netflix.net/nflximg.com/nflxvideo.net/hulu.com/e.akamai.net/akamaihd.net/llnwd.net/uplynk.com/edgefcs.net/theplatform.com/brightcove.com/mgo.com/vudu.com/vvond.net/amazon.com/flixster.com/cinemanow.com/roxionow.com/hbogo.com/footprint.net/pbs.org/wwe.com/sho.com/showtimeanytime.com/shovod.edgesuite.net/dishworld.com/movenetworks.com/movetv.com/shrbt.com/go.com/cbs.com/tbs.com/southparkstudios.com/espn.com/crackle.com/mtv.com/mtvnservices.com/vh1.com/fxnetworks.com/nbcolympics.com/golfchannel.com/nbcsports.com/unicornmedia.com/rhapsody.com/pandora.com/songza.com/slacker.com/bbc.co.uk/bbc.net.uk/bbc.com/itv.com/channel4.com/channel5.com/skyanywhere.com/sky.com/nowtv.com/skychnl.net/eurosportplayer.co.uk/eurosport.com/livestream.com/beinsports.net/beinsportsplay.tv/fplive.net/performgroup.com/starsports.com/roku.com/wdtvlive.com/boxee.tv/sony.tv/vevo.com/xx.xx.xx.xx

    where xx.xx.xx.xx was the DNS server but sometimes it works and sometimes not. But I have also used getflix app to whitelist my IP address and their online account shows that DNS configuration are fine.

    At the same time I did IPtable configuration just to see if the issue can be resolved which were:

    iptables -t nat -I PREROUTING -i br1 -p udp --dport 53 -j DNAT --to 54.xx.xx.xx (I used getflix DNS add.here)
    iptables -t nat -I PREROUTING -i br1 -p tcp --dport 53 -j DNAT --to 212.xx.xx.xx (I used getflix DNS add.here)
     
  5. Sean B.

    Sean B. LI Guru Member

    In web interface under Advanced->DHCP/DNS make sure the box for "Intercept DNS" has a check ( enabled ). Also, keep in mind computers/cellphones etc all cache their answered DNS queries for some period of time. Meaning they may still be using an answer they got before you implemented those settings. Make sure to reboot all clients on the network if possible, if not then give it enough time for the clients cache to expire and your server lines to take effect.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice