Access restriction for not working

Discussion in 'Tomato Firmware' started by meazz1, Jan 28, 2012.

  1. meazz1

    meazz1 LI Guru Member

    I am trying to be a ideal dad and trying to restrict Twitter and Facebook access on my daughter's laptop during school weekdays. I setup the access restriction for the MAC address not to allow
    No matter what I do, twitter site is coming up when I enter it with the URL. If I do a Google search, it's being blocked.
    The other sites in the access restriction rules are being blocked.
    I have entered it this way in the restriction HTTP box:

    any help would be appreciated.
    I am running Shibby's 1.28.0905 MIPSR2-079V K26 USB AIO firmware.
  2. xtacydima

    xtacydima LI Guru Member

  3. meazz1

    meazz1 LI Guru Member

    Yeah, I am not sure how to address this issue.
    I am asking the community for any suggestion.

    My main goal is to block Facebook and Twitter from some devices in my house for certain days and hours.
  4. eahm

    eahm LI Guru Member

    It's harder right now because of the few countries that censored twitter in the past. They don't want to get censored.

    If you sniff the connection you'll see hundreds of IPs and many different domains. Sometimes amazon, akamai, twimg etc. ...and yes, this is just for the https.
  5. xtacydima

    xtacydima LI Guru Member

    you might not like this as an offhand solution but maybe try opendns?
  6. meazz1

    meazz1 LI Guru Member

    I am trying not to block the domain for all the devices in the network, only certain pcs.
    I may have to go with this regardless.
  7. Riddlah

    Riddlah LI Guru Member

    Don't know if it makes a difference but I'm running Toastman's Build and these settings seem to work.

    Enabled: Checked
    Description: Disable Twitter
    Schedule: All Day, Everyday
    Type: Normal Access Restriction
    Applies To: All Computers
    Rules: TCP/UDP, Any Port, All IPP2P Filters
    HTTP Request:,,
    HTTP Requested Files: ActiveX, Flash, Java
  8. meazz1

    meazz1 LI Guru Member

    I tried your steps, did not work for me.
  9. pharma

    pharma Network Guru Member

    Have you tried using Toastman's build? Or are you sticking with Shibby's to resolve your issue?
  10. Toastman

    Toastman Super Moderator Staff Member Member

    The access restriction should be the same in anybody's version , so I doubt that will help. The problem is as eahm pointed out. Simply placing the words twitter tweet facebook and so on in the HTTP request box works for a short time if people aren't very web-savvy. But that won't last long. OpenDNS is the best bet.
  11. meazz1

    meazz1 LI Guru Member

    As suggested here, I played with Opedns and found out that in order for me to block Twitter , I have to block other social media.
    My goal is to prevent one MAC or IP from access twitter, not all the devices in my LAN. Opendns does not have the option just to block one device, that's what I discovered.

    Meantime, the work around is, I reset password for my daughter's twitter account and I will log into the account in the weekend for her.
  12. pharma

    pharma Network Guru Member

    I thought the Access Control feature was untouched by all mods but was not certain. I came across on product you might want to try (free download) that includes twitter as one of the sites you can block based on a schedule. You should be able to determine whether it works during the trial. Here's the link:

  13. meazz1

    meazz1 LI Guru Member

    Thanks, I will check this out.
  14. eahm

    eahm LI Guru Member

    There is a way with OpenDNS but it's a manual way, you will have to stay there and change the router settings every time you want to allow the access.

    1) Setup your daughter's PC with Google DNS (or others different than OpenDNS) (es: /
    2) Setup OpenDNS on your/the main router ( / / /
    3) Activate "Intercept DNS port (UDP 53)" on your/the main router.

    Now, if the router has the option "Intercept DNS port (UDP 53)" ON, every PC on the network will run with OpenDNS no matter which DNS settings is configured on the PC. When the option is disabled, the PC with the different DNS settings will run via that DNS (Google DNS for example).

    You will have to login on your/the main router every time you'd like to allow the other DNS to take over.
  15. Monk E. Boy

    Monk E. Boy Network Guru Member

    I should point out that you can include/exclude domains in the OpenDNS control panel, you don't have to choose categories.

    In other words, scroll down on the categories page. You can manually type in domains in a box down below and choose whether they should be included as a filter or excluded from filtering (e.g. if you block all social media, you can exclude from being filtered).

    Intercepting external DNS is an excellent step, as is enabling the proxy/anonymizer category (so they can't go through an anonymizer/vpn server to bypass filtering) in OpenDNS.
  16. eahm

    eahm LI Guru Member

    They could, Proxies and VPNs don't change just the DNS to connect and the DNS Intercept won't work. He can alway block Proxies / VPNs on OpenDNS though :)
  17. LanceMoreland

    LanceMoreland Network Guru Member

    Beware of Gearbox computers. I found them to be dishonest. I purchased IP watcher from them and an update of a bios unlicensed the software. They do not respond to support requests and delete complaints and comments to that effect from the customer support forum. Even altering peoples posts and locking them out of the support forum. They will take your money and you will be on your own from that point forward. Any change to your computer will unlicense the software and they will ignore any request or inquiry to rectify the situation.
  18. Monk E. Boy

    Monk E. Boy Network Guru Member

    Unless they connect to a raw IP address or modify their hosts file, the proxy/VPN will perform a DNS lookup, which will get blocked by OpenDNS if you select the appropriate filtering options. I think we're talking about the same thing, but I guess you thought my attempt at generalized terms weren't specific enough. :oops:

    I just don't like seeing people claim filtering is all-or-nothing when there's a perfectly useful interface for making your own inclusion/exclusion rules.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice