Addon: Add Blocking

Discussion in 'Tomato Firmware' started by xcooling, Apr 19, 2008.

  1. peyton

    peyton Network Guru Member

    If you uncheck yes.

    I don't know where the problem come from.
    I made a test between 2 connections with the exactly same script.
    It works on the first and not on the second.
    Will compare the config of both later.
  2. fminuti

    fminuti Addicted to LI Member

    I have unchecked
    Intercept DNS Port
    (UDP 53)
    rebooted the router, verified that the adblock script worked correctly,
    but, by loggin in the router, i still can resolve the blocked domains.

    If i write the static dns into the hosts file, it works perfectly (i.e. ping resolves as
    If i run dnsmasq with the option
    (i.e. dnsmasq --address=/ I can still ping google.

    Am I doing something wrong, or there is a bug somewhere?
  3. peyton

    peyton Network Guru Member

    I tried check and uncheck and the results were the same.
    On the router which the script works i'm not on ND firmware. On my Buffalo i am.

    Are you on ND ?
  4. fminuti

    fminuti Addicted to LI Member


    I'm on a Sparklan WX-6615GT with Tomato SpeedMod Firmware v1.19.8502 (NOT ND)

    Maybe an old dnsmasq version (with some bug)? maybe newer firmware include a more recent dnsmasq?

    Thank you again for your help.
  5. peyton

    peyton Network Guru Member

  6. peyton

    peyton Network Guru Member

    It doesn't work either will build Tomato Firmware v1.23.8510 RAF.

    Where did you find your file ? /tmp/hosts ? I don't have such file.

    There's a difference between my two routers.
    On the WRT (which is working) i have that :
    and on the Buffalo i've got that :
    Even if it's the stricly same script. :confused::eek::frown:
  7. fminuti

    fminuti Addicted to LI Member


    the file /tmp/hosts is the file created by the script and then removed by the istruction
    rm $GENFILE*
    so if you comment it, you will find the file.

    When I'll be back home (I'm at work now), I'll check the command line of the running dnsmasq process and i'll let you now.
  8. peyton

    peyton Network Guru Member

    File seems to be good.
    don't know why it's messing around.
  9. peyton

    peyton Network Guru Member

    It's really strange. I've just erase nvram on my buffalo and my linksys to flash them with the 8510RAF version and i only put the script and reboot both.

    It's working on the linksys and not on the Buffalo.
  10. yaqui

    yaqui LI Guru Member

    I am experiencing the same thing even with my script. I am able to ping "blocked sites" from within the router.

    Not sure why that is. :\
  11. peyton

    peyton Network Guru Member

    What brand is your router ?
  12. yaqui

    yaqui LI Guru Member

    Linksys WRT54GL
    Running latest Tomato v1.23
  13. peyton

    peyton Network Guru Member

    It works again. I downgrade to 8025 victek mod (non ND)
    Be careful to not put manual dns into your network interface under windows.
    The router can ping website but on my laptop it goes to
  14. asloane

    asloane LI Guru Member

    xcooling Tomato domain blocking script

    Hi xcooling

    Thanks to you and everyone else offering solutions but I am having trouble with the script - partially.

    I have been using MVPS HOSTS file on a Win XP machine but now want to offer the same protection to all users via Tomato firmware router. I particularly started investigating these options because OpenDNS uses a proxy for, and wanted to bypass the OpenDNS cache using the HOSTS file, but still want to block various google tracking methods including cookies, ad servers and js files. One day I find an alternative to GMail.

    Somehow the OpenDNS google caching issue seems to have cleared up as I do not see in my firewall logs, even though is no longer in the HOSTS file, and browser DNS cache has been cleared.

    Anyway, I ran the script for the smallest block list ( and rebooted the router but the there is no blocking of the listed domains.

    /tmp/etc/hosts remains unchanged

    Router message log reveals
    03/02/2009 12:27:31 <13>Feb 3 12:25:59 root: ADBLOCK Unique Hosts Blocked 2552
    03/02/2009 12:27:31 <30>Feb 3 12:25:58 dnsmasq[536]: read /etc/hosts - 0 addresses
    03/02/2009 12:27:31 <13>Feb 3 12:25:58 root: ADBLOCK Ignor Fail Safe

    What can I do to get it functioning?
  15. yaqui

    yaqui LI Guru Member

    Did you try to go to one of the sites (via web browser) listed in's list?
    And are you sure the list is populated?

    If not, try my script.. it will report in the log if the list is populated and formatted correctly.
  16. peyton

    peyton Network Guru Member

    Do you know if the adblocking script will works if i don't use the WAN port as i'm connecting my AP to a switch by LAN ?
  17. asloane

    asloane LI Guru Member

    xcooling Tomato domain blocking script

    Yes, I connected to several sites on the's list after router reboot.

    I assume the list is not populated? It would be in /tmp/etc/ ?

    I may have incorrectly edited the script. I commented out 3 of the 4 ad block URLs with a single "#" to speed up testing. I now believe that I should have disabled by using "0". I have corrected this.

    But still I see no populated file in /tmp/etc/

    Router message logs reveal:

    04/02/2009 15:29:24 <26>Feb 4 15:27:50 dnsmasq[570]: FAILED to start up
    04/02/2009 15:29:24 <26>Feb 4 15:27:50 dnsmasq[570]: illegal repeated keyword at line 2565 of /tmp/hosts
    04/02/2009 15:29:19 <13>Feb 4 15:27:45 root: ADBLOCK Ignor Fail Safe
    04/02/2009 15:29:19 <30>Feb 4 15:27:45 dnsmasq[209]: exiting on receipt of SIGTERM
    04/02/2009 15:29:19 <13>Feb 4 15:27:45 root: ADBLOCK Got Source Files
    04/02/2009 15:29:19 <13>Feb 4 15:27:45 root: ADBLOCK Load

    I might try your script but I am wary of running one script after another without fully understanding what is happening. Also I was sold on the dnsmasq approach over the HOSTS method based on an unproven hunch.
  18. asloane

    asloane LI Guru Member

    xcooling Tomato domain blocking script

    Also I just spotted a whole load of these entries in the router log from last night

    04/02/2009 00:01:54 <27>Feb 4 00:00:14 dnsmasq[22275]: bad address at /etc/hosts line 2490
    04/02/2009 00:01:54 <27>Feb 4 00:00:14 dnsmasq[22275]: bad address at /etc/hosts line 2491
    04/02/2009 00:01:54 <27>Feb 4 00:00:14 dnsmasq[22275]: bad address at /etc/hosts line 2492
    04/02/2009 00:01:54 <27>Feb 4 00:00:14 dnsmasq[22275]: bad address at /etc/hosts line 2493

    These appeared at about the time when the PC lost the ability to connect to domains through a browser following a crash in Firefox3 after trying to upload a tiny file (it happens sometimes). I was able to ping domains though.
  19. yaqui

    yaqui LI Guru Member

    I would suggest looking at those line numbers if you know how to use vi in the busybox/router shell : look up those lines and see how they are formatted.

    It may be something xcooling's script that is not formatting correctly, I do use a couple different sed statements in my script, I noticed the [0-9]www[0-9] were not being removed using xcooling's statements.

    I updated my scripts page awhile ago, I have had & used the dnsmasq method posted now in my thread, and it is working great.
  20. asloane

    asloane LI Guru Member

    Do you mean look at the lines in the HOSTS file using vi? I have looked using WinSCP. HOSTS is empty.

    If your script does basically the same then I will erase the other script and try yours.
  21. asloane

    asloane LI Guru Member

    Do you mean look at the lines in the HOSTS file using vi? I have looked using WinSCP. HOSTS is empty.

    If your script does basically the same then I will erase the other script and try yours.
  22. asloane

    asloane LI Guru Member

    Many thanks yaqui - your dnsmaq script worked. I didn't change my dnsmasq entries in the "Dnsmasq Custom Configuration" in Tomato. I was wondering if that was the reason why the other script did not work.

    I see two new files in /tmp/ i.e. HOSTS and I had been looking in /tmp/etc/ before

    In the message log I see my nameservers listed twice each. Is that correct? Should they be specified in "Dnsmasq Custom Configuration" or the Basic > Network > Static DNS section or both?

    Real happy it works :)

    Edited and added this:

    I will add to this. I ran the script with only first 2 lists selected and not OPTIMISE. I noticed the domains were matched with from a quick look it looked like top levels were blocked only and not subdomains (but I did not look to carefully)

    I then ran with OPTIMISE as "Y" and included 3rd ad block list as "Y"
    This time only the domains appeared in the list and no IP
    I noted this error in the log:
    06/02/2009 03:48:03 <26>Feb 6 03:46:27 dnsmasq[741]: illegal repeated keyword at line 20290 of /tmp/hosts
    There was also a file in /tmp/ which was empty inside but was listed in WINSCP as about 200K (it later disappeared when rebooting)

    I then ran with again and this time the domains are listed with ""

    Later with all 4 lists as "Y" it's again but

    What are they supposed to be: or

    I also noted that it is not fully optimised e.g. both and appear. Surely, the 2nd item is not necessary?

    But it seems that listed domains are resolving

    Something missing . . .


    After several reboots I figured that the lists take some time to update.

    I have a lot less space on my router though...

    Can I get that space back by setting the lists to "N" or do I need to delete the hosts,,, and switch-start files?

    Hosts is populated but not blocking.:confused: Is something missing?

    Just found the cause of one error
    The 2 lines below appeared in the script and in the custom dnsmasq form and so was duplicated in the hosts file. This may be why the other scripts did not work

  23. GreenThumb

    GreenThumb Addicted to LI Member

    The above feature confuses me. If there are no files kept, then why does the script use several MB of memory?

    Not complaining, as the script works great. Just wondering, though.
  24. yaqui

    yaqui LI Guru Member

    I just list my nameserves under the static dns section, not both.

    Be careful using all the lists or which lists you choose! Unless you added memory to your router, I doubt it will be able to handle all 4 lists, that last list alone is over 2.5M ! That is why the lists will NOT format correctly.

    When you reboot, my script is run again in wan-up, thus deleting any previous data... But you must do this: If you wish to CLEAR ALL data then pick "N" for all the lists, save, then reboot. Or just keep it light and just chose the first 2 lists, or just the first list.

    Again you might not be meeting the memory requirements in the router, so the lists might not be formatted/used correctly. Even if the log is reporting that the format is correct, the entire list format may not be correct because my format test does not check the entire list (only a portion of it), I did that because checking the entire list (depending on size) would take way too long!
    It's more meant to be a "quick glance" at the list.
  25. yaqui

    yaqui LI Guru Member

    Because the data is still kept in memory, even though the files are being deleted.
  26. yaqui

    yaqui LI Guru Member

    To those of you with memory problems, I still don't think you will be able to use all 4 lists but:

    I updated my script to v2.7:
    v2.7 Better Memory Management - Delete Duplicates after each download.
  27. asloane

    asloane LI Guru Member

    I have done that now because I didn't get it to work another way - so far.

    My router reports 13M free memory and this is after having HOSTS populated by the first two block lists. I assume that spare memory is needed to run other functions on the lists such as formatting.

    It sounds like clearing HOSTS manually would cause a problem? I can't see how though.

    I reboot my router at least once a day. So is it pulling the same lists everytime? I can spare the bandwidth but I would like to be polite to the list suppliers. The MVPS list does not update that frequently. Is it possible to control the update frequency (other than by removing the script for a period)?

    I believe that the error was due to having the nameservers specified twice. After correcting that the lists now block. :)
  28. der_Kief

    der_Kief Super Moderator Staff Member Member

    This is good alternative to xcooling's adblock script. I just give it a try and no problems at all as with xcoolings script.

  29. asloane

    asloane LI Guru Member

    thanks for v2.8 I ran it with OPTIMISE="N" and have a few questions about the results and possibilities

    1. I see that is listed near the top of list and later on subdomains of are listed. I presume that subdomains are not necessary when the top level is blocked. Is there a script to clean up the list - either for the router or in Windows?

    2. I see that is listed near the top of list. I cannot find it listed by MVPS nor pgl.yoyo.or but MVPS does list the subdomain Has some operation been done on that subdomain but not other subdomains?

    3. Is there a file where I can permanently store certain IP+DomainName combinations that would work with dnsmasq? I want map to with the IPs which it is associated with, e.g. like and because OpenDNS is routing Gmail to its own cache at

    4. "" presumably is a site which bypasses the host list? Is it possible to have a whitelist sites specified in a file or do all whitelisted sites have to be specified in your WAN Up script?
  30. yaqui

    yaqui LI Guru Member

    The "cleaning up" is part of the sed statements. There is no way to sort through all subdomains which one person may want/not want. Example.. let's say you have a site like - the sed statement to take out the subdomain "ads" would then end up blocking all of!!!

    This is also a good example of part of the problem I am addressing above, this sed statement:
    sed -i -e '/^www[0-9]./ s/^www[0-9].//' $GEN

    That what is taking out the "www25" as with all the other wwwnumbers
    (The dot should actually be escaped and removed too, I will correct that.)
    But the end result is you should whitelist in the whitelist site variables - as you are talking about below.

    You should look into setting up CIFS or JFFS2 for more permanent files.

    The whitelist is actually removing the entries, I suppose you could have a list of entries that you want removed and have the script read the list.
    Your is a good example of something that could be whitelisted...
  31. gizmosforyou

    gizmosforyou Addicted to LI Member

    Adding additional URLS to block

    Is it possible to add some URL to be blocked to a text file (say in jffs)? What modifications are needed for the script? I am newbie with scripting.
  32. mbstrlbstr

    mbstrlbstr Addicted to LI Member

    Has anyone had luck whitelisting the videos on Hulu? I can't get any to play.
  33. Try whitelisting . Worked for me.

    Well, I take that back. It did work when I tried it and now it isn't. Shrug?
  34. mbstrlbstr

    mbstrlbstr Addicted to LI Member

    I guess a better question would be, is there a way to whitelist an internal IP address? I am streaming Hulu and Netflix etc via Playon to my Xbox. Since I don't browse the web on that machine, and ads in hulu are fine with me, is there a way I can exclude it from this script?
  35. mraneri

    mraneri Network Guru Member

    Only option I know of is to have that machine bypass the DNS Server inside the router. If its only one machine, set it up with a static IP address, and set the DNS servers on it to match your ISP's DNS servers. This will bypass all the ad blocking in the router.
  36. premudriy

    premudriy LI Guru Member

    Hello everyone,

    I want to try this script, but I have a question: I'm already using one script in WanUp section, which does the FTP backup.

    Here it is:
    RPATH_DATE="rstats\`date +%Y.%m.%d-%H.%M.%S\`.tar"
    /bin/sleep 10
    if [ ! -s /tmp/backup-rstats ] ; then
        echo -e "#!/bin/sh\nkillall -1 rstats\nsleep 3\ntar -cf \"$LPATH\" /tmp/var/lib/misc/rstats-*\nftpput -u \"$USER\" -p \"$PASS\" -P $PORT $SERVER \"$RPATH\" \"$LPATH\"\nftpput -u \"$USER\" -p \"$PASS\" -P $PORT $SERVER \"$RPATH_DATE\" \"$LPATH\"\nrm \"$LPATH\"" > /tmp/backup-rstats
        chmod 777 /tmp/backup-rstats
        echo -e "#!/bin/sh\nservice rstats stop\nftpget -u \"$USER\" -p \"$PASS\" -P $PORT $SERVER \"$LPATH\" \"$RPATH\"" > /tmp/restore-rstats
        echo -e "if [ \$? != 0 ] ; then\n  logger RStats Restore Failed... will retry in 5 minutes\nled amber on\n  cru a rstats \"*/5 * * * * /tmp/restore-rstats\"\n  return 1\nfi\nled amber off\ntar -xf \"$LPATH\" -C /\nrm \"$LPATH\"\nservice rstats start\ncru a rstats \"1 */1 * * * /tmp/backup-rstats\"" >> /tmp/restore-rstats
        echo -e "logger RStats Data Restored\nrm /tmp/restore-rstats" >> /tmp/restore-rstats
        chmod 777 /tmp/restore-rstats
    So, will this ad blocking script interfere with the other one? Can I just copy-paste the ad blocking script after the FTP backup script? Or maybe the ad blocking script must go first and FTP backup script after that?

  37. cg8125

    cg8125 Guest

    Issue with

    Looks like the HTML in the file downloaded from might have changed? Not sure but I was getting an error on line 413 (cant remember exact line number)

    Took a look at what was happening and found this line in the /tmp/hosts file

    After I looked at the html that was coming out of the yoyo site i found that the title tag opened then a CR and the text of the title was on the next line. The clean up routine didn't handle that.

    I did a quick and dirty clean up for that line. I added a sed command right after the "stripping" section.

    ##strip source file
    [B]sed -i -e '/Ad server hostnames/d' $GENFILE[/B]
    sed -i -e '/^[0-9A-Za-z]/!d' $GENFILE

    All seems to be well now, like I said quick and dirty.
  38. leftstrat

    leftstrat Addicted to LI Member


    I'm pretty new to Tomato, and loving it so far. I've done a block copy and paste of this script. (anything to get rid of those annoying ads.. Thanks bunches. :)) I am pretty sure I copied everything correctly, but I've got some sort of error, and want to know if this means that the script terminated. (google ad page showed nothing), but I got these termination errors in the log file.

    Dec 31 19:00:09 RobnetHome daemon.notice miniupnpd[109]: HTTP listening on port 5000
    Dec 31 19:00:09 RobnetHome daemon.err miniupnpd[109]: chain upnp not found
    Dec 31 19:00:11 RobnetHome daemon.notice miniupnpd[109]: received signal 15, good-bye
    Dec 31 19:00:12 RobnetHome daemon.notice miniupnpd[146]: HTTP listening on port 5000
    May 27 23:08:39 RobnetHome user.notice root: ADBLOCK Downloaded
    May 27 23:08:41 RobnetHome user.notice root: ADBLOCK Load
    May 27 23:08:41 RobnetHome user.notice root: ADBLOCK Got Source Files
    May 27 23:08:41 RobnetHome dnsmasq[100]: exiting on receipt of SIGTERM
    May 27 23:08:41 RobnetHome user.notice root: ADBLOCK Ignor Fail Safe
    May 27 23:09:10 RobnetHome daemon.crit dnsmasq[374]: error at line 413 of /tmp/hosts
    May 27 23:09:10 RobnetHome daemon.crit dnsmasq[374]: FAILED to start up
    May 27 23:09:10 RobnetHome dnsmasq[377]: started, version 2.47 cachesize 150
    May 27 23:09:10 RobnetHome dnsmasq[377]: compile time options: no-IPv6 GNU-getopt no-RTC no-DBus no-I18N no-TFTP
    May 27 23:09:10 RobnetHome dnsmasq[377]: DHCP, IP range --, lease time 1d
    May 27 23:09:10 RobnetHome user.notice root: ADBLOCK Ignor Fail Safe
    May 27 23:09:10 RobnetHome dnsmasq[377]: reading /etc/resolv.dnsmasq
    May 27 23:09:10 RobnetHome dnsmasq[377]: using nameserver
    May 27 23:09:10 RobnetHome dnsmasq[377]: using nameserver
    May 27 23:09:10 RobnetHome dnsmasq[377]: using nameserver
    May 27 23:09:10 RobnetHome dnsmasq[377]: read /etc/hosts - 0 addresses
    May 27 23:09:10 RobnetHome dnsmasq[377]: read /etc/hosts.dnsmasq - 1 addresses
    May 27 23:09:12 RobnetHome user.notice root: ADBLOCK Unique Hosts Blocked 15931
    May 27 23:09:17 RobnetHome cron.err crond[94]: time disparity of 20724669 minutes detected
    May 27 23:09:18 RobnetHome dnsmasq[377]: DHCPREQUEST(br0) 00:21:63:69:60:64
    May 27 23:09:18 RobnetHome dnsmasq[377]: DHCPACK(br0) 00:21:63:69:60:64 TamLaptop

    Is the failure at line 4xx anything to be majorly concerned about. This is the first script I've installed, and if I screwed up something, please let me know. Thanks.
  39. vamichael

    vamichael LI Guru Member

    Is this script still working???

    I just reset my router to the default settings and installed the script and I still get ads... Not even one ad is being blocked.

    How long should it take for ads to start being blocked?
  40. Mercjoe

    Mercjoe Network Guru Member

    Ok guru's; here is an interesting one for you.

    I have been running a variation of the ad blocking script for over 2 years, but now I need to make a change. What I need to do is exclude ONE address on the internal network from the ad blocking from the host file.

    Don't ask the reason, it is valid. I disable the ad blocking(remove the WAN UP script and reboot the router) and things work correctly. I re-enable and things go no working. I do not want to DMZ the computer either.

    I do not want to manually edit the host file every time it updates. If I can not exclude this ONE computer from the host blocking, I will have to update each machine manually with a host file. Things are MUCH easier when the router just updates itself on its own.

    So what do you think? Is this even possible?

    Thank you
  41. Beftus

    Beftus Network Guru Member

  42. itanium

    itanium Addicted to LI Member

    Aah... this is the one that I've been looking for...
    Replace the ads with some pics/neutral picture instead of Error message.

    To make this happen, you need the as an apache server right?
    Is it possible to just point out to a picture like spin.gif in the router (let say if the router in the
    So that another server ( in this case wouldn't be necessary...

    Any other solution/choices?...:confused:
  43. mrm4

    mrm4 Networkin' Nut Member

    this iz not quite how should be.
    can we haz pizelserv intstead of sending ads to 127.0.1 ?
    how to put pizelserv on tomato ?
  44. mstombs

    mstombs Network Guru Member

    There are binary versions of pixelserv posted in this thread

    most recent at end only for teddy_bear tomato versions.. You can store in on /jffs/ and start it from an init script.

    You also have to move the router default web server off port 80, or use a recent teddy_bear version that will allow a secondary IP address to also use port 80. Your adblock script must be modified to direct to the IP that pixelserv is listening on.

    Tomato/dd-wrt user redhat27 has developed a clever method to insert the binary via a dd-wrt custom nvram,

    I don't think this is possible with Tomato, I use ram disk to /var to test/develop and /jffs for non volatile use.

    Because the c-code is mainly common library calls it would add very little to the highly compressed firmware filesystem if recompiling or using a firmware mod kit with tomato...
  45. mrm4

    mrm4 Networkin' Nut Member

    wow thanks a lot i did not expect response :)
    i do not have 8mb router so will try on 4mb
    seems like much simpler elegant approach than intalling whole optware !
  46. I used this method to create pixelserv on NVRAM using TeadyBear USB v26 VPN r1 firmware.

    Can some one please post the Wan Up script I should use that blocks ads and forwards them to this router-hosted pixelserv? What else (if anything) do I have to do to get this working besides executing the blue part, adding the firewall script, and adding the Wan Up script I am requesting? (Do I have to upload the 1 pixel transparent gif, or does the blue code actually make it for me?)


    Edit: I have 8mb WRTSL54GS if that makes a difference.

    Also, Off-Topic, does anyone know of a non-Japanese firmware that allows my router to be a Windows-compatible VPN server (PPTP) which can be configured through the GUI? (having to install Open VPN is not quite as convenient) I don't even care about USB support.
  47. srouquette

    srouquette Network Guru Member

    read my sig :)
    Why did you bring this old thread back to life ? ^^;

    For the VPN server, I don't know, I use TomatoUSB (K24) with VPN Mod.
  48. Sorry, I didn't notice the date and this thread seemed most relevant from the search.

    I had read everything in your sig, but still wanted it hand-fed to me :) I to assume that all I have to do (after executing the create code and setting the firewall script) is paste in the Web Up script that you have posted on top of that long post, and that it is pre-configured to work with the NV-ram? ...or do I have to understand and make changes to all those options you talk about in the rest of that post?

  49. tido

    tido Networkin' Nut Member

    How do we test if this script works? I've tried going to and all ads have loaded.
  50. Adil Adil

    Adil Adil Reformed Router Member

    Thank you for your script which I have installed and it is working to block ads.

    I want to block porn and negative sites using tomato, which I have actually done already but it involved a lot of work adding a lot of specific sites to my access restrictions. There are already lots of blacklists listing porn or adult or phishing or proxy or other security compromising sites and I am no programmer but I want to use your script to access these blacklists and make them unavailable below my tomato router.

    Could you please modify the script so that it is easy to also block the sites I listed above in the same way that your script refers to an outside live list which someone is updating regularly?

    thank you so much
  51. Aleksazhko

    Aleksazhko Reformed Router Member

    To block porn and another undesired sites, you can just use special DNS on your computer. Kind of 'child control'.
  52. Mate Rigo

    Mate Rigo Networkin' Nut Member

    That's cute to think, that a kid could not breach this kind of lock on a computer. Not to mention, this would be hard to perform on tablets/phones.

    Much better, if the blocking takes part on the router itself.

    The OP of this question is advised to look at this thread:
  53. Kye-U

    Kye-U Addicted to LI Member

    You could look into OpenDNS:
  54. Aleksazhko

    Aleksazhko Reformed Router Member

    set those dns servers in router, tick "intercept DNS port" in Advanced-DNS menu. That's it.

    btw, is your kid using administrator's account on the computer? It's cute to give him such abilities. Regulsr users in windows can't change network settings.
  55. Mate Rigo

    Mate Rigo Networkin' Nut Member

    Intercepting dns requests on the router seems to be the way. Good call.

    About admin rights. If a child has physical access to a pc, nothing is going to stop him of getting admin rights on it. It just takes a little googleing.

    Well maybe if you even lock up the pc house, to make a bios reset impossible, probably then.
  56. Aleksazhko

    Aleksazhko Reformed Router Member

    lock the pc case, admin password on the bios, revoke admin rights. And set third-party DNS servers on the network adapter. That's it.
    And addblocking to remove pornbanners, etc. Just in case. (this string makes this post tomato-related :) )
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice