OpenDNS for Two On Network

Discussion in 'Tomato Firmware' started by MiseryQ, Dec 29, 2007.

  1. MiseryQ

    MiseryQ Network Guru Member

    Just as the title. Sorry if it's been asked before I didn't find anything in my search.
    My network of computers is constantly growing ):
    There's 3 that I want no filtering on, the ISP DNS servers are fine.
    I'd like to use OpenDNS for the two that the kids use.

    While it takes some experience to change the TCP/IP settings it doesn't take much.
    Kids actually hand out "secret" flyers in computer class on how to settings and use proxies to bypass controls, so being done at the router is the best solution.

  2. AlpineMan

    AlpineMan Network Guru Member

    This is what I have in "Dnsmasq custom configuration" under Advanced - DHCP/DNS:

    dhcp-option=6,,, # All Other PC's to use regular DNS Servers

    dhcp-mac=red,00:11:22:33:44:55 #Mac Address of PC1 to use OpenDNS
    dhcp-mac=red,00:55:44:33:22:11 #Mac Address of PC2 to use OpenDNS
    dhcp-option=net:red,6,, #OpenDNS Server IP Addresses
  3. LLigetfa

    LLigetfa LI Guru Member

    I think the little darlings can still override the local settings and that you need to intercept DNS port (UDP 53) at the router.
  4. PeterT

    PeterT Network Guru Member

    And if you DO use the router to intercept the DNS port then you will NOT be able to override it on your PC either :(
  5. LLigetfa

    LLigetfa LI Guru Member

    Well, yes... I was stating the obvious in that it is still a conundrum.

    I suspect that the GUI setting simply invokes an IPTables rule and that one suitably skilled may be able to be selective with individual IPTables rules.
  6. MiseryQ

    MiseryQ Network Guru Member

    I just installed AlpineMans' "script" and will test it out.
    Intercepting DNS at the router isn't a big deal since all the other computers will use the ISPs DNS servers(?).

    I'll report back. Thanks.
  7. AlpineMan

    AlpineMan Network Guru Member

    You can also create "regular user" accounts on the PC's to not allow regular users to change IP settings in Windows.
  8. formula44

    formula44 LI Guru Member

    Hey guys... resurrecting this one from the dead..
    Running Tomato V1.17 on a wrt54g

    Trying the same thing here, I've set up alpineman's script in the dhcp/dns advance settings area. Checked off Intercept DNS Port (UDP 53).
    My script is as follows
    x.x.x.x & z.z.z.z are my ISP DNS server address'


    Problem I'm having is the PC is receiving the DNS server IP's (ipconfig /all) but opendns isn't screening the sites as I can surf to some restricted ones.
    In static DNS I've left the default in all three fields.

    Any suggestions?

    My dnsmasq.conf file looks like this after my changes using the GUI.

  9. Disman_ca

    Disman_ca Super Moderator Staff Member Member

    Did you sign up and create an account to set the filter options?
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice