Website blocking by URL Not!

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware
Author Message
taylorkh
DD-WRT Novice


Joined: 15 Nov 2015
Posts: 12

PostPosted: Sun Nov 15, 2015 16:52    Post subject: Website blocking by URL Not! Reply with quote
Being new to DD-WRT I may well have missed something in attempting to set my filters. I just installed DD-WRT - Open VPN version on a Linksys WRT54GL. The installation went fine thanks to the excellent documentation provided on the web site. I have configured most of what I had on my old router (IP address reservations, WiFi security etc.) The VPN will come soon. I am now attempting to build my annoying/nosy site filters. Following the instructions in the wiki I have:

- Navigated to the Access Restriction tab
- Created a new policy named "snoop"
- set the Status of this Policy to Enable
- Selected all PCs/addresses on network as "IP Range 01 192.168.0.1 - 192.168.0.250" (Yes, my network uses 192.168.0 not 192.168.1)
- selected Filter (vs. Deny)
- selected Everyday and 24 Hours so the Policy should ALWAYS be in effect
- added "www.facebook.com" to Website Blocking by URL Address
- Apply Settings and Save several times along the way (I have learned that DD-WRT is a little strange about saving/not saving changes)
- I have even tried rebooting the router

Problem is, I can still access my example web site www.facebook.com from a PC on my network.

I suspect I have overlooked something simple. Can anyone point me to the error of my ways?

TIA,

Ken
Sponsor
taylorkh
DD-WRT Novice


Joined: 15 Nov 2015
Posts: 12

PostPosted: Sun Nov 15, 2015 18:51    Post subject: Reply with quote
I guess I should have specified that the version I have installed is dd-wrt.v24-12548_NEWD_openvpn.bin

Ken
taylorkh
DD-WRT Novice


Joined: 15 Nov 2015
Posts: 12

PostPosted: Mon Nov 16, 2015 18:30    Post subject: Reply with quote
Thanks eibgrad for the excellent explanation. I had not thought about how the process would actually work. With my previous two routers (non-DD-WRT) I would put in a keyword or address such as doubleclick and if a web page tried to access content on that domain - it just would not and the browser would show "connecting to www.doubleclick.net" or similar until the script in the web page timed out. If I attempted to manually access the web site www.doubleclick.net I would get a large banner "SITE BLOCKED BY NETGEAR..."

I have NoScript and other tools installed in my browser these days so I guess the router blocking is perhaps redundant. And, provided I get my VPN working, the privacy concerns with encountering these sites will be less of an issue. I guess I could route a site such as www.doubleclick.net to 127.0.0.1 in /etc/hosts

Regards,

Ken
Vanccob
DD-WRT Novice


Joined: 08 Oct 2020
Posts: 2

PostPosted: Tue Oct 27, 2020 13:46    Post subject: Reply with quote
Interesting situation.
Olivoil
DD-WRT Novice


Joined: 09 Oct 2020
Posts: 2

PostPosted: Tue Oct 27, 2020 13:55    Post subject: Reply with quote
A small problem that is pretty hard to find, that always makes me very angry when I am missing something. Usually it is very hard to find the mistake and you need to start everything from the beginning, this is my usual dumb strategy, when I am hurrying with my work. If I cannot figure everything out, there is a guy in our company from forum backlink building department and he can fix everything very easy. Maybe I will ask him about your problem, he is one of PC gods I guess. Hope he will figure everything out.

Last edited by Olivoil on Thu Oct 29, 2020 9:36; edited 1 time in total
mwchang
DD-WRT Guru


Joined: 26 Mar 2013
Posts: 735
Location: Hung Hom, Hong Kong

PostPosted: Tue Oct 27, 2020 20:07    Post subject: Re: Website blocking by URL Not! Reply with quote
taylorkh wrote:
Problem is, I can still access my example web site www.facebook.com from a PC on my network.

I suspect I have overlooked something simple. Can anyone point me to the error of my ways?

I guess I should have specified that the version I have installed is dd-wrt.v24-12548_NEWD_openvpn.bin

Was it "http://" or "https://"? I suspect all blocking by text would fail with https protocol, even with some transparent proxy servers, because the traffic was encrypted.

I believe DD-WRT is not using a full-scale proxy server like Squid, but just dnsmasq.

However, blocking by IP addresses at DNS level should always work. I think firewall blocking might work with deep packet inspection.

BTW, you are using a very old version of DD-WRT. What is your router brand and model?


_________________
Router: Asus RT-N18U (rev. A1)

May the Force and farces be with you! Live long and proper!

Facebook: https://www.facebook.com/changmanwai
Website: https://sites.google.com/site/changmw
SETI@Home profile: http://setiathome.berkeley.edu/view_profile.php?userid=211832
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum