Everything work as expected. I can see all phones DNS request go through my DNS server on 192.168.1.20 and dropping ads server
I want to enable Access crontrol on a phone.
Access Restrictions > Policy > 1
Access Restrictions > PCs : tried fill the MAC only, fill the IP only, tried fill MAC and IP
Access Restrictions > Filter
Access Restrictions > Blocked services > http [dpi]
As soon as I enable the Policy : no more internet on All devices, including the local DNS server (no ping, even to 8.8.8.8), doesn't matter if the time match or not.
My understanding is that for Access Restrictions to be any good you have to put in ALL devices and Allows for each device you DON'T want to filter. That is' when you turn it on the default is to block everything.
This prevents a child's friend from coming over to the house with their phone and surfing unrestricted
Most people I know with kids who want to restrict Internet usage buy a Circle box. They are pretty cheap.
I'm probably an old fart on this since what worked for us was just 2 wifi networks. One was for us the other was for the kids. We would unplug the kids one when we wanted them to do their homework.