What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Search results

  1. C

    WireGuard DNS Traffic From All Clients Sent Over First WireGuard Client Connection

    Instead of dealing with these, delete the DNS address entries in the WireGuard client files and type the DNS address you want to use in the relevant field in the DNS directory, then configure your devices to use the DNS address you added. Or add the desired DNS address to the DHCP server...
  2. C

    How to block internet access for IP range

    For 192.168.1.11, I created two blacklist rules, 0.0.0.0/0 TCP and UDP, but I can ping 1.1.1.1 with the terminal and make DNS queries with nslookup. Shouldn't these be blocked as well? In the DNS director 192.168.1.11 is set as "router". I have another question. I think for the blacklist rules...
  3. C

    KILLMON KILLMON v1.1.2 -Feb 29, 2024- IP4/IP6 VPN Kill Switch Monitor & Configurator (Now available in AMTM!)

    As I understand it, a client under killmon cannot access WAN for some local services (with VPN director) while connected to VPN. For example the local IP TV service. Even if this is not possible, it is still a very good job, thank you! 👏
  4. C

    KILLMON KILLMON v1.1.2 -Feb 29, 2024- IP4/IP6 VPN Kill Switch Monitor & Configurator (Now available in AMTM!)

    That's good! Then Mr. @Viktor Jaep's script is available to all WireGuard users.
  5. C

    Kill Switch for WireGuard?

    I see, the developer briefly explained that traffic cannot leave the client, regardless of whether the connection is established or not, unless the client is manually disabled. Have you ever done a test where you have concrete evidence that traffic is leaking out of the WireGuard tunnel while an...
  6. C

    KILLMON KILLMON v1.1.2 -Feb 29, 2024- IP4/IP6 VPN Kill Switch Monitor & Configurator (Now available in AMTM!)

    Honestly, if I had the possibility to set up a WireGuard server of my own, I would like to test KILLMON. As a regular user, I will follow your and RMerlin's explanation and keep using the default WG client configuration. Or I will add that syntax to the configuration.
  7. C

    KILLMON KILLMON v1.1.2 -Feb 29, 2024- IP4/IP6 VPN Kill Switch Monitor & Configurator (Now available in AMTM!)

    Do you think people who use the Wireguard client should also use KILLMON? It says here that the protocol does not need a kill switch due to its nature. I've seen a syntax added to the configuration file elsewhere, should we add this syntax just in case or should we just use KILLMON?
  8. C

    Release Asuswrt-Merlin 388.1 is now available for all supported Wifi 6 models

    @capncybo You are absolutely right about the things you mentioned. I personally don't always ask for more, but it's usually the case as you say. I have mentioned in the back pages that the above complexity or problem, whatever you want to call it, also affects OpenVPN clients. Anyway...
  9. C

    Release Asuswrt-Merlin 388.1 is now available for all supported Wifi 6 models

    The newly added WireGuard client feature works really well except for one thing: The DNS server. In fact, if only one client is active on the router, the DNS server customization will work fine. Unfortunately, things get complicated when multiple WireGuard clients are active with the same DNS...
  10. C

    Wireguard + NextDNS

    @junn0 hi, If you use the DoT on your router instead of DNSCrypt, there is a very good job to monitor your DNS queries in real time. You can see whether you are using Do53 or DoT, and in both cases whether DNS queries are going through the WAN or through the VPN tunnel. Here is that beautiful...
  11. C

    How to block internet access for IP range

    I think I understand better what the upper limit depends on. Actually, I understand exactly what you are trying to do, I just wanted to point out that devices that will be assigned IPs from the DHCP server's IP pool can leave this pool and use existing IP addresses (those in the range...
  12. C

    How to block internet access for IP range

    @nospamever Wow! Is the limit higher because of the router or because of YazDHCP? Anyway, still 197 IP addresses cannot be assigned manually. That leaves about 21 IP addresses available. With a little effort, the devices you are restricting access to the Internet can use those 21 IP addresses to...
  13. C

    How to block internet access for IP range

    As a rule, you can only manually assign 64 IP addresses of your choice to 64 MAC addresses, so there cannot be 197 assignments/bindings. The devices that you assume will use DHCP cannot use those 64 IP addresses, but they can use one of the remaining 135 IP addresses with a static IP entry...
  14. C

    Release Asuswrt-Merlin 388.1 is now available for all supported Wifi 6 models

    This problem may be due to the following reason:
  15. C

    Release Asuswrt-Merlin 388.1 is now available for all supported Wifi 6 models

    Let me tell you a story why it might be more reasonable to add an option to DNS Director that does not block port 853: My Aunt Jane comes to visit our family every week. About a year ago, I set the Private DNS of Jane's Samsung Galaxy phone to family.adguard-dns.com so that she could surf the...
  16. C

    Release Asuswrt-Merlin 388.1 is now available for all supported Wifi 6 models

    Thanks for the reply. So for each device that will use the WG client, I need to set the ad-blocking private IPv4 DNS address of the VPN server from DHCP or DNS Director. When I set DNS Director as "Router", my mobile devices that use Android's Private DNS (DoT) can't access the internet...
  17. C

    Release Asuswrt-Merlin 388.1 is now available for all supported Wifi 6 models

    First of all, thanks to all the developers/members who contributed to this new update, especially @RMerlin. Due to the AX56U's processor -if I'm not mistaken- the download bandwidth of my OpenVPN clients on my devices was decreasing. So the addition of the Wireguard client feature was a very...
  18. C

    Tutorial How to monitor DNS traffic in real-time

    I have one last question. Does DNSFilter prevent clients from using servers in Do53 protocol only? I see in Diversion logs Apple devices connecting to domains containing the word "doh".
  19. C

    Tutorial How to monitor DNS traffic in real-time

    Thanks for finding the source of that message for me. Thanks for helping me to understand the issue better.
  20. C

    Tutorial How to monitor DNS traffic in real-time

    @ColinTaylor I know clients can use the preset DNS protocol and DNS server. I'm sorry if I couldn't express myself properly. I wanted to emphasize the issue I quoted in my post above. That is, I expect all LAN devices to just use the configured DoT server (eg 1.1.1.1:853). However, legacy DNS...
Back
Top