Menu
What's new
By:
Filters Better Search

New fonctionnality in Parental control

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Bob2016

Bob2016

New Around Here
Hi,

I'm proposing to add a great new fonctionnality under AIProtection Parental Controls, Time Scheduling.

The grouping fonctionnality. With so much connected devices the grouping will help a lot. The restriction should be applied for every device under the groups.
ex. all the kids devices cellphones, tablet, computer shutoff at 8:00pm. The grouping facilitate the management vs one by one.

A manuel on and off restriction for the group must be a great addition too (with maybe a timer option).
ex. your kids have no school tomorow so you remove the restriction after 8:00pm for 120 minutes.

Your input is welcome to develop the idea. I'm sure everybody with kids will love this kind of features. :)

By the way very great work with Asus Merlin. I really enjoy my new router with it.

Thanks to consider this
Bob
 
This in many ways is a battle that one can not win thru tech alone...

We can do interesting things with DNS, ARP, etc on the router - but this is easily bypassed by a 13 year old boy that wants to surf some pron by disabling WiFi and going to 3G/4G/LTE on his phone... and if he wants his pron, he's gonna find a way...

Even within the constraints - it's easy enough to bypass - DNS blocks on the router - can be bypassed on the client...

It's fun to put some roadblocks - and it's interesting to see how kids work around them - and they will...

Which brings my argument back full circle - be a good parent...

When my kid was of a certain age - we let him onto the internet - but also I showed him up front, that everything was logged, and we would hold him accountable... he pushed things a bit, and I let him know by showing him the logs..

It's more about timing and trust to be honest...
 
One can try to fight against something like this - this is a scripted DNSmasq... mostly focused on Ads, but the same thing would apply to any blacklist...

But this can be easily bypassed by setting client DNS to something other that what DHCP offers - and then what?

Code: 
Dec  3 18:03:57 dnsmasq[5782]: read /etc/pihole/gravity.list - 103819 addresses
Dec  3 18:04:15 dnsmasq[5782]: /etc/pihole/gravity.list edge.quantserve.com is 192.168.1.5
Dec  3 18:04:15 dnsmasq[5782]: /etc/pihole/gravity.list b.scorecardresearch.com is 192.168.1.5
Dec  3 18:04:15 dnsmasq[5782]: /etc/pihole/gravity.list www.googletagservices.com is 192.168.1.5
Dec  3 18:04:38 dnsmasq[5782]: /etc/pihole/gravity.list js-agent.newrelic.com is 192.168.1.5
Dec  3 18:04:38 dnsmasq[5782]: /etc/pihole/gravity.list segment-data.zqtk.net is 192.168.1.5
Dec  3 18:04:38 dnsmasq[5782]: /etc/pihole/gravity.list cdn.yldbt.com is 192.168.1.5
Dec  3 18:04:38 dnsmasq[5782]: /etc/pihole/gravity.list c.amazon-adsystem.com is 192.168.1.5
Dec  3 18:04:58 dnsmasq[5782]: /etc/pihole/gravity.list www.googletagmanager.com is 192.168.1.5
Dec  3 18:04:59 dnsmasq[5782]: /etc/pihole/gravity.list ads.servebom.com is 192.168.1.5
Dec  3 18:05:22 dnsmasq[5782]: /etc/pihole/gravity.list pagead2.googlesyndication.com is 192.168.1.5
Dec  3 18:05:35 dnsmasq[5782]: /etc/pihole/gravity.list z-na.amazon-adsystem.com is 192.168.1.5
Dec  3 18:10:37 dnsmasq[5782]: /etc/pihole/gravity.list www-google-analytics.l.google.com is 192.168.1.5
Dec  3 18:10:38 dnsmasq[5782]: /etc/pihole/gravity.list z-na.amazon-adsystem.com is 192.168.1.5
Dec  3 18:10:38 dnsmasq[5782]: /etc/pihole/gravity.list pagead2.googlesyndication.com is 192.168.1.5
Dec  3 18:16:23 dnsmasq[5782]: /etc/pihole/gravity.list z-na.amazon-adsystem.com is 192.168.1.5
Dec  3 18:16:23 dnsmasq[5782]: /etc/pihole/gravity.list pagead2.googlesyndication.com is 192.168.1.5
Dec  3 18:16:23 dnsmasq[5782]: /etc/pihole/gravity.list www-google-analytics.l.google.com is 192.168.1.5
Dec  3 18:22:04 dnsmasq[5782]: /etc/pihole/gravity.list www-google-analytics.l.google.com is 192.168.1.5
Dec  3 18:22:05 dnsmasq[5782]: /etc/pihole/gravity.list z-na.amazon-adsystem.com is 192.168.1.5
Dec  3 18:22:06 dnsmasq[5782]: /etc/pihole/gravity.list pagead2.googlesyndication.com is 192.168.1.5
Dec  3 18:30:34 dnsmasq[5782]: /etc/pihole/gravity.list www-google-analytics.l.google.com is 192.168.1.5
Dec  3 18:30:35 dnsmasq[5782]: /etc/pihole/gravity.list z-na.amazon-adsystem.com is 192.168.1.5
Dec  3 18:30:35 dnsmasq[5782]: /etc/pihole/gravity.list pagead2.googlesyndication.com is 192.168.1.5
Dec  3 18:33:43 dnsmasq[5782]: /etc/pihole/gravity.list csi.gstatic.com is 192.168.1.5
Dec  3 18:35:42 dnsmasq[5782]: /etc/pihole/gravity.list www-google-analytics.l.google.com is 192.168.1.5
Dec  3 18:35:43 dnsmasq[5782]: /etc/pihole/gravity.list z-na.amazon-adsystem.com is 192.168.1.5
Dec  3 18:35:43 dnsmasq[5782]: /etc/pihole/gravity.list pagead2.googlesyndication.com is 192.168.1.5
Dec  3 18:44:03 dnsmasq[5782]: /etc/pihole/gravity.list pagead2.googlesyndication.com is 192.168.1.5
Dec  3 18:44:03 dnsmasq[5782]: /etc/pihole/gravity.list www-google-analytics.l.google.com is 192.168.1.5
Dec  3 18:44:35 dnsmasq[5782]: /etc/pihole/gravity.list z-na.amazon-adsystem.com is 192.168.1.5
Dec  3 18:57:16 dnsmasq[5782]: /etc/pihole/gravity.list www-google-analytics.l.google.com is 192.168.1.5
Dec  3 18:57:17 dnsmasq[5782]: /etc/pihole/gravity.list z-na.amazon-adsystem.com is 192.168.1.5
Dec  3 18:57:17 dnsmasq[5782]: /etc/pihole/gravity.list pagead2.googlesyndication.com is 192.168.1.5
Dec  3 19:04:36 dnsmasq[5782]: /etc/pihole/gravity.list g.symcd.com is 192.168.1.5
Dec  3 19:04:43 dnsmasq[5782]: /etc/pihole/gravity.list id.google.com is 192.168.1.5
Dec  3 19:04:58 dnsmasq[5782]: /etc/pihole/gravity.list partner.googleadservices.com is 192.168.1.5
Dec  3 19:04:58 dnsmasq[5782]: /etc/pihole/gravity.list www.googletagservices.com is 192.168.1.5
Dec  3 19:04:58 dnsmasq[5782]: /etc/pihole/gravity.list tpc.googlesyndication.com is 192.168.1.5
Dec  3 19:04:58 dnsmasq[5782]: /etc/pihole/gravity.list pubads.g.doubleclick.net is 192.168.1.5
Dec  3 19:04:58 dnsmasq[5782]: /etc/pihole/gravity.list www-google-analytics.l.google.com is 192.168.1.5
Dec  3 19:04:58 dnsmasq[5782]: /etc/pihole/gravity.list stats.g.doubleclick.net is 192.168.1.5
Dec  3 19:04:58 dnsmasq[5782]: /etc/pihole/gravity.list googleads.g.doubleclick.net is 192.168.1.5
Dec  3 19:04:58 dnsmasq[5782]: /etc/pihole/gravity.list pixel.quantserve.com is 192.168.1.5
Dec  3 19:04:58 dnsmasq[5782]: /etc/pihole/gravity.list pagead2.googlesyndication.com is 192.168.1.5
Dec  3 19:04:58 dnsmasq[5782]: /etc/pihole/gravity.list edge.quantserve.com is 192.168.1.5
Dec  3 19:04:58 dnsmasq[5782]: /etc/pihole/gravity.list www.addthis.com is 192.168.1.5
Dec  3 19:04:58 dnsmasq[5782]: /etc/pihole/gravity.list sp.udimg.com is 192.168.1.5
Dec  3 19:05:57 dnsmasq[5782]: /etc/pihole/gravity.list z-na.amazon-adsystem.com is 192.168.1.5
Dec  3 19:19:07 dnsmasq[5782]: /etc/pihole/gravity.list www-google-analytics.l.google.com is 192.168.1.5
Dec  3 19:19:08 dnsmasq[5782]: /etc/pihole/gravity.list z-na.amazon-adsystem.com is 192.168.1.5
Dec  3 19:19:08 dnsmasq[5782]: /etc/pihole/gravity.list pagead2.googlesyndication.com is 192.168.1.5
Dec  3 19:28:37 dnsmasq[5782]: /etc/pihole/gravity.list www-google-analytics.l.google.com is 192.168.1.5
Dec  3 19:28:38 dnsmasq[5782]: /etc/pihole/gravity.list z-na.amazon-adsystem.com is 192.168.1.5
Dec  3 19:28:38 dnsmasq[5782]: /etc/pihole/gravity.list pagead2.googlesyndication.com is 192.168.1.5
Dec  3 19:48:29 dnsmasq[5782]: /etc/pihole/gravity.list www-google-analytics.l.google.com is 192.168.1.5
Dec  3 19:48:30 dnsmasq[5782]: /etc/pihole/gravity.list z-na.amazon-adsystem.com is 192.168.1.5
Dec  3 19:48:30 dnsmasq[5782]: /etc/pihole/gravity.list pagead2.googlesyndication.com is 192.168.1.5
 
sfx2000 said:
But this can be easily bypassed by setting client DNS to something other that what DHCP offers - and then what?
Click to expand...

Using DNSFilter on my firmware will prevent that. It creates an iptables rule that redirect all port 53 connections to a specific IP address. It will allow you to lock someone into a DNS of your choice (such as OpenDNS). Bypassing it would require either a VPN tunnel, or a hotspot other than your router.
 
RMerlin said:
Using DNSFilter on my firmware will prevent that. It creates an iptables rule that redirect all port 53 connections to a specific IP address. It will allow you to lock someone into a DNS of your choice (such as OpenDNS). Bypassing it would require either a VPN tunnel, or a hotspot other than your router.
Click to expand...

Don't be so sure about that - there's always a way...
 
sfx2000 said:
Don't be so sure about that - there's always a way...
Click to expand...

If you're connecting to port 53, you're getting redirected by iptables if that feature is enabled. I don't see any way around that.
 
sfx2000 said:
This in many ways is a battle that one can not win thru tech alone...

We can do interesting things with DNS, ARP, etc on the router - but this is easily bypassed by a 13 year old boy that wants to surf some pron by disabling WiFi and going to 3G/4G/LTE on his phone... and if he wants his pron, he's gonna find a way...

Even within the constraints - it's easy enough to bypass - DNS blocks on the router - can be bypassed on the client...

It's fun to put some roadblocks - and it's interesting to see how kids work around them - and they will...

Which brings my argument back full circle - be a good parent...

When my kid was of a certain age - we let him onto the internet - but also I showed him up front, that everything was logged, and we would hold him accountable... he pushed things a bit, and I let him know by showing him the logs..

It's more about timing and trust to be honest...
Click to expand...

I agree, but my guess is that Bob did not have the horny 13 yr old in mind, but rather the 6+ yr olds that sneak their way onto their various devices as soon as mum/dad isn't watching? It's a time consuming struggle, and the "I'm logging you" thing... well, my 6 yr old is not that impressed.

So, this would be a very welcome addition and a possibility to put Disney's Circle out of the market.
 
You must log in or register to reply here.

Similar threads

R
Looking for mid to high end router with specific access control/parental control features
Replies
7
Views
2K
Wistuplu
W
R
Help me choose nice router for parental control
Replies
8
Views
3K
Tech9
Tech9
J
New Install - Advice
Replies
0
Views
818
jawsthemeswimming428
J
Viktor Jaep
BACKUPMON BACKUPMON v1.8.20 -Oct 12, 2024- Backup/Restore your Router: JFFS + NVRAM + External USB Drive! CIFS/SMB/NFS! (Now available in AMTM!)
23 24 25
Replies
480
Views
59K
Viktor Jaep
Viktor Jaep
G
RT-AC68U new interface for parental controls time scheduling
Replies
4
Views
3K
Josh Schneider
Josh Schneider
Similar threads
Thread starter Title Forum Replies Date
H RT-AX88U Merlin Parental Control not working Asuswrt-Merlin 3
E Bug found in Brazil --> Parental Control x Amazon Prime|Disney+ Asuswrt-Merlin 1
I Control bandwidth of IP range Asuswrt-Merlin 14
T Basic server-failover control Asuswrt-Merlin 0
D Bond / Link Aggregation option missing from LAN / Switch Control in UI - 3004.388.6 Asuswrt-Merlin 7
A Recommendation for 1Gb speeds with Flow Control Off. Asuswrt-Merlin 2
K Wireless control channel setting reverts to auto after reboot! Asuswrt-Merlin 3
M RT-AX88U on 3004.388.4 doesn't save LED control setting after a reboot Asuswrt-Merlin 1

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 708 (members: 16, guests: 692)
Top