What's new

Questions about the new DNS filtering in 3.0.0.4_374.39_0

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Cool, below is my settings and also I have Opendns IP address specified in WAN > DNS

Enable DNS-based Filtering =yes

Global Filter Mode - OpenDNS Home
Custom (user-defined) DNS 1 - 208.67.222.222
Custom (user-defined) DNS 2- 208.67.220.220
Custom (user-defined) DNS 3

PS- should I set -Connect to DNS Server automatically to no now or leave as yes?
 
Cool, below is my settings and also I have Opendns IP address specified in WAN > DNS

Enable DNS-based Filtering =yes

Global Filter Mode - OpenDNS Home
Custom (user-defined) DNS 1 - 208.67.222.222
Custom (user-defined) DNS 2- 208.67.220.220
Custom (user-defined) DNS 3

PS- should I set -Connect to DNS Server automatically to no now or leave as yes?

Leave the option enabled, so that way if you ever disable or reconfigure DNSFilter, you won't have to wonder why you are no longer able to properly access the Internet. It will also prevent potential issues with the router itself if it needs to access the Internet for stuff such as NTP or the DDNS service update.
 
Leave the option enabled, so that way if you ever disable or reconfigure DNSFilter, you won't have to wonder why you are no longer able to properly access the Internet. It will also prevent potential issues with the router itself if it needs to access the Internet for stuff such as NTP or the DDNS service update.

Please what option are you referring to, do you mean to leave automatic dns connection to yes or no?
 
Please what option are you referring to, do you mean to leave automatic dns connection to yes or no?

That's the option you asked me about, yes.
 
sammyano:

Thanks, but I use asus.com as my DDNS and not OpenDNS, though I do login into my account from home to check that it has my current Internet IP - Do I need to change DDNS for this to work or leave it as I specified in my previous comment?

I know this is an old post, but here another suggestion. You are better to use DNS-O-Matic (opendns feature) on the router itself and not update your ip address on your pc to opendns which would be a weakness. Anybody can disable more easily the opendns ip update if done on your pc, but it is much more difficult if done in the router. If i remember correctly, opendns DNS-O-Matic can be configured to update third party ddns itself. Just looks if it can update the one you were previously using (asus.com) on the router for you (that way, all needed ddns would be updated by only updating through DNS-O-Matic on the router ddns)
 
Last edited:
Using Merlin's firmware Is it possible to have OpenDNS applied to an entire Guest ssid and not just specific IPs? Example. I know all of my kids device id's. That's easy to specify in Merlin's firmware for individual devices. However, when my kids's friends bring devices over, I want those devices to log into one of the routers guest ssid's that forces OpenDNS servers ... While the main ssid's use the main dns server?
 
Clients could override your WAN DNS simply by manually entering different nameservers on their computers. That won't work with DNSFilter since it essentially redirects DNS queries to the intended target.

Yes, old topic, but:

Just found out AiProtection addon "DNS Filtering" is developed by RMerlin's in Asuswrt-Merlin

It's working great!
 
Last edited:
OpenDNS offers two types of services:

- Open, anonymous usage. In this mode, anyone can use their servers, however you won't be able to customize how the service works

- Through a registered account. In this mode, you can also login to their website to customize various settings, such as whether you want invalid hostnames be redirected to an error page rather than return an NXDOMAIN error (domain not found)

For registered accounts to work, OpenDNS needs to know your current IP. This is what the DDNS service will do. That's how the OpenDNS server will know it's you, and will use your customized settings.

Both modes will work perfectly well with DNSFilter.


RMerlin,
Any chance you can add two entries like Tomato? I switched away from Tomato because the WiFi performance is just horrible on my RT-AC68U, so I am checking out your firmware. I LOVE the ability to filter OpenDNS per machine, but I miss the ability to register with OpenDNS at the router level while also registering with ZoneEdit, so I can find my router worldwide. Any chance you can extend your firmware to match (or even surpass) Tomato? Maybe 3 DDNS entries? Hahaha...

i6miv8.jpg


:):):)

P.S.
I just checked out DNS-O-MATIC after reading your suggestion and I did not realize that it was this "all in one" DNS updater online. Pretty cool, but the problem is that your interface requires you to specify a hostname, which means it will only update one of the entries in DNS-O-MATIC. This means if you have 5 entires in DNS-O-MATIC then you have to put the hostname of 1 of those items for the router to update that one, which means you still do not have the ability to do multiple updates. Tomato at least allows you to set up 2 DDNS entries, which are usually a LOCATOR (Zone Edit) and a FILTER (OpenDNS), but maybe yours can be enhanced to somehow update all entries in DNS-O-MATIC or have manual entries like Tomato (possibly upping this to 3-5).

image.php


image.php


"Enable Wildcard" does nothing, but would be cool if we could check that and then enter * for Host Name and then have it update ALL entries in DNS-O-MATIC...

;)

Thanks for the firmware...
 
Last edited:
Any chance you can add two entries like Tomato?

DNS Filtering (which was what was discussed in this topic) has nothing to do with Dynamic DNS.

You can already configure as many DDNS services as you want through a custom DDNS script.
 
I know. It is kind of a "fudge" but like I said, I saw this in the Tomato Firmware; because they have the ability to register DNS with OpenDNS (which is DNS filtering but updates the router's DNS entries) while also allowing another entry for DDNS like Zone Edit (which is Dynamic DNS mapping), so they "fudged" those two together; but is very cool as it makes it easy for the "layman" to just configure through interface.

I will investigate this "custom DDNS script" then. Still learning my way around your firmware, but I am technical so no problem with coding a script or something and was just posting a "nice to have". Thanks...
 
Last edited:
Just for anyone else reading this, but just a minor follow-up about the DNS-O-MATIC configuration. It seems you can update all entries in your DNS-O-MATIC profile by using "all.dnsomatic.com" for HOST NAME and you can set WILDCARD to NO in RMerlin's DDNS configuration tab, but I think I will not need a custom script for now.

:D

Very cool and grateful for "showing me the light" regarding DNS-O-MATIC, but this allows me to register my router with OpenDNS and ZoneEdit in one shot (with more in the future). Thanks...
 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top