|
Mark Olsen
Anon
2014-Nov-21 9:03 pm
Blocking Dns Lookup? I presume!I dont know if i am knowledgeable enough to even ask this question properly, but i will try! My router is a Zyxel P-2812HNU-F1
The reason i am writing is because of a Chromecast i have acquired. It has a mind of its own, and looks up the googledns, and opendns servers regardless of my own dns, and therefore i cant watch the american netflix on it.
I use a service which gives me a dns that masks my location. It works fine on my phone, the pcs, and playstation, but this Chromecast is a different beast.
I have tried making up firewall rules on the modem to block 8.8.8.8, 8.8.4.4, and the opendns servers, but i fail miserably! I dont even know if it is the firewall i am supposed to be tinkering with. Searching has not provided me with anything i could apply, and i am maybe not clever enough to understand it yet. The language in the "guides" i have read are almost foreign to me, and i hardly know where to begin!
If you can help me, i will be forever grateful! |
|
BranoI hate Vogons MVM join:2002-06-25 Burlington, ON (Software) OPNsense Ubiquiti UniFi UAP-AC-PRO Ubiquiti NanoBeam M5 16
|
Brano
MVM
2014-Nov-21 10:46 pm
Can be done, but I don't believe it can be done with the router you have. You need a linux based router where you can modify iptables. The command you're looking for is iptables -t nat -A PREROUTING -s <chromecast_IP>/32 -d 8.8.4.4/32 -j DNAT --to-destination <desired_dns>
iptables -t nat -A PREROUTING -s <chromecast_IP>/32 -d 8.8.8.8/32 -j DNAT --to-destination <desired_dns>
Some of the routers out there that can handle this: Edgerouter or various consumer routers that can run open-source firmware such as Open-WRT, DD-WRT, Tomato or similar (all linux based) |
|
|
Mark Olsen
Anon
2014-Nov-22 3:51 am
Thanks for the answer. It is not what i hoped for, but i might be out of luck like you say. Goddamn router! I will see if i can get a model that supports tomato, or ddwrt so i can tinker with the iptables. Thanks for showing me a way! |
|
janderso1Jim MVM join:2000-04-15 Saint Petersburg, FL |
to Mark Olsen
I am running Openwrt on a Tp-link TL-WR841N. In the US they sell for $20 at amazon.com, newegg.com and other online stores. |
|
BranoI hate Vogons MVM join:2002-06-25 Burlington, ON |
to Mark Olsen
Consider ERL for $100, you won't regret it » www.ubnt.com/edgemax/edg ··· er-lite/ |
|
gb5102 join:2003-10-07 Saint Paul, MN |
to Mark Olsen
Not sure if this will work or not but looking at the manual it appears you may be able to accomplish this with Parental Control rules:
-On Parental Control page, click 'Add new PCP'.
-add your chromecast to the 'Home Network User' field
-set 'Network Service Setting' to 'Block'
-click 'Add New Service', Name=DNS, Protocol:Port=UDP:53 (for good measure you may want to also add a service for TCP:53)
-Under 'Blocked Site/URL keyword', add the IPs of the DNS servers you want to block. (IF the device will not allow an IP address to be entered, you can do a PING -a 8.8.8.8 for example and see that the DNS address/URL is: google-public-dns-a.google.com) |
|
gb5102 |
to Mark Olsen
On second thought you may not need the 'Network Service' settings, URL blocking may be all that is needed, you will have to test it out... |
|
BranoI hate Vogons MVM join:2002-06-25 Burlington, ON |
Brano
MVM
2014-Nov-22 7:09 pm
It's not about blocking only, you it's about re-directing the DNS call to server of your choice. Chromecast has hard coded Google DNS servers that you can't override on the stick. |
|
gb5102 join:2003-10-07 Saint Paul, MN |
gb5102
Member
2014-Nov-22 9:32 pm
said by Brano:... Chromecast has hard coded Google DNS servers that you can't override on the stick. Sorry didn't realize that...OP just ignore my posts! |
|