dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
1181

Mark Olsen
@2.110.135.x

Mark Olsen

Anon

Blocking Dns Lookup? I presume!

I dont know if i am knowledgeable enough to even ask this question properly, but i will try! My router is a Zyxel P-2812HNU-F1

The reason i am writing is because of a Chromecast i have acquired. It has a mind of its own, and looks up the googledns, and opendns servers regardless of my own dns, and therefore i cant watch the american netflix on it.

I use a service which gives me a dns that masks my location. It works fine on my phone, the pcs, and playstation, but this Chromecast is a different beast.

I have tried making up firewall rules on the modem to block 8.8.8.8, 8.8.4.4, and the opendns servers, but i fail miserably! I dont even know if it is the firewall i am supposed to be tinkering with. Searching has not provided me with anything i could apply, and i am maybe not clever enough to understand it yet. The language in the "guides" i have read are almost foreign to me, and i hardly know where to begin!

If you can help me, i will be forever grateful!

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON
(Software) OPNsense
Ubiquiti UniFi UAP-AC-PRO
Ubiquiti NanoBeam M5 16

Brano

MVM

Can be done, but I don't believe it can be done with the router you have.
You need a linux based router where you can modify iptables.
The command you're looking for is
iptables -t nat -A PREROUTING -s <chromecast_IP>/32 -d 8.8.4.4/32 -j DNAT --to-destination <desired_dns>
iptables -t nat -A PREROUTING -s <chromecast_IP>/32 -d 8.8.8.8/32 -j DNAT --to-destination <desired_dns>
 

Some of the routers out there that can handle this: Edgerouter or various consumer routers that can run open-source firmware such as Open-WRT, DD-WRT, Tomato or similar (all linux based)

Mark Olsen
@2.110.135.x

Mark Olsen

Anon

Thanks for the answer. It is not what i hoped for, but i might be out of luck like you say. Goddamn router! I will see if i can get a model that supports tomato, or ddwrt so i can tinker with the iptables. Thanks for showing me a way!

janderso1
Jim
MVM
join:2000-04-15
Saint Petersburg, FL

janderso1 to Mark Olsen

MVM

to Mark Olsen
I am running Openwrt on a Tp-link TL-WR841N. In the US they sell for $20 at amazon.com, newegg.com and other online stores.

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON

Brano to Mark Olsen

MVM

to Mark Olsen
Consider ERL for $100, you won't regret it »www.ubnt.com/edgemax/edg ··· er-lite/
gb5102
join:2003-10-07
Saint Paul, MN

gb5102 to Mark Olsen

Member

to Mark Olsen
Not sure if this will work or not but looking at the manual it appears you may be able to accomplish this with Parental Control rules:

-On Parental Control page, click 'Add new PCP'.

-add your chromecast to the 'Home Network User' field

-set 'Network Service Setting' to 'Block'

-click 'Add New Service', Name=DNS, Protocol:Port=UDP:53 (for good measure you may want to also add a service for TCP:53)

-Under 'Blocked Site/URL keyword', add the IPs of the DNS servers you want to block.
(IF the device will not allow an IP address to be entered, you can do a PING -a 8.8.8.8 for example and see that the DNS address/URL is: google-public-dns-a.google.com)
gb5102

gb5102 to Mark Olsen

Member

to Mark Olsen
On second thought you may not need the 'Network Service' settings, URL blocking may be all that is needed, you will have to test it out...

Brano
I hate Vogons
MVM
join:2002-06-25
Burlington, ON

Brano

MVM

It's not about blocking only, you it's about re-directing the DNS call to server of your choice. Chromecast has hard coded Google DNS servers that you can't override on the stick.
gb5102
join:2003-10-07
Saint Paul, MN

gb5102

Member

said by Brano:

... Chromecast has hard coded Google DNS servers that you can't override on the stick.

Sorry didn't realize that...OP just ignore my posts!