How to redirect ALL DNS traffic to OpenDNS - Page 3

stanthemam · ‎11-08-2016

I am so lost at the moment. I have been searching the web for hours and can not manage to find a clear answer. I am trying to redirect all DNS traffic to OpenDNS. I have a son who is somewhat tech savvy and believe he has been using a google DNS (or some alternate form of DNS) to bypass the blocks I have in place with OpenDNS. I was told that I could disable port 53 on my modem, but when I did it blocked ALL outbound DNS traffic, including OpenDNS and denied any access to the internet. My modem only has a setting to block, not to allow, and it will not allow me to put a setting in place where all DNS traffic is rerouted to OpenDNS. Is there ANYTHING else I can do at all to resolve this issue? it has been driving me crazy all day.

rotblitz · ‎11-13-2016

If you use OpenDNS and have the Proxy/Anonymizer category blocked, you should not be able to pull the list you show in your second screen shot.
https://domain.opendns.com/proxynova.com
https://block.opendns.com/main?url=81838089907980876615688078&ablock=

If the list shows up nevertheless, you don't use OpenDNS, or you don't have blocked the Proxy/Anonymizer category, or you may use another WLAN, not yours.

Start with visiting http://welcome.opendns.com/ with this smart device to see if you use OpenDNS at all.

stanthemam · ‎11-13-2016

Oops, I forgot to mention that I was over at my sisters when I looked up that list. That website does not work on my home network. The manual proxy however does work when the numbers are plugged in. I have been doing some googling and have found that there is a Linkseys router that does allow for disabling of proxy, it's just a simple check mark and the router does all the work for you. But I read that some webpages don't work you when that function is disabled. I'm going to check it out and fingers crossed it does the trick for me!

angelandice · ‎08-20-2018

Which router models does natively support this discussed configuration (*Allow+Block) ? (without requiring to install any open source firmware)

*Allow+Block
ALLOW TCP/UDP IN/OUT to 208.67.222.222 or 208.67.220.220 on Port 53
and
BLOCK TCP/UDP IN/OUT all IP addresses on Port 53

rotblitz · ‎08-21-2018

Many routers do support such outbound firewall rules. The list would be too big to publish it here.

My router is an AVM FRITZ!Box with the FRITZ!OS as firmware. All router models running this firmware support such firewall rules without problem.

I also know from Netgear routers which allow for enabling Live Parental Controls (LPC) that DNS traffic to non-OpenDNS DNS services is being blocked, even without configuring specific rules.

If you point me to an online user manual of your router, I may check if such rules can be set up on your router too.

angelandice · ‎08-22-2018

I currently have an old linksys WRT54G (V6).
I did not find how to do that. In fact, it did not work correctly and it blocked all DNS, including my configured "Safe" DNS.

But I am planning to buy a new router and want to know which want to buy. I need recommendations.

I would prefer one which not only work with OpenDNS but with any "Safe" DNS (eg Cleanbrowsing.org, etc.).

Also, I want it to be configurable in the router original firmware (I don't want to install an open source firmware).

I would prefer a DNS "redirect" instead of BLOCK/ALLOW rules. This way, any other DNS ip will be automatically forwared to the configured "Safe" DNS. (the Tomato firmware does that).

rotblitz · ‎08-23-2018

"In fact, it did not work correctly and it blocked all DNS"

Correct. This is what this feature is supposed to do, not what you thought it would do.
So yes, this WRT54G is not the device which can achieve this.

"I would prefer a DNS "redirect" instead of BLOCK/ALLOW rules."

As far as I can see, such a feature does not exist on routers for the home market. This can only be achieved by installing alternative router firmware, as you said.