Posted: Sat Mar 12, 2016 11:28 Post subject: Block youtube
Hi
I have been trying to block youtube as my kid loves to spend all day watching it from various devices. I have used the access restrictions settings and added blocked services as specified. Ive tried mac addresses ip addresses etc but i can still access youtube from all devices on the network. Is this still not fixed or am i missing something?
I believe you cannot use 'Website Blocking by URL Address' or 'Website Blocking by Keyword' for YouTube and other sites that use HTTPS, because of the encryption.
I have not tested it, but perhaps you can (permanent) block YouTube by using 'DNSMasq for DNS' and create custom entries for all YouTube urls. _________________ Netgear WNDR4300v1 DD-WRT v3.0 BS r29837 | Netgear R6400 DD-WRT v3.0 KB r33525M | Tickets: 5429 IPv4 & IPv6-PD | ProFTP & Samba to USB thumb | DNSMasq DHCPv6 | Pi-Hole on RasPi
Joined: 16 Nov 2015 Posts: 6446 Location: UK, London, just across the river..
Posted: Mon Mar 14, 2016 18:05 Post subject:
or you can revert to build where Access Restrictions are working but you will miss the new features and updates...
try 27506 for example _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Joined: 25 Jun 2014 Posts: 142 Location: São Paulo - Brazil
Posted: Tue Mar 15, 2016 2:52 Post subject:
Acumen wrote:
I believe you cannot use 'Website Blocking by URL Address' or 'Website Blocking by Keyword' for YouTube and other sites that use HTTPS, because of the encryption.
I have not tested it, but perhaps you can (permanent) block YouTube by using 'DNSMasq for DNS' and create custom entries for all YouTube urls.
It might be easiest to use opendns.com
Create an account with opendns.com and you can block youtube.com you will just have to be sure to use the opendns servers. When you sign up for an account it will tell you about doing that.
It might be easiest to use opendns.com
Create an account with opendns.com and you can block youtube.com you will just have to be sure to use the opendns servers. When you sign up for an account it will tell you about doing that.
Horrible idea. OpenDNS inserts an ad for every domain not found request. It breaks some programs too. You need to do it in the router.
Then again, Youtube can be a great source of knowledge, plus it already has anti-porn system in place. Even if a small fraction of the videos teaches the kid something, it will be worth it.
Perhaps you could work on your parenting too, offer some outdoor activity. It's not the kid's fault, the parent needs to provide fruit for the mind.
As for the technical point of view, I would still go with the IP blocking because DNS can be circumvented and capturing all port 53 connections seems a bit overkill, if not useless.
Let add a little color to this scenario as I've been facing this problem (trying to block youtube and other sites). (And instead of blaming the OPs parenting skills, maybe try answering the question!)
My children require internet access to use online classrooms as REQUIRED by their school. I can't always be home in the afternoons to police them so they end up wasting a lot of time on YouTube, Netflix, etc. All this to say blocking all internet is NOT an acceptable answer.
I understand you can't block https traffic with URL filtering or Access Restrictions. Yes I understand the limitations of DNS and other solutions which can "easily" be circumvented. However, I would rather "catch" my children and find out their tech savvy enough to defeat my solution, causing us both to grow, than do nothing at all.
What we parents are looking for is a relatively easy way to block all social media and video streaming websites from the hours of 3PM to 9PM on weekdays. I'm currently looking at setting up a Pi running Squid, but this is still way too advanced for most parents.
I'd be really interested in hearing some potential solutions which could be applicable to the custom firmware on our routers.
Joined: 16 Nov 2015 Posts: 6446 Location: UK, London, just across the river..
Posted: Tue Oct 24, 2017 19:48 Post subject:
ncalsurfer usually those solutions cost money, writing the script for that cost money and time too...especially with requirements to meet...like time and
web sites to filter...
there are single options to filter sites via iptables or DNSMasq but it's not enough for complex blocking
iptables -t filter -I FORWARD -s {IP of your local host you want to block} -p tcp -d {IP of facebook} -j DROP
or additional DNSmasq options
address=/www.namecheap.com/0.0.0.0
so far ive seen a bloke who manage to write a script for Whatsapp but it was not an easy task..it's here in the forum and i believe you can adapt it for your needs and create a small cronjob script to turn it on and off at your time...
Personally i haven't tried this script for something else but for Whatsapp it was working ....