Forums

Home Forums Parental Control Need a recommendation on how to configure pcWRT router

Need a recommendation on how to configure pcWRT router

This topic contains 5 replies, has 3 voices, and was last updated by  support 3 years, 8 months ago.

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • #1796

    drewbnold
    Participant

    I’ve seen people wanting to block things like Steam, etc., but I’m the opposite. I haven’t figured out the right config yet so maybe you can help. Here’s what I want:

    1. Allow Steam and Origin to operate at any time of the day.
    2. Disable generic internet access other than the following items.
    a) Items in #1 above (Steam, Origin)
    b) Items that are in a white list for school (edu addresses, moogle, etc.)
    c) Support items like microsoft.com, google.com, netnanny.com, eset.com, etc. which all need to continue unfiltered in order to self-update and stay reliable.

    Based on those needs, what’s the best recommendation configuration? On Steam, from what I’ve seen, there’s no real domain names to work with… there’s a list of IP addresses on iblocklist for Valve’s servers, but I’m not trying to filter based on literal IP addresses, and really don’t want to.

    #1799

    ToddShroats
    Participant

    What i did is white list all of the url you want to work or get internet. I had to see which site were getting blocked in the logs and add them to the white list also. There are several that are needed to make these different websites function.

    #1804

    drewbnold
    Participant

    I noticed that and started adding all the statistical sites etc. that if aren’t added then sites start to malfunction (especially google sites… thanks google for the bloat).

    Another issue though… I’m noticing that even though i whitelist google.com (or *.google.com), that the filters still think that google.com is a VPN/proxy avoidance and blocks it anyways, even if whitelisted. I would think that the whitelist would get the final say, but instead the final word comes from OpenDNS. This needs to be reversed.

    #1806

    support
    Participant

    @drewbnold If you put a site in the whitelist, the router will use the system default DNS servers (those shown on the Status page) to resolve the white listed domains. Therefore, if you use OpenDNS as your system default DNS server, white listed sites might still be blocked by OpenDNS.

    Just for clarification, are you wanting to block all sites other than those listed above for all times? Or do you want to set time limits for the unlisted sites?

    #1808

    drewbnold
    Participant

    Block everything except those items that I want to fully allow through which is then determined by various schedules/calendars. Blocked content will always be blocked.

    #1809

    support
    Participant

    @drewbnold These are our suggestions:

    1. Use white list mode. All sites except those listed in the Allowed URLs will be blocked.
    2. Add the allowed domains to Allowed URLs box. You may need to add more than the main domain name. For example, for Google, you may need:
      	google.com
      	gstatic.com
      	ggpht.com
      	ytimg.com
      	googleusercontent.com

      There’s no need to list sub-domains such as m.google.com or www.google.com, etc. Do the same with microsoft.com, netnanny.com, etc. You can allow all edu domains by entering “edu” (without quotes). Check the logs to see if you need to add more domains to the Allowed URLs list. Again, it’s easier to add a top level domain (such as netflix.com) other than the specific domain (e.g., x.y.netflix.com) listed in the list.

    3. Add a calendar with time limits for all allowed sites. Leave the domains box empty for this calendar.
    4. Add another calendar with time range 12:00am-12:00am for all days. List the domains with no time limits in the domains box. For Steam, you need to list steampowered.com plus any IP addresses that might be used by Steam. You may use the CIDR notation to list a group of IP addresses (up to 256 hosts), for example, use 172.16.1.0/24 for the range 172.16.1.1 – 172.16.1.255.
Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic.