OneMarcFifty | DNS Filtering with AdGuard Home or Pi-hole – with or without OpenWrt

Comments off | Other By · 10/12/2023



OneMarcFifty : DNS Filtering with AdGuard Home or Pi-hole – with or without OpenWrt

DNS Filtering with AdGuard Home or Pi-hole - with or without OpenWrt

No more ads – and parental control. Those are two use cases for ad blockers and DNS Filters like AdGuard Home or Pi-hole (R). Privacy and protection of your data in the internet, blocking ads and the use of DNS White Lists or Black Lists. The main challenge for many people is the integration in the network, i.e. the redirection of DNS traffic to the Pi-hole or AdGuard Home machine. We will have a look into 4 options, using DHCP option 6, the DNS Forwarder option, iptables filter rules on port 53 as well as running AdGuard Home directly on an OpenWrt Router.

MANY THANKS TO MY PATRONS on https://www.patreon.com/onemarcfifty !!!
Please visit my channel page: https://www.youtube.com/onemarcfifty
Want to talk to me? Join my Discord Server: https://discord.com/invite/DXnfBUG

Marc on Patreon: https://www.patreon.com/onemarcfifty
Marc’s channel on youtube: https://www.youtube.com/onemarcfifty
Marc on Twitter: https://twitter.com/onemarcfifty
Marc on Facebook: https://www.facebook.com/onemarcfifty/
Marc on Reddit: https://www.reddit.com/user/onemarcfifty
Chat with me on Discord: https://discord.com/invite/DXnfBUG

0:00 Please use the chapters

0:40 Why filter DNS ? Use cases
2:40 How DNS Filtering works
4:10 How Clients get to DNS
6:28 Solution 1: Announce DNS with DHCP
8:20 Solution 1: Implementation
9:50 Solution 1: Separate DHCP Server
13:45 Call To Action
14:25 Solution 2: DNS forwarder
16:40 Solution 3: Enforcement/iptables
19:40 Solution 3: Implementation
25:10 Solution 4: adguard home on OpenWrt
26:30 Solution 4: Implementation

The firewall rule for the redirect:

iptables -t nat -A PREROUTING -m mac “!” –mac-source XX:XX:XX:XX:XX:XX -p tcp –dport 53 -m addrtype “!” –src-type LOCAL -j DNAT –to 192.168.1.245
iptables -t nat -A PREROUTING -m mac “!” –mac-source XX:XX:XX:XX:XX:XX -p udp –dport 53 -m addrtype “!” –src-type LOCAL -j DNAT –to 192.168.1.245

(replace 192.168.1.245 witht he IP of your DNS filter and XX:XX:XX:XX:XX:XX with its MAC)

The commands that are used or mentioned in this video:

nslookup (host name)

opkg install iptables-mod-extra
ip route

ip route del 192.168.1.0/24
netstat -tulpn |grep 53

AdGuard

53GB.COM GPTSTORE CPU Yougpt Gptsio Gpt-store-Nav