Thank you for your assistance in advance; I have read the Hotspot documentation and have tried to find the answer on my own before posting.
I have the 450G setup as a bandwidth shaper and for this purpose it is working great however, I need to use two different DNS servers for different user profiles.. Meaning:
I have a large home, many adults and several children..
I wish to have the adults with a profile or rules that would allow them to use regular DNS server; i.e. 18.104.22.168 I then wish to have the children's profile or rules that would make sure their DNS requests were forwarded to OpenDNS; i.e. 22.214.171.124
OpenDNS offers filtered queries while the adults use unfiltered...
Could someone please help me with a configuration that would solve two different profiles for two groups of users.
Use that to write mangle rules that mark DNS packets accordingly and dst-nat them to the desired DNS servers.
Could someone give me an example of how to write the Mangled rule to send them to dst-nat to the DNS server.. I have no idea of how to customize rules in the firewall.. I will take time to learn however, could someone with experience help me with a "example" of what it would look like?
yes, the address-list is populated with "child or adult" entries.. I see the rules with packets being counted..
The weird issues is that I have both the rules pointing towards different DNS servers..
The user is getting the system default response.. it is like the rule is 1. being ignored 2. being redirected
the reason I say this is that OpenDNS responses to a porn domain is always back to a "blocked" ip.. Filtered.. If that same query is to 126.96.36.199 it gets a normal recursive lookup and IP address reply.. The client regardless of what URL that is typed in and regardless of what address-list is is on and regardless of the rules for the address-list.. the response is always from the system default dns..
My config is:
Default System DNS ip address is OpenDNS (Filtered)
There are 2 rules; one for each of the address-list's... Adult Child (filtered and non-filtered)
The user always gets response from Default system DNS server configured.. I tested by using 188.8.131.52 as system default too and same happens.. it is as if it gets redirected or ignored.
This is where the issue is: 4 D chain=hotspot action=redirect to-ports=64872 protocol=udp dst-port=53
I have to find some how to return the packet back to the user.. I see the user listed in the address-list, I see the counter counting packets, but the DNS is being intercepted and handled by the default DNS of the RouterBoard.. It is not returning the packet's response.
Users browsing this forum: Google [Bot] and 13 guests
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot post attachments in this forum