MikroTik

Posted: **Fri Mar 21, 2014 10:01 pm**

Hi

I'd like to protect our child (child computer) from Nudity, Pornography etc ..

I guess that this can be easily done with changing the DNS Server Settings on local computer to FamilyShield's IP Address

FamilyShield’s IPs are: 208.67.222.123 and 208.67.220.123
See more at: http://blog.opendns.com/2010/06/23/intr ... -controls/

But I do not like to have that DNS server settings to be set on all clients in the LAN.

The parent computer are allowed to see this content (if we like to)

Is there a way that a specific ip address (e.g. 192.168.88.100) will get this DNS Server IP settings
208.67.222.123 and 208.67.220.123 and all other will get the ip address from the local mikrotik router
(e.g. 192.168.88.1 / default gateway) ?

Thank you very much for you help

Posted: **Fri Mar 21, 2014 10:17 pm**

You can setup your router DNS with the opendns servers, and then redirect specific IP to your dns cache, like:

/ip firewall nat
add chain=dstnat action=redirect to-ports=53 src-address=192.168.88.100 protocol=udp dst-address-type=!local dst-port=53

and assign on the other computers another dns server,
or you may try to dst-nat those requests (I haven't try this):

/ip firewall nat
add chain=dstnat action=dst-nat to-addresses=208.67.222.123 to-ports=53 src-address=192.168.88.100 protocol=udp dst-port=53

Posted: **Fri Mar 21, 2014 10:27 pm**

I guess I've found a solution, maybe there is a better one ...

Added a secondary local IP range (e.g. 192.168.99.0/24) with Default Gateway (e.g. 192.168.99.1)
with an other local DHCP Server with static entries.
There I used the DNS settings 208.67.222.123 and 208.67.220.123

MikroTik

Child Protection for specific host/ip address in LAN

Child Protection for specific host/ip address in LAN

Re: Child Protection for specific host/ip address in LAN

Re: Child Protection for specific host/ip address in LAN