No more ads - and parental control. Those are two use cases for ad blockers and DNS Filters like AdGuard Home or Pi-hole (R). Privacy and protection of your data in the internet, blocking ads and the use of DNS White Lists or Black Lists. The main challenge for many people is the integration in the network, i.e. the redirection of DNS traffic to the Pi-hole or AdGuard Home machine. We will have a look into 4 options, using DHCP option 6, the DNS Forwarder option, iptables filter rules on port 53 as well as running AdGuard Home directly on an OpenWrt Router.



MANY THANKS TO MY PATRONS on   / onemarcfifty   !!!
Please visit my channel page:    / onemarcfifty  
Want to talk to me? Join my Discord Server:   / discord  

Marc on Patreon:   / onemarcfifty  
Marc's channel on youtube:    / onemarcfifty  
Marc on Twitter:   / onemarcfifty  
Marc on Facebook:   / onemarcfifty  
Marc on Reddit:   / onemarcfifty  
Chat with me on Discord:   / discord  

0:00 Please use the chapters

0:40 Why filter DNS ? Use cases
2:40 How DNS Filtering works
4:10 How Clients get to DNS
6:28 Solution 1: Announce DNS with DHCP
8:20 Solution 1: Implementation
9:50 Solution 1: Separate DHCP Server
13:45 Call To Action
14:25 Solution 2: DNS forwarder
16:40 Solution 3: Enforcement/iptables
19:40 Solution 3: Implementation
25:10 Solution 4: adguard home on OpenWrt
26:30 Solution 4: Implementation


The firewall rule for the redirect:

iptables -t nat -A PREROUTING -m mac "!" --mac-source XX:XX:XX:XX:XX:XX -p tcp --dport 53 -m addrtype "!" --src-type LOCAL -j DNAT --to 192.168.1.245
iptables -t nat -A PREROUTING -m mac "!" --mac-source XX:XX:XX:XX:XX:XX -p udp --dport 53 -m addrtype "!" --src-type LOCAL -j DNAT --to 192.168.1.245



(replace 192.168.1.245 witht he IP of your DNS filter and XX:XX:XX:XX:XX:XX with its MAC)



The commands that are used or mentioned in this video:


nslookup (host name)

opkg install iptables-mod-extra
ip route

ip route del 192.168.1.0/24
netstat -tulpn |grep 53