HomeForumsOpen-Source SoftwareCoovaAP Firmware

Wireless Clients using ISP's DNS, not OpenDNS

Wed, 07/30/2008 - 23:38 — JBDive

I have OpenDNS setup on the router and our internal DNS server however the wirless clients (HotSpot) are getting the DNS IP setting of my Hotspot and local ISP thus getting around any porn blocking I am doing.

I see nowhere in the GUI to set the DNS server for the Wireless side, just the DHCP scope.

‹ Internal HotSpot Mac OSX redirect error Internal Hotspot Wired and Wireless ›
Wed, 03/02/2011 - 13:18 — soumyadip

dsl providers

Welcome the quickest way to find the best dsl provider in your area. You generally have several Internet service options and we will help you evaluate all of those including the best DSL solutions for your home or business.

Mon, 11/30/2009 - 20:01 — winnerhof

Wireless clients using OpenDNS instead of ISP`DNS

Well, i had the same problem, now it´s solved and it works fine:

My router is a Linksys WRT54GL running with CoovaAP Firmware
First of all I had to open an account at OpenDNS.

These are the two DNS-Server adresses for OpenDNS:
208.67.222.222
208.67.220.220

1) I entered these adresses into the Network-LAN Page of the Router
2) I found this:
http://dev.coova.org/svn/coova-chilli/conf/defaults.in
I had to change the defaults in the chilli-folder of my router, I did it with WINSCP:
I changed the two "empty" HS_DNS-adresses to:
# OpenDNS Servers
HS_DNS1=208.67.222.222
HS_DNS2=208.67.220.220

and voila:
OpenDNS runs on my LAN and Hotspot,
it`s great, I´m lovin`it

Fri, 08/08/2008 - 21:40 — zombiwulf

Re: Wireless Clients using ISP's DNS, not OpenDNS

At the risk of tripping over my...junk...

I don't use coova yet - though that should change after I order some new AP's. I was checking it out on a router I had laying around, but it (the router) has hardware issues. Still, what I was able to check out is good enough that I'm ordering new hardware to run coova.

I presume there is some facility to pass config strings to iptables.
If so, I would try the following, copied from the dd-wrt wiki:

<br />
iptables -t nat -A PREROUTING -p udp -i br0 --dport 53 -j DNAT --to $(nvram get lan_ipaddr)<br />
iptables -t nat -A PREROUTING -p tcp -i br0 --dport 53 -j DNAT --to $(nvram get lan_ipaddr)

I've used that under dd-wrt and it works great.

Another aside - don't count on OpenDNS to block porn on it's own.
All it's blocking is dns resolution. Any dedicated porn surfer can just input ip's manually.

I was using OpenDNS for blocking phishing sites, but their lack of transparency in categorization disputes is abysmal, so I dumped them.

p2p is much more of a concern to me than porn, since we run multiple ap's for public access and I've already had letters from hbo re ip theft.