How to prevent users from typing in direct IP addresses & accessing OpenDNS-blocked sites?

General discussion about Gargoyle, OpenWrt or anything else even remotely related to the project

Moderator: Moderators

srix55
Posts: 2
Joined: Fri Jan 12, 2018 8:02 am

How to prevent users from typing in direct IP addresses & accessing OpenDNS-blocked sites?

Postby srix55 » Fri Jan 12, 2018 8:09 am

Hi,

I have successfully set up OpenDNS and it works great. However I noticed that it can be easily bypassed by typing in the ip address directly in the browser. How do I block that? I mean, I know I can block specific IP addresses in gargoyle. I want to know how you can block requests that are trying to bypass my forced-dns.

Lantis
Moderator
Posts: 3721
Joined: Mon Jan 05, 2015 5:33 am
Location: Australia

Re: How to prevent users from typing in direct IP addresses & accessing OpenDNS-blocked sites?

Postby Lantis » Fri Jan 12, 2018 9:07 am

You can’t. Those aren’t requests to the router they are to the remote server.
Any solution to do this would probably involve a proxy
WRT1900AC V1 on 1.10.X
WNDR3800/WRT3200ACM in a constant state of flux
www.lantisproject.com for custom builds and other projects
www.lantisproject.com/gargoyle_ispyisail/ for the latest releases

srix55
Posts: 2
Joined: Fri Jan 12, 2018 8:02 am

Re: How to prevent users from typing in direct IP addresses & accessing OpenDNS-blocked sites?

Postby srix55 » Fri Jan 12, 2018 9:31 am

Can gargoyle act as a proxy server?

tapper
Moderator
Posts: 1016
Joined: Sun Oct 13, 2013 5:49 pm
Location: Stoke-on-trent UK

Re: How to prevent users from typing in direct IP addresses & accessing OpenDNS-blocked sites?

Postby tapper » Fri Jan 12, 2018 11:58 am

Sorry that is beyond Gargoyle. You could do it by installing a OpenWRT package but It mite mess with a lot of the things Gargoyle does like firewalling and things.
TP-Link WR1043ND v2.1 Gargoyle 1.6.2
Western Digital My Net N750 Gargoyle 1.9x
TP-Link TL-WDR3600 V1.5 Gargoyle 1.9x
TP-Link Archer C7 Gargoyle 1.9x
Linksys WRT1900AC V2 Gargoyle 1.9x
Linksys WRT3200ACM LEDE 17.1

Lantis
Moderator
Posts: 3721
Joined: Mon Jan 05, 2015 5:33 am
Location: Australia

Re: How to prevent users from typing in direct IP addresses & accessing OpenDNS-blocked sites?

Postby Lantis » Fri Jan 12, 2018 6:07 pm

Most routers aren’t capable of running a proxy server at any reasonable throughput
WRT1900AC V1 on 1.10.X
WNDR3800/WRT3200ACM in a constant state of flux
www.lantisproject.com for custom builds and other projects
www.lantisproject.com/gargoyle_ispyisail/ for the latest releases

tapper
Moderator
Posts: 1016
Joined: Sun Oct 13, 2013 5:49 pm
Location: Stoke-on-trent UK

Re: How to prevent users from typing in direct IP addresses & accessing OpenDNS-blocked sites?

Postby tapper » Sat Jan 13, 2018 4:29 am

You could look in to running a proxy on a R-Pi. Even then tho the R-Pi has a slow network connection. The Ethernet port is over the USB.
TP-Link WR1043ND v2.1 Gargoyle 1.6.2
Western Digital My Net N750 Gargoyle 1.9x
TP-Link TL-WDR3600 V1.5 Gargoyle 1.9x
TP-Link Archer C7 Gargoyle 1.9x
Linksys WRT1900AC V2 Gargoyle 1.9x
Linksys WRT3200ACM LEDE 17.1


Return to “General Discussion”

Who is online

Users browsing this forum: No registered users and 8 guests