Gargoyle Forum

A forum to discuss the Gargoyle web interface for Openwrt
https://www.gargoyle-router.com/phpbb/

Blocking Youtube.com but not other Google sites

https://www.gargoyle-router.com/phpbb/viewtopic.php?t=4989

Page 1 of 1

Blocking Youtube.com but not other Google sites

Posted: Tue Nov 12, 2013 12:46 pm
by spwalmsley
I have Gargoyle 1.5.11 set up with a "default deny" rule and then a whitelist that allows parent devices all day and kid devices between certain hours. Since we've had some issues with bandwidth overages related to youtube.com, I'd also like to restrict "kid devices" from accessing that domain.

I did this by editing my whitelist rule, unchecking "All Network Access", and specifying "Website URL(s)", "Permit All Except", "Full URL contains","youtube.com". Sure enough, youtube was now blocked.

The problem is that *ALL* Google related sites are now blocked such that these devices now can't access google.com for searches or google docs for school.

I think the problem may be that all google services seem to DNS resolve to the same address. For example, on my system youtube.com, google.com, and gmail.com all resolve to IP 67.215.65.132. In case it's relevant, I'm using OpenDNS's "family shield" DNS servers at 208.67.222.123 and 208.67.220.123 as my DNS resolvers.

Can anyone confirm that Gargoyle blocks sites by I.P. rather than by actual URL string? This would make sense otherwise you could work around the block by simply entering an I.P. in the browser URL.

Is there a way to set up Gargoyle to block one Google service but not the others when they resolve to the same I.P. address?

Thanks for any help you can provide.

Re: Blocking Youtube.com but not other Google sites

Posted: Fri Nov 22, 2013 11:50 am
by tehpensfan
I have the exact same problem. The firewall rules are ip based as you suspect.

I think the viable solution is to use a set of firewall rules to transparently redirect web requests from the kids devices to tinyproxy.
I'll base it on this:
http://wiki.openwrt.org/doc/howto/proxy.tinyproxy
and this older how to
http://wiki.openwrt.org/oldwiki/proxy.tinyproxy

Since I'll be using a TL-WR740N, I"ll need a custom openwrt build as the gargoyle build doesn't have room for tinyproxy unfortunately. Or maybe, good reason to upgrade to a router with more flash 8-)

When I have a chance to take a stab at this and get a working configuration, I'll post it.

Re: Blocking Youtube.com but not other Google sites

Posted: Tue Mar 17, 2015 10:28 am
by mikemapa
This is exactly my problem. Has any solution been found? It would be nice if it could whitelist sites based on URL as well as IP address.

Re: Blocking Youtube.com but not other Google sites

Posted: Thu May 07, 2015 6:49 am
by simono_pl
For me also. I want block youtube only for my son daily for some hours.
I have router with Gargoyle 1.7.1. I can manually install tinyproxy but there no plugin for GUI and tinyproxy works all the time.
All times are UTC-04:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited