Looking Block specific websites by domain (not IP)

Software SW help
1

Hey folks,

I’ve been tooling around the forums, looking for some instructions on how to get Luci to let me block a couple websites by domain. I’ve got an iFit treadmill that I’m trying to keep from updating, and I’d like to block the update servers by domain (as I’m thinking the ip address could possibly change.) I’d like to configure my Omnia to block ifit-wolf.s3.amazonaws.com and ifit-wolf.s3-cdn.ifit.com. Can someone point me in the right direction? I found this page, but I don’t see the corresponding options in LuCi, even though resolveip package is installed: https://openwrt.org/docs/guide-user/firewall/fw3_configurations/dns_ipset

Any help appreciate, thanks!

–Chris

2

This would be best done by something like pihole. I’ve never used it, but from what I know, it acts as a DNS server proxy that redirects chosen domains to void.

3

Thank you for your response, but I’ve tried pihole, and the WAF just isn’t there (wife acceptance factor). I know it’s possible to do it with openwrt, I’m just trying to get some guidance how to do it right on the router itself.

4

what I use for this purpose is /etc/hosts.

  1. add list hostname_config '/etc/hosts' to config resolver 'kresd' section in /etc/config/resolver file
    image

  2. add 127.0.0.1 youtube.com to file /etc/hosts. Replace youtube.com with your domain.
    image

  3. restart resolver [command: /etc/init.d/resolver restart] or the router

As you can see, it can be used for simple ad blocking on all devices, including TVs.

5

What about AdBlock and add these domains to the blacklist?

You can set only your own blacklist and uncheck all other lists, to block only these few domains.

1 Like
6

Yes, youre right, but this is totally simple, no additional SW and config needed, I have full control and know what it does and what it can’t do…
Moreover, I use it for much more that just ad blocking.

7

The omnia supports LXC containers on an mSATA card or USB drive. (Putting a container on the emmc would quickly kill it with excessive writes.) You can install any distribution that supports pihole. (I used debian.)

An mSATA card must use the PCI3 slot, so the wifi card must be moved and longer antenna cables might be needed.

8

I actually have 2 pihole instances, one on my server, one on a docker container running directly on the Omnia with a vlan. I turned them off because they pissed off my wife. I know it’s possible to do it that way, but I’m looking to do it directly through TOS. Thank you, though.

9

This looks like a promising suggestion, thank you. I’m trying to figure out how to set my own blacklist. I’m leery of messing around with PuTTY to do it outside of LuCi, because I just know enough about this stuff to be dangerous.

10

I manned up and tried your solution, and it worked! Thank xsys. I wish it was a little easier to do in LuCi, rather than ‘under the hood’, but this worked like a charm. Thanks again!

1 Like
11

There is no need to do it via SSH. AdBlock and its lists are fully manageable via LuCI. You just need to check AdBlock installation in reForis and then ad your entry into blacklist in LuCI.

Pihole is good solution, but running it in LXC requires external storage etc., which I meanis too much for such a simple requirement :slight_smile:

1 Like
12

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.