Live Parental Controls is not filtering
Live Parental Controls is not filtering on more than one router. It appears there is a problem with the service. Anyone else seeing this?
-
Netgear WNDR4500v2, firmware V1.0.0.64_1.0.40, with (OpenDNS) Live Parental Controls enabled and filtering set to high (without customization) is NOT blocking/filtering. Router's DNS servers: 208.67.222.222 / 208.67.220.220.
$ nslookup -type=txt debug.opendns.com.
Server: 192.168.1.1
Address: 192.168.1.1#53** server can't find debug.opendns.com.: NXDOMAIN
$ for h in whoami.akamai.net. www.exampleadultsite.com. www.internetbadguys.com. www.pornhub.com. www.twitter.com. www.facebook.com. ; do nslookup ${h} ; done
Server: 192.168.1.1
Address: 192.168.1.1#53Non-authoritative answer:
Name: whoami.akamai.net
Address: 69.241.93.151Server: 192.168.1.1
Address: 192.168.1.1#53Non-authoritative answer:
Name: www.exampleadultsite.com
Address: 67.215.92.210Server: 192.168.1.1
Address: 192.168.1.1#53Non-authoritative answer:
Name: www.internetbadguys.com
Address: 67.215.92.210Server: 192.168.1.1
Address: 192.168.1.1#53Non-authoritative answer:
www.pornhub.com canonical name = pornhub.com.
Name: pornhub.com
Address: 31.192.120.36Server: 192.168.1.1
Address: 192.168.1.1#53Non-authoritative answer:
www.twitter.com canonical name = twitter.com.
Name: twitter.com
Address: 104.244.42.1
Name: twitter.com
Address: 104.244.42.129Server: 192.168.1.1
Address: 192.168.1.1#53Non-authoritative answer:
www.facebook.com canonical name = star-mini.c10r.facebook.com.
Name: star-mini.c10r.facebook.com
Address: 157.240.18.35 -
"Router's DNS servers: 208.67.222.222 / 208.67.220.220."
You didn't configure this manually, did you? This is in no way part of the instructions.
https://kb.netgear.com/25687/"** server can't find debug.opendns.com.: NXDOMAIN"
Your DNS traffic does not go to OpenDNS, therefore OpenDNS have no way to apply your settings.
Instead your DNS traffic seems to go via Comcast. Address: 69.241.93.151
I need to see more. Disable LPC on the router, and then post the following command output:
nslookup -type=txt debug.opendns.com. 208.67.220.220
-
"Router's DNS servers: 208.67.222.222 / 208.67.220.220."
yes, the router itself is configured for openDNS (not the ISP). The router provides DHCP and DNS to the (W)LAN:
$ cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 192.168.1.1yet still the internal (W)LAN is not filtered:
$ nslookup -type=txt debug.opendns.com.
Server: 192.168.1.1
Address: 192.168.1.1#53** server can't find debug.opendns.com: NXDOMAIN
please have a look at open ticket #355632 which contains relevant screen shots.
thanks in advance.
-
$ cat /etc/resolv.conf
#
# Mac OS X Notice
#
# This file is not used by the host name and address resolution
# or the DNS query routing mechanisms used by most processes on
# this Mac OS X system.
#
# This file is automatically generated.
#
nameserver 192.168.1.1LPC enabled
$ nslookup -type=txt debug.opendns.com.
Server: 192.168.1.1
Address: 192.168.1.1#53** server can't find debug.opendns.com.: NXDOMAIN
LPC disabled
$ sudo dscacheutil -flushcache
$ nslookup -type=txt debug.opendns.com.
Server: 192.168.1.1
Address: 192.168.1.1#53** server can't find debug.opendns.com.: NXDOMAIN
-
smells like bug.
On a hunch I changed filtering level (from high) to none, saved, then re-enabled filtering (to high), saved. OpenDNS's filtering is now working as expected.
nslookup -type=txt debug.opendns.com.
Server: 192.168.1.1
Address: 192.168.1.1#53Non-authoritative answer:
debug.opendns.com text = "server m25.chi"
debug.opendns.com text = "device 0000A375013AF190"
debug.opendns.com text = "flags 422 0 8010 39400027F00F1189EF3"
debug.opendns.com text = "originid 31294629"
debug.opendns.com text = "actype 1"
debug.opendns.com text = "bundle 31294629"
debug.opendns.com text = "source 68.34.215.35:32770"Authoritative answers can be found from:
for h in whoami.akamai.net. www.exampleadultsite.com. www.internetbadguys.com. www.pornhub.com. www.twitter.com. www.facebook.com. ; do nslookup ${h} ; done
Server: 192.168.1.1
Address: 192.168.1.1#53Non-authoritative answer:
Name: whoami.akamai.net
Address: 208.69.36.66Server: 192.168.1.1
Address: 192.168.1.1#53Non-authoritative answer:
Name: www.exampleadultsite.com
Address: 146.112.61.106Server: 192.168.1.1
Address: 192.168.1.1#53Non-authoritative answer:
Name: www.internetbadguys.com
Address: 146.112.61.108Server: 192.168.1.1
Address: 192.168.1.1#53Non-authoritative answer:
Name: www.pornhub.com
Address: 146.112.61.106Server: 192.168.1.1
Address: 192.168.1.1#53Non-authoritative answer:
Name: www.twitter.com
Address: 146.112.61.106Server: 192.168.1.1
Address: 192.168.1.1#53Non-authoritative answer:
Name: www.facebook.com
Address: 146.112.61.106hopefully this is useful to some other community member(s).
-
"yes, the router itself is configured for openDNS (not the ISP)."
This is wrong if you did it manually. It is not part of the LPC instructions. LPC does this for you.
"The router provides DHCP and DNS to the (W)LAN:"
Yes, this is what a router with DHCP server does, but it is unrelated to what you configured or not configured on the WAN side of your router.
"please have a look at open ticket #355632 which contains relevant screen shots."
I'm a user like you and cannot look at your tickets. You'll have to wait for staff looking at it.
"On a hunch I changed filtering level (from high) to none"
Your dashboard settings are irrelevant as long as you don't use OpenDNS at all, as was the case. You care about your settings as last.
debug.opendns.com text = "originid 31294629"
debug.opendns.com text = "actype 1"
debug.opendns.com text = "bundle 31294629"
debug.opendns.com text = "source 68.34.215.35:32770"It seems your IP address 68.34.215.35 is also registered for OpenDNS Home use which leads to inconsistent results. Ensure that you have deleted any network at https://dashboard.opendns.com/settings/. Your dashboard is only at https://netgear.opendns.com/
If there's no network at https://dashboard.opendns.com/settings/, then your IP address is registered with another OpenDNS user's network which can be sorted by OpenDNS staff only.
Please sign in to leave a comment.
Comments
8 comments