blocking specific domains

Comments

8 comments

  • Avatar
    rotblitz

    "I have deleted and re-added the network"

    This action is totally useless.

    Do you use OpenDNS at all?  http://welcome.opendns.com/ 
    Is your IP address correctly configured with your dashboard network?  https://dashboard.opendns.com/settings/

    If you're still having problems, post the complete plain text output of the following commands: 

    nslookup -type=txt debug.opendns.com.

    nslookup example.com.
    where example.com is a domain name which should be blocked but isn't.

    0
    Comment actions Permalink
  • Avatar
    zamm

    Do you use OpenDNS at all?  http://welcome.opendns.com/ 

    Yes, the openDNS page displays properly using that link.


    Is your IP address correctly configured with your dashboard network?  https://dashboard.opendns.com/settings/

    Yes it is.

    Below is the nslookup of two domain names that were blocked:

    C:\Users\Steve>nslookup minecraft.net
    1.1.168.192.in-addr.arpa
    primary name server = localhost
    responsible mail addr = nobody.invalid
    serial = 1
    refresh = 600 (10 mins)
    retry = 1200 (20 mins)
    expire = 604800 (7 days)
    default TTL = 10800 (3 hours)
    Server: UnKnown
    Address: 192.168.1.1

    Non-authoritative answer:
    Name: minecraft.net
    Address: 75.101.151.59

     

    C:\Users\Steve>nslookup cnn.com
    1.1.168.192.in-addr.arpa
    primary name server = localhost
    responsible mail addr = nobody.invalid
    serial = 1
    refresh = 600 (10 mins)
    retry = 1200 (20 mins)
    expire = 604800 (7 days)
    default TTL = 10800 (3 hours)
    Server: UnKnown
    Address: 192.168.1.1

    Non-authoritative answer:
    Name: cnn.com
    Addresses: 157.166.226.25
    157.166.226.26

     

    As I stated in my original post, if I use the default filtering that blocks specific categories of subjects, the sites that pertain to those subjects are successfully blocked.  Blocking specific domains is what is not working.

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    You forgot to post the output of the first command.

    0
    Comment actions Permalink
  • Avatar
    zamm

    Oops, looked right over it...

     

    C:\Users\Steve>nslookup -type=txt debug.opendns.com
    1.1.168.192.in-addr.arpa
    primary name server = localhost
    responsible mail addr = nobody.invalid
    serial = 1
    refresh = 600 (10 mins)
    retry = 1200 (20 mins)
    expire = 604800 (7 days)
    default TTL = 10800 (3 hours)
    Server: UnKnown
    Address: 192.168.1.1

    Non-authoritative answer:
    debug.opendns.com text =

    "server 1.chi"
    debug.opendns.com text =

    "device 0000457466a9372b"
    debug.opendns.com text =

    "flags 422 0 b6 0"
    debug.opendns.com text =

    "id 20566719"
    debug.opendns.com text =

    "source 74.79.103.28:32769"

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    You configured the OpenDNS resolver addresses on your router at 192.168.1.1 which is using Netgear LPC, device ID 0000457466a9372b.  You're using the OpenDNS Chicago location, and your IP address 74.79.103.28 is also registered with OpenDNS network ID 20566719.  The domains minecraft.net and cnn.com are not blocked by the settings.

    OpenDNS Home and Netgear with OpenDNS LPC are not compatible, you can use either the one or the other.  This is the root cause why you think your settings do not take effect.  So decide what service you want to use.

    1
    Comment actions Permalink
  • Avatar
    zamm

    Thank you! This solved the problem. Out of curiosity how did you know I had Netgear LPC? It's not clear from the data I provided, at least not to me. I actually forgot I tried it after I received an email from them about it.

     

    Again, thanks.

    0
    Comment actions Permalink
  • Avatar
    rotblitz

    "Out of curiosity how did you know I had Netgear LPC?"

    The following passage/part is only there if Netgear LPC is used:

    debug.opendns.com text =

            "device 0000457466a9372b" 

    There is no "device ID" with normal OpenDNS Home...

    OpenDNS Home depends on your IP address, whereas Netgear LPC works with your device ID.

     

    And this is the part where one can see that your IP address was registered with a normal OpenDNS Home network too:

    debug.opendns.com text =

            "id 20566719" 

    If you use LPC properly, this has to be "id 0".

    0
    Comment actions Permalink
  • Avatar
    zamm

    Thanks.

    0
    Comment actions Permalink

Please sign in to leave a comment.