• Avatar

    @dmcgrane It already exists in the form of various third party firmware, generally all open source, with some being more modular than others. It's a thriving community, with people taking from it what they need, and other contributing what they want to or are able to. For the most part however it is a "hobbyist" niche, with people of various technical abilities doing what they can. It's very much a "roll your own community".


    There are a handful of companies making commercial products based on these offerings, but they are much smaller than "first tier" networking companies such as Cisco, Netgear, or Linksys.

    It all comes down to money, and whether or not a given company thinks it's a profitable venture based upon history, projected support costs, and the other markets they are already competing in. What you are describing is a relatively niche product, with far more potential customers who don't need that kind of functionality, or need it delivered in a more sophisticated "enterprise" solution.

  • Avatar
    Chris Frost

    Hey folks - looks like we got a little off topic here. Let's cease this conversation unless it relates to the topic. We encourage thoughtful discussion, however let's try and not stray too far from the original thread question.

  • Avatar

    I tried every setting in the router and every option in parental controls but found that it wasn't enough. I had an old D-Link router that still worked so I added it to the network, then prevented the children from gaining access to the Netgear directly by changing it's password, then I changed the password of the old router to he password that the children were using for the Netgear. If you look at the network in network places or in Netgear Genie you can't see the old router, it seems to be invisible so the children think that they are connected directly to the Netgear. I also added an electric timer to the power plug of the D-Link router and set the times that it would operate :). One of the boys figured out that he simply had to remove the plug for the D-Link router from the timer and place it in the wall socket, so much for that idea. I then taped the plug to the timer with gaffer tape, that only made it a little harder for him move the plug.

    In the end I just went out and purchased a TP Link router that is capable of more than I use but it does allow me to set multiple access times for multiple devices and multiple times for different web sites. It also allows for the restriction of 4 different machines using multiple times per day in the parental controls. Doing it this way all 4 machines have the same restrictions. If you want them to be different then you have to set them up individually in the firewall. I set all devices to static IPs, used the MAC address to control access, and bound each MAC address to the set static IP to prevent spoofing a Mac address. This actually works, I tried it myself. I set a machines IP manually to a different IP than the one assigned for it's MAC and the router switched it back to the assigned IP. The machine then tried to set it back to the manual settings that I put in but the router switched it back again, the computer then seemed to give up and accepted the routers changes (if only our children gave up that easily lol).

    As for spoofing MAC addresses even if they did manage to spoof another address it won't work because all other MACs are prevented from connecting. The only way for them to gain access now is to find a device that still works and tether to it, or spoof the MAC address of that device (mine or their mothers) but then the owner of that device would know and might have something to say about it. Of course there is still the Factory Reset button but on this router it looses all its settings and won't connect to the ISP if reset and the devices won't connect to the router without the password being entered via the router's setup which needs a cable connection. So if they try this option they prevent themselves from using the internet and network even for the period of time that they were allowed to use it.

    There probably is a way but I have yet to see them get passed this setup

    The bottom line is that I think OpenDNS have done what they can but no matter what settings you use with your Netgear router you won't achieve your goal of a fail-safe way to restrict your children using a current Netgear router and software. As it has been pointed out by others and by the new router that I have purchased, the problem is with the router not OpenDNS. Netgear and any other router manufacturer that don't already have the options that parents require will need to come to the party and add them or they will start to loose some of their customers.

  • Avatar
    Hi all, there's a kickstarter project (mine) for exactly this. Also, because it's a dedicated device, you set different limits per device too. Check it out
  • Avatar

    Stumbled across this thread while doing some research for a friend. Looks like Netgear doesn't make it easy. There are several routers now on Amazon that support this feature...and more...just search parental control router. Personally I own a pcWRT router, which works with OpenDNS and provides the most flexible options for setting time limits IMO.

  • Avatar

    "How exactly do I assign a static IP?"

    Sad to hear that seach engines don't work for you.  :(

  • Avatar

    "if router manufacturers read this thread because they are looking for requirements for a new router"

    What an ideal world you live in!  I do not think this is going to happen quite often.  They at most look into their own forums if at all...
    Else we would not find so many broken routers on the market...

  • Avatar

    As I said, such routers exist.  And you can make many other routers working this way as well if you flush them with alternative firmware.

    So I suggest to become a router reseller to sell your hundreds of routers.  ;-)

  • Avatar

    "If he already has a connection established, the "block services" feature will not break an established connection.  It will only be blocked when he/she tries to re-establish the connection."

    Generally, this is not a new insight and has been raised before here, but this behavior is necessary based on the facts how OpenDNS works.  Only if a new DNS lookup is needed, then new settings can work.  An existing open connection does not require a DNS lookup, therefore the changed settings are supposed to not take effect.

    "Router companies: here's another bug for you to fix!"

    You're right, this is totally out of scope of OpenDNS, but solely a router function.  You'll want to raise this with Netgear as suggested by mattwilson9090, to cut every connection when a time based settings change is due, so that the settings can take effect also for existing connections.

  • Avatar

    "I believe that level of blocking does not involve DNS"

    This relates to everything depending on the blocked ports and includes to generally block DNS traffic as well if port 53 is impacted.  But also this kind of blocking does most likely only take effect in case a new connection is tried to established.  It doesn't (and cannot) break an existing connection/session.  Blocking has nothing to do with breaking.

    "I appreciate your letting us discuss...  It is kind of you to let us have this discussion..."

    I think there's a misunderstanding.  We're all users like you and don't have to permit or to forbid anything.  The last staff member message on this thread was on October 14, 2014.  You clearly see who OpenDNS staff member is from the Avatar title saying "OpenDNS" below the full name.

Please sign in to leave a comment.