OpenDNS su Nethserver

is it possible to use opendns dns on nethserver for content filtering?

Sure, set the dns of the server to opendns and set the dns of opendns forced by the dhcp server, like this any IP attributed by dhcp will use opendns

I did something similar with nethserver-pihole

thanks for the answer, could you please indicate me the steps on where to look for what you recommended? unfortunately I still can’t get used to the nethserver modes, I will need a little more time

On the cockpit dashboard you can set another dns server rather the google one

If you use the dhcp server of nethserver, in the advanced menu you can force the dns server of the client

thanks, I performed your advice by changing the settings both in the dashboard and in the ip range of the dhcp, by entering the opendns dns, unfortunately the content filtering does not happen. where is that wrong? thanks very kind.
some sites block them, while others pass and evade the block. unfortunately I think I cannot insert the link of the site

Maybe it is an opendns issue and not a nethserver issue, all request are done via opendns

By the way I recall that I needed to stop the IPV6 on my router (orange livebox4) because client like phone continued to use the ipv6 dns of the livebox

IIRC I was not really satisfied of opendns and I found another one realy better

mah, I did some tests with dns opendns and the content is filtered quietly the anomaly is when I pass it through nethserver that does not block the site. I try the reboot and see.

restarted and now everything works, I keep monitored … thanks a lot

1 Like

Verify the clients, nethserver does nothing excepts to propose to the client to use the dns of opendns

Check the client uses the good dns server

another question, I take advantage of your patience, if I wanted to set a rule of the fw where to write that if I change the udp port 53 on the client I drop the connection how do I do?

Not a firewall man, but interested by the answer

???

One way could be

Set the dns server of opendns in nethserver
Set the dns server of nethserver in the dhcp page (leave blanck I mean)

Then create a rule that client on green cannot request itself a dns request to the internet

Either block 53 to green or 53 to the firewall

As I said, not a fw man

@giacomo

How I could block client on green to make dns request to another servers and allow only dns request to nethserver

in fact, I would be interested in creating a rule that a client does not change the dns on its network card and surpasses the opendns dns

This is client related, block permission on the client

You can create a firewall which blocks DNS traffic from green to red.
It’s also possible to forward all traffic to a different DNS server, but you need a template-custom for it since it’s not available inside the UI.

You can find and example here.

1 Like

@Maverick I don’t know how it can be done on nethserver but with basic iptables you can use DNAT/REDIRECT on all tcp/udp port 53 traffic which is not destined to the nethserver from GREEN into the local DNS or OPENDNS/OTHER.

Thanks for the info as soon as I can I try a little to understand more. do you have any advice because I am not an iptables expert

I believe you can do it from the firewall UI if your nethserver is the gateway

go to rule

block from green to red 53 udp 53 tcp

I think it is all…obviously not tested :smiley:

ok thanks, I’ll try as soon as I can carve out some time. a question i can’t figure out how do you know if nethserver is the gateway. from the network settings it seems yes but I have not enabled anything except the dhcp server. enabled this function automatically becomes gateway?