subject:"\[Dnsmasq\-discuss\] Per client dns spoof\?"

Re: [Dnsmasq-discuss] Per client dns spoof?

2017-04-26 Thread Petr Mensik

Hi Dax,

I do not know any way to reply with different addresses based on source IPs. 
But I think you can use different technique, just have them ask to different 
dnsmasq instance that contains that blacklist. You can use DNAT to redirect 
their requests to dnsmasq on different IP. That would provide blocked names and 
forward other request to the first one.

You can also provide them different DNS address based on their client-id or 
MAC. Just set a tag for their devices. Then use something like:
dhcp-option=tag:children,option:dns-server,10.0.0.2

Where dnsmasq is listening on 10.0.0.2 is filtering hosts you have chosen.

I assume you are able to start more than one dnsmasq instance on your device. 
You have to use --bind-interfaces or --bind-dynamic with --interface for it to 
work.

Your children would hate you for that however. You may make them feel like 
outsiders that cannot do all their friends can. They may visit worse sites when 
looking for workaround. But I guess you have considered it.

Good luck,
Petr

--
Petr Menšík
Software Engineer
Red Hat, http://www.redhat.com/
email: pemen...@redhat.com  PGP: 65C6C973


- Original Message -
From: "Dax Kelson" <daxkel...@gmail.com>
To: dnsmasq-discuss@lists.thekelleys.org.uk
Sent: Wednesday, April 26, 2017 5:51:34 PM
Subject: [Dnsmasq-discuss] Per client dns spoof?

I use dnsmasq to do dhcp and DNS for the internal lan and DNS domain at my 
house. 

I use dhcp-host to make static IP reservations fo most of the devices in my 
house. 

For a couple of devices (some devices my kids use), I would like to block 
YouTube by making various YouTube hostnames resolve to 127.0.0.1. All other 
devices should be able access YouTube normally. 

Can I accomplish this with dnsmasq? Something like a per dhcp-host addn-hosts 
file? 

I can certainly update the latest version if needed. 

Thanks, 
Dax Kelson 

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] Per client dns spoof?

2017-04-26 Thread Dax Kelson

I use dnsmasq to do dhcp and DNS for the internal lan and DNS domain at my
house.

I use dhcp-host to make static IP reservations fo most of the devices in my
house.

For a couple of devices (some devices my kids use), I would like to block
YouTube by making various YouTube hostnames resolve to 127.0.0.1. All other
devices should be able access YouTube normally.

Can I accomplish this with dnsmasq? Something like a per dhcp-host
addn-hosts file?

I can certainly update the latest version if needed.

Thanks,
Dax Kelson
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Per client dns spoof?

[Dnsmasq-discuss] Per client dns spoof?

2 matches

Site Navigation

Mail list logo

Footer information