[ale] selective DNS server for DHCP clients?

Fri Mar 8 12:16:21 EST 2013

from old memories when was playing with freesco one floppy router you
can tell dnsmasq to be transperent for other dns-s or not. so this may
help you to avoid hacking issue of resolf.conf. or my memory is giving
up ;)

On 3/8/13, Scott Plante <splante at insightsys.com> wrote:
> Just keep in mind this would be fairly easy for her (or her tech-savvy
> friends you mentioned) to get around. She just needs to set her network
> settings to use a public DNS like 8.8.8.8 instead of whatever DHCP hands
> out. DHCP is more of a suggestion. You may be able to block outbound DNS
> queries from all but your router to thwart that.
>
> ----- Original Message -----
>
> From: "Pete Hardie" <pete.hardie at gmail.com>
> To: "Atlanta Linux Enthusiasts" <ale at ale.org>
> Sent: Wednesday, March 6, 2013 10:27:05 PM
> Subject: Re: [ale] selective DNS server for DHCP clients?
>
>
>
> A followup, for those interested in the results
>
>
> I think that I have found a working configuration. I currently have dhcpd
> running, supplying a few fixed IPs for my DVRs, and pointing them at my
> WIRNS server for replacement guide data, and I was able to set up another
> MAC-specific stanza to point
>
> my Nook to use my desktop as its DNS, which is handled by dnsmasq. I set up
> dnsmasq to map reddit.com to 127.0.0.1 and it appears to do what I want -
> fail to load that site.
>
>
> I could use dnsmasq to supply the DHCP, and may switch to that once I feel
> that everything else is working totally to my satisfaction
>
>
> Thanks again to all for the suggestions and war stories about blocking your
> kids' access!
>
>
>
>
> Pete Hardie
> --------
> Better Living Through Bitmaps
>
>
> On Thu, Feb 28, 2013 at 3:24 PM, Ron Frazier (ALE) <
> atllinuxenthinfo at techstarship.com > wrote:
>
>
>
>
>
> Mike Harrison < cluon at geeklabs.com > wrote:
>
>>On Wed, 27 Feb 2013, Pete Hardie wrote:
>>> Thanks - I'll take a closer look and see if I can wrap my head around
>>it.
>>> and to the list - I think that dnsmasq will do what I want, since it
>>allows specification of a DNS server for the DHCP clients, and can be
>>configured to not
>>> be the DNS server for the host, leaving it to use the router and ISP
>>servers.
>>
>>A friend of mine with various ages of children has chosen to
>>incrementally
>>make internet access harder and harder. The two eldest children have
>>developed some serious network hacking skills as a result. His devious
>>goal was less about restricting access to online materials and
>>activities
>>and more about learning how things worked.
>>
>>His most recent step was physically unplugging at around 9-10pm
>>(time for bed),,. and his 14 year old boy discovered "pringles can"
>>antenna technologies as a result.
>>
>>The bad news, and why I know.. is he got enough signal to leach from my
>>
>>house.. where he got sniffed and monitored. I'm not exactly next door,
>>but
>>I am line of sight..
>>
>
> No one leaches my wifi since it's encrypted. They could sniff it, but they'd
> get gibberish.
>
> Sincerely,
>
> Ron
>
>
>
> --
>
> Sent from my Android Acer A500 tablet with bluetooth keyboard and K-9 Mail.
>
> Please excuse my potential brevity if I'm typing on the touch screen.
>
> (PS - If you email me and don't get a quick response, you might want to
> call on the phone. I get about 300 emails per day from alternate energy
> mailing lists and such. I don't always see new email messages very quickly.)
>
>
> Ron Frazier
> 770-205-9422 (O) Leave a message.
> linuxdude AT techstarship.com
>
>
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
>