Pihole needs to be available on ports 80 and 443 via the docker host's IP to serve its "blocked by pihole" site. # docker logs pihole-adults | grep randomĪs mentioned above, I'm running a local apache which serves other stuff. Save these docker-compose.ymls with your favourite editor and launch the piholes.Īfter starting, you should note the random generated admin passwords from the log output. Keep the port forwardings, so docker will make the appropriate iptables entries in the chains POSTROUTING and DOCKER. Set DNS to the IP of your FritzBox and the ServerIP to your docker host.
IPTABLE REROUTE YOUTUBE DNS FOR SPECIFIC MAC ADDRESS ANDROID
I realized, many android devices nowadays set google's DNS as default or secondary DNS or switch to other DNS services if they cannot reach a DNS server.įor this case I reroute these connections via my FritzBox back to my home server's piholes. You may compile it into your kernel or load it as a module. So to achieve this task, your iptables have to support the mac matching extension ( CONFIG_NETFILTER_XT_MATCH_MAC=y). To route only the kids' devices to the kids' pihole, I'm routing their DNS traffic based on source MAC address. The piholes get fixed IPs, so the iptables rules always point to these fixed addresses for DNS lookups. Setup and configuration of the piholes is straight forward as described on pihole's github for the docker image. The piholes run on docker on my gentoo server at home.
This makes it impossible to watch Netflix, as the Netflix client always calls its streaming servers via IP, not DNS name :| So if you enable website filtering on your FritzBox all calls by IP are blocked.
At home, I wanted to bring up two pihole docker containers: One to block ads for all devices in my home network, the other one to additionally block youtube and adult content for our kids only.įirst, I just blocked some domains via the FritzBox's childlock capabilities.īut this leads to generally blocking all client requests on IPs.
0 kommentar(er)
