Need Help Blocking Port 53
denisj
Enthusiast - Level 1

I hava an Actiontec MI424WR Gen2 wireless router. I also have a family member who is addicted to video games. To stop gaming acces I programmed my router to route all traffic thru OpenDNS server. In OpenDNS I selected blocking of Games. After this failed, OpenDNS said the only solution is to force ALL my network traffic thru OpenDNS servers by blocking port 53. But I am not a geek and need steo by step instructions. Please help.

0 Likes
1 Solution

Correct answers
Re: Need Help Blocking Port 53
gs0b
Community Leader
Community Leader

You can configure the router to give the same IP address to his computer.  This is called a static address.  I've made other posts that describe how to do this.  Once the IP address is fixed, then it will be harder for him to get around the parental controls.

However, it is trivial for a technically savvy user to configure their own IP address, thus getting around parental controls.  You would have to setup controls for all supported LAN IP addressees using a network object (192.168.1.1 through 192.168.1.254); even then he may be able to figure out how to configure his computer to an "approved" IP address.  You could also try using the firewall to block outbound traffic to a certain IP address, range of IP addresses, or other relevant criteria.  Filters can be set to follow a schedule.

Bottom line, it appears you are dealing with a technically savvy person.  It's likely that no matter what you come up with, this person will find a way around it.  Worst case is he figures out how to use someone else's network and you loose all technical control.  At this point, you may be better of dealing with this via social means instead of technical means.

Good Luck

View solution in original post

Re: Need Help Blocking Port 53
gs0b
Community Leader
Community Leader

You can use the parental controls in the Actiontec router to block all internet access for a particular computer (or groups of computers) on a schedule.  This may be easier than mucking around with OpenDNS.  You could even unplug the router if you don't mind loosing access for everyone in your household.

However, If your game playing family member has more tech skills then you, you may be fighting a loosing battle.  If one of your neighbors has an open WiFi network or is willing to help your family member, you'll loose all technical controls.

If the game player is a youth, you may be better off with more traditional methods such as locating the gaming computer in a common area so it is subject to supervision at all times.

Good Luck.

Re: Need Help Blocking Port 53
denisj
Enthusiast - Level 1

The Actiontec router parental controls blocking feature blocks traffic based on IP address. I tried blocking based on this but he just changed his IP or the IP was reassigned and blocking stopped. I then wanted to program blocking based on his MAC address which never changes but Actiontec said my router could not support this. I would have to buy another more expensive router that was capable of doing this. I would rather not do this and I don't know what router to buy anyway. But I liked the ability to program based on a time/day schedule. Open DNS has no scheduling capabilities.

0 Likes
Re: Need Help Blocking Port 53
gs0b
Community Leader
Community Leader

You can configure the router to give the same IP address to his computer.  This is called a static address.  I've made other posts that describe how to do this.  Once the IP address is fixed, then it will be harder for him to get around the parental controls.

However, it is trivial for a technically savvy user to configure their own IP address, thus getting around parental controls.  You would have to setup controls for all supported LAN IP addressees using a network object (192.168.1.1 through 192.168.1.254); even then he may be able to figure out how to configure his computer to an "approved" IP address.  You could also try using the firewall to block outbound traffic to a certain IP address, range of IP addresses, or other relevant criteria.  Filters can be set to follow a schedule.

Bottom line, it appears you are dealing with a technically savvy person.  It's likely that no matter what you come up with, this person will find a way around it.  Worst case is he figures out how to use someone else's network and you loose all technical control.  At this point, you may be better of dealing with this via social means instead of technical means.

Good Luck

Re: Need Help Blocking Port 53
Compdiag1
Newbie

The suggestion from OpenDNS seems like the best approach. You may have switched your router to use OpenDNS as your DNS servers. However that's easily bypassed by using a static DNS server like google or any other public DNS server. You need to create an outbound rule on your Actiontec router to block port 53 outbound for all of your network, then create another rule with higher priority to allow port 53 only to OpenDNS servers. I know that process is a bit different on Actiontec than on most routers, that may require a separate search about creating an outbound rule on your Actiontec router. I know I'm only giving you half of the answer but after reading other comments I thought I could help by steering you in the right direction.

0 Likes
Re: Need Help Blocking Port 53
KH-OrnEsh1
Moderator Emeritus

Due to the age of this thread, it will be locked in order to keep discussions current. If you have the same or a similar question/issue we invite you to start a new thread on the topic.

0 Likes