How can I block a specific URL on a DD-WRT router?
10
votes
4
answers
40463
views
I've been looking everywhere for this. Does anyone know how to block a specific URL on a DD-WRT router? For example, I want to block 
and here is the list of clients:
I can still easily browse to google.com/imghp and google.com/images (which redirects to google.com/imghp) on my main PC with IP address 192.168.1.146.
On [this page](http://www.dd-wrt.com/wiki/index.php/Access_Restrictions) of the DD-WRT wiki, it says "Under Website Blocking by URL Address, enter in the domain name(s) you wish to block (if any)." This, in addition to posts on the DD-WRT forums, gives me the impression that you can only block domains under Access Restrictions in the DD-WRT setup.
I'm starting to wonder if this problem must be solved using iptables, or possibly by installing a proxy server on the router itself.
# EDIT #
User goli on the DD-WRT forums had this to say on the matter ([link](http://www.dd-wrt.com/phpBB2/viewtopic.php?t=161696#711928)) :
> There's a Privoxy version that runs on DD-WRT quite well. I just installed it.
>
> Privoxy has a parameter "accept-intercepted-requests 1" that allows to use it as a transparent proxy.
>
> I added a single iptables rule that passes some web traffic requests to the proxy instead of directly routing it:
>
> iptables -t nat -A PREROUTING -i br0 -p tcp --dport 80 -s 192.168.0.128/255.255.255.224 -j DNAT --to 192.168.0.1:8118
>
> Privoxy has so called "actionfiles." Those define what to do when a request URL matches a given regular expression. One of the possible actions is "block."
Since then, I've been working on figuring out how to install Privoxy on the router. It's rather complicated, especially since I don't have enough spare flash memory to install it via SSH using ipkg. (See [this question](https://superuser.com/questions/259792/how-to-install-a-program-on-a-ddwrt-hacked-router) on Super User.)
My second approach is to use the Firmware Modification Kit, which you can read about [here](http://www.dd-wrt.com/wiki/index.php/Development) . I've had some difficulty flashing a custom build, but once I get it all sorted out I'll post my results here.
website.com/whatever but not website.com, blah.website.com, or website.com/blah. Is there a way to do this, or can you only block the whole domain?
I tried adding the URL in question under Access Restrictions in the DD-WRT configuration but it doesn't seem to have any effect. Here are my settings:
and here is the list of clients:
I can still easily browse to google.com/imghp and google.com/images (which redirects to google.com/imghp) on my main PC with IP address 192.168.1.146.
On [this page](http://www.dd-wrt.com/wiki/index.php/Access_Restrictions) of the DD-WRT wiki, it says "Under Website Blocking by URL Address, enter in the domain name(s) you wish to block (if any)." This, in addition to posts on the DD-WRT forums, gives me the impression that you can only block domains under Access Restrictions in the DD-WRT setup.
I'm starting to wonder if this problem must be solved using iptables, or possibly by installing a proxy server on the router itself.
# EDIT #
User goli on the DD-WRT forums had this to say on the matter ([link](http://www.dd-wrt.com/phpBB2/viewtopic.php?t=161696#711928)) :
> There's a Privoxy version that runs on DD-WRT quite well. I just installed it.
>
> Privoxy has a parameter "accept-intercepted-requests 1" that allows to use it as a transparent proxy.
>
> I added a single iptables rule that passes some web traffic requests to the proxy instead of directly routing it:
>
> iptables -t nat -A PREROUTING -i br0 -p tcp --dport 80 -s 192.168.0.128/255.255.255.224 -j DNAT --to 192.168.0.1:8118
>
> Privoxy has so called "actionfiles." Those define what to do when a request URL matches a given regular expression. One of the possible actions is "block."
Since then, I've been working on figuring out how to install Privoxy on the router. It's rather complicated, especially since I don't have enough spare flash memory to install it via SSH using ipkg. (See [this question](https://superuser.com/questions/259792/how-to-install-a-program-on-a-ddwrt-hacked-router) on Super User.)
My second approach is to use the Firmware Modification Kit, which you can read about [here](http://www.dd-wrt.com/wiki/index.php/Development) . I've had some difficulty flashing a custom build, but once I get it all sorted out I'll post my results here.
Asked by Big McLargeHuge
(3296 rep)
Sep 9, 2012, 06:22 AM
Last activity: Jan 19, 2022, 10:06 AM
Last activity: Jan 19, 2022, 10:06 AM