Not sure if this belongs in the Router Instructions area or not...

Over the past couple of weeks I have been exploring some of the open source firmwares for installing on a Linksys router, for running a public wifi hotspot. I spent quite a bit of time fooling around with DD-WRT, but the new versions no longer support a splash log-in page, which I really need. I am now looking at CoovaAP, which is based on OpenWrt.

I want to be able to continue to use OpenDNS for filtering, but am having trouble finding any information about how to configure things to force (via iptables I assume) all connections to go through the OpenDNS servers.

I did find some old discussions here <http://forums.opendns.com/comments.php?DiscussionID=526> but the link to the "step by step tutorial" is now dead.

Is anybody using OpenDNS filtering with a router running one of the variations of OpenWrt?

Nancy

Thank you maintenance!

I did not find any of those today when I googled. That old wiki link returns a 404 not found, but the last link is quite promising. I don't have a clue yet, as to how to do iptable stuff in OpenWrt, but will (hopefully) figure that out. Knowing "what" to enter is most helpful.

The CoovaAP firmware looks simple and promising, but their support is a bit minimal and their forum is not very active. My needs are simple, and quite close to a default configuration. Getting it to use the OpenDNS filters was the only glitch I have seen so far. Apparently CoovaAP is set to use your ISP servers and regularly ignore any DNS settings. Finding stuff in the OpenWrt wiki is... well, not easy.

I will report back if I get it working.

I have not felt this stupid in years!

Nancy

I realize that CoovaAP (based on OpenWrt White Russian) is a bit of a dinosaur, in that White Russian is no longer being developed. And, that CoovaChilli will soon fall victim to the same fate. However, I have flashed the Coova firmware in my Linksys WRT54GS v2.1 router, and am quite happy with it (now that I have it working).

It allowed me to set up a simple free hotspot that is entirely contained in the router. The CoovaChilli software has the ability to redirect users to a splash page and do simple log-ins. Recently, I tried using DD-WRT firmware, but the NoCatSplash software is broken in all the current releases, so redirecting to a splash page in the router no longer works.

The Coova software does allow for adding the OpenDNS server numbers in the Network > Lan tab. However, it often times rolls right past my chosen DNS servers and uses the router's IP address, which of course uses the DNS settings of my internet service provider. I added all four of the OpenDNS server numbers, which seems to now catch most DNS look-ups.

The Coova software has built in capabilities for adding iptables in the Network > Firewall section. However, I can not get it to work properly. (the documentation for Coova and their user forum is a bit hit or miss)

In order to force the hotspot users to use the OpenDNS server settings in the router I did the following:
1 - Connected a LAN port of the router to my computer's ethernet port
2 - Configured the computer manually to get an IP address from the router
3 - Logged in to the router using WinSCP (I have WindowsXP installed in Parallels on my Mac)
4 - Went to the following folder: root/etc/chilli - and opened the document ipup.sh
5 - At the bottom of the ipup.sh document I added the following:
#block outgoing dns
iptables -I FORWARD -p tcp --dport 53 -j DROP
iptables -I FORWARD -p udp --dport 53 -j DROP
6 - Saved the changes to ipup.sh document
7 - Quit WinSCP (as well as WindowsXP and Parallels)
8 - Logged into the router using the Coova Administrative Console, and rebooted the router

My limited testing indicates this works. However, I suspect there will be an occasional glitch, where the router uses my ISP's DNS settings and the wifi user will not be filtered by OpenDNS. I can live with that.

Nancy