It would be ever so nice to be able to allow 1 or more internal IP's or Hostnames to be able to not be filtered even though they have their DNS pointing to OpenDNS. This would be nice for administrators or High Powered Executives (Such as a business owner) to not be filtered. This way one would be able to deny access to the ISP's DNS servers and not have some smart-ass revert back to the ISP's DNS.
Don't know how this will be possible but it would be a very nice addition to make this much more robust.
12 Comments
12 Comments
Who voted for this idea
- vromani
- Nat
- xairu
- jamie198402
- cpd915
- v2h-site
- coreyb
- alex
- vhome
- dops
- OpenDNS User
- glawrie
- tjg50311
- smeyer
- ifacc
- jsgehris
- ben09
- camintmier
- Huy Tran
- brittain
- akaryan
- lankford
- autismacademy
- yurij
- grjk
- il2000
- cedroseguros
- karlhaworth
- wtlinnertz
- rwetzeler
- pythonpoole
- shadow00caster
- merple
- lcsupply
- jpetovello
- jclj2005
- kylen1010
- bchahg
- osilvaneto
- jasonpfau
- falihax
- reinhold
- asdf
- jotsbox
- tesla1886
- Frank
- echo419
- foxtyke
- flammer
- hermancheng
Comments
written by vsnyder 625 days ago - show/hide this comment
Rating: -1
| Rate Comment:
+
-
written by OpenDNS User 623 days ago
Rating: 0
| Rate Comment:
How would this work? We currently use Simple DNS, and having the same problem. If we block a category, but block it for the BOSS!
written by valtimhelpdesk 621 days ago
Rating: 2
| Rate Comment:
vsnyder: we've tried that but the filters seem to override even if we setup another network. As of now we have the entire IP range as one network and a second network with one of those IP's in it. With that setup the 2nd network inherits all of the rules from it's parent with no override feature. In order for it to work do we need to break down the parent network to just 1 IP, a /32?
The author should clarify in which situation this should work. I don't see a way to solve this in NATted networks that use 1 single public IP.
written by w.f.mcdonald 358 days ago
Rating: 1
| Rate Comment:
individual machines can always choose to have their own individual dns settings, unless your using a transparent proxy (using opendns) to funnel all traffic then I don't see the problem.
written by jpelectron 580 days ago
Rating: 1
| Rate Comment:
radiolnw is right - there is no way to make this work, when your whole network appears as coming from 1 IP address (the outside IP of your NAT device/firewall)
written by brokersupport 570 days ago
Rating: 0
| Rate Comment:
We had this problem with 100+ users on one IP subnet, but only 30 or so actually needed blocking.
Eventually i setup a ubuntu DNS server, set the 30's DNS server to the ubuntu box using GPO's, and set the ubuntu servers web forwards to openDNS servers. This gives the added advantage of being able to lock down the DNS settings.
Being a complete novice to linux it took a few days but it works fantastically.
Here's the guide i used if anyones interested:
http://ubuntuforums.org/showthread.php?t=236093
I have all execs on a specific vlan, so for us it was easy. I run 3 DNS servers internally, so the exec vlan gets different DNS servers via DHCP than the rest of us. Our policy is that anyone Director and above can surf anything they want.
It's easy enough to even use your ISPs DNS server. No need to have your own internal server.
How about a filter override password instead? One that would redirect from the blocked page to an OpenDNS run password protected proxy that was keyed you your accounts IP address?
That way, authorized users could clikc the override button on the blocked page and be redirected to a proxy that would send them unrestricted to the blocked site or sites for that matter once overridden.
Make the override, time limited to a setting in our account. See my idea on this.
Sign in to comment or register here.
