How to use OpenDNS with IPCop
What is DNS
Domain Name Service converts web site names to ip address numbers. The gimmick here is that we regulate what web sites will resolve and keep "bad" sites from resolving here at Hedding United Methodist. Here is how we set this up:
First goto opendns.com Hedding UMC has an account for this service, this account name is heddingumc.org, and the password is known by Ralph Howe.
If you are starting from zero you must and register for an account and add a network ‘warning’ if you are not at the ip-address of the network at setup of said network you will receive an email verification that is required to be opened from that network to verify ownership of that ip address also an ip address may only be used for one network.
IP Cop configuration
Open DNS this allows updating of the dynamic ip address on the opendns.com servers in the event of a change.
- Go into your IPCop settings in Service Pulldown — Services Dynamic DNS and under Add a host. Pick one of these supported DYNDNS providers.
- Open up your favorite browser and go to the DYNDNS provider you have chosen from the list above and register with them.
- Return to your IPCop web administration GUI and add the information in to your IPCop settings in Service Pulldown — Services Dynamic DNS.
- Now return to your IPCop web administration GUI and fill in the information as listed below and then click Add. It will then display under “current hosts”
To enable the opendns to act as the dns server at Hedding do the following:
* Go into the dhcp settings and under the primary DNS change the primairy dns from 192.168.0.1 to 188.8.131.52. This changes primary dns server to opendns from IP Cop.
* Got to the secondary DNS and change 192.168.0.1 insert 184.108.40.206. This moves the DNS from IP Cop opendns secondary dns server.
* hit the save button and reboot the machine to insure all settings took fully.
* on any wondows computers on the network
* hit ctrl+r and type
and reboot the computer 220.127.116.11
Configuring the Content Filtering in OpenDNS
Go to the dashboard
login and choose the network that you wish to modify under content filtering level you have these options:
- Protects against all adult-related sites, illegal activity, social networking sites, video sharing sites, and general time-wasters. — 27 categories in this group
- Protects against all adult-related sites and illegal activity. –14 categories in this group
- Protects against pornography and phishing. –5 categories in this group
- Protects against phishing attacks. –1 category in this group
- Nothing blocked.
- Make your own choices and maintain them, not recommended.
Adding websites to the black/whitelist
If there are domains you want to make sure are always blocked (or always allowed) regardless of the categories blocked above, you can add them right below the content filtering options there is a dropdown menu that allows the options of always block or always allow. chose the desired option and input the domain that you wish to use into the available inputbox.
hit add domain
Testing Effective Blocking and Allowance
To test this system, there is a tool on the flint account of 192.168.0.10. This tool is in the folder /home/flint/Desktop/dnsresolver. The tool is called ‘dnsqed.sh’. To run the tool put your selection of web sites in the file /home/flint/Desktop/dnsresolver/sites.txt, and run the tool. This tool is in a 1.0 stage expect new updates as they come out.