LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 08-15-2019, 03:24 PM   #1
wh33t
Member
 
Registered: Oct 2003
Location: Canada
Posts: 746

Rep: Reputation: 58
Is there a way to set up login-accessible DNS using something like Pi-hole?


So I was thinking I'd like to set up a Pi-hole dns service for ad and tracker blocking and I'd like to let friends and family use it as well but only them. Is there a way to somehow limit who can connect to it that is mostly straight forward?
 
Old 08-15-2019, 07:22 PM   #2
permaroot
Member
 
Registered: Aug 2019
Location: Arden, NC
Distribution: Arch Linux
Posts: 129

Rep: Reputation: 47
Quote:
Originally Posted by wh33t View Post
So I was thinking I'd like to set up a Pi-hole dns service for ad and tracker blocking and I'd like to let friends and family use it as well but only them. Is there a way to somehow limit who can connect to it that is mostly straight forward?
Just donít tell anyone else what the IP address is and tell the people you want to use it the IP so they can manually enter its IP as their DNS server
 
1 members found this post helpful.
Old 08-15-2019, 07:30 PM   #3
wh33t
Member
 
Registered: Oct 2003
Location: Canada
Posts: 746

Original Poster
Rep: Reputation: 58
Quote:
Originally Posted by permaroot View Post
Just donít tell anyone else what the IP address is and tell the people you want to use it the IP so they can manually enter its IP as their DNS server
I'll keep that as an option, but is it possible to make it only access with a login of some sort?
 
Old 08-15-2019, 07:38 PM   #4
permaroot
Member
 
Registered: Aug 2019
Location: Arden, NC
Distribution: Arch Linux
Posts: 129

Rep: Reputation: 47
Quote:
Originally Posted by wh33t View Post
I'll keep that as an option, but is it possible to make it only access with a login of some sort?
Not with a sign in option afaik. But you can make an arptables rule on it to only allow certain Mac addresses to access port 53

Last edited by permaroot; 08-15-2019 at 07:39 PM.
 
1 members found this post helpful.
Old 08-15-2019, 07:41 PM   #5
wh33t
Member
 
Registered: Oct 2003
Location: Canada
Posts: 746

Original Poster
Rep: Reputation: 58
Quote:
Originally Posted by permaroot View Post
Not with a sign in option afaik. But you can make an arptables rule on it to only allow certain Mac addresses to access port 53
So I would want the mac address of their home routers or their individual devices?
 
Old 08-15-2019, 07:52 PM   #6
permaroot
Member
 
Registered: Aug 2019
Location: Arden, NC
Distribution: Arch Linux
Posts: 129

Rep: Reputation: 47
Ohhhh you mean you want them to access it from another network? Not via your router? You’d have to have a static public IP (if you can acquire one from your ISP, and it’ll be extra money) and then port forward traffic to your internal private IP of the pi hole. A lot of work lol
 
Old 08-15-2019, 07:56 PM   #7
phil.d.g
Senior Member
 
Registered: Oct 2004
Posts: 1,262

Rep: Reputation: 135Reputation: 135
wh33t,

Quote:
Not with a sign in option afaik. But you can make an arptables rule on it to only allow certain Mac addresses to access port 53
This won't work for your use case unfortunately. Not if these friends and family members aren't in your house using your wifi.

Can your friends and family get static IP addresses for their home routers? If they can, the easiest way is with iptables. Failing that you could look into DNS over TLS or HTTPS (these are existing things) and then do client authentication with PKI. I'm not sure what software would support such a setup. Failing that a VPN, just don't use the VPN as a default gateway.
 
1 members found this post helpful.
Old 08-15-2019, 08:02 PM   #8
wh33t
Member
 
Registered: Oct 2003
Location: Canada
Posts: 746

Original Poster
Rep: Reputation: 58
Quote:
Originally Posted by phil.d.g View Post
wh33t,



This won't work for your use case unfortunately. Not if these friends and family members aren't in your house using your wifi.

Can your friends and family get static IP addresses for their home routers? If they can, the easiest way is with iptables. Failing that you could look into DNS over TLS or HTTPS (these are existing things) and then do client authentication with PKI. I'm not sure what software would support such a setup. Failing that a VPN, just don't use the VPN as a default gateway.
Ahh, thank you!
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Way to hide keys in .ssh from login user but still accessible via ssh. MikeyCarter Linux - Software 4 03-29-2018 10:44 AM
Something depends on something else but something else is to be installed javascriptninja Linux - Newbie 3 02-05-2012 04:22 PM
Is there any usable way for creating accessible network shares on Linux (Fedora 15)? kev717 Linux - Networking 4 06-30-2011 11:19 AM
my domain is in a dns black hole or something... sneakyimp Linux - Server 2 01-26-2010 01:08 PM
NTFS (winxp) drive is accessible only by root, why NTFS (winxp) drive not accessible Samppa72 Linux - Software 1 07-26-2004 03:13 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 05:37 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration