How to block Apps or browser extension by DNS filter?

In some cases, network administrators may want to block some of the softwares, apps, website or browser extensions. Vigor router can block websites by keyword using UCF (URL Content Filter) and DNSF (DNS Filter) like the article here. However, these software may connect to their servers with the abbreviation of the software name, or even the different words. Therefore, we are not able to just set the software name as the keyword. Though, it's not easy to guess the exact keywords, we may use Wireshark to capture the DNS query from the device when Apps and browsing extensions is running, then block it accordingly. This note is going to demonstrate how to block Facebook Messenger extension on Opera.

   

Clear DNS Cache

Before we start to capture the packets, please clear the DNS cache on the end device, otherwise the device could connect cached IP without querying the DNS.

For Windows user, please use command 'ipconfig/flushdns' on command prompt.

   

 

 

Capture the DNS Query

1. Run Wireshark, enter "dns" to filter the packets

   

2. Open Facebook Messenger on Opera, and wait for it to complete querying the DNS. We can see there are several DNS queries sent out from the computer when the Facebook Messenger is connecting to the server. We may set URL Content Filter and DNS Filter to block these domains, in order to block the Facebook Messenger extension..

   

 

 

Set up the URL Content Filter and DNS Filter

1. Create Keyword Objects, go to Objects Setting >> Keyword Object page and click an available index

  1. Enter the profile Name
  2. Add above domains keyword into Contents
  3. Click OK to save
   

2. Create URL Content Filter, go to CSM >> URL Content Filter page and click an available index

  1. Give a Profile Name
  2. Enable URL Access Control
  3. Select Block as Action
  4. Click Edit to select the Keyword Object of Facebook Messenger created in the previous step
  5. Click OK to save
   

3. Create DNS Filter, go to CSM >> DNS Filter page and click an available index

  1. Give a Profile Name
  2. Select the UCF profile created in the previous step
  3. Click OK to save
   

Note: If LAN clients take router as DNS server, please enable Local DNS Filter also:

  1. Enable DNS Filter in DNS Filter Local Setting
  2. Select the UCF profile created in the previous step
  3. Click OK to save
   

4. Set up the Firewall, go to Firewall >> General Setup >> Default Rule page, and select URL Content Filter and DNS Filter created in previous steps to block Facebook messenger.

   

Note: If you only want to block some of the LAN clients to use the Facebook Messenger extensions, please create the Firewall Rule with the specific source IP address.

   

Please clear the DNS cached again before verifying the firewall, and keep capturing packets in case that we missed to block some of the DNS queries. Collect and add the omissive domain name to the URL Content Filter and DNS Filter to make the firewall more accurate.

   

 

 

DNS cache table

Additionally, router records DNS cache on Diagnostics >> DNS Cache Table. Keywords may be found here instead of using Wireshark.

   
Was this article helpful?
57How to block Apps or browser extension by DNS filter? has been viewed------ 57 ------times.