Web filtering for home - Not on a firewall

For home use does anyone have a recommendation on how to do web filtering?
Specifically NOT on the firewall but on the endpoint [iPads,laptops].

Much like businesses, i rather have an agent or an application running that can control what my users [family] can do and not do, see and not see.

Cost is not an issue. Just looking for some good software alternatives to what i use today which is nothing.

I would look into OpenDNS. It has a free offering and all you need to do is update your DNS servers configured on your router for it to work. It is also recommended you block all other DNS traffic internally so users are forced to use these.

1 Like

For more privacy centered DNS filtering I always recommend nextdns.io

1 Like

So i see a combo situation here.
Use pfblocker to block the DoH and DoT servers creating exceptions for NextDNS or OpenDNS
Use a NAT redirect rule to forward port 53 back to my pfsense.

NextDNS and OpenDNS are free options i see. Cant complain with that.
Appreciate the quick feedback.

What are you using for DHCP? If you are using your pfSense I would expect the DNS server setting it is using would be itself so no need for a NAT. You should create an ACL that allows only the default gateway IP for port 53 both UDP/TCP and block all port 53 traffic right after it. Then you configure the pfSense to use the public DNS servers the service requires.

pfsense is running as both DHCP/DNS server.
The NAT is only for redirect of port 53 - in case there a device out there not wanting to use the provided dns servers they will be redirected to OpenDNS/NextDNS.

1 Like