Today I’m going to tell you how to configure google safe search on pfsense. In this article, you’ll see how to configure google safe search on pfsense for blocking +18 websites, any erotic webpage, words etc. search on google.
After we configured it, in your local network which user will not access any erotic websites on “google.com, tr, uk, jp, it, ca etc.” domains.
Configure DNS Forwarder or Resolver
I’ll show what we’re going to do. Well you can use DNS Resolver or DNS Forwarder service. It doesn’t matter which one do you use in your pf. I use DNS Forwarder, so I’ll show the steps on this service. Go to Services > DNS Forwarder in the bottom of this page that you’ll see “Host Overrides” click + button and create a rule.
Here is some google websites country list. I just added a few country codes, but you can add all of them, see here.
Note: First add your country google website and then if you like, you can add all of them.
After you did what I showed you, go to Google Chrome, Firefox, Internet Explorer, Safari, any of web browser and write URL tab what you added on “Host Overrides”. For me, I’ll write “google.com.tr” and try to search some +18 erotic website.
Note: Your DNS address must be your firewall !!! (For now)
As you can see that I can’t see any erotic website to watch porn. It’s just about sex news or books etc.
Problem About DNS Addresses
Well, If you change your DNS address to use like “220.127.116.11, 18.104.22.168 etc..” you’ll see the porn websites or erotic videos on the google search. To solve this problem, we will create a NAT Forwarder rule that all outside DNS queries will be forwarded to our local which is 127.0.0.1 (it’s pfsense).
Go to Firewall > NAT Forwarder > click to + button create a rule. After that follow the steps below.
- Interface: LAN
- Protocol: TCP/UDP
- Destination: Any
- Destination Port Range: DNS (53)
- Redirect Target IP: 127.0.0.1
- Redirect Target Port: DNS (53)
- Description: Can be freely selected
Now we need to make sure that the firewall rule is in the right place. It must be on the top of the rules. We open the firewall rules under Firewall > Rules > LAN. Then save with Save and Apply to apply the changes.
Now let me explain what’s going to happen. When a client makes DNS query, the query will be going to localhost (127.0.0.1), and DNS Forwarder service listens to all interfaces on pfsense. Well, the dns query will not go to directly to the necessary server, it will go to pfsense and pfsense will take the dns query, and itself will answer the dns query.
Now you can go to change your DNS address, for example, use “22.214.171.124, 126.96.36.199, 188.8.131.52” etc. Then try to search erotic websites/videos on google. You’ll not be able to search any erotic things on google.
The Final Notes
In this article, we learned how to block erotic searching on google. After you configured your firewall as I showed you the steps in this article, nobody will search any erotic things on google because all DNS queries will go to “google safe search” domain. If you like, you can change your DNS address to search erotic words, but you’ll not be able to search for it.
Of course, you can’t stop the person who wants to watch porn. He can try to search on VPN extensions. If you block vpn extensions or vpn’s on your network, if he smart person, he’ll try to make his tunnel 🙂
We’re only making it harder for the person to search the erotic words on google..
” Online pfSense Firewall & Router Eğitimi | www.udemy.com/pfsense-training “