Today I’m going to tell you how to configure google safe search on pfsense. In this article you’ll see how to configure google safe search on pfsense for blocking +18 websites, any erotic website, words etc. search on google.
After we configured it, in your local network which user will not access any erotic websites on “google.com, tr, uk, jp, it, ca etc.” domains.
Configure DNS Forwarder or Resolver
I’ll show what we going to do, so you can use DNS Resolver or DNS Forwarder service. It doesn’t matter which one do you use in your pf. I use DNS Forwarder, so I’ll show the steps on this service. Go to Services > DNS Forwarder in the buttom of this page that you’ll see “Host Overrides” click + button and create rule.
Here is the some google websites country list. I jus added a few country code, but you can add all of them, see here.
Note: First add your country google website and then if you like, you can add all of them.
After you did what I showed you, go to Google Chrome, Firefox, Internet Explorer, Safari, any of web browser and write url tab what you added on “Host Overrides”. For me I’ll write “google.com.tr” and try to search some +18 erotic website.
Note: Your dns address must be your firewall !!! (For now)
As you can see that I can’t see any erotic website to watch porn. It’s just about sex news or books etc.
Problem About DNS Addresses
Well, If you change your dns address to use like “126.96.36.199, 188.8.131.52 etc..” you’ll see the porn websites or erotic videos on google search. To solve this problem, we will create NAT Forwarder rule that all outside dns queries will be forwarder to our local which is 127.0.0.1 (it’s pfsense).
Go to Firewall > NAT Forwarder > click to + button create a rule. After that follow the steps below.
- Interface: LAN
- Protocol: TCP/UDP
- Destination: Any
- Destination Port Range: DNS (53)
- Redirect Traget IP: 127.0.0.1
- Redirect Target Port: DNS (53)
- Description: Can be freely selected
Now we need to make sure that the firewall rule is in the right place. It must be on the top of the rules. We open the firewall rules under Firewall > Rules > LAN. Then save with Save and Apply to apply the changes.
Now let me explain what’s going to happen. When a client make DNS query, the query will be go to localhost (127.0.0.1) and DNS Forwarder service listen all interfaces on pfsense. So, the dns query will not go to directly to the necessary server, it will go to pfsense and pfsense will take the dns query and itself will answer the dns query.
Now you can go to change your dns address for example use “184.108.40.206, 220.127.116.11, 18.104.22.168” etc. Then try to search erotic websites/videos on google. You’ll not be able to search any erotic things on google.
The Final Notes
In this article we learned how to block erotic searching on google. After you configured your firewall as I showed you the steps in this article, nobody will search any erotic things on google because all dns queries will go to “google safe search” domain. If you like you can change your dns address to search erotic words but you’ll not be able to search it.
Of course you can’t stop the person who wants to watch porn, he can try to search on vpn extensions. If you block vpn extensions or vpn’s on your network, if he smart person, he’ll try make his own tunnel 🙂
We’re only making it harder for the person to search the erotic words on google…