Complete opposite of mine, i can block the https but not the http, was able to block the sun nintendo url via https now but should that still work?
Last edited by OfficialFBomb,
Hacking DNS to block the updates of the switch!
- Thread starter fokouethan
- Start date
- Views 110,668
- Replies 202
- Likes 4
Complete opposite of mine, i can block the https but not the http, was able to block the sun nintendo url via https now but should that still work?
You have lost me now. I thought you were "Site" blocking not "URL" blocking. Now you say you can block a "URL".
#confused
Then you should be able to block them just fine. They are HTTPS sites as far as I know. @Mr. Wizard , was the "HTTP" a mistake? I didn't use Wireshark to sniff traffic. I just watched the output of the DNS emulator which told me what URLs it was resolving but not if it was HTTP traffic or HTTPS. If it uses port 443 it's HTTPS not HTTP. Or I'm I missing something? I'm not an IT expert.
You have lost me now. I thought you were "Site" blocking not "URL" blocking. Now you say you can block a "URL".
#confused
Block site via keyword or domain name. is url not a site, is https://facebook.com not a url and also a site to go to??
Last edited by OfficialFBomb,
I guess in a way it was a mistake by me to assume everyone knows what port 443 is. HTTPS is not an actual protocol it just denotes HTTP with TLS or SSL. Browsers just use HTTPS for simplicity sake.
My sniffer program does not use HTTPS it expects that you know port 443 will be encrypted.
Probably.
Block "https://sun.hac.lp1.d4c.nintendo.net" in your routers settings and see if it works.
No.
If URL blocking you would use:
https://facebook.com
If SITE blocking you would use:
facebook or *facebook or *facebook.com
Site blocking uses keywords not actual URLs.
I see. I just knew that 443 was for HTTPS. Well I guess as long as his router blocks traffic on port 443 he'll be able to block updates.
Thank you for bringing that up though I'm going to add a note about that to my previous post.
Also when i copy https://sun.hac.lp1.d4c.nintendo.net into the router it changes it to http://sun.hac.lp1.d4c.nintendo.net:443/ and i have to manually change it to the first for it to even go, but like it said it does not block..
I guess you won't be able to block it from your router's settings. I use LocalDNS which is a little DNS emulator you run on a PC on your network. It was made to block Wii U/3DS update but it allows you to set whatever rules you want by editing "rules.txt".
Looks like somebody made a GUI frontend for it:
http://gbatemp.net/threads/release-localdnsgui-a-windows-gui-for-localdns.452683/
Ok I had a quick look at your manual:
http://www.downloads.netgear.com/files/GDC/C6250/C6250_UM_EN.pdf
Chapter 5
Secure Your Network
Block Keywords and Domains for HTTP Traffic........Page 66
Clearly it states that you need to be using KEYWORDS or DOMAINS.
A keyword/domain being: sun.hac.lp1.d4c.nintendo.net
Do not enter anything else but that. You do not need http or https, just the keyword, a word that is in the url that you want to block.
For further example, if I wanted to block:
http://google.com
I would then enter into the block list:
google.com
And that is it.
You can also block IP address' under Service blocking, you can set up to block a tcp/udp service using the IP addess that http://sun.hac.lp1.d4c.nintendo.net:443 resolves to which in my area is 23.194.102.48.
You can easily find the IP by opening a command prompt and using the command:
ping sun.hac.lp1.d4c.nintendo.net
You will get this:
Pinging e4835.g.akamaiedge.net [23.194.102.48] with 32 bytes of data:
Reply from 23.194.102.48: bytes=32 time=12ms TTL=60
Reply from 23.194.102.48: bytes=32 time=12ms TTL=60
Reply from 23.194.102.48: bytes=32 time=9ms TTL=60
Reply from 23.194.102.48: bytes=32 time=12ms TTL=60
Ping statistics for 23.194.102.48:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 9ms, Maximum = 12ms, Average = 11ms
--------------------- MERGED ---------------------------
you could also use keywords such as
sun
hac
lp1
d4c
But in doing so they are not very specific and any website address you may want to visit with these words in them will be blocked.
--------------------- MERGED ---------------------------
tl:dr
Just enter sun.hac.lp1.d4c.nintendo.net without the http or https and it should work.
Last edited by Mr. Wizard,
I cannot block that ip (my nintendo ip) without a port, and when i enter a port say 443 (even though im wrong on that) the ip comes back unable to block invalid
--------------------- MERGED ---------------------------
But yes i was able to block the sun.hac.lp1.d4c.nintendo.net
--------------------- MERGED ---------------------------
But yes i was able to block the sun.hac.lp1.d4c.nintendo.net
- Joined
- Oct 6, 2015
- Messages
- 1,863
- Trophies
- 1
- Location
- Canada
- Website
- jackomix.neocities.org
- XP
- 3,781
- Country
So basically an hosts file but as a number? Cool.for people who don't like reading too much text and technical data :
(well, I wrote too much too, sorry)
all connected devices on internet have an IP address, but it would be too hard to remember them all when you want to connect to a server.
So, you use URLs instead.
DNS server provides servers IP based on server's URL.
example, you type : "nintendo.com", your browser ask the DNS server "what is the IP of nintendo.com?" and he gets "nintendo.com IP is 199.227.51.26"
then your browser can connect to server's IP http://199.227.51.26 and display it's content to you, without you knowing it did something in the background.
What happens when you use a DNS to block nintendo's updates on your console?
when the console checks if there's a new update it uses nintendo's URL (instead of fixed IP hardcoded in the firmware, in case they change their server's IP), the DNS server reply a different IP than the real one for all Nintendo's update server's URL.
"please give me nintendo's update server" .... nah, you'll get a bad IP instead so you can't connect !
usually it replies "127.0.0.1" which is a loopback IP (the device itself, it's like "connect to yourself!")
sometime, it's giving a different IP, like how tubehax DNS sent youtube request to another website with a homebrew app.
Your ISP could use the same trick to restrict internet usage, blocking torrents, p2p, etc., using a different DNS unlock these websites.
Similar threads
-
-
@
Psionic Roshambo:
Ken I have that sort of set up on Drastic on Pi for games that don't require touch -
-
-
@ HiradeGirl:
Any TV with your PC connected with Citra and any smartphone to use as a screen using a free play store app.+1 -
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
