DNS to block the updates of the switch!

Discussion in 'Switch - Hacking & Homebrew' started by fokouethan, Mar 28, 2017.

  1. Mr. Wizard

    Mr. Wizard Ending the spread of bullshit one thread at a time

    Member
    1,112
    425
    Mar 20, 2015
    Canada
    10th Dimension
    Unfortunately that router doesn't support blocking https and there doesn't seem to be any support for custom firmware since it's a router/modem combo.

    Your best bet would be to do some research and get a router that is compatible with custom firmware then set your old router to bridge mode.

    https://advancedtomato.com/downloads
    http://www.dd-wrt.com/site/support/router-database

    https://kb.netgear.com/20831/How-to-set-up-Bridge-mode-on-R6300-R6250-R6200
     
    OfficialFBomb likes this.


  2. studio1b

    studio1b Member

    Newcomer
    47
    24
    Mar 14, 2009
    United States
    NEW YORK CITY
    I use advanced tomato on my routers

    You go to ADVANCED - ADBLOCK
    add add this
    [​IMG]
    This will block the system update.
     
  3. jt_1258

    jt_1258 GBAtemp Advanced Maniac

    Member
    1,505
    792
    Aug 21, 2016
    United States
    so a deathstar to destroy homebrew ehh, never thought Nintendo would come down to this XD
     
  4. DayVeeBoi

    DayVeeBoi GBAtemp Regular

    Member
    198
    48
    Aug 17, 2015
    Canada
    Ontario
    Thanks for the research into URL's. It made what couldve been several hours of work to create DD-WRT filter to about 3 minutes, I appreciate it. Anyways, I think "CDN" stands for Content Delivery Network or somesuch. I don't think it's related to location. I was wondering the same with 3DS URL's a few years ago and googled around a bit. Not trying to nit-pick or anything, just FYI.
     
    Mr. Wizard and peteruk like this.
  5. MSco

    MSco GBAtemp Regular

    Member
    147
    25
    Nov 2, 2016
    Gambia, The
    This weekend I played MK8DX online on my 2.0.0 Switch.
    I simply used the DNS: 173.255.238.217

    It works perfectly! Online Gaming is possible and the 2.1 Update is blocked.

    This did not work with the other DNS (205. ...) This blocks the update, but also blocks everything else (online gaming, eshop). So what was the intention of this DNS? For me, it was the same, as if I would completely disconnect from wifi.

    So, should we now use 173. ... permantly instead of the 205. ... ?
     
  6. EpicLPer

    EpicLPer Nice unless you give me a reason to hate you ;)

    Member
    923
    599
    Mar 13, 2015
    Austria
    Austria
    Well, the new DNS doesn't seem to block the update nag tho...

    — Posts automatically merged - Please don't double post! —

    Do you know how to filter them on OpenWRT?
     
  7. DayVeeBoi

    DayVeeBoi GBAtemp Regular

    Member
    198
    48
    Aug 17, 2015
    Canada
    Ontario
    Yeah, I found the same thing regarding the DNS not blocking the update nag anymore. I don't use openWRT, but I am familiar with it. There will be several different ways to block domains depending on your setup. If you are using DNSmasq you could add the SUN and MOON addresses to /etc/dnsmasq.conf and a quick google search tells me there's a package for openWRT available called "Privoxy" that would be well suited to the purpose.

    That's about all I can tell ya, like I said I don't use openWRT. I would also suggest you take a look at installing dd-wrt on the device as it seems to be more user-friendly than openWRT and if you don't need it for something that's not possible with dd-wrt, that may be something to look into.
     
    Last edited by DayVeeBoi, May 2, 2017
  8. Cava

    Cava GBAtemp Advanced Fan

    Member
    601
    200
    Jan 26, 2016
    Hungary
    Hi @Mr. Wizard i have a DD-WRT fw router but at the access restriction menu it can't block the URL's with or without the port or the https tag. Now i used the DNSMasq section to block the beach and sun urls.
     
  9. fokouethan
    OP

    fokouethan Newbie

    Newcomer
    3
    1
    May 25, 2016
    France
    oh Sorry dns dont work

    — Posts automatically merged - Please don't double post! —

    Very sorry...

    — Posts automatically merged - Please don't double post! —

    But work if you reboot your switch
     
    Last edited by fokouethan, May 4, 2017
  10. Tilde88

    Tilde88 Advanced Member

    Newcomer
    62
    17
    Feb 16, 2015
    United States
    Thanks for this. What I did was PING the 2 MUST BLOCK hosts, and nab their IPs in case the domain changes in the future. Then, on my router, i did a full port forward (all ports on all protocols). I used the IPs, and forwarded them from WAN to LAN (local static IP within my network), and set the rule to DENY. Then, I also set from LAN to WAN to be forwarded the same way, with my local static IP as the source this time.

    Now, even if the port, and/or host change, their will be no problem. They would have to change the public static IP, which isn't common at all, and they would have to use a non-standard port, like 10443 or a random, which the system is not coded for.

    Also, I set a DHCP reservation on my router based on the MAC to always give the same static IP to the MAC of the Switch. Additionally, I gave my Switch a static IP config just to be redundant.

    Anywho, thanks for the list. Hopefully this will help those without advanced firewall settings, and who cannot use a CFW on their router. All routers can do this that I've explained.

    (Also, I used 173.255.238.217 as the DNS for the static IP info on the Switch (Primary and Secondary). Just in case :-p.

    After doing this, I was able to link a Nintendo Account, download all the demos, downloaded the Disgaea 5 update from USA eShop --it's a Japanese Switch and a Japanese game cart. Everything works fine.
    (Just bought this Switch in Japan during my trip)

    Switch has not offered a System Update, and is still on 2.1.0 (came this way).

    I don't know how I failed to realize... They have multiple public IPs registered to domains... Derp lol. Anyway, yea DNSMasq and/or adblock on router works great :D
     
    Last edited by Tilde88, Jun 3, 2017
  11. Yanda

    Yanda Advanced Member

    Newcomer
    76
    11
    Aug 26, 2015
    Today I got a Switch and checked the method of DNS block using OpenDNS.
    I am using OpenDNS for WiiU. It has been blocking update for a long time.
    At the time of purchase my switch FW was 2.1.0. And still I keep it now.

    First, I checked the FW. It's 2.1.0.
    Next I set a WiFi connection.
    Next I set a DNS option.
    When I looked at FW, it says "update is possible". "FW2.1.0" was dissappeared.
    I thought I had failed, but it was fine.

    I attempted to connect to eshop and got error code:2137-8060.
    I attempted to update main system and got error code:2137-8060.
    I confirmed the method of using OpenDNS is functioning.
    After rebooted, It was written FW 2.1.0 at system information. "update is possible" was dissappeared.

    To use this method your network needs to be a static IP address.
    Here is the tutorial.

    These are my newly added address lists.

    atum.hac.lp1.d4c.nintendo.net
    sun.hac.lp1.d4c.nintendo.net
    beach.hac.lp1.eshop.nintendo.net
    superfly.hac.lp1.d4c.nintendo.net
    receive-lp1.er.srv.nintendo.net
    list.png
     
  12. SembraNonBuono

    SembraNonBuono Newbie

    Newcomer
    3
    0
    Jan 1, 2017
  13. thedetire

    thedetire Member

    Newcomer
    18
    14
    Apr 20, 2012
    Netherlands
    You can't visit the eshop, only on the latest update.
    You actually can't do anything online unless you update.
     
  14. SembraNonBuono

    SembraNonBuono Newbie

    Newcomer
    3
    0
    Jan 1, 2017
    So this guide is no longer working? :(
     
  15. thedetire

    thedetire Member

    Newcomer
    18
    14
    Apr 20, 2012
    Netherlands
    Exactly, maybe it works for 3.0 but with changes. Not sure about that.
    But for 2.0 all you can do is block access to the server (blocks online access), but you will get an error saying that something went wrong. Tried it myself out before updating.

    It's either updating or not using online stuff.
     
    Last edited by thedetire, Jul 4, 2017
  16. SembraNonBuono

    SembraNonBuono Newbie

    Newcomer
    3
    0
    Jan 1, 2017
    Ok, I'll update too
     
  17. Yanda

    Yanda Advanced Member

    Newcomer
    76
    11
    Aug 26, 2015
    I noticed that the art posts of Splatoon 2 were not displayed.
    If you block Error Reporting server, the art post is not displayed in the game.
    http://receive-lp1.er.srv.nintendo.net:443 [error reporting]
    If you want to display art posts remove it from the block list.

    artPost.jpg
     
    Last edited by Yanda, Jul 13, 2017
  18. Domineu

    Domineu Member

    Newcomer
    47
    6
    May 3, 2016
    Gambia, The
    I'm on 3.0.0 and blocked Sun and Beach but I am still getting the update nag. Can anyone help me please?
     
    monkeyman4412 likes this.
  19. monkeyman4412

    monkeyman4412 GBAtemp Advanced Fan

    Member
    691
    159
    Jun 16, 2016
    United States
    deleted
     
    Last edited by monkeyman4412, Aug 1, 2017
  20. monkeyman4412

    monkeyman4412 GBAtemp Advanced Fan

    Member
    691
    159
    Jun 16, 2016
    United States
    thats my issue