DNS to block the updates of the switch!

Discussion in 'Switch - Hacking & Homebrew' started by fokouethan, Mar 28, 2017.

  1. Mr. Wizard

    Mr. Wizard Ending the spread of bullshit one thread at a time

    Mar 20, 2015
    10th Dimension
    Unfortunately that router doesn't support blocking https and there doesn't seem to be any support for custom firmware since it's a router/modem combo.

    Your best bet would be to do some research and get a router that is compatible with custom firmware then set your old router to bridge mode.


    OfficialFBomb likes this.

  2. studio1b

    studio1b Member

    Mar 14, 2009
    United States
    I use advanced tomato on my routers

    You go to ADVANCED - ADBLOCK
    add add this
    This will block the system update.
  3. jt_1258

    jt_1258 GBAtemp Advanced Fan

    Aug 21, 2016
    United States
    so a deathstar to destroy homebrew ehh, never thought Nintendo would come down to this XD
  4. DayVeeBoi

    DayVeeBoi GBAtemp Regular

    Aug 17, 2015
    Thanks for the research into URL's. It made what couldve been several hours of work to create DD-WRT filter to about 3 minutes, I appreciate it. Anyways, I think "CDN" stands for Content Delivery Network or somesuch. I don't think it's related to location. I was wondering the same with 3DS URL's a few years ago and googled around a bit. Not trying to nit-pick or anything, just FYI.
    Mr. Wizard and peteruk like this.
  5. MSco

    MSco GBAtemp Regular

    Nov 2, 2016
    Gambia, The
    This weekend I played MK8DX online on my 2.0.0 Switch.
    I simply used the DNS:

    It works perfectly! Online Gaming is possible and the 2.1 Update is blocked.

    This did not work with the other DNS (205. ...) This blocks the update, but also blocks everything else (online gaming, eshop). So what was the intention of this DNS? For me, it was the same, as if I would completely disconnect from wifi.

    So, should we now use 173. ... permantly instead of the 205. ... ?
  6. EpicLPer

    EpicLPer Nice unless you give me a reason to hate you ;)

    Mar 13, 2015
    Well, the new DNS doesn't seem to block the update nag tho...

    — Posts automatically merged - Please don't double post! —

    Do you know how to filter them on OpenWRT?
  7. DayVeeBoi

    DayVeeBoi GBAtemp Regular

    Aug 17, 2015
    Yeah, I found the same thing regarding the DNS not blocking the update nag anymore. I don't use openWRT, but I am familiar with it. There will be several different ways to block domains depending on your setup. If you are using DNSmasq you could add the SUN and MOON addresses to /etc/dnsmasq.conf and a quick google search tells me there's a package for openWRT available called "Privoxy" that would be well suited to the purpose.

    That's about all I can tell ya, like I said I don't use openWRT. I would also suggest you take a look at installing dd-wrt on the device as it seems to be more user-friendly than openWRT and if you don't need it for something that's not possible with dd-wrt, that may be something to look into.
    Last edited by DayVeeBoi, May 2, 2017
  8. Cava

    Cava GBAtemp Advanced Fan

    Jan 26, 2016
    Hi @Mr. Wizard i have a DD-WRT fw router but at the access restriction menu it can't block the URL's with or without the port or the https tag. Now i used the DNSMasq section to block the beach and sun urls.
  9. fokouethan

    fokouethan Newbie

    May 25, 2016
    oh Sorry dns dont work

    — Posts automatically merged - Please don't double post! —

    Very sorry...

    — Posts automatically merged - Please don't double post! —

    But work if you reboot your switch
    Last edited by fokouethan, May 4, 2017
  10. Tilde88

    Tilde88 Member

    Feb 16, 2015
    United States
    Thanks for this. What I did was PING the 2 MUST BLOCK hosts, and nab their IPs in case the domain changes in the future. Then, on my router, i did a full port forward (all ports on all protocols). I used the IPs, and forwarded them from WAN to LAN (local static IP within my network), and set the rule to DENY. Then, I also set from LAN to WAN to be forwarded the same way, with my local static IP as the source this time.

    Now, even if the port, and/or host change, their will be no problem. They would have to change the public static IP, which isn't common at all, and they would have to use a non-standard port, like 10443 or a random, which the system is not coded for.

    Also, I set a DHCP reservation on my router based on the MAC to always give the same static IP to the MAC of the Switch. Additionally, I gave my Switch a static IP config just to be redundant.

    Anywho, thanks for the list. Hopefully this will help those without advanced firewall settings, and who cannot use a CFW on their router. All routers can do this that I've explained.

    (Also, I used as the DNS for the static IP info on the Switch (Primary and Secondary). Just in case :-p.

    After doing this, I was able to link a Nintendo Account, download all the demos, downloaded the Disgaea 5 update from USA eShop --it's a Japanese Switch and a Japanese game cart. Everything works fine.
    (Just bought this Switch in Japan during my trip)

    Switch has not offered a System Update, and is still on 2.1.0 (came this way).

    I don't know how I failed to realize... They have multiple public IPs registered to domains... Derp lol. Anyway, yea DNSMasq and/or adblock on router works great :D
    Last edited by Tilde88, Jun 3, 2017
  11. Yanda

    Yanda Advanced Member

    Aug 26, 2015
    Today I got a Switch and checked the method of DNS block using OpenDNS.
    I am using OpenDNS for WiiU. It has been blocking update for a long time.
    At the time of purchase my switch FW was 2.1.0. And still I keep it now.

    First, I checked the FW. It's 2.1.0.
    Next I set a WiFi connection.
    Next I set a DNS option.
    When I looked at FW, it says "update is possible". "FW2.1.0" was dissappeared.
    I thought I had failed, but it was fine.

    I attempted to connect to eshop and got error code:2137-8060.
    I attempted to update main system and got error code:2137-8060.
    I confirmed the method of using OpenDNS is functioning.
    After rebooted, It was written FW 2.1.0 at system information. "update is possible" was dissappeared.

    To use this method your network needs to be a static IP address.
    Here is the tutorial.

    These are my newly added address lists.