RELEASE 90DNS: DNS server for blocking all Nintendo Servers

Discussion in 'Switch - Emulation, Homebrew & Software Projects' started by AveSatanas, Aug 27, 2018.

Loading...
  1. quicksilver501

    quicksilver501 Newbie

    Newcomer
    1
    Jul 1, 2019
    Italy
    It's OK, I thought I was having dns problems but they were dhcp problems instead.
     
  2. Joshifer34

    Joshifer34 GBAtemp Regular

    Member
    2
    Apr 26, 2019
    United States
    Would I be able to update games using this? I’m banned lol
     
  3. pLaYeR^^

    pLaYeR^^ Doctor Switch

    Member
    9
    GBAtemp Patron
    pLaYeR^^ is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Sep 18, 2014
    Austria
    Austria
    No but you can update games by installing the update as NSP.
     
  4. Budsixz

    Budsixz GBAtemp Fan

    Member
    4
    Oct 27, 2018
    India
    If youre already banned then using 90dns sort of doesnt make sense as 90dns is used only for avoiding bans
     
  5. Joshifer34

    Joshifer34 GBAtemp Regular

    Member
    2
    Apr 26, 2019
    United States
    How do I do that?
     
  6. pLaYeR^^

    pLaYeR^^ Doctor Switch

    Member
    9
    GBAtemp Patron
    pLaYeR^^ is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    Sep 18, 2014
    Austria
    Austria
    Download them from google.
     
  7. TheGlow

    TheGlow GBAtemp Regular

    Member
    2
    Nov 23, 2013
    United States
    Da Bronx
    Late to the party, but been trying pihole and this worked like butter. Thanks.
    Edit: Actually this seems to have broken my dns altogether.
    And manually adding blacklist exceptions to the nintendo servers seems to make my Switch fail the internet check so I cant get on.
     
    Last edited by TheGlow, Sep 10, 2019
  8. TheGlow

    TheGlow GBAtemp Regular

    Member
    2
    Nov 23, 2013
    United States
    Da Bronx
  9. Localhorst86

    Localhorst86 GBAtemp Addict

    Member
    10
    Jul 17, 2014
    Germany
    Nintendo works for my dad
    How did it break your dns? All you did was add an additional rule set to your pihole, which is your dns.

    Your system needs to access the ctest.cdn.nintendo.net url and expects a 200 http response (see the selfhost instructions in the 90dns gitlab for more details).

    The way I have set it up is to block all Nintendo urls on my router so no traffic to Nintendo servers can leave my local network (only applied to specific devices, though, so only my switch is affected by this).

    I have then installed pihole and nginx as docker containers on my raspberry pi and have pihole set up to redirect the url ctest.cdn.nintendo.net (and another one) to the nginx docker running on the same raspberry pi.

    Works like a charm for me.
     
  10. TheGlow

    TheGlow GBAtemp Regular

    Member
    2
    Nov 23, 2013
    United States
    Da Bronx
    Im still learning the home labbing portion. I followed the steps xdpirate provided and for whatever reason the DNS service wouldnt run anymore. It wasnt until I went back in and deleted the 02-90dns.masq did it let me restart the service properly. So I know enough to get the ball rolling but not really trouble shoot much else. Selfhosting direction seems confusing. Like I saw the 90dns.masq file but didn't seem to have any IP's in it, so this is all over my head. Hence I thought just adding it all in a blacklist would work, but apparently thats not valid. His steps also mentioned changing the IP, and I search 192 and 172 and didnt find anything. so not sure I'm missing something.
     
    Last edited by TheGlow, Sep 10, 2019
  11. Localhorst86

    Localhorst86 GBAtemp Addict

    Member
    10
    Jul 17, 2014
    Germany
    Nintendo works for my dad
    I don't know who xdpirate is and what steps he provided you with. Or where you get the 02-90dns.masq file from or what it contains.

    When you open the file in a text editor, what does it look like? Maybe you downloaded the HTML representation of the gitlab page instead of the RAW text.
     
  12. TheGlow

    TheGlow GBAtemp Regular

    Member
    2
    Nov 23, 2013
    United States
    Da Bronx
    "
    sudo wget https://gitlab.com/ao/90dns/raw/master/dnsmasq/dnsmasq.conf -O /etc/dnsmasq.d/02-90dns.conf
    sudo sed -i -e "s/192.168.0.1/$(hostname -I)/g" /etc/dnsmasq.d/02-90dns.conf
    pihole restartdns"
    Ok, I see what you mean. If I went on pc and did save as, I get html. But if just clicking it, i get the real file. Odd. Also I see now the repo had changed so I'm a bit puzzled on what it stuck in there then.
    I changed the command to the new location, sudo wget https://gitlab.com/a/90dns/raw/master/dnsmasq/dnsmasq.conf -O /etc/dnsmasq.d/02-90dns.conf and when I do a vi on the new 02-90dns.conf it's normal. That sudo sed command didnt seem to do anything.
    So I replaced the 127 with my pihole. I added my interface as per piholes admin page. Do I need to do anything with the 95.216.149.205 entries?
    From my pc it appears to be working properly. I'll test on the switch momentarily.
     
  13. Localhorst86

    Localhorst86 GBAtemp Addict

    Member
    10
    Jul 17, 2014
    Germany
    Nintendo works for my dad
    You don't need to replace 127.0.0.1, that is already local host and leads to nowhere (I.e. Already blocked.

    If you selfhost the connection test, you need to change those two lines to point to your Webserver.
     
  14. TheGlow

    TheGlow GBAtemp Regular

    Member
    2
    Nov 23, 2013
    United States
    Da Bronx
    Ok, wasn't 100% sure if needed 127.0.0.1 or not, but similar result. I don't run my own webserver, so I guess I can leave those. Those are just for the initial wifi check I assume?
    I guess at some point I'll look into hosting a web server option. Is it looking for anything in particular or would something like pointing to my Plex work since it somewhat is running a browser service.
     
  15. Localhorst86

    Localhorst86 GBAtemp Addict

    Member
    10
    Jul 17, 2014
    Germany
    Nintendo works for my dad
    The two lines not pointing to 127.0.0.1 are for the WiFi check, yes. They do point to outside sources so connections to those will still need to leave your local network.

    If you do want to contain this traffic locally as well, you'll need to set up a local server that responds to http queries with the proper response (I.e. Pointing it to any old webservice doesn't work).

    If you look at the "nintendowifi" file in the nginx folder of the 90 dns repo, you can see the response it expects.
     
  16. TheGlow

    TheGlow GBAtemp Regular

    Member
    2
    Nov 23, 2013
    United States
    Da Bronx
    Thanks. Any suggestions on the bare minimum I should need for web service? I'm in between messing around with labbing and have esxi up so far just a win2k16 network share and pihole. Eventually need to move torrents and plex off my main pc to a vm. So web server wouldn't be a bad idea. I think I can do something like iis on the win2k for now? I have an ubuntu vm initially planned for plex that I havent touched yet.
     
  17. Localhorst86

    Localhorst86 GBAtemp Addict

    Member
    10
    Jul 17, 2014
    Germany
    Nintendo works for my dad
    Any Webserver should do, as long as you can determine the response it gives to requests on port 80.

    Setting up a win 2k16 server seems overkill to me but if that's what you know, that should do the trick.
     
  18. Yoni Arousement

    Yoni Arousement GBAtemp Regular

    Member
    3
    Mar 3, 2009
    United States
    Location
    HBG Shop can download updates and DLC without the need to search for them.
     
  19. TheGlow

    TheGlow GBAtemp Regular

    Member
    2
    Nov 23, 2013
    United States
    Da Bronx
    Yea, overkill in general but I have an ntfs 8tb drive that I wanted to keep as is in the event the labbing doesnt work out, etc, so I can put back into my win10 machine. So in that respect I set up a win2k16 vm just to share this drive. So I installed iis and can connect to it in browser but seems it fails the check, and opens the default webpage on the Switch. So I guess I need some other kind of default page offered up I guess.
    I saved the html that http://95.216.149.205/ offers initially and set that as my default. It loads on my pc but Switch fails the check and then launches that page, so I guess theres some more dependencies.
    Ok, I see the portion about this setup. I'll get on that next.
    Edit: Got it. Looks like there wasnt an iis option. Removed iis, installed apache and had it running within 15 minutes. Many thanks for getting me on the right path.
     
    Last edited by TheGlow, Sep 11, 2019
  20. AveSatanas
    OP

    AveSatanas GBAtemp Regular

    Member
    6
    Aug 7, 2018
    United States
    Regular hosts file approach didn't work, so I deleted it shortly after putting it up.

    dnsmasq is the proper option. Do edit out the "interface" line though, otherwise it won't work.
     
Loading...