Tutorial Blocking WiiU Update Domains With OpenDNS

Was this helpful?


  • Total voters
    84

TotalInsanity4

GBAtemp Supreme Overlord
OP
Member
Joined
Dec 1, 2014
Messages
10,800
Trophies
0
Location
Under a rock
XP
9,813
Country
United States
****************
ATTENTION
SAFETY WARNING

Note from moderator:
OpenDNS is NOT a 100% safe protection.
It relies on your current router's IP to redirect and filter URLs.
If your Internet Service Provider is using Dynamic IP, I recommend using Proxy filtering instead.
Even if you have a static IP, be careful. OpenDNS default filtering rule is "allows everything". nothing will be blocked in case your router's IP suddenly changes.
(Edit from OP: The DNS used for Smealum's 3DS TubeHaxx exploit (107.211.140.65) is also a viable option for people with dynamic IP addresses. Note that this is only to be used for the purposes of blocking update domains, and it will not magically perform "1337 hax" on your Wii U through the YouTube app like on the 3DS). If you decide to use this DNS, DO NOT FOLLOW THE GUIDE BELOW. Just enter it as your primary DNS setting with the secondary being "0.0.0.0".
DELAY WARNING
When you setup your OpenDNS account and edit the filters, they are not effective right away. You need few minutes (4-5min) until your changes are taken in account. Be careful, don't power your WiiU immediately after you editing your filter rules, they are not active yet.




****************​
Hello, all!

There have been a number of people who have been asking for help setting up a DNS server to block Nintendo domains while still being able to do things online. Given the increasing relevance to the community due to the release of the exploit growing closer and closer, I have decided to write a detailed tutorial (with pictures!) of the entire process, start to finish. Due to the fact that this has a number of large pictures in it, I will put each step in a spoiler tag. Enjoy!

To create an account with OpenDNS, go to :arrow: https://www.opendns.com/ and click or tap "For Personal", as shown:
OpenDNS step one.png


This will take you to the next page, where you will want to click "GET STARTED" under "PARENTAL CONTROLS"
OpenDNS step one -2.png


This will take you to the page where you will choose what package you want to sign up for. As you are just wanting to block some domains, sign up for the free package, called "OPENDNS HOME"
OpenDNS step one -3.png
Now that we've made it to the sign up page, fill in the sign up box as shown (but obviously with your own email and password!):
OpenDNS step two.png


After you fill in your information, you will be directed to a page that will give you OpenDNS's IP addresses and a link at the bottom to test if your DNS settings are set up for use with OpenDNS. PAY NO ATTENTION TO THIS! Because you are not setting up OpenDNS for use with your computer, it will always fail (later on in the tutorial, I will give you a link to test with the Wii U to see if you've set it up correctly.) Instead, click the orange button labeled "OpenDNS" in the top right corner to exit back to the homepage, as shown:
OpenDNS step 2 -2.png



Back on the homepage, there will be a button in the top right corner labeled "Dashboard".
OpenDNS step 2 -3.png


Click that, then carry on to Step 3
At this point, you will be noticing that OpenDNS is asking you to confirm your email address (you know, so they know you're a real person and not a spambot). To do that, sign into your email account and click the link in the email sent from (you guessed it) OpenDNS. This will open a new tab that will be directed back to your dashboard. From there, you will want to click the "Settings" tab:
OpenDNS step three.png


Once you've done that, OpenDNS will ask you for your home network's IP address. Yes, this IS necessary, otherwise OpenDNS will not know where to apply your settings (in other words, don't BS this, otherwise you're defeating the purpose of signing up in the first place!). In some computers, it will automatically fill in your networks IP address in the text boxes, and all you will have to do is click "ADD THIS NETWORK". However, with some computers, like Chromebooks and some tablets and smartphones, you will have to manually enter it. If you don't know what your home's IP address is, OpenDNS conveniently shows it right above where I have annotated arrows onto this picture (I cut mine off because I enjoy not getting malware from you guys ;)):
OpenDNS step three -2.png


Now you'll have to give your network a name; just call it "Home" or "Wii U" or something of that fashion. Now that you've created your network, you can finally add the domains to block into OpenDNS! To do that, click on your "Home"(/"Wii U"/etc.) IP address to access its settings:
OpenDNS step three -3 (1).png


When you've done that, you will be taken to the settings page for that IP address. Make sure that under "Choose your filtering level", "None" is selected (unless you have kids and you're worried that they'll be watching porn on your Wii U, then... well, I guess select what you need :rofl:):
OpenDNS step three -4.png


Then, under "Manage individual domains", block the following:
Code:
nus.cdn.c.shop.nintendowifi.net
nus.cdn.shop.wii.com
nus.cdn.wup.shop.nintendo.net
nus.wup.shop.nintendo.net
nus.c.shop.nintendowifi.net
c.shop.nintendowifi.net
(Note: Many of these domains will give you this after clicking "ADD DOMAIN":
OpenDNS step three -4 (1).png

MAKE SURE YOU CHECK THE FIRST OPTION! Then click "CONFIRM")

In the end, if you have set it up correctly, it should look like this:
OpenDNS step three -5 (1).png


Note: Though we are now technically done with everything on the computer side of things, I HIGHLY recommend installing the software that corresponds to your operating system in the link below if your network's IP address changes dynamically or if you are not sure if it changes dynamically. It will send your current IP address to OpenDNS every once in a while so that it stays up-to-date. This may save your Wii U's firmware in case your IP address changes on you!
:arrow: https://support.opendns.com/entries/23218654-Where-do-I-download-an-OpenDNS-Dynamic-IP-updater-client-
Note: Your PC does not have to be configured for OpenDNS for this to work. Just make sure that you don't install it on a laptop that you take to other places frequently, as it will try to update your IP settings with an IP address that is not yours, leaving your Wii U temporarily vulnerable.
Final stretch now! From the Wii U side, things are much simpler: Enter your Wii U's settings and (from the GamePad) enter the internet settings. After setting up your internet for either WiFi or Ethernet, press the "X" button on the GamePad to change the settings of your connection. Select your home network's connection, then navigate to the second page. Click into the DNS settings, and select "Don't auto-obtain". Next, it will ask you to put in a primary and secondary IP address: put in 208.67.222.222 as the primary, and 208.67.220.220 as the secondary.
What you CAN do while blocking these domains:
+Play your Wii U games and applications
+Access online applications such as Netflix, so long as they do not need an update to function
Edit: This is no longer possible. RyanRocks ruined online for us when he posted hacked MK8 time trial scores on Miiverse, allowing Nintendo to find the exploit used and fix it. It is now required to be on 5.5.0 for any Nintendo Network related application
Edit2: There is now a workaround by Crediar called WUPInstaller that will install any signed title to the console, effectively allowing you to spoof your console to any version as long as you can perform a kernel exploit.
+Access just about anything you want in the Web Browser
+Play your Wii U games online IF ON OR SPOOFED TO LATEST FIRMWARE OR <5.1.0
+Keep your Wii U in standby and use the quick start menu

What you CANNOT do while blocking these domains:
-Update (hur dur dur)
-Access the eShop (it is tied to the NUS)
-Play online if you are not on or spoofed to the latest firmware or <5.1.0

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------​

Ways to test that you have set this up correctly:

An easy way to figure out if this worked; after the Wii U first goes into standby mode, it will attempt to check for a system update. Since it will not be able to even find out if the update, it will show a red "X" over the "Download Management" app. If you see this when you boot up your Wii U the first time after it goes into standby mode, the update blocking is working. After you see this, you're golden. However, if you want to test more aggressively, or just don't want to wait an upwards of 24 hours for your system to go into standby, then there few other tests you can perform:

If you are on the latest firmware, then all you need to do is attempt to update through the system settings (it's the second-to-last option on the GamePad). If, somewhere between 2 to 30 seconds, the console gives you an error saying that it could not connect to the update server, you are done! If, however, the Wii U tells you it is up-to-date, review Steps 3 and 4 and figure out where you went wrong. No matter what, make sure you wait 3 minutes after applying the last domain to try this.

Alternatively, if you are NOT on the latest firmware and intend to stay where you are, or are just plain paranoid that you messed something up, use this link on your Wii U to make sure that you are in fact using OpenDNS's DNS servers: :arrow: https://store.opendns.com/setup/#/?new=home-free
If the test worked, then try updating (sorry, that's the only way to test this completely :(). If the test failed, make sure you correctly typed the IP addresses into your Wii U's internet settings, then try the link again.

There is a way to do this that allows you to access eShop even with DNS settings active, but be very aware that it is much more unpredictable and risky as it is blocking fewer domains. On top of that, you will be able to browse through the contents of the eShop, but you can't actually download games or applications as those are all stored on the NUS CDN. You decide whether it is worth the risks to gain half of a feature back:

Essentially, follow the guide above, but only block:
Code:
nus.cdn.c.shop.nintendowifi.net
nus.cdn.shop.wii.com
nus.cdn.wup.shop.nintendo.net
Note: While this will allow you to access the eShop, one of these domains that now remains unblocked is also the domain that tells the Wii U if an update is available. This means your Wii U will know when it needs to be updated, and will try to download said update. However, because the domains hosting the update are being blocked, it will download a fake ~1-kilobyte file instead, which in testing has always deleted itself upon trying to install. In the event the firewall fails, or the fake update doesn't delete itself in your case, I will not be responsible for an updated or bricked Wii U!
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------​
The Wii U can store up to 3 network settings, so what I have done is saved my home's WiFi network twice, set the first network as "default", and applied the DNS settings to the first network. That way, if I ever want to access the eShop (before Nintendo pushes another update, of course), I can just set my second "clean" network as the "default" network for the time that I want to download something. Just don't forget to switch the default network back to the one with the OpenDNS settings applied to it!

With this method, it actually IS possible to have standby mode and the quick start menu on. However, if your IP address dynamically changes, I would advise you to set the interval that the Wii U goes into standby mode to 24 hours (the default is every 1 hour), so that you always give the OpenDNS auto-updater a chance to update your IP address every day. To do this, go to the Wii U's settings, then go to "Power Settings", select "Standby Functions", and set it to 24 hours.

In the OpenDNS Updater application for Windows, OSX or Linux, look through the settings (bottom right corner). There is a setting for it to send automatic updates while it is open, and even a setting for it to always run while hidden if that's your cup of tea.

There is a small chance that your IP address will have already been used with OpenDNS before, particularly if you or the previous user had a dynamically updating router. This issue, along with a plethora of others, can be resolved by submitting a support ticket to the OpenDNS staff
from :arrow: here
One more thing! There was another thread made in the 3DS subforums by TidusWulf which you can view from this link. It is largely the same as the guide I have written, so you can just go ahead and apply the DNS settings to your 3DS in the same way as you did the Wii U and it should work from the get-go!
 
Last edited by TotalInsanity4,

DarkFlare69

Well-Known Member
Member
Joined
Dec 8, 2014
Messages
5,147
Trophies
2
Location
Chicago
XP
4,735
Country
United States
It doesn't mention that there is a chance of your IP already being in the OpenDNS database, in which case it won't accept the network- if it does this, send a support ticket and they will remove it. That should be added to the OP.

That's not a huge chance, though.
 

TotalInsanity4

GBAtemp Supreme Overlord
OP
Member
Joined
Dec 1, 2014
Messages
10,800
Trophies
0
Location
Under a rock
XP
9,813
Country
United States
Not for the Wii U blocking to work, but for the dynamic IP application, yes.

Dildos. Whatever, it worked. I'll just manually update time to time.

Nooooo no you don't. The purpose of the dynamic updater is just to read your IP address and update it every once in a while, you don't have to have your PC set up for OpenDNS. Whether or not the PC is connected to the DNS server should have no bearing as to how the OpenDNS Updater application functions. I'll clarify this in the tutorial.

Edit: Also, another handy hint that I forgot to mention, but in the Updater app's settings there should be an option for it to send automatic updates, so it would automatically do it if your computer is in sleep mode (I think it's labeled something like "Send OpenDNS-o-matic updates" or something cheesy like that. Adding that as well)
 

DarkFlare69

Well-Known Member
Member
Joined
Dec 8, 2014
Messages
5,147
Trophies
2
Location
Chicago
XP
4,735
Country
United States
Nooooo no you don't. The purpose of the dynamic updater is just to read your IP address and update it every once in a while, you don't have to have your PC set up for OpenDNS. Whether or not the PC is connected to the DNS server should have no bearing as to how the OpenDNS Updater application functions

Okay, cool. I had a strong feeling Kelton2 was wrong
 
  • Like
Reactions: TotalInsanity4

TotalInsanity4

GBAtemp Supreme Overlord
OP
Member
Joined
Dec 1, 2014
Messages
10,800
Trophies
0
Location
Under a rock
XP
9,813
Country
United States
OP updated to clarify. Also, NWPlayer123, I just thought I'd tell you that I stuck you on the access list, in case you wanted to add or clarify anything, since you've been using this far longer than I have

Okay, cool. I had a strong feeling Kelton2 was wrong
Not wrong, he just misunderstood how the app works. I should have clarified :P Like I said, fixed now!



Edit: Kelton2, since you had to get your IP address being taken issue worked out, is there any way you could give me a detailed description of what to do so I can add it to the OP? (Either PM or in response to this post would be fine)
 
  • Like
Reactions: NWPlayer123

TotalInsanity4

GBAtemp Supreme Overlord
OP
Member
Joined
Dec 1, 2014
Messages
10,800
Trophies
0
Location
Under a rock
XP
9,813
Country
United States
What I did was simple- I just opened a support ticket with them (it's right on the site), described the issue (the error it gives you is "Network already in use" or something like that) and they replied saying they had deleted the IP from their database- so just say to open a support ticket and they will fix it.

K, thanks!

Edit: Added to "Helpful hints"
 
  • Like
Reactions: Kelton2

TotalInsanity4

GBAtemp Supreme Overlord
OP
Member
Joined
Dec 1, 2014
Messages
10,800
Trophies
0
Location
Under a rock
XP
9,813
Country
United States
Video Tutorial:

Nice! I will add it to the OP later, but not right now for your privacy's sake. Before I add it, I would advise that you a) check through the video a few times, as there is a number of times that your IP address shows in the OpenDNS website (you should be able to blur or bar over them with YouTubes standard video editor, I THINK), and b) I would advise jump-cutting past your e-mail verification, just so you don't get a bunch of spam to that address
 

75mak

Well-Known Member
Member
Joined
Nov 10, 2011
Messages
395
Trophies
0
XP
313
Country
If I block those domains, will this allow me to download updates from the shop. e.g. mario kart pack?
 

DarkFlare69

Well-Known Member
Member
Joined
Dec 8, 2014
Messages
5,147
Trophies
2
Location
Chicago
XP
4,735
Country
United States
Nice! I will add it to the OP later, but not right now for your privacy's sake. Before I add it, I would advise that you a) check through the video a few times, as there is a number of times that your IP address shows in the OpenDNS website (you should be able to blur or bar over them with YouTubes standard video editor, I THINK), and b) I would advise jump-cutting past your e-mail verification, just so you don't get a bunch of spam to that address
I use that address for porn registration, so spam really isn't a big concern. And my email is public, people can send me anything. Lemme look at YT Vid editor to try and fix it.
 

TotalInsanity4

GBAtemp Supreme Overlord
OP
Member
Joined
Dec 1, 2014
Messages
10,800
Trophies
0
Location
Under a rock
XP
9,813
Country
United States
I use that address for porn registration, so spam really isn't a big concern. And my email is public, people can send me anything. Lemme look at YT Vid editor to try and fix it.

Ok. In the meantime I'd make the video private until you get it fixed
If I block those domains, will this allow me to download updates from the shop. e.g. mario kart pack?
Basically what Kelton said. These domains will allow for everything BUT accessing eShop content. If you want to access eShop, either do it before you set your Wii U up for OpenDNS or do what I suggested in the "Helpful hints!" tag
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • No one is chatting at the moment.
    K3Nv2 @ K3Nv2: Sorry for accidentally bending over