Quick Links

A comprehensive network filtering system is overkill if all you want to do is block a handful of web sites. Read on as we show you how—with nothing more than your router—you can selectively block and temporarily restrict individual websites. For many people a massive commercial internet filter is overkill. What if you just want to block Facebook when your kids are supposed to be doing their homework or Reddit when you’re supposed to be getting work done? You don’t need a huge system for that, all you need is the access restrictions module in your router. Today we’re looking at how you can quickly and easily block traffic on your network using router-based access restrictions.

What You’ll Need

whatyouneedtomato

For this tutorial you’ll won’t need much and you won’t have to spend a dime. Before proceed make sure you have the following things:

  • A Tomato compatible router
  • A copy of Tomato on the router
  • Administrative access to the router

We’re going to go through the tutorial as using a Linksys router running Tomato custom firmware. The steps we’re taking are largely equivalent to the DD-WRT system (you can read about selective domain blocking for DD-WRT here). If you don’t have Tomato installed on your router check out our guide to installing Tomato here. If you have it installed and you have administrative access (you know the login password for the control panel) then you’re ready to proceed.

Setting Up URL Filters in Tomato

2011-11-22_131534

For our example we’re going to setup both a total ban and a time-based ban on the social news site Reddit. Reddit fans among us will attest to the fact that the site, as fun as it can be, is an enormous time sink and a great productivity killer. First let’s take a look at the Access Restriction module in Tomato. Navigate to your router control panel, typically an address like http://192.168.1.1 and plug in your credentials. Once you’re in the main panel navigate to Access Restriction in the left hand menu—seen above. Click on it to enter the sub-menu. If you’ve never used the feature before all you’ll see in the Access Restriction Overview section is a disabled example entry like so:

2011-11-22_132959

Just beneath the example entry, to the right, is the Add button. Click that now to create your first entry. For our first entry we’re going to make a filter, called Reddit Killer, which blocks Reddit all day, every day. Change the description name from New Rule to Reddit Killer, check All Day and Everyday, leave Applies to as All Computers/Devices, and then uncheck Block All Internet Access—if you don’t check this part, you won’t be able to specify what exactly you want to block. It should look like this:

2011-11-22_133429

When you unchecked Block All Internet Access, an entire new portion of the menu unfolded beneath the initial entry. Within this portion of the menu is where we’re going to specify the sites we want to block.    Leave the Port/Applications section alone (these settings allow you to get more granular control over your filters such as filtering only BitTorrent or a specific port). In the HTTP Request section enter reddit.com and then, at the bottom right corner, click Save.

2011-11-22_140651

Back at the main screen you should see the new filter, Reddit Killer, with it’s rather encompassing “Everyday” schedule. Let’s take a look at Reddit and see if our filter is active:

2011-11-22_144143

Reddit is down? Well then. We’d better get back to work. Our filter is great success. If you’re not quite ready for a full Reddit fast but you’d like to at least keep it shut off while you’re trying to focus on work, you can easily modify the scheduling component to, say, restrict access between 8AM and 5PM on the weekdays. Let’s click on Reddit Killer now so we can edit it.

2011-11-22_142424

Uncheck All Day and Everyday, then in the new options which have appeared, select 08:00-17:00 and Monday through Friday. While we’re at it, let’s update the Description to better reflect the purpose of the filter. Since we’re restricting access to the evenings, we’ll call our new filter Reddit Tonight. To register the changes, click save down in the lower right corner. If you wish to further massage the settings (such as applying the restrictions to only certain computers) you can pull down the Applies To menu and create white/black lists of computers that are restricted or unrestricted. You can also easily expand your filter by adding new lines into the HTTP request box. Instead of just a Reddit Killer it could be expanded to include all the web sites you routine kill time on (Reddit, Facebook, Fark, and so on). In addition to filtering web sites you can also set up keyword filters. In short, if it’s travelling through your network you can find a way to filter it in the Access Restrictions menu.


Have a clever technique for getting more out of Tomato and/or filtering time wasting web sites and other undesirable content? Let’s hear about it in the comments.