Change DNS of official images
This guide assumes that you have read and understood the readme.md, downloaded the official images and do every step exactly the way it is described.
The current implementation of the skywire network only features exit nodes. Until relay node functionality is implemented and exit nodes can be hosted in colocation centers it is recommended to implement one or more of the following options:
- tunnel the traffic through a trusted third-party VPN
- change the default DNS to something that only allows access to safe & legal content
- use DNSMasq on the router (openWRT required)
- restrict website access with a proxy like squid
The following guide will teach you how to change the DNS of the official images to use the 'FamilyShield' by 'OpenDNS'. The FamilyShield is a special purpose DNS that blocks any adult content.
If you only want to use the regular OpenDNS service you can replace the DNS server in the following guide with 208.67.222.222 and 208.67.220.220
Note: If you start with the manager as it is described in here and don't use the SSH option, you'll encounter some issues. The other nodes will have issues connecting to the manager again without them getting rebooted too. You can either start by configuring all nodes and do the manager at last, or you can use the SSH option to prevent this problem from happening since it doesn't rely on the webinterface of the manager.
Login via SSH or open a terminal in the manager node (How-to open a terminal in the manager). Once that's done we can get to work:
Type nano /etc/network/interfaces.d/eth0
You will look at this:
As you can see the IP is set to 192.168.0.2, which means we are indeed logged into the manager node. You need to change the content of the file to:
#auto eth0
#iface eth0 inet dhcp
auto eth0
iface eth0 inet static
address 192.168.0.2
hwaddress ether 00:21:3c:32:f4:42
# address 192.168.0.3
# hwaddress ether 00:21:3c:32:f4:43
# address 192.168.0.4
# hwaddress ether 00:21:3c:32:f4:44
# address 192.168.0.5
# hwaddress ether 00:21:3c:32:f4:45
# address 192.168.0.6
# hwaddress ether 00:21:3c:32:f4:46
# address 192.168.0.7
# hwaddress ether 00:21:3c:32:f4:47
# address 192.168.0.8
# hwaddress ether 00:21:3c:32:f4:48
# address 192.168.0.9
# hwaddress ether 00:21:3c:32:f4:49
netmask 255.255.255.0
gateway 192.168.0.1
dns-nameservers 208.67.222.123 208.67.220.123
Once you're done save the changes with ctlr+x and 'y' + hit enter, your file should then look like this:
Type nano /etc/resolv.conf
The default content of the file is just nameserver 192.168.0.1.
You need to change it to nameserver 208.67.222.123 208.67.220.123
Once you're done save the changes with ctlr+x and 'y' + hit enter.
Now type
reboot
or
sudo /etc/init.d/networking restart
or
ifdown eth0
ifup eth0
or
ifconfig eth0 down
ifconfig eth0 up
This will active the changes you made.
The first node is changed. Now you need to change all of the remaining nodes. To do this, go back to Step 1 and connect to Node 1 (192.168.0.3) via SSH or open a terminal in the manager.
This is a loop, the changes & steps are identical. Every time you finished configuring a node you go back to Step 1 and move the next node. You need to change the DNS for all nodes and the manager node, i.e. IP addresses 192.168.0.2-9.
After you changed the DNS of all images and you rebooted the pi, you can verify if your changes are active by opening a terminal and typing:
ping internetbadguys.com
This will verify that you're using the OpenDNS service, the output should look like this:
If you want to check if you can visit adult content just type:
ping adult_site_of_your_choice.com
and you should get this output
64 bytes from hit-adult.opendns.com (146.112.61.106): icmp_seq=1 ttl=59 time=13.5 ms