Discussions

Currently if you have multiple devices that are for the same person, there is no way to report on the person just the device. For example, if at home you are leveraging ctrld daemon to configure your router all devices appear under that device. This is great from a reporting standpoint because you can see the sum of all those parts. However, if you want to apply different policies you need to link that device to a "device" within ControlD and apply that custom policy. Lets assume that device is an iPhone or iPad. In order to leverage that device when off of the wifi you can leverage the controld application to configure it to leverage the same profile. But what if you want a one to many configuration. For instance, lets say "Jimmy" has a laptop, iPhone, and iPad and you want to have the same policy apply to all of his computing devices whether at home on wifi, or mobile. Today you can't create a "Device" called Jimmy's Devices and attach a profile called Jimmy's Profile that would allow you to link all three devices when on home wifi to that same "device". The same situation applies when a device has multiple connections, i.e. wired and wireless. They do not link together when leveraging controld you would have to create 2 devices to get the same policy appiled. Essentially it would be nice if you could link multiple mac addresses to a device within controld so that it will pick up multiple physical devices.

In the client list of my ctrld service (running on OPNsense router) there are sometimes clients that have 'N/A' instead of a MAC address. They seem to only operate like that for a short time (minutes) before eventually ctrld detects their MAC address and properly assigns their traffic to one of my defined clients - but why? It causes them to briefly receive the wrong ControlD profile and get the wrong access, and creates unwanted entries in the router's client list. I'm now using the most recent pre-release build and manually specifying assignment of individual MAC addresses to specific ControlD profiles, because I haven't otherwise been able to get devices to reliably assign to their profiles when they're on the local network.

Not exactly a core feature, but it would be killer if there was a script that automatically installed and configured wireguard and ctrld on a VPS, with ctrld being set as the default DNS in the config. Of course, there would still need to be some input by the user to finish the setup. Since we are still working with the plaintext SNI issue, running traffic through a VPS via wireguard that used ctrld as the DNS would at least present the VPS' IP in the SNI field to those domains that inspect it. CD is not an anonymity service anyways so logging by the VPS provider would not present more of an issue than logging from an ISP. Perhaps existing projects, like Algo, could be of use. <https://github.com/trailofbits/algo>

Please tell me, I'm in Thailand now, but I need to activate the region of Russia to visit the site, how can I do it?

I would absolutely love the option to block traffic to a specific MAC address. Or assign a profile to a Mac address, so that way that way only specific rules and filters apply. To a particular Mac address. Not sure if this is even possible, just would would be neat. Currently I have to login to router system to block a connection connection access, but if i could create a profile specifically that would be amazing!

I create profile to redirect my Xbox to another region but when i start my party chat with my friends some times connect but after a short time it disconnects and some times it don't connect at all can some one help me to fix this.

Hi folks. Great product. Signed up last night, so been with you a whole 24 hours now! I have set up several phones (Android & iOS), as I was finding it too hard to set up and manage an OPNSense router. Loving the simplicity of using controld. I ran into a small issue today. Windows laptop, connected to Asus-merlin router passing all DNS via controld. Signed in to <https://gophonebox.com/> and making a credit card payment on a TD Visa. During payment process, TD Verification kicked in. A message appeared on screen saying TD wanted ID verification, and to choose a 2FA method. Then nothing was listed in the space below. Usually there will be an option of several phone numbers and/or email addresses to send a verification code to. This process was not able to be completed as the 2FA choice box didn't appear. I made a similar payment using another provider a couple of days before setting up controld. Could it be a controld issue? I must state I was using my wife's laptop (connected through the controld router and running ublock origin in Forefox), but I don't normally use this device. I have logging enabled. When I search td.com I only see entries from earlier in the day, nothing from the last hour. And those entries were "bypass" anyway. Can't see anything similar to td.com that was blocked or redirected. Currently blocking using the following filters : Ads & trackers Adult Content Gambling Malware Phishing How can I begin troubleshooting?

It would be great if you could add custom sites to be proxied via DNS but with your server connecting to a 3rd party Proxy services.

My router has an option for DNS Rebind Protection. If I'm going to use ControlD for DNS, should I enable rebind protection at the router level or on my ControlD's profile? Or both?

Hi, why does the ctrld service running on my router sometimes generate wild host names like: 36XXXXX57-eXXX-4XXX-8XXX-XXXXXXXXXXXXX The host names are set in my local dhcp and dns servers. Sometimes ctrld uses the names I've set, sometimes it comes up with those long strings.