I need to turn a DDWRT router (i have a tplink) into a firewall.
The firewall needs to be IP-transparent, so that users with hardcored IPs and public IPs won't need to make any changes at all on their computers (with no need to make the ddwrt as the gateway too).
The function of the firewall is to block any DNS requests on port 53, send them to the dnsmasq in the router in order to be resolved (1); if no entry found then - check OpenDNS (2); or - to deny access to the website completely (3)
I think this can be achieved easily with IP tables, but I am not an expert in this.
I am also looking forward to achieve the same results with PfSense.
Any option will do: ddwrt or pfsense