Forget Net Nanny – PiHole will keep your kids’ late-night activity in check
Teenagers are hard work.
We have two teenagers stretching their wings and doing normal teenage stuff. Most of it doesn’t concern us. We don’t want to know the details of their social lives, we don’t want to know who they’re meeting up with at the weekend, and we don’t particularly care what Minecraft server they’re using at 2am.
We do care that they’re playing Minecraft at 2am because we don’t particularly want to have to deal with a sullen 13 year old who’s had - at most - five hours sleep. We care that globe-spanning Discord chats stretch out until almost dawn - save that shit until you’re at college when you can talk about political philosophy all night (provided you don’t have lectures the next day).
The point is, I don’t want my teens up all night shit-talking on the internet when they should be sleeping. This is, of course, massively hypocritical, as except for weekends, I'm is up every night talking on the internet. My excuse is twofold: First, a portion of it is work related, due to clients in different timezones. Second: I’m a grown-up and am not currently attempting to gain formal educational qualifications.
Until very recently, I didn’t have any clue to my teens’ late night electronic activity. Sure I might see a light under the door from time to time, but it was rare, and the only clue they weren’t getting enough sleep was that they looked like revenants in the morning, and could barely function as human beings.
Enter the PiHole
Pihole is Free and open source software, which advertises itself as “A black hole for Internet advertisements.” It’s pretty easy to install on anything. Despite being built for the Raspberry Pi, it will run on any Linux or Windows 10 machine, and filters adverts by domain name, by default it redirects known ad domains to 0.0.0.0 - that is… nowhere. Ads don’t get served.
It also comes with a rather nifty web interface, allowing admins (Me in this case) an overview of such trivia as traffic levels, domains blocked, machines on the network, and domains requested. Naturally, I was surprised to see repeated connections to Minecraft servers and Discord coming from devices belonging to my 13 year old at daft O’clock at night. I hit the blacklist button for both domains, blocking both servers instantly - and cutting off my own Discord connection too. Damn.
RTFM
Pihole documentation is pretty good, but it’s anticipated that the vast majority of people will use the rather neat web interface. Most users will set it up once, using their Pihole’s single line install, and forget about it. I needed something a tiny bit different - it still wasn’t particularly hard though, and the manual provided most of what we needed.
Step 1: Identify all of The Teen's devices.
Easy enough. The Teen has a 2008 Mac currently running Manjaro Linux, a Motorola E3 Android phone, and a Samsung Tablet. These show up under friendly, easily identifiable names, such as ‘FrankenMacbook’ in the ‘Network’ Tab.
Step 2: Create a group which contains all the The Teen's devices.
Again, simples. In the group management dropdown there’s a tab called groups. By default there’s already one group there, and it’s called ‘Default.’ To add another group, I typed in a new group name and pressed ‘add’ before moving to the Clients section of group management.
In ‘clients’ there’s a dropdown list of every device that has ever connected to my home network. It was straightforward to locate The Teen’s devices and assign them to my newly created group.
Step 3: Create a custom blocklist.
A blocklist is a textfile containing IP addressess and the corresponding URLs. Each on a separate line. If you really want to fuck with someone, you can assign Bing’s IP address to the google.com, but that’s an adventure for another time. I just wanted The Teen to get some sleep.
Here’s the content of my Teen blocklist:
0.0.0.0 discord.gg
0.0.0.0 gateway.discord.gg
0.0.0.0 discordapp.com
0.0.0.0 discord.com
0.0.0.0 sessionserver.mojang.com
0.0.0.0 minehut.gg
0.0.0.0 minehut.com
0.0.0.0 dl.discordapp.net
0.0.0.0 web.facebook.com
0.0.0.0 i.instagram.com
The (.|^) is a wildcard for subdomains, so abc.discord.com will be blocked as well as 123.discord.com. This is useful. Yes, I know some of those entries are unnecessary, but it’s done now.
Step 4: Apply your new blocklist to your new group
I uploaded the blocklist to our server as a text file, and fed the URL to Pihole.
Then, from the Adlist group management tab, I made sure it was only applied to the "Teen" group.
Step 4: Set a timer
I appreciate that The Teen does have a social life and does need to talk to her friends and play Minecraft from time to time - just not at some ridiculous hour when she should be asleep.
Unfortunately, I wasn't able to find any settings which allow for scheduling of blocklists within Pihole’s manual or help section.
Fortunately linux - the default OS on which Pihole is designed to run, has an excellent task scheduler built in. It’s called cron, and will execute a script or a command according to rules which you set.
I created two text files - one of them blank, and one which is a duplicate of the blocklist.
At 10pm every night, a cronjob runs, executing a script which copies the second text file to the blocklist then updates Pihole’s gravity. Discord, Minecraft etc are now blocked for The Teen
At 6am every morning, a cronjob runs, executing a different script which copies the blank text file to the blocklist then updates Pihole’s gravity. The blocklist now contains no entries, so Discord, Minecraft etc are now unblocked for The Teen.
There are probably more efficient ways of achieving the same result, but we like to tinker with things at Really Use.
Did it work?
Well, yes. The Teen can no longer access Discord or Minecraft between 10pm and 6am. Daaaaaad, the WiFi is being slow again. So yeah. That part worked.
Unfortunately she’s now using Whatsapp.
Remember those wildcard entries above?
It’s possible to blacklist the entire internet.