… it is not an easy way
I use Pihole as DNS server, that is configure as the DNS server in my router
- by the Pihole group management i have the groups
– SmartMedia (with the most block to DNS queries) -> to Volumio, SmartTV, …
– Workstations (with moderate DNS blocking) -> Notebooks, PC, …
– SmartDevices (with DNS blocking trimmed to Smartphones) -> Smartphones, Tablets, …
– Peripherie (with high DNS blocking) -> Network Printer, NAS, …
– Infratruktur (no DNS blocking) -> Firewall, Router, Switch, WiFi Access Points
may you can make it simpler
I use the blocklists with PiHole:
-> that block the most known tracker, adware, …
and I add own blocking, depending on the network traffic
to block DNS queries that depending special an the device (e.g. Volumio)
PiHole has good logs, you can see whats going on to DNS queries
I use an ubiquity Edge X Router
- configure PiHole as DNS server
- configure static IP maps in router to devices as Volumio, NAS, Network Printer, Notebooks, Tablets, Smartphone …
- use the buildin firewall, to make a rule to the IP that uses Volumio:
— give only access to the IPs from the Tablets, Smartphones, Notebooks, NAS which shall access to Volumio
— give access to internet (to get Updates …) … when you get deeper, you can tune access or blocking internet IPs … what connections Volumio uses, you can see in the PiHole log, give only access to the IPs you want to, block all other.
I configure a “Volumio-User” on my NAS, the user have only read access only on the music folder.
When I configure souces on network devices, I only use this user.
I think it is a good way to start with the
- NAS “Volumio-User”
to get an understanding to your network.
Than use your router to make a firewall rule to the Volumio. Firewall rules are not easy to unterstand, but importend to have good security.
… my Volumio work fine, without compromising usability