Whats the problem of young generation? Well, they becoming horribly Zombie literally. Almost every young guy found scrolling tiktok, instagram and reels. More terrible fact is browsing porn sites which has damaged their potentials as well as their merit and intelligence.
The western world tries to prove it as normal or they are just pushing towards us as its normal and making normalize. However, excessive consumptions of adult contents may led someone to become a zombie! Besides, western worlds are controlling and trying to take control over
the youths so that they can manipulate us and for this, they are making various contents or spreading ill trends which spoil our brain and daily lifestyle. Also we are not safe from their trap and monitoring. Everytime, they are getting our browsing history and hearing or observing
what we are doing right now, what would we do next etc etc. So, our data is not safe at all from them. Whatever we use, everything is being monitored. From your MacBook, Android, IOS device, Windows all of them are taking our information relentlessly without our permissions and
secretly. So, we should aware about this, GNU-Linux is an open source Operating System which provides a self customizable control on your machine where you have your own control only on your device. The speciality comes in only not only for its security level, but also for its
various tastes. I have made this content how you can block porn sites or adult sites from Debian based distributions as an Administrator of your machine. I have collected the editorials from different sites like stackexchange, google, websites, Grok AI, gemini etc etc.
These guides use OpenDNS FamilyShield (free, no account needed for basic blocking). It redirects adult/pornography sites to a block page via DNS (IP: 208.67.222.123 and 208.67.220.123). This works system-wide on the machine.
There would be two versions for setting up-
Desktop PC → Usually one fixed wired connection like eth0, enp3s0 etc. Target that specific interface.
Laptop → Uses WiFi (multiple SSIDs when traveling). Use the global/system-wide method so it applies everywhere like wlp1s0.
Both methods include GUI (easiest) and CLI (most reliable) approaches.
Goal: Apply blocking only to your main Ethernet connection (perfect for a home/office desktop).
Method A: GUI (Recommended for beginners)
Open Settings Network (or search "Network").
Click the gear (⚙️) icon next to your Wired connection.
Go to IPv4 tab.
Set DNS to Automatic (DHCP) addresses only (this ignores router DNS).
In DNS Servers field, enter: 208.67.222.123, 208.67.220.123
Click Apply.
Turn the connection Off → On (or reboot).
Verify: Open terminal and run resolvectl status (look for your Ethernet interface showing the OpenDNS IPs).
Method B: CLI (Most reliable)
First, go to the terminal and run the following commands:
// Identify network configuration .yaml file
ls /etc/netplan
// You will see most probably two files like this-
01-network-manager-all.yaml
90-NM-49cgf89g-3gc3-5928-bd24-44e887359d3c.yaml
Now, we need to configure .yaml file for the specific interface. Before that, we need to know about Netplan.
Netplan, located in /etc/netplan, is the default network configuration tool in Ubuntu (\(18.04\)+) used to manage network interfaces via YAML files.
It provides an easy, declarative way to configure IP addresses, bridges, and gateways, acting as a wrapper that translates settings into backend renderers like
systemd-networkd or NetworkManager. [According to Google Search Result]
Detect your ethernet cable running the following command:
sudo lshw -C network | grep "logical name"
// or
sudo ethtool eth0
// Expected output shoul look like this respectively-
logical name: eth0
// or
logical name: enp3s0
Link detected: yes
Edit the .yaml file named as 01-network-manager-all.yaml from /etc/netplan.
sudo cat /etc/netplan/01-network-manager-all.yaml
// Expected default output-
# Let NetworkManager manage all devices on this system
network:
version: 2
renderer: NetworkManager
Change the file into by running
sudo nano /etc/netplan/01-network-manager-all.yaml
// or
sudo vim /etc/netplan/01-network-manager-all.yaml
network:
version: 2
renderer: networkd
ethernets:
eth0: // or enp3s0
dhcp4: true
nameservers:
addresses: [208.67.222.123, 208.67.220.123]
Now save the file using Ctrl + O, hit enter and then Ctrl + X [for nano]
or esc and :wq [for vim]. Now run the following command-
sudo chmod 600 /etc/netplan/01-network-manager-all.yaml
sudo netplan apply
We need to configure another file now.
sudo cat /etc/systemd/resolved.conf
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# Entries in this file show the compile time defaults. Local configuration
# should be created by either modifying this file (or a copy of it placed in
# /etc/ if the original file is shipped in /usr/), or by creating "drop-ins" in
# the /etc/systemd/resolved.conf.d/ directory. The latter is generally
# recommended. Defaults can be restored by simply deleting the main
# configuration file and all drop-ins located in /etc/.
#
# Use 'systemd-analyze cat-config systemd/resolved.conf' to display the full config.
#
# See resolved.conf(5) for details.
[Resolve]
# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
# Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
# Google: 8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
# Quad9: 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
#DNS=
#FallbackDNS=
#Domains=
#DNSSEC=no
#DNSOverTLS=no
#MulticastDNS=no
#LLMNR=no
#Cache=no-negative
#CacheFromLocalhost=no
#DNSStubListener=yes
#DNSStubListenerExtra=
#ReadEtcHosts=yes
#ResolveUnicastSingleLabel=no
#StaleRetentionSec=0
Edit the file running the following command-
sudo nano /etc/systemd/resolved.conf
// or
sudo vim /etc/systemd/resolved.conf
And add DNS=208.67.222.123 208.67.220.123under the
FallbackDNS=208.67.222.222 208.67.220.220
DNSStubListener=yes[Resolve] and finally it should look like this-
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# Entries in this file show the compile time defaults. Local configuration
# should be created by either modifying this file (or a copy of it placed in
# /etc/ if the original file is shipped in /usr/), or by creating "drop-ins" in
# the /etc/systemd/resolved.conf.d/ directory. The latter is generally
# recommended. Defaults can be restored by simply deleting the main
# configuration file and all drop-ins located in /etc/.
#
# Use 'systemd-analyze cat-config systemd/resolved.conf' to display the full config.
#
# See resolved.conf(5) for details.
[Resolve]
DNS=208.67.222.123 208.67.220.123
FallbackDNS=208.67.222.222 208.67.220.220
DNSStubListener=yes
# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
# Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
# Google: 8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
# Quad9: 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
#DNS=
#FallbackDNS=
#Domains=
#DNSSEC=no
#DNSOverTLS=no
#MulticastDNS=no
#LLMNR=no
#Cache=no-negative
#CacheFromLocalhost=no
#DNSStubListener=yes
#DNSStubListenerExtra=
#ReadEtcHosts=yes
#ResolveUnicastSingleLabel=no
#StaleRetentionSec=0
Now we need to configure our last file-
sudo nano /etc/NetworkManager/NetworkManager.conf
// or
sudo vim /etc/NetworkManager/NetworkManager.conf
Default configuration look like this-
[main]
plugins=ifupdown,keyfile
[ifupdown]
managed=false
[device]
wifi.scan-rand-mac-address=no
Change the setting to-
[main]
dns=none
[ifupdown]
managed=false
[device]
wifi.scan-rand-mac-address=no
What have been changed here?
| Feature | Your Setting | Ubuntu Default (Fresh Install) | Impact of Your Setting |
|---|---|---|---|
dns= |
none |
(Not set) | Biggest Change: NetworkManager stops updating your DNS. If you haven't manually configured /etc/resolv.conf, your internet will "connect" but websites won't load. |
managed= |
false |
false |
Same: This is the default. It prevents NetworkManager from conflicting with old-school /etc/network/interfaces files. |
wifi.scan-rand-mac-address= |
no |
(Not set) | Change: This disables MAC address randomization during Wi-Fi scans. It’s a common tweak to fix connection drops on certain routers. |
plugins= |
(Missing) | ifupdown, keyfile |
Minor: Usually, Ubuntu includes these by default to handle different connection storage types. |
Now our final step is to tell the system ignoring DHCP DNS, forcing OpenDNS IPs, restart the NetworkManager and systemd-resolved services-
// Tell the specific Wi-Fi connection to ignore DHCP DNS
sudo nmcli connection modify "RADIF_HASAN_5G" ipv4.ignore-auto-dns yes
sudo nmcli connection modify "RADIF_HASAN_5G" ipv6.ignore-auto-dns yes
// Force the OpenDNS IPs onto that specific connection
sudo nmcli connection modify "RADIF_HASAN_5G" ipv4.dns "208.67.222.123, 208.67.220.123"
sudo nmcli connection modify "RADIF_HASAN_5G" ipv6.dns "2620:119:35::35 2620:119:53::53"
// Restart the connection to apply changes
sudo nmcli connection up "RADIF_HASAN_5G"
// Now save the file and restart the services
sudo systemctl restart NetworkManager
sudo systemctl restart systemd-resolved
// Verify the link now shows OpenDNS
resolvectl status
sudo cat /etc/netplan/
*.yaml
After running the commands above, you should see output similar to:
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)
Global
Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub
Current DNS Server: 208.67.222.123
DNS Servers: 208.67.222.123 208.67.220.123
Fallback DNS Servers: 208.67.222.222 208.67.220.220
Link 2 (eth0) // or enp3s0
Current Scopes: DNS
Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 208.67.220.123
DNS Servers: 208.67.222.123 208.67.220.123
network:
version: 2
renderer: networkd
ethernets:
eth0: // or enp3s0
dhcp4: true
nameservers:
addresses: [208.67.222.123, 208.67.220.123]
network:
version: 2
wifis:
NM-39bfe98f-2fb2-4817-ac13-33d776248c2b:
renderer: NetworkManager
match:
name: "eth0" // or enp3s0
nameservers:
addresses:
- 208.67.222.123
- 208.67.220.123
dhcp4: true
dhcp6: true
access-points:
"RADIF_HASAN_5G":
auth:
key-management: "psk"
password: "1e2dbc384d29ac5888dc16301ad33891f86c729cd4996a7fdf0a79162c31e4d8"
networkmanager:
uuid: "49cgf89g-3gc3-5928-bd24-44e887359d3c"
name: "RADIF_HASAN_5G"
passthrough:
connection.timestamp: "1772525614"
wifi-security.auth-alg: "open"
ipv4.ignore-auto-dns: "true"
ipv6.addr-gen-mode: "default"
ipv6.ip6-privacy: "-1"
proxy._: ""
networkmanager:
uuid: "49cgf89g-3gc3-5928-bd24-44e887359d3c"
name: "RADIF_HASAN_5G"
network:
version: 2
wifis:
NM-b0b1fcc2-067f-4312-82a6-45cbbb0f26c9:
renderer: NetworkManager
match:
name: "eth0" // or enp3s0
nameservers:
addresses:
- 208.67.222.123
- 208.67.220.123
- 2620:119:35::35
- 2620:119:53::53
dhcp4: true
dhcp6: true
access-points:
"RADIF_HASAN":
auth:
key-management: "psk"
password: "1e2dbc384d29ac5888dc16301ad33891f86c729cd4996a7fdf0a79162c31e4d8"
networkmanager:
uuid: "38bfe78f-2fb2-4817-ac13-33d776248c2b"
name: "RADIF_HASAN"
passthrough:
connection.timestamp: "1772525623"
wifi-security.auth-alg: "open"
ipv4.ignore-auto-dns: "true"
ipv6.addr-gen-mode: "default"
ipv6.ignore-auto-dns: "true"
ipv6.ip6-privacy: "-1"
proxy._: ""
networkmanager:
uuid: "38bfe78f-2fb2-4817-ac13-33d776248c2b"
name: "RADIF_HASAN"
To lock the settings, use the following commands:
sudo chattr +i /etc/systemd/resolved.conf
sudo chattr +i /etc/NetworkManager/NetworkManager.conf
sudo chattr +i /etc/netplan/01-network-manager-all.yaml
Now check-
nslookup pornsite.com
// → Must return 146.112.61.106 (block page IP)
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
Name: pornsite.com
Address: 146.112.61.106
Name: pornsite.com
Address: ::ffff:146.112.61.106
If you can still access pornsites, then simply run the command in your terminal sudo systemd-resolve --flush-caches.
Goal: Blocking applies to every WiFi network you connect to (home, café, office, etc.). Perfect for portable use.
Method A: GUI (Per WiFi SSID – Quick for home network)
Repeat Guide \(1\) GUI steps, but select your WiFi connection instead of Wired.
Method B: Global (Recommended – Works on ALL networks)
This forces the entire system to ignore all DHCP-provided DNS.
First, go to the terminal and run the following commands:
// Identify network configuration .yaml file
ls /etc/netplan
// You will see most probably two files like this-
01-network-manager-all.yaml
90-NM-49cgf89g-3gc3-5928-bd24-44e887359d3c.yaml
Now, we need to configure .yaml file for the specific interface. Before that, we need to know about Netplan.
Netplan, located in /etc/netplan, is the default network configuration tool in Ubuntu (\(18.04\)+) used to manage network interfaces via YAML files.
It provides an easy, declarative way to configure IP addresses, bridges, and gateways, acting as a wrapper that translates settings into backend renderers like
systemd-networkd or NetworkManager. [According to Google Search Result]
Detect your ethernet cable running the following command:
sudo lshw -C network | grep "logical name"
// or
iw dev
// Expected output shoul look like this respectively-
logical name: eth0
// or
logical name: wlp1s0
phy#0
Interface wlp1s0
ifindex 2
wdev 0x1
addr f8:89:d2:50:41:f5
type managed
channel 149 (5745 MHz), width: 80 MHz, center1: 5775 MHz
txpower 20.00 dBm
multicast TXQ:
qsz-byt qsz-pkt flows drops marks overlmt hashcoltx-bytes tx-packets
0 0 0 0 0 0 0 00
Edit the .yaml file named as 01-network-manager-all.yaml from /etc/netplan.
sudo cat /etc/netplan/01-network-manager-all.yaml
// Expected default output-
# Let NetworkManager manage all devices on this system
network:
version: 2
renderer: NetworkManager
Change the file into by running
sudo nano /etc/netplan/01-network-manager-all.yaml
// or
sudo vim /etc/netplan/01-network-manager-all.yaml
network:
version: 2
renderer: networkd
wifis:
wlp1s0:
dhcp4: true
nameservers:
addresses: [208.67.222.123, 208.67.220.123]
Now save the file using Ctrl + O, hit enter and then Ctrl + X [for nano]
or esc and :wq [for vim]. Now run the following command-
sudo chmod 600 /etc/netplan/01-network-manager-all.yaml
sudo netplan apply
We need to configure another file now.
sudo cat /etc/systemd/resolved.conf
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# Entries in this file show the compile time defaults. Local configuration
# should be created by either modifying this file (or a copy of it placed in
# /etc/ if the original file is shipped in /usr/), or by creating "drop-ins" in
# the /etc/systemd/resolved.conf.d/ directory. The latter is generally
# recommended. Defaults can be restored by simply deleting the main
# configuration file and all drop-ins located in /etc/.
#
# Use 'systemd-analyze cat-config systemd/resolved.conf' to display the full config.
#
# See resolved.conf(5) for details.
[Resolve]
# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
# Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
# Google: 8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
# Quad9: 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
#DNS=
#FallbackDNS=
#Domains=
#DNSSEC=no
#DNSOverTLS=no
#MulticastDNS=no
#LLMNR=no
#Cache=no-negative
#CacheFromLocalhost=no
#DNSStubListener=yes
#DNSStubListenerExtra=
#ReadEtcHosts=yes
#ResolveUnicastSingleLabel=no
#StaleRetentionSec=0
Edit the file running the following command-
sudo nano /etc/systemd/resolved.conf
// or
sudo vim /etc/systemd/resolved.conf
And add DNS=208.67.222.123 208.67.220.123under the
FallbackDNS=208.67.222.222 208.67.220.220
DNSStubListener=yes[Resolve] and finally it should look like this-
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it under the
# terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# Entries in this file show the compile time defaults. Local configuration
# should be created by either modifying this file (or a copy of it placed in
# /etc/ if the original file is shipped in /usr/), or by creating "drop-ins" in
# the /etc/systemd/resolved.conf.d/ directory. The latter is generally
# recommended. Defaults can be restored by simply deleting the main
# configuration file and all drop-ins located in /etc/.
#
# Use 'systemd-analyze cat-config systemd/resolved.conf' to display the full config.
#
# See resolved.conf(5) for details.
[Resolve]
DNS=208.67.222.123 208.67.220.123
FallbackDNS=208.67.222.222 208.67.220.220
Domains=~.
DNSStubListener=yes
# Some examples of DNS servers which may be used for DNS= and FallbackDNS=:
# Cloudflare: 1.1.1.1#cloudflare-dns.com 1.0.0.1#cloudflare-dns.com 2606:4700:4700::1111#cloudflare-dns.com 2606:4700:4700::1001#cloudflare-dns.com
# Google: 8.8.8.8#dns.google 8.8.4.4#dns.google 2001:4860:4860::8888#dns.google 2001:4860:4860::8844#dns.google
# Quad9: 9.9.9.9#dns.quad9.net 149.112.112.112#dns.quad9.net 2620:fe::fe#dns.quad9.net 2620:fe::9#dns.quad9.net
#DNS=
#FallbackDNS=
#Domains=
#DNSSEC=no
#DNSOverTLS=no
#MulticastDNS=no
#LLMNR=no
#Cache=no-negative
#CacheFromLocalhost=no
#DNSStubListener=yes
#DNSStubListenerExtra=
#ReadEtcHosts=yes
#ResolveUnicastSingleLabel=no
#StaleRetentionSec=0
Now we need to configure our last file-
sudo nano /etc/NetworkManager/NetworkManager.conf
// or
sudo vim /etc/NetworkManager/NetworkManager.conf
Default configuration look like this-
[main]
plugins=ifupdown,keyfile
[ifupdown]
managed=false
[device]
wifi.scan-rand-mac-address=no
Change the setting to-
[main]
dns=none
[ifupdown]
managed=false
[device]
wifi.scan-rand-mac-address=no
What have been changed here?
| Feature | Your Setting | Ubuntu Default (Fresh Install) | Impact of Your Setting |
|---|---|---|---|
dns= |
none |
(Not set) | Biggest Change: NetworkManager stops updating your DNS. If you haven't manually configured /etc/resolv.conf, your internet will "connect" but websites won't load. |
managed= |
false |
false |
Same: This is the default. It prevents NetworkManager from conflicting with old-school /etc/network/interfaces files. |
wifi.scan-rand-mac-address= |
no |
(Not set) | Change: This disables MAC address randomization during Wi-Fi scans. It’s a common tweak to fix connection drops on certain routers. |
plugins= |
(Missing) | ifupdown, keyfile |
Minor: Usually, Ubuntu includes these by default to handle different connection storage types. |
Now our final step is to tell the system ignoring DHCP DNS, forcing OpenDNS IPs, restart the NetworkManager and systemd-resolved services-
// Identify your connection name
nmcli connection show
// Modify your connection
sudo nmcli connection modify "RADIF_HASAN_5G" ipv4.ignore-auto-dns yes ipv4.dns "208.67.222.123,208.67.220.123"
sudo nmcli connection modify "RADIF_HASAN_5G" ipv6.ignore-auto-dns yes ipv6.dns "2620:119:35::35 2620:119:53::53"
// Activate
sudo nmcli connection down "RADIF_HASAN_5G"
sudo nmcli connection up "RADIF_HASAN_5G"
// Restart services
sudo systemctl restart NetworkManager
sudo systemctl restart systemd-resolved
// Verify services
resolvectl status
sudo cat /etc/netplan/
*.yaml
After running the commands above, you should see output similar to:
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)
Global
Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
resolv.conf mode: stub
Current DNS Server: 208.67.222.123
DNS Servers: 208.67.222.123 208.67.220.123
Fallback DNS Servers: 208.67.222.222 208.67.220.220
Link 2 (wlp1s0)
Current Scopes: DNS
Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 208.67.220.123
DNS Servers: 208.67.222.123 208.67.220.123
network:
version: 2
wifis:
NM-39bfe98f-2fb2-4817-ac13-33d776248c2b:
renderer: NetworkManager
match:
name: "wlp1s0"
nameservers:
addresses:
- 208.67.222.123
- 208.67.220.123
dhcp4: true
dhcp6: true
access-points:
"RADIF_HASAN_5G":
auth:
key-management: "psk"
password: "1e2dbc384d29ac5888dc16301ad33891f86c729cd4996a7fdf0a79162c31e4d8"
networkmanager:
uuid: "49cgf89g-3gc3-5928-bd24-44e887359d3c"
name: "RADIF_HASAN_5G"
passthrough:
connection.timestamp: "1772525614"
wifi-security.auth-alg: "open"
ipv4.ignore-auto-dns: "true"
ipv6.addr-gen-mode: "default"
ipv6.ip6-privacy: "-1"
proxy._: ""
networkmanager:
uuid: "49cgf89g-3gc3-5928-bd24-44e887359d3c"
name: "RADIF_HASAN_5G"
network:
version: 2
wifis:
NM-b0b1fcc2-067f-4312-82a6-45cbbb0f26c9:
renderer: NetworkManager
match:
name: "wlp1s0"
nameservers:
addresses:
- 208.67.222.123
- 208.67.220.123
- 2620:119:35::35
- 2620:119:53::53
dhcp4: true
dhcp6: true
access-points:
"RADIF_HASAN":
auth:
key-management: "psk"
password: "1e2dbc384d29ac5888dc16301ad33891f86c729cd4996a7fdf0a79162c31e4d8"
networkmanager:
uuid: "38bfe78f-2fb2-4817-ac13-33d776248c2b"
name: "RADIF_HASAN"
passthrough:
connection.timestamp: "1772525623"
wifi-security.auth-alg: "open"
ipv4.ignore-auto-dns: "true"
ipv6.addr-gen-mode: "default"
ipv6.ignore-auto-dns: "true"
ipv6.ip6-privacy: "-1"
proxy._: ""
networkmanager:
uuid: "38bfe78f-2fb2-4817-ac13-33d776248c2b"
name: "RADIF_HASAN"
To lock the settings, use the following commands:
sudo chattr +i /etc/systemd/resolved.conf
sudo chattr +i /etc/NetworkManager/NetworkManager.conf
sudo chattr +i /etc/netplan/01-network-manager-all.yaml
Now check-
nslookup pornsite.com
// → Must return 146.112.61.106 (block page IP)
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
Name: pornsite.com
Address: 146.112.61.106
Name: pornsite.com
Address: ::ffff:146.112.61.106
If you can still access pornsites, then simple run the command in your terminal sudo systemd-resolve --flush-caches.