Link Search Menu Expand Document


ns-flashstart is the client configuration for FlashStart DNS filter.

The client is composed by 3 main parts:

  • /usr/sbin/flashstart-apply: script to enable and disable flashstart
  • /usr/share/ns-flashstart/flashtart-auth: authentication script called by apply and crontab
  • /usr/share/ns-flashstart/flashtart-setup-firewall: create firewall rules
  • /etc/config/flashstart: UCI configuration file


The ns-flashstart service needs the username and password options which can be obtained only after a signup to Flashstart service.

Below example will register the client, start dsndist with Flashstart forwarders and setup DNS redirection on lan:

uci set""
uci set"mypassword"
uci set"1"
uci add_list"lan"
uci commit flashstart

Then, set dnsdist as forwarder for dnsmasq:

uci add_list dhcp.@dnsmasq[0].server=''
uci commit dhcp
/etc/init.d/dhcp restart

If some source IPs should not be redirect to the filter, just add them to the bypass list:

uci add_list flashstart.bypass=""
uci commit flashstart

Disabling the service

To disable Flashstart:

  1. Remove dnsdist configuration and firewall rules
    uci set
    uci commit flashstart
  2. Remove the forwarder from dnsmasq
    uci del_list dhcp.@dnsmasq[0].server=''
    uci commit dhcp
    /etc/init.d/dnsmasq restart