On this movie, describing about DNS based web filtering. So if you want to block the access to something bad for your family, you could block the access by this method.
It's described in movie, but this method doesn't cover the accessing method such as input IP address directly on browser.
Only below command you need to execute on the console of DD-WRT-NXT to block the access.
uci add_list dhcp.@dnsmasq.address=/yahoo.com/0.0.0.0
uci commit dhcp
This is basically when client try to ask the IP address of yahoo.com, router answers "hey, it's 0.0.0.0". So client can't get the IP address, then can't access to specified URL.
But as you can see, if client uses external DNS server such as google DNS (188.8.131.52), client still can get IP address of blocked url. To prevent this hole, you need little more configuration.
Below is the command to prevent the access to external DNS server.
uci add firewall redirect
uci set firewall.@redirect.src=lan
uci set firewall.@redirect.proto=tcpudp
uci set firewall.@redirect.src_dport=53
This command add the rule for firewall (on linux, iptables), to redirect to router itself if he get the packet which destination port is 53 (DNS). So after this configuration, client can't send the DNS resolve request over the router.
It would be great if this contents helps you to have a healthy life.
Tomorrow is another day!
referred page : http://dd-wrt.com/nxt/wiki/doku.php?id=howto:use_cases:dns_blocking