Same thing goes for the settings in the dnsmasq configuration files.
If I'm correct, the current order is (read the words decision tree in an other post):
- Exact Whitelist
- Regex Whitelist
- Exact Blacklist
- Blocklist domains (AKA gravity)
- Regex Blacklist
- dnsmasq configuration files (/etc/dnsmasq.d/)
personally, I consider the dnsmasq configuration files as a sort of "whitelist" entry, meaning, entries in these files should be considered as the desired answer and should take precedence over blacklist entries.
The problem you're describing (set the ";reply=" option) could possibly / alternatively be solved by prioritizing (all? / specific?) dnsmasq configuration files. You would than be able to specify the desired response in a dnsmasq conf file.
Whatever option is chosen, I assume changing the order would impact pihole-FTL's response time to queries. DL6ER probably has pro / con arguments not to change the current order...
somewhat confused here, thinking further about this, I added a regex whitelist entry, as this may (possibly - you haven't provided an example) solve your dillema (add a whitelist entry with the desired reply as opposed to a blacklist entry):
The entry is on a list:
pihole -q adebis.hotstaff.co.jp
Match found in https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts:
Match found in https://dbl.oisd.nl:
I would asume, given the decission tree, this would trigger the whitelist regex entry, the regex test says it does:
pihole-FTL regex-test adebis.hotstaff.co.jp ^adebis.hotstaff.co.jp$;reply=192.168.2.78
[i] Compiling regex filter...
Compiled regex filter in 0.220 msec
Time: 0.073 msec
however, dig doesn't reply with the configured address (192.168.2.78), the real address is returned.
There are 2 possible causes (i think):
- the dig reply indicates CNAME, doesn't the regex look at these entries?
- the reply types aren't operational for whitelist entries?
@DL6ER, could you take a look?