Hi 
I have a question about blocking domain manually. I have entered a domain as a test. unfortunately, this domain is not blocked when I want to access it from a client. What could be the reason?
thanks in advance.
Run from the client that you observe to escape the block, what is the output of:
nslookup flurry.com
nslookup your.blocked.domain
Substitute your.blocked.domain as required.
How do those lookups register in Pi-hole's Query Log?
You may also want to verify your specific regex is functional (see also Regex test mode):
pihole-FTL regex-test your.blocked.domain "your.regex.here"
when i run nslookup, the page resolves normally. i tested regex, it tells me that the domain is in the blcklist. and in the logs, the request for this domain is not shown at all. I suspect that it is displayed at www.google.de and therefore not blocked, can that be ?
That would indicate that Pi-hole is being by-passed.
As requested, please share the output, preferably as text.
That output suggests your domain doesn't match your regex.
But that's not the output I've asked for:
Run from that same Windows client, what is the output of:
nslookup pi.hole
nslookup fd00::10
Did that reverse lookup (of type PTR) for fd00::10 register in Pi-hole's Query Log?
I have only entered the ipv6 statically on the router so that ipv6 requests are also filtered.
no requests from this client are displayed in the query log
can it be that I have to clear the cache or dns on the browser. because on another client (anroid device) it works.
Can it be that Pi-hole does not work so well with IPv6 at the moment. Otherwise I would turn off ipv6 for the local network
IPv6 does not seem to be the issue here.
Likely, your fd00::10 is your Pi-hole, and I'd assume it would run in a slightly under-configured Docker container, lacking the FTLCONF_LOCAL_IPV4 recommended variable. But that would not contribute to your issue of Pi-hole being by-passed.
This reinforces that Pi-hole is being by-passed.
Some antivirus packages sport DNS features which would force DNS traffic of the machine they are installed to some alternate DNS servers.
Do you run e.g. AVG Secure DNS or AVAST Real-Site?
You'd have to disable those features in your antivirus package to have Pi-hole do its filtering.
Super, yes I have avast and real site was enabled. now I also understand why even on another client instead of the correct domain at the log shows the one from google.de. I have disabled real site, and now it works. thanks a lot
Glad that's sorted.
Now that's out of the way, you should fix your regex.
As mentioned before, your previous output shows that your regex wasn't matching your domain.
If that's not due to an ill-picked domain, you should consider using the individual regex test as quoted by me (rather than using the gravity one that you ran), as that would allow you to adjust and optimise your regex on the fly before entering it into Pi-hole's UI when satisfied.
You should also set FTLCONF_LOCAL_IPV4 for your container.
And for IPv6:
From what you've shared, there is nothing wrong with your current configuration.
In case your router supports it, you could consider to not advertise an IPv6 DNS server address at all (instead of advertising Pi-hole's IPv6).
This would make identifying clients in Pi-hole easier, as their DNS requests would originate from their IPv4 addresses.
how do I set this with FTLCONF_LOCAL_IPV4 ?
Follow the link I've provided above. 
It'll take you to our documentation on Docker Pi-hole.
Of course, I don't know how you'd run Docker, but you may refer to the sample configuration and adopt that to the specific requirements to your Docker environment, be that plain Docker, Portainer, Synology UI,... .
1 Like
