Please follow the below template, it will help us to help you!
Expected Behaviour:
completely block instagram
Actual Behaviour:
android users can access instagram normally
I blocked almost every domain i could find in pihole log, but my android users can still access instagram.
i see al kinds of entries like this:
Dec 22 12:21:41 dnsmasq[857]: 942 80.114.200.181/44081 query[A] i.instagram.com from xxx
Dec 22 12:21:41 dnsmasq[857]: 942 80.114.200.181/44081 /etc/pihole/black.list i.instagram.com is 0.0.0.0
Dec 22 12:21:42 dnsmasq[857]: 947 80.114.200.181/17502 query[A] scontent-amt2-1.cdninstagram.com from xxx
Dec 22 12:21:42 dnsmasq[857]: 947 80.114.200.181/17502 /etc/pihole/black.list scontent-amt2-1.cdninstagram.com is 0.0.0.0
but they still can do everytjing on instagram. when i try on my laptop, everything is blocked.
They are not using custom dns, but use dhcp, from the router that uses pihole dns
Are you sure that your android users are using the Pi-hole for their DNS and not either a hardcoded DNS server address in the instagram application, or using another DNS server that is provided to the android (possibly via the cell phone providers data connection?)
yes, i set their wifi to dhcp, even set the dns with manual settings to my pihole dns
They have no cellular or other wifi(all others are mac adress blocked)
I am blocking their mac on the main router, i have a second router with openwrt(gargoyle) and use Force Clients To Use Router DNS Servers, and I set my pihole ip as only dns server.
Everything else i block works fine, except instagram.
You may want to run a packet sniffer on the network segment then and capture DNS traffic to see how the Androids are different than the rest of the network. One solution would be to set some IPTables rules that blocks and redirects all port 53 traffic to go through the Pi-hole installation.
If the instgram application on Android is forcing the application to use an external DNS server that is not of your choosing then there may need to be some other tooling applied to force the Pi-hole to be server.