Cron job to blacklist site

The issue I am facing:
Hi team,

I am trying to blacklist YouTube during some particular periods of the day. So I have tried to add a cron job using the pihole command (this is running on a Raspberry Pi Linux):

crontab -e
# contents of the crontab
*/2 * * * * /home/pi/scripts/
1-59/2 * * * * /home/pi/scripts/

# contents of the scripts:
pihole blacklist --wild

pihole blacklist --wild --delmode

The command works when I run it in the terminal. And I can see the output in the syslog:

May  8 23:45:01 pihole CRON[1812]: (pi) CMD (/home/pi/scripts/
May  8 23:45:01 pihole CRON[1811]: (CRON) info (No MTA installed, discarding output)

But if I refresh the blacklist page in the admin web console I do not see any updates. What could I possibly be missing here?


Details about my system:

What I have changed since installing Pi-hole:

Independently from your issue:

This won't produce the results you expect:
Most client OSs will cache DNS results for successfully resolved domains up to until their TTL expires. For some youtube domains, that may be hours or even days. (EDIT: Note that youtube does also utilise other domains to serve content, not only those named *, and be aware that a client streaming a video from an already known IP address may have no cause to request DNS resolution again until that stream ends.)

Blocking DNS resolution for specific domains at certain times won't prevent a client with such a cached resolution result from talking to a domain's IP address, as DNS is not needed and hence never queried then.

You'd have to resort to other means, e.g. blocking all associated IP addresses at gateway level (i.e your router's firewall).

What exactly do you not see? The domains is not added to the list, not removed or nothing at all?

Does it work when you call and manually from the command line?

Hi @yubiuser yes, the scripts work when I manually run them on the terminal. What I expected was for the domains to be added/removed from the blacklist page, and that happens when I manually run it. But it does not happen when I run it with cron.

Thanks @Bucking_Horn, you're right. I need to account for the TTL as well. Looking at the dig output it seems to cache for 5 minutes (except for the CNAME record).
So I might have mixed results, but I am happy with that.

For the moment I really would like to understand what is different between running the pihole command in the terminal and in a crontab.


Youtube is serving content from a multitude of domains, not only * I think you will find that most video content domains have TTLs much longer than 5 minutes.
Also, note that it's the returned DNS record that expires with the TTL, not the IP address. If a client can successfully stream content from an already known IP address, it may have little cause to request DNS resolution again before the stream ends.
(I've also updated my initial answer to make this clearer for any casual readers who happen upon it.)

I'm not sure why it doesn't work via cron.

You could try another approach: create a group with the desired domains and clients and activate/deactivate based on cron. Others used this successfully

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.