When a PS4 starts up, or the user goes to settings / system software update, this is the query executed:
By simply creating a blacklist entry (domain as wildcard):
the PS4 DNS lookup fails:
and the PS4 says: Cannot connect to the server.
Solving your problem, update one PS4 and not the other, while both devices use a single pihole is simple:
- add the PS4 you want to allow updating to the default group.
- create a new group noPS4firmware
- add the PS4 you want to protect (no updates) to that group
- create the wildcard entry (see above) and assign it to the noPS4firmware group
done, the PS4 you want protect (no firmware updates) will always try to resolve the domain, but will get an answer, depending on your blocking mode (probably 0.0.0.0).
all other devices, not member of the group (noPS4firmware) will succesfully resolve the domain (test with dig on any device / computer).
The regex improvements, made available by @DL6ER are a great and essential part of pihole, but it doesn't look like your PS4 update problem is a valid use case.