I found this topic, explaining how to use .* as a regex, to identify all domains.
What I want:
for some device(s) (group deny_all), I want to block everything, the device(s) should not be able to resolve anything, but I want to use the query log to see the attempted (blocked) queries.
for some device(s) (group allow_all), I want to allow everything, the device(s) should be able to resolve everything, again, I want to use the query log to see what queries (allowed) are being made.
Unfortunately, entering both a blacklist and whitelist entry .* isn't allowed (duplicate domain entry).
The same dilemma arises for allowing access to facebook (for example). I can block facebook (group facebook_deny), using a regex such as
^(.+.)?(facebook|fb(cdn|sbx)?|tfbnw).[^.]+$
but I cannot use the same regex, to allow (whitelist) facebook for specific devices (group facebook_allow), regardless of possible adlists (gravity) entries.
I understand the whitelist entry would prevail (whitelist always wins), for a client that is assigned to both groups, but fail to understand, why it would not work, if the client assignments are correct (member of either deny_all OR allow_all).
What would be the developers recommended way to achieve the required functionality for the groups allow_all and deny_all (AND facebook_allow and facebook_deny)?
that should be possible, if not, it's a bug, as you already indicated.
I want to add the same (identical) entry twice, once as a blacklist entry, and once as a whitelist entry, each assigned to a different group, with different client assignments.
according to this article, it would be possible to allow inserting an identical whitelist entry and a blacklist entry, by specifying the domain AND the type field in the unique statement.
UNIQUE(domain,type)
currently (from /etc/.pihole/advanced/Scripts/database_migration/gravity/3_to_4.sql), it's
domain TEXT UNIQUE NOT NULL,
Unfortunately, I have no idea how changing this would impact the web interface, and most importantly pihole-FTL, thus developer input required...