I tried to search for a solution but did not see anything directly relevant. Hopefully I'm in the right section.
I'm trying to block a site that my kids use to play games. I want to do it in a way where I can turn off and on access. (I understand a time based option is not available and am fine with doing it manually).
The issue is that the site appears to be a referrer, that pulls IP's from other sites. So if I block the site (it's called Crazy Games) the block works. However, the site refers to other IP addresses once a game begins. And once the game window is active within Safari, blocking the main domain is no longer successful. (My kids leave the game window active, and just open it when they want to play - Apple screen time works - but I would like something I can do remotely).
My thinking is that I need to create my own block list, and activate it when needed. (I would have to list all the possible game sites, which I think I can do).
The question is, can this list be hosted locally, and how would I do it? (All the lists I have to date are hosted on weblinks). I would like to be able to activate / deactivate one list that I create, and not have to turn off and on individual domains in the blocklist.
Am I making sense - or just missing something obvious?
I'm running 5.2.4 via a docker on an Unraid server. I'm not a linux ninja, but am trying to learn.
You could host your own blacklist on your Pi-hole machine (search for similar topics, e.g. recent Adding my own list?), but DNS may be of little help for what you try to achieve.
DNS blocks can play a (minor) part in parental control strategies, but they do not exactly lend themselves to time-based controls, and they won't obsolete other network-wide and on-device measures - and certainly neither non-technical, more important educational measures.
Specifically, by-passing your blocks is as easy as changing the DNS server on the device (or switching to mobile data if its a smartphone).
Kids tend to find out how to do that sooner or later.
And even if Pi-hole is in place as DNS server, a client may cache sucessfully resolved DNS records until that record's TTL expires.
Your block then won't be effective until it does and a client requests DNS again.
TTLs vary by domain individually and may be minutes, hours, days,...
And even if a TTL is as short as five minutes, it doesn't mean a client will request DNS resolution again once the record expires. All that happens is that the DNS record will be removed from your device's cache.
The specific software on a client decides when it requests a domain to be resolved, e.g. if a game would only use a domain once to load a complete level, it may have no reason to request DNS resolution again until another level is needed.
You'll have a hard time exercising time-based access control by DNS means.
My situation is a bit different in that I am not aiming at parental control, but only in protecting a home LAN from adware, and malware intrusions.
My LAN is isolated from the WAN behind an IPCop dedicated firewall box, and my interest in Pi-Hole is the much simpler procedure for adding/removing URLs to/from the blacklist, which is a bit painful under IPCop, compared to the simplicity under Pi-Hole.
Thanks for the quick response. I missed the other thread.
I had read about TTL, but wasn't sure about the details - thanks for the info there. It looks like these reach back every 15 minutes or so. While not the best, I may give it a go anyway. There is one game in particular I want to completely block, so it will be a good chance to learn.
I didn't think of creating a Github list. This may be the easiest, as I'm not the best at docker yet, and am having trouble updating PiHole, much less adding a "local" text file.
rolgiati: what are you using for a firewall box? I have been looking for something - but I'm running Verizon Fios and am pretty much stuck with their router if I want my TV to work.