I'm working with our local middle school to use pihole to block web games in the classroom.
A huge proportion of the domains we want to block end in .io.
We can write the regex to block everything that ends in .io, but that does kill some legitimate sites.
Instead, returning dns resolutions very slowly (and perhaps with an artificially-lowered TTL) means that the occasional, legitimate visit to something legitimate (reds.io) is just a little bit less responsive, while visits to slither.io (snake game) are so laggy as to make the game unplayable. Because of the intentionally-lowered (local) TTL, you have to keep getting the address from pihole, and that response is going to be a full 1000 ms later. Full wishlist: each successive visit is delayed 100ms longer.
Is there a way to intentionally delay the resolution of some requests? Any thoughts on how to do this / plug in?? Thanks!
You cannot delay domain name resolution for specified domains in Pi-hole. Pi-hole either blocks the query (quite immediately) or forwards the query to an upstream resolver, which typically takes less than 100 msec.
If you want to block web games, the best approach is to look in the query log and blacklist all the domains requested to run web games.
I use a version of cloudlared to hit upstream. Pretty sure I can modify that code to inspect the request and bifurcate to send anything that ends in .io to a DNS server in Australia, which will add add least 300ms. Maybe then reject the first answer and hit it again and we are close. Am I that determined? Not yet!
Appreciate the suggestion re blacklist / whitelist — thank you!