I have been using Groups for some time to block certain sites for specific computers (keeping kids off the internet when they shouldn't be, with some exceptions.) Since updating to the latest Docker image, this has stopped working for me. Now it doesn't block anything in my Domains list, for any group.
My debug token is at: https://tricorder.pi-hole.net/XTaHurmK/
Did you intend to run development code? This is untested, and may not be the best option for a Pi-hole that is serving your household.
*** [ DIAGNOSING ]: Core version
[✓] Version: v5.15.5
[i] Remotes: origin https://github.com/pi-hole/pi-hole.git (fetch)
origin https://github.com/pi-hole/pi-hole.git (push)
[i] Branch: development
[i] Commit: v5.15.5-83-gc95d343
*** [ DIAGNOSING ]: Web version
[✓] Version: v5.19
[i] Remotes: origin https://github.com/pi-hole/AdminLTE.git (fetch)
origin https://github.com/pi-hole/AdminLTE.git (push)
[i] Branch: devel
[i] Commit: v5.19-46-ga44efc0
*** [ DIAGNOSING ]: FTL version
[✓] Version: vDev-b0bf9c0
[i] Branch: development
[i] Commit: b0bf9c0e
*** [ DIAGNOSING ]: Operating system
[i] Pi-hole Docker Container: nightly
You have only a few blacklist domains (almost all of your domains are whitelist entries).
The only active blacklist domain entries are:
(\.|^)chess\.com$
(\.|^)digg\.com$
and three TLD blocks.
Only the first two shown above are assigned to a group other than the default group.
Is your strategy to block a lot at all times, and then to exempt devices with whitelist entries at specific times?
Please provide some examples (along with the client group assignment) for nslookups from clients for domains that you think should be blocked and are not.
Yes, I intentionally ran the nightly build. After having trouble with the latest stable build, I thought maybe I'd have better results with the nightly. Tomorrow, when I have more time, I may try rolling back to a previous stable version.
Because I have the TLD blacklists, I do have a ton of whitelisted domains. I've been trying to keep kids on educational/school sites most of the day, and got tired of the whack-a-mole of blocking every site they would move on to when the ones they were using were blocked. A block-it-all and white-list strategy has been working much better. I run a cron job that removes those TLD domains for a few hours every day so they can be on the internet when they're usually done with school work. The chess.com was for one specific computer, and digg.com was added as a test.
Here's the nslookup from the computer on which chess.com should be blocked.
$ nslookup chess.com
Server: 192.168.1.3
Address: 192.168.1.3#53
Non-authoritative answer:Name: chess.com
Address: 34.117.44.137
Maybe tonight. I rolled back to 2023.02.2, and it appears to be working.