Pihole doesn't block regex matching domains or nslookup timeout? or my exp is wrong?

#1

Please follow the below template, it will help us to help you!

Expected Behaviour:

I wish to match domains that has 5 or more chars, and contains at least one number or one - or one _
basically block all the rubbish domains, usually been used for virus, phishing and ads.

(^|\.)(?=.+[0-9-_]).{5,12}\.(com|cn|net|cloud|com\.cn)$

Actual Behaviour:

pihole either doesn’t block anything match the rule or nslookup timeout

Debug Token:

#3

A nice site for doing your tests: https://regex101.com/
Including explanation of your regex rules

#4

But, be aware that not everything that appears to work on that site will work properly in Pi-Hole. Pi-Hole uses POSIX ERE, which does not allow some code that will pass the checks on regex101.

The best way to check in Pi-Hole after you have tested the regex elsewhere - set REGEX_DEBUGMODE=true per the documentation: https://docs.pi-hole.net/ftldns/configfile/

More details at: https://docs.pi-hole.net/ftldns/regex/overview/

This will trigger an entry in /var/log/pihole-FTL.log when a regex is triggered. Then, live tail this log and do some dig commands for domains that you think should be blocked by that regex. If the domain is blocked, it will return as NULL (assuming default settings for blocking mode) and the regex that blocked it (for the first block only) will appear in the FTL log.

#5

Thanks eejeel. I did test the exp on that website, and also using PCRE(PHP) before putting it into pihole. The exp seems to be working fine on the test site, suits for my needs:

match domains that has 5 or more chars, and contains at least one number or one - or one _

#6

I think that’s the case, I’ll check the log and see what would be the cause

closed #7

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.