I know pihole only can process lists, using specifically formatted DNS /URL entries. These lists are added to /etc/pihole/adlists.list.
I was wondering if pihole-FTL could be modified to check these IP's, right before returning the resolved address to the client, replacing it with the appropriate IP address for blocking, if found on the list.
ssl.google-analytics.comisn't on any blocklist. Pihole-FTL would resolve and return
22.214.171.124to the client, since the domain is NOT on any list.
before returning the address
126.96.36.199to the client, a check should be made if that address is on the
if that address is on the
IPgravitylist, pihole-FTL should return
::OR the pihole IP address, depending on the blocking mode.
there could be an
IPlists.list, same format as
there should be parsing logic, to ensure the resulting
IPgravitylistcontains only valid IP addresses.
IPgravitylistcould be a new table in the database, ensuring searches are fast enough to avoid performance loss.
Currently, I'm using these IP lists on my pfsense box, using the IP list feature of pfBlockerNG. The result of using these list, is a firewall rule that simply blocks the IP's. The downside of this method is a noticeable delay in pageloads, as the request simply times out. Pihole-FTL responding with a appropriate address to the request, could eliminate this timeout.
I haven't been able to find any network wide product, capable of producing a valid DNS response, based on both DNS and IP lists. This would be a first...
@DL6ER: I've already asked this question to Simon several weeks ago, but did NOT get a reply. Apparently, there isn't much going on in the dnsmasq development, since v2.80.