The issue I am facing:
I'd like to sinkhole many domains, not just names. Ideally, I'd be able to have them in a remote file and updated like adlists
dnsmasq has -A which would let me sinkhole everything in example.com all at once. How can I do that with pihole?
Details about my system:
standard rpi with pihole installed exactly as instructed.
What I have changed since installing Pi-hole:
added some adlists, whitelists, blacklists.
Could you elaborate on that?
An example of what you are trying to achieve would also be helpful.
If you are trying to block all domains ending in example.com, try to add that as a regex block.
Pi-hole uses dnsmasq under the hood. You can use any of the dnsmasq commands.
Make a new file in directory /etc/dnsmasq.d and put your configuration lines in there. Then restart FTL with pihole restartdns.
I'm trying to block facebook. I have a list of domains:
facebook.com
facebook.net
fbcdn.net
fbcdn.com
facebook.net.edgekey.net
fbsbx.com
fb.com
fb.me
whatsapp.com
tfbnw.net
instagram.com
I'd like all record types which resolve anything in these domains to resolve to 0.0.0.0 or 127.0.0.1 or some other effective blackhole.
Unfortunately, browsers will do anything to get you to popular websites like these. When the A record comes back, it then creates a request for AAAA record and a response comes with CNAME and AAAA with the ipv6 address and the page loads. I'm using wireshark to watch the queries and responses.
As I write this, I realize, maybe I need address=/facebook.com/::1 in dnsmasq config.
No, that didn't work...
Aug 31 20:24:33 dnsmasq[5974]: config www.facebook.com is ::1
wait, yes it did. It just took a bit to reload. Maybe I'm impatient
After reading the pihole docs a bit more, maybe regex is the way to go?
Yes. Add the parent domains to your blacklist as wildcards. Pi-hole will convert the wildcard to a regex.
facebook.com entered as a wildcard becomes this regex:
(\.|^)facebook\.com$
Alternatively, adding the regex facebook will block all domains containing that word.
Try this regex (for facebook):
^(.+\.)?(facebook|fb(cdn|sbx)?|tfbnw)\.[^.]+$
That list doesn't look like it would lend itself to be easily covered by dnsmasq's address option (-A) either.
It's probably easier to tackle this via Pi-hole's UI configuration options.
You could add that list as it is (literally) as exact domains:
From your post above, just copy your list using the copy button in the top left corner of your domain list area, and paste it into Pi-hole's UI at Group Management | Domain Management > Domain, then click 'Add to Blacklist'.
Alternatively, you should consider jpgpi250's regex above.
For any given domain to be blocked, Pi-hole will block A as well as AAAA resolution, and it will also cover CNAME.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.