Proposals for better blocking

I’m using pi-hole and have some suggestions to help it block better.

  1. Get rid of the archaic posix regular expressions (ere) and substitute them with a more powerful and more recent familiy. I’ve searched a bit yesterday and there are libraries even for C.
  2. Provide the user with some means to temporarily disable (and later re-enable) a regexp in the ‘blocklist’ tab.
  3. Provide the advanced users the alternative of using a connector to an external matcher, bypassing pi-hole’s.

Please consider these. I understand that open source projects are usually undermanned and the requests are coming all the time from everywere in the globe, but I think that upgrading the very heart of the project will benefit all users altogether. I think this is a good software that can easily become a lot better. So I’m posting this. Thank you.

Ab.

I’m adding #4 and #5 in the list, in case regexes are to stay:

#4: option to mark a “negated” regex, for inverse filtering
#5: fully regexize the whitelist, too

Thx.

5 Is already implemented in number 5 of Pi-hole which in it’s Beta stage.

Good thing! And the negation is very necessary, because regexes (by design) suffer in negations. On the other hand, workarounds such as lookaheads are not supported by posix ere which pihole is sadly using. Please seriously consider upgrading the regexes to something more powerful. I’ve been writing all night trying to block whatever ends with “ad/ads”, without blocking whatever ends with “download/s”…… Masochism! :slight_smile:

Number 2 is also already in the Beta. It is not in the blocklist page but in the blacklist and whitelist page.

Negated, I call that ‘allowed’ and those filter out domains that I won’t want to be activate in Gravity if it is in the imported blocklists.
This is a narrow scope and not supported by Pi-hole.
Whitelist RegEx comes the closed to what you want.

Thst leaves number one and three. Pi-hole uses tools provided by Linux and that is a good base to work from for now in case of number one.

Three will always be an import and compile sequence to maintain speed during services.
Anything brought into the DNS upstream, is transparant for Pi-hole and nothing keeps you back to implement your own construct there.

Thanks again for the reply. Yes, I’ll try to direct the queries to my own matcher because ere’s are not helping in my case (and also, even pcre’s are cumbersome some times). Maybe I’ll build a real state machine and match against it.

Kind Regards,
ab.