okay, I was pretty sure that as the system is written i would have to run multiple instances, which is why I was planning on forking Pi-Hole and adding the RADIUS functionality that I want.
After thinking about it a bit more i'm wondering if it's technically possible, the first way i was going to implement it was to
- have the DNS check with the RADIUS server to validate the IP of the device with a particular usergroup, then store this information (or another option is to have the RADIUS server send this information to the DNS upon authentication)
- and then based on the settings for that usergroup on the DNS check if the request is in a particular list that user is subject to, white, or black,
- and if not check to see if the user is in the grey listing group and then send the notification to the parent to authorize if they are.
the thing is that adds latency and i'm not even sure that the RADIUS server would be able to store that IP, will likely have to tweak that as well.
unless there is core functionality that i would need to override or change i'm not sure that the adding the RADIUS functionality is all that impractical. however if i need to run a DNS instance for each list and send requests through those then it might be "prohibitive in terms of flexibility" for lack of better words.
Any specific criticisms or suggestions or any ideas on how i can implement these ideas more effectively? Do I have a grave misinterpretation of how DNS and RADIUS work, cause that's also possible?