Second level Blacklist triggered on a schedule

Hi
I’m loving the PiHole and there’s one feature that I could think of that I think would be generally useful - especially for those with kids.

There are lots of reports of school kid’s results suffering because of addiction to Social Media sites or with online gaming.

The ability to have a second set of blacklist rules that can be implemented on a schedule so to make sure all LAN traffic to/from those sites are gracefully blocked.
I’m sure some routers could do this, but the one we have (VirginMedia Hub3) isn’t that smart.

This would help enforce an online curfew where occupants can have full access and at a set time those selected sites will no longer be available.
e.g. At 9pm they can finish watching their YouTube video, but then that’s it until 4pm next day (or midday on weekends)

As the code sits your best bet would be to run two instances. One for your devices the other for childrens devices

1 Like

You can write a cron script to add these domains and remove these domains at the desired times, but this will also block those domains for all users on that Pi-Hole. A second Pi-Hole with such a script or a router that has this capability would be your best options.

2 Likes

You could do this with crontab using two scripts on two schedules. You’d need to add to crontab as root though

The following running at 9pm:

#!/bin/bash
mv /etc/pihole/blacklists.txt /etc/pihole/blacklists.day
mv /etc/pihole/blacklists.night /etc/pihole/blacklists.txt
pihole -g

The following running at 4pm:

#!/bin/bash
mv /etc/pihole/blacklists.txt /etc/pihole/blacklists.night
mv /etc/pihole/blacklists.day /etc/pihole/blacklists.txt
pihole -g

Not used the pihole command line but I think pihole -g reloads blocks, does it not?

You would have two blacklists now, one after 9pm and one before 9pm. You could either maintain the files yourself from the command line or wait until after 9pm when you are using the night blacklist and then add the social media sites to it.

edit: Looks like others replied while I was writing this. Using two pihole instances would be your best best but that is only going to work if you can segregate the devices to filter differently somehow at your router - a different subnet or something. For your case though I think crontab is going to be best.

3 Likes

Thanks for the replies.
I’d worked out a cron method (no need for a second instance), but it would be good to have it available as an option natively within PiHole for general ease of use and upkeep.

My workaround to activate extra filtering from 21:30 to 16:00 weekdays and 08:00 on weekends:
As root (sudo -i)

cd /etc/pihole
cp regex.list regex.list.standard
cp regex.list regex.list.extra

Edit regex.list.standard to have a list of 24/7 blocked domain(s)
Edit regex.list.extra to have only the additional domain(s)

vi /etc/crontab
30 21 * * *     root    cat /etc/pihole/regex.list.extra >> /etc/pihole/regex.list && /usr/local/bin/pihole -g > /dev/null 2>1&
0  16 * * 1-5   root    cat /etc/pihole/regex.list.standard > /etc/pihole/regex.list && /usr/local/bin/pihole -g > /dev/null 2>1&
0  8 * * 6,7    root    cat /etc/pihole/regex.list.standard > /etc/pihole/regex.list && /usr/local/bin/pihole -g > /dev/null 2>1&

Example regex.list.standard:

(^|\.)bing\.com$

Example regex.list.extra

(^|\.)youtube\.com$
(^|\.)facebook\.com$
(^|\.)steam\.com$
(^|\.)steampowered\.com$
(^|\.)steamtastic\.com$

EDIT: There is a faster and more graceful way of doing the update with cron than running pihole -g:
Link: [Second level Blacklist triggered on a schedule]

1 Like

Rebuilding gravity will not re-compile your regex list. For this you will need to restart pihole-FTL or recompile the regex (I don’t recall how to do a re-compile though):

sudo service pihole-FTL restart

Edit: the recompile command is echo ">recompile-regex" | nc localhost 4711

majority of kids will be like “meh, someones trying to block me I’ll just change the dns servers on my phone/tablet/laptop”

2 Likes

When my step sons were in the house they were always figuring out how to break the rules. Didn’t take me long to figure out how to stop them though. PfSense is a powerful router platform!

Wait until they figure out they can use their phone cell signal to get to the internet, particularly if they can make a local hotspot.

Thanks for the additional replies although I think some are missing the point.
(I don’t have kids, I just thought it would be a good feature to have)

Currently I’m using the second blacklist to shut down all the trackers that run on mobile devices.
e.g FaceBook is disabled on my phone which also has a basic firewall on it, but FB is still (somehow) trying to report back to facebook hq.
But the missus uses FB, so it needs to be available during the evening.

Thanks for the reply.
I think the FTL is compiled after domains are added via the web interface as a full gravity refresh would take too long.

pihole -g does work.though.
At the bottom of the output after the main blocklists it adds our local black/white lists.
e.g.
[✓] Consolidating blocklists
[✓] Extracting domains from blocklists
[i] Number of domains being pulled in by gravity: 141440
[✓] Removing duplicate domains
[i] Number of unique domains trapped in the Event Horizon: 118082
[i] Number of whitelisted domains: 1
[i] Number of blacklisted domains: 0
[i] Number of regex filters: 2
[✓] Parsing domains into hosts format
[✓] Cleaning up stray matter

In your previous example, you showed five additional regex filters. The output of your gravity update shows only 2 regex filters. The additional filters you added were not re-compiled by a gravity update.

**[i] Number of blacklisted domains: 0**

Recompiling regex and rebuilding gravity are two different things.

My list content, gravity output and cron schedule were examples for the sake of brevity.

All I know is that I change a block or regex file, run pihole -g and stuff stops working when it completes.

I’ve used PiHole as a network sniffer and my lists have evolved as I see items to add.
At the time of my previous post, there were only 2 “standard” active regex on the list during the day.
As of last night there were 50 blocked after 1am (I spent all yesterday morning going through the logs).

My real lists as of this morning are (wc -l):
regex.list.standard = 4
regex.list.extra = 16
regex.list.bed = 30 (a 3rd level blocklist that kicks in at 1 or 2am and locks a lot more down)

Current output: [i] Number of regex filters: 4

Addendum - Although the pilhole-g command does work, it’s slow and puts extra strain on the main block list servers.

An alternative (and much faster) way of refreshing the lists can be done by disabling and re-enabling pihole or as @jfb suggested, a pihole-FTL restart.

Example pihole restart cron:

0  7  * * * root  pihole disable && cat /etc/pihole/regex.list.standard > /etc/pihole/regex.list && pihole enable
0  23 * * * root  pihole disable && cat /etc/pihole/regex.list.extra >> /etc/pihole/regex.list && pihole enable

Example FTL restart cron:

0  7  * * * root  cat /etc/pihole/regex.list.standard > /etc/pihole/regex.list && service pihole-FTL restart > /dev/null 2>1&
0  23 * * * root  cat /etc/pihole/regex.list.extra >> /etc/pihole/regex.list && service pihole-FTL restart > /dev/null 2>1&