Timed DNS queries, block DNS based on time

Feature Requests
#1

Hi pi-hole
Firstly aplogies if I'm not doing this correctly
Title timed DNS queries
Block DNS based on time

We have broadband which is limited during the day, and unlimited at night
We currently block apple update servers all the time
Would be helpful to have a special list call it a grey or yellow list
Which would block always except for certain times

I would propose having a general time setting and allowing domains to be turned on /off on the fly

I am a developer so would be happy to help implement , I have a number of pis to test on, plus a Turris omnia router.

Dave

Add a scheduled blocker for particular websites
Time range for enabling a Group
Time based domain block
Time-based DNS controls
Whitelist / Blacklist Swappable Profiles
A "leechblock", a temporary blocklist for time wasting website
Second level Blacklist triggered on a schedule
Pseudo Web Blocking / Policies with Scheduling
Block internet access at certain times
Why no Parental Controls? ... tech is already in PH
#2

I have not implemented this feature as such but I believe that you could use xinetd (--libwrap) and allow incoming UDP/TCP calls based on time and block others. Then, dnsmasq will be used only during the allowed time period.

#3

Much simpler: You can install a cron job that adds the corresponding domains (you can specify as many as you like in one call) at time X and removes them again at time Y.

How about that?

Example:

# m h  dom mon dow   command
# Block server.apple.com at 8AM
  0 8  *   *   *     pihole -b server.apple.com
# Unblock server.apple.com at 8PM
  0 20 *   *   *     pihole -b -d server.apple.com
2 Likes
#4

My - potential - solution relates to stop and prevent use of dnsmasq services after certain time completely. Hence it is not relevant to the poster's message. Based on your answer, I saw my misunderstanding.

#5

There may be a solution depending on your router.
Some routers (e.g. Netgear DEVG 2020) offer some rudimentary blocking of Domains + the option to block on a schedule.

You could try a cascaded setup

  • Use Pihole as DHCP Server

  • Setup Pihole to use your Router as upstream DNS Server

  • on your Router specify upstream DNS Server (e.g. google DNS or use ISP provided)

  • specify the domains you'd like to block

  • setup a blocking schedule

#6

Hi,

I've noticed I'm more focused when some website are unavailable (reddit, youtube, etc..)

For this I use on Firefox LeechBlock : https://addons.mozilla.org/en-US/firefox/addon/leechblock/

Or Mac OS app Selfcontrol : https://selfcontrolapp.com/

I thought it could be a nice new feature to Pi-Hole to integrate this process.

Having an extra independent blocklist that you can activate or deactivate manually or with a schedule.

#7

Note that this is trivial with group management. You can simply add a group with all the domains you want to block and keep it disabled. Now, prepare a cron job to enable/disable this group at the times you want. This can conveniently do this for an entire set of domains which stays comfortably manageable through the web page of Pi-hole.

#8

Good advice. For those for whom this is not trivial, see here

4 Likes
#9

For the exact same reasons described in the solution post (block access to anything else but the school activities during a certain period), it would be nice to be able to more easily define a ruleset for such behavior.

Maybe something like this; rules may be matched sequentially; first one that matches provides the action; then global allow/block lists may apply.

# Start End Source Action Pattern
# school computers
08:00 12:00 192.168.0.100  Allow (\.|^)google\.com$
08:00 12:00 192.168.0.100  Deny  *

# computer not restricted
00:00 23:59 192.168.0.199  Allow *

#general restrictions
18:00 22:00 192.168.0.0/24 Allow (\.|^)youtube\.com$
18:00 23:59 192.168.0.0/24 Allow (\.|^)netflix\.com$

00:00 23:59 192.168.0.0/24 Allow  *

This may avoid complex setup and in avoiding complexity one avoids potential errors.

Another related feature could be redirection to a more friendly "block" page instead of seeing the DNS browser error.

2 Likes
#10

We need to have this in the native UI (without hacks).

It could be a few basic features added and we would be there. Like...

"Apply Blacklist to Group - during time frame"
-- only allows specific sites be contacted, perfect for home school so older kids who need larger freedom to do research, etc but stop them from going to YouTube or game sites during school hours, or on dedicated 'school devices'

"Block all Group activity - during time frame"
-- no internet allowed, perfect for limiting kids device use and home school

"Apply Whitelist to Group - during time frame"
-- only allows specific sites be contacted, perfect for home school

1 Like
#11

Sponsorships for features you require are acceptable.

2 Likes