@Tshiddah_Shallal if you want TWO blacklists, you could use workaround by setting up one as your own subscritpion and second would be "regular" blacklist
@jfb I had trouble understanding what he meant, but I think i got it, in fact I have the same request/problem if my understanding is correct. Let me give you an example:
I own a rather big network. Continuously looking for any suspicious activity (hacked, illegal activity, basically anything not welcome).
So far we have these options:
- whitelist (allow even if it's on subscription list)
When I browse through a lot of queries, I see multiple blocks and allowed. Among them, SOME queries are rather unusual. There could be a thousands of legit queries, and between them something fishy that is not blocked (on subscription list).
Right know only way I can filter using webui is: only blocked, only allowed - What i'm missing is: "known" and "unknown" website.
Example usage: I'd mark *.facebook.com *.gmail.com *.youtube.com and many other trusted destinations as know so I could simply filter them out (regardless if specific query has been blocked for spying or something / or not)
Not to confuse "known" with "whitelist", putting it on "known" won't cause entire domain to be accepted. All manual and subscription blacklist still apply.
Then after adding all "popular" destinations, browsing through logs would be supercool.
So far i'm doing this manually copying to excel end filtering it out. But it's not just boring, repetative - but I duplicate a lot of work unnecessarily (i already recognize youtube, tiktok, origin, steam and soooo many other hits that could have been excluded)
With this "known/not-known" or "known/new" feature after few iterations checking for anything "new" would be literally just few simple clicks.
If you decide it's worth considering , I can even create new topic for this if needed.
So far 350 000 queries daily and it's only rising....