Wildcard and regex support for whitelisting


#1

hello developers!

I’d like the ability to use wildcard (and regex) on the whitelist.

The reason being, our office is pretty much “all in” on Microsoft 365, Sharepoint, etc. Basically, “all microsoft, all the time”. Yet, several of the blacklists I subscribe to block various microsoft servers, causing random issues, like logging in, etc. While I understand this may not be everyone’s cup of tea, it is what it is for us and it would be great if we could wildcard-whitelist .microsoft.com once and for all.

Conversely, we’re mainly Mac users at home. And I see on some blocklists things like ocsp.apple.com listed, as well as other servers. I have no clue why anyone would think it would be a good idea to block a ocsp server! But same thing, at home I’d like to whitelist everything .apple.com.

-Rick


#2

In the short term, you could reduce your false positives with fewer block lists. One of the problems with public block lists is that you have no control over the content, and what the list maintainer wants to block may not be what you want to block (as in the case of ocsp.apple.com, which I have also had to whitelist).

You might try just a few lists (or no lists) and set up some regex filters that you control. Here are some examples that will knock down a lot of the adware, metrics, etc.

^(.+[-_.])??ad[sxv]?[0-9]*[-_.]
^adim(age|g)s?[0-9]*[-_.]
^adse?rv(e(rs?)?|ices?)?[0-9]*[-.]
^adtrack(er|ing)?[0-9]*[-.]
^advert(s|is(ing|ements?))?[0-9]*[-_.]
^aff(iliat(es?|ion))?[-.]
^analytics?[-.]
^banners?[-.]
^beacons?[0-9]*[-.]
^clicks?[-.]
^count(ers?)?[0-9]*[-.]
^pixels?[-.]
^stat(s|istics)?[0-9]*[-.]
^telemetry[-.]
^track(ers?|ing)?[0-9]*[-.]
^traff(ic)?[-.]

#3

Hey jfb,

Just a quick shout-out thanks for this list of regex filters! I’ve never really been able to wrap my head around regex, so this list is great! Thanks much!

Someone should consider adding this list as “examples” on the regex section of the documentation! :wink:
https://docs.pi-hole.net/ftldns/regex/tutorial/

-Rick


#4

I won’t take credit for these. They are on github, but for the life of me I can’t recall where. When I find the link, I’ll post it.

Edit - thanks @msatter, that was the link.


#5