Enhancement for block domains and services (Instant Block)

[ghost]

Issue Details

• Version of AdGuard Home server
  • v0.99.1
• How did you setup DNS configuration
  • System
• Operating system and version
  • Windows 10 1903

Steps to Reproduce

• Play any video on youtube and keep the tab opened.
• Apply custom filtering rule for ||youtube.com^ ||ytimg.com^ ||youtu.be^ or activate 'Youtube' through blocked services.
• Back to browser, ofcourse you can keep watch existing video till end, go and watch suggested video display on side panel etc.

Affected feature requests

• https://github.com/AdguardTeam/AdGuardHome/issues/951 (scheduled blocked services)

• 1203 (timed blocklists and whitelists)

(important for parental control as well)

Expected Behavior

block immediately include established connections.

[copacetic82]

YouTube will stop working once Windows makes a new DNS request, and gets a reply from AGH. This usually only happens when the TTL of the DNS entry runs out (for youtube I get 5mins), if you manually do a "ipfconfig /flushdns" on Windows, reconnect the network. Even then the browser might still show cached content.

This DNS query "decision" is made by the client. To achieve immediate blocking, AGH would have to overwrite the TTL of "legitimate" DNS replies to e.g. 1sek, in case the user wants to block certain services.

[ameshkov]

@copacetic82 even if AG rewrites the TTL, it won't help with connections that are already open.

Unfortunately, it's impossible to implement this request on the DNS-level.

It is possible to do on a proxy-level once #391 is done, but we didn't plan to implement parental control features there so I'll mark this as a low-priority feature request.

[JoeJenningsDMC]

@ameshkov, I'd like to kindly request that this feature that multiple people have asked for (Including myself) is not considered as a low priority ticket.

[ameshkov]

@JoeJenningsDMC please add the upvote reaction to the image. This is how we sort issues when we look for the most demanded