[ENHANCMENT] Show / record which DNS List (URL) Blocks DNS Name

[Sysadminfromhell]

Just today there was a flaw in my DNS URL Lists, It took me 2 Hours to figure out which list it was. It would be helpful if there could be a way to record and show which list blocked the specific domain/url.

Is this planed or can this be programmed?

Kind regards,

[ShreyasZare]

Thanks for asking. The feature already exists which you can use in a couple of ways.

First is to use either the DNS Client tab on the web panel or command like dig to query the domain in question. If the domain is blocked, you will see an report in the response as the extended DNS error report that will give you the blocklist URL that was responsible for blocking it.

Second option is to query for the domain for type TXT using any DNS client tool. If the domain is blocked, you will see a report in the TXT record in the response.

Note that for this feature to work, you must have the "Allow TXT Blocking Report" option enabled in the settings. If you are using Advanced Blocking app, then edit its config and ensure the Allow TXT Blocking Report option is set to true.

[Sysadminfromhell]

I mean this would be helpful inside of the logs on the server.

[ShreyasZare]

I mean this would be helpful inside of the logs on the server.

Putting this in log will significantly increase the size of logs and will clutter them. Imagine having 2-3 block list URL listed for each log entry. It wont be much useful too compared to the existing feature that allows to quickly find out the block list responsible for it.

[brokoler]

I switched from Adguard Home to Technitium and this is a feature I'm missing. On my setup multiple blocklists are imported and it's more complicated than with Adguard Home to find out which blocklist is responsible for blocked entries. You can always whitelist single entries, but sometimes you discover a specific blocklist is not what you want at all.

Would be great to see this information in the query log, it could be an optional setting to not clutter the logs only for people who want it?

For example with Adguard it looks like this:

How about a similar implementation, where the blocklist name is just added below the "Blocked" entry in the Response Type column?

[Hemsby]

If you query the TXT record for the blocked domain and use the Query Logs App it does show as you suggested already....

[brokoler]

Well that's true but it's a more complicated way compared to the blocklist name being shown for each blocked entry automatically.

So maybe it might just be added directly into to the Query Logs for convenience? :)

[ShreyasZare]

I switched from Adguard Home to Technitium and this is a feature I'm missing. On my setup multiple blocklists are imported and it's more complicated than with Adguard Home to find out which blocklist is responsible for blocked entries. You can always whitelist single entries, but sometimes you discover a specific blocklist is not what you want at all.

Would be great to see this information in the query log, it could be an optional setting to not clutter the logs only for people who want it?

For example with Adguard it looks like this:

How about a similar implementation, where the blocklist name is just added below the "Blocked" entry in the Response Type column?

In case of Adguard, the lists seem to be named so you see just a short name. With the DNS server, its just block list URLs and adding those in the log view will clutter the entries.

I am still thinking on a better way to have it listed so that its easy to figure out which list blocked the domain and also not clutter (or limit clutter) the logs.