Closed MD3728 closed 3 months ago
ShreyasZare
commented
3 months ago Thanks for the post. How are you testing it? If you are testing on the same server then your source IP will be 127.0.0.1 which will match with the localEndPointGroupMap entry and your query will be mapped to the bypass group so nothing will be blocked.
MD3728
commented
3 months ago Yes, I'm testing on the same server. I tried adding "example.com" to the "blocked" field in the bypass group, flushed the DNS cache on my computer and restarted my browser (Edge) but it is still not blocking. I have also tried to individually remove values inside of "localEndPointGroupMap", but this also has not fixed the issue.
ShreyasZare
commented
3 months ago Yes, I'm testing on the same server. I tried adding "example.com" to the "blocked" field in the bypass group, flushed the DNS cache on my computer and restarted my browser (Edge) but it is still not blocking. I have also tried to individually remove values inside of "localEndPointGroupMap", but this also has not fixed the issue.
The app responds based on client IP address. So you need to test it from the client side only. If you test it on the same server then you will get different results.
If you are testing on the same server then always use the DNS Client tool which will give you better output.
If you are testing from a client then use tools like nslookup to test the domain name. Do not use web browser to test this since they will cache things and make it difficult to test.
The DNS server's cache is not used by the blocking app so do not flush the cache as it will cause the DNS server to do all the work again to fill up the cache which will cause performance degradation for some time.
The app comes with a example config and its is expected that you will edit the config as per your setup. So you need to remove/change things that are not required.
Share the final config you have in the app and the result of your tests.
ShreyasZare
commented
3 months ago Note that you should use the Advanced Blocking app only if you need to have different groups for different clients. If you do not want to setup groups then just use the DNS server's built-in blocking feature in Settings instead of using this app.
MD3728
commented
3 months ago I'm not sure what exactly happened, but setting it to this configuration blocked example.com, even though an identical configuration did not previously. The final configuration is below. Will keep in mind your recommendations, but I needed to use regex. Thanks for the support!
{ "enableBlocking": true, "blockListUrlUpdateIntervalHours": 24, "localEndPointGroupMap": { "127.0.0.1": "bypass", "192.168.10.2:53": "bypass" }, "networkGroupMap": { "192.168.10.20": "kids", "0.0.0.0/0": "everyone", "[::]/0": "everyone" }, "groups": [ { "name": "everyone", "enableBlocking": true, "allowTxtBlockingReport": true, "blockAsNxDomain": true, "blockingAddresses": [ "0.0.0.0", "::" ], "allowed": [], "blocked": [ "example.com" ], "allowListUrls": [], "blockListUrls": [ "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts" ], "allowedRegex": [], "blockedRegex": [ "^ads\." ], "regexAllowListUrls": [], "regexBlockListUrls": [], "adblockListUrls": [] }, { "name": "kids", "enableBlocking": true, "allowTxtBlockingReport": true, "blockAsNxDomain": true, "blockingAddresses": [ "0.0.0.0", "::" ], "allowed": [], "blocked": [], "allowListUrls": [], "blockListUrls": [ { "url": "https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/social/hosts", "blockAsNxDomain": false, "blockingAddresses": [ "192.168.10.2" ] } ], "allowedRegex": [], "blockedRegex": [], "regexAllowListUrls": [], "regexBlockListUrls": [], "adblockListUrls": [] }, { "name": "bypass", "enableBlocking": true, "allowTxtBlockingReport": true, "blockAsNxDomain": true, "blockingAddresses": [ "0.0.0.0", "::" ], "allowed": [], "blocked": ["example.com"], "allowListUrls": [], "blockListUrls": [], "allowedRegex": [], "blockedRegex": [], "regexAllowListUrls": [], "regexBlockListUrls": [], "adblockListUrls": [] } ] }
Just after installing the Advanced Blocking app, the default URLs and regex do not work in the "everyone" group. For reference, the json settings are the unmodified defaults.
{ "enableBlocking": true, "blockListUrlUpdateIntervalHours": 24, "localEndPointGroupMap": { "127.0.0.1": "bypass", "192.168.10.2:53": "bypass" }, "networkGroupMap": { "192.168.10.20": "kids", "0.0.0.0/0": "everyone", "[::]/0": "everyone" }, "groups": [ { "name": "everyone", "enableBlocking": true, "allowTxtBlockingReport": true, "blockAsNxDomain": true, "blockingAddresses": [ "0.0.0.0", "::" ], "allowed": [], "blocked": [ "example.com" ], "allowListUrls": [], "blockListUrls": [ "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts" ], "allowedRegex": [], "blockedRegex": [ "^ads\." ], "regexAllowListUrls": [], "regexBlockListUrls": [], "adblockListUrls": [] }, { "name": "kids", "enableBlocking": true, "allowTxtBlockingReport": true, "blockAsNxDomain": true, "blockingAddresses": [ "0.0.0.0", "::" ], "allowed": [], "blocked": [], "allowListUrls": [], "blockListUrls": [ { "url": "https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/social/hosts", "blockAsNxDomain": false, "blockingAddresses": [ "192.168.10.2" ] } ], "allowedRegex": [], "blockedRegex": [], "regexAllowListUrls": [], "regexBlockListUrls": [], "adblockListUrls": [] }, { "name": "bypass", "enableBlocking": true, "allowTxtBlockingReport": true, "blockAsNxDomain": true, "blockingAddresses": [ "0.0.0.0", "::" ], "allowed": [], "blocked": [], "allowListUrls": [], "blockListUrls": [], "allowedRegex": [], "blockedRegex": [], "regexAllowListUrls": [], "regexBlockListUrls": [], "adblockListUrls": [] } ] }
The problem is that "example.com" will not be blocked.