Closed hashbi closed 7 months ago
Hi @hashbi ,
That's an expected behaviour, if you have the "search" field in your resolv.conf:
~ $ cat /etc/resolv.conf
search local
nameserver 1.2.3.4
If a request to google.com fails, it'll try google.com.local. It'll depend on how your system is configured. https://man7.org/linux/man-pages/man5/resolv.conf.5.html
If you don't need the search field (it's usually configured by your local router via DHCP), comment it out. It's usually used to resolve domains of your LAN.
The list-of-domains feature matches the domains exactly, that's why it's not blocking dns.google.127.0.0.1.
You could use list of domains with regular expressions, but it has a performance problem with lists over 500 entries.
Another option would be to add ".127.0.0.1" to every domain of the lists.
After monitoring /etc/resolv.conf, I resolved this and it was my vpn killswitch updating it:
cat /etc/resolv.conf
# Generated by NetworkManager
search 127.0.0.1
nameserver 127.0.0.1
tyvm Gustavo
Hi, Im using: List of domains/IPs > To this list of domains
If I block a domain in my blocklist file:
127.0.0.1 dns.google
it will try to connect todns.google.127.0.0.1
after rejectingdns.google
Why do some blocked domains try to connect to
domain.127.0.0.1
after blocking it? is this a security issue or bug?