Blocked domains issue

[hashbi]

Hi, Im using: List of domains/IPs > To this list of domains

If I block a domain in my blocklist file: 127.0.0.1 dns.google it will try to connect to dns.google.127.0.0.1 after rejecting dns.google

Why do some blocked domains try to connect to domain.127.0.0.1 after blocking it? is this a security issue or bug?

[gustavo-iniguez-goya]

Hi @hashbi ,

That's an expected behaviour, if you have the "search" field in your resolv.conf:

~ $ cat /etc/resolv.conf
search local
nameserver 1.2.3.4

If a request to google.com fails, it'll try google.com.local. It'll depend on how your system is configured. https://man7.org/linux/man-pages/man5/resolv.conf.5.html

If you don't need the search field (it's usually configured by your local router via DHCP), comment it out. It's usually used to resolve domains of your LAN.

The list-of-domains feature matches the domains exactly, that's why it's not blocking dns.google.127.0.0.1.

You could use list of domains with regular expressions, but it has a performance problem with lists over 500 entries.

Another option would be to add ".127.0.0.1" to every domain of the lists.

[hashbi]

After monitoring /etc/resolv.conf, I resolved this and it was my vpn killswitch updating it:

cat /etc/resolv.conf
# Generated by NetworkManager
search 127.0.0.1
nameserver 127.0.0.1

tyvm Gustavo