allow.list not wildcard?

[bcookatpcsd]

Trying a new dns server (smartdns)

Used hblock to pull down domain only lists from hagezi's sources..

hblock -O hblock.txt -p 10 -H none -F none -T 'address /%D/#'

Works, no problems..

I added a bypass list, which includes nextdns.io and adds it to the hblock.txt list..

 grep nextdns.io *
hblock.txt:address /dns.nextdns.io/#
hblock.txt:address /dns1.nextdns.io/#
hblock.txt:address /dns2.nextdns.io/#
hblock.txt:address /edge.nextdns.io/#
hblock.txt:address /steering.nextdns.io/#

so I added nextdns.io to /etc/hblock/allow.list

re-ran..

still there..

added -f to hblock..

still there..

added sed to the end of the command..

sed -i '/nextdns.io/d' hblock.txt

which obviously worked..

but what did I do wrong?

 head /etc/hblock/*
==> /etc/hblock/allow.list <==
tailscale.com
nextdns.io

homedepot.com

graph.facebook.com
web.facebook.com
gvt1.com
gvt2.com
gvt3.com

==> /etc/hblock/deny.list <==

==> /etc/hblock/sources.list <==
https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/wildcard/pro.plus-onlydomains.txt

https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/wildcard/doh-vpn-proxy-bypass-onlydomains.txt

https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/wildcard/tif-onlydomains.txt

https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/wildcard/native.winoffice-onlydomains.txt

https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/wildcard/native.apple-onlydomains.txt

Thank you in advance for your time and efforts.

OT:

your hblock-resolver is what I'm moving towards.. just need to figure out better/different logging..

[hectorm]

The -r, --regex option or the HBLOCK_REGEX environment variable enables support for POSIX BREs in the allowlist.

In that case you could add ^\(.*\.\)*nextdns\.io$ to the allowlist to filter out nextdns.io and any subdomains.

Is this what you are looking for?