Regex - How to block subdomains?

CreationGuy · Aug 14, 2022, 3:55 AM

I'm trying to block a domain and all of it's subdomains, I've tried a few different methods and none seem to be working.

\.google\.

With that, I can't get to www.google.com but can get to subdomains.

(\.|^)google\.com$

Same results as above.

(^|\.)google\.com$

Same results as above.

Patch · Aug 14, 2022, 4:13 AM

@creationguy said in Regex - How to block subdomains?:

I'm trying to block a domain and all of it's subdomains,

I suspect what you want to do is hard at the firewall level.
You could try blocking Googles ASN in pfblockerNG then white list what you want to allow. Unfortunately Google frequently changes the IP address each domain name resolves to, so to make this solution work, pfsense needs aliases with history (which I don't think are currently supported).

Alternatively blocking it at the DNS may be possible.

CreationGuy · Aug 14, 2022, 4:15 AM

Google was just an example, not the real domain. Wouldn't this be best accomplished within the pfBlocker package? That's what I'm trying to do.

It works in Pihole use the 1st regex, but not here.

CreationGuy · Aug 16, 2022, 4:05 AM

Update:

(^|\.)domain\.com$

Blocks the domain and subdomain... I just didn't clear my DNS cache on device. So far, it is working.