Threat Shield Behavior - Is this correct?

Hi all,

some time ago I started using PiHole and then became aware of the new threat shield module which I had to test immediately as I really like your work on nethserver, guys. It’s indeed spectacular and I want to thank you for having created such a nice, featurerich server, that I really enjoy exploring and I am looking forward to use it in production soon. I see a limitation on threat shield compared to PiHole that might not even really exist and could be based on my limited knowledge. I am posting this so maybe it could be seen as feature request, that threat shield could benefit from, or maybe there is just another way to acheive the same result doing it differently that I am not aware of.

As in PiHole I have activated a whole bunch of lists, but then wanted to whitelist some domains in order do let the windows clients still being able to update. In PiHole there is a possibility to add domains (optionally wildcard) in a whitelist, that would be nice, if this would be possible also in threat shield. Another very nice thing in PiHole is, that in their query log, I see red blocked and green allowed domains with a button behind to whitelist or blacklist them.

Again I want to thank you all for being such a nice community and providing such a powerfull server :+1: :slight_smile:

Reading through this topic I will also start reading on which lists to use instead of activating them all or almost all.

1 Like

Thank you for using it!

Sadly, current threat shield is IP-only, so for now you can add only IP to whitelist.

This is DNS related, we are working to expand the software to use DNS-based blacklist, but it will take time :slight_smile:

@andre8244 implemented the request features inside the UI!

I don’t know about the inner workings, but it came to my mind, if the rules from the Web & Proxy and filter have higher priority I could add the needed domains in the white list there. Would they still get blocked by threat shield?

Thanks for your great work.