I found block entries in log, but does this mean they are blocked?
I found 126.96.36.199 and 188.8.131.52 which are google, 184.108.40.206 which is moodle, 220.127.116.11 which is cloudfront.
I've only 2 domains in blacklist for testing porpose.
I've disabled all filter, only this is enabled:
So only access through IP and those two blacklisted domains should be blocked. On the other hand everything seemed to work correctly. I had no blocked site, but I don't know what was blocked at moodle or so.
ASAP I'll do some more tests.