Ban domain using 23.05.2

How to ban domain bybit.com, if it changes ip addresses every time i load it?

Assuming you are using the DNS in OpenWrt, you can add that domain to the hostnames, and point to some harmless IP, like 127.0.0.1

1 Like

127.0.0.1 will make the clients try to connect, and wait for a time out, use 0.0.0.0.

1 Like

if you mean this, it doesn't work

image

try it as nslookup from a client.

I can almost bet my left leg your applications are ignoring the DNS IP your router's providing.

https://openwrt.org/docs/guide-user/firewall/fw3_configurations/intercept_dns

If i disable 8.8.8.8 DNS at host it works, but in doesn't work if host uses VPN. How to block it if host uses VPN?

you block the VPN.

Just noiced, if i remove 8.8.8.8 from default DNS server on host, DNS doesn't work for all domains, if i put there 192.168.1.1 (my OpenWrt device) bybit works again...

again, use nslookup to see which DNS IPs are actually queried.

Here nslookup bybit.com from host

Server:		127.0.0.53
Address:	127.0.0.53#53

Non-authoritative answer:
Name:	bybit.com
Address: 52.221.16.35
Name:	bybit.com
Address: 54.179.102.61

and here from openwrt

root@OpenWrt:/etc# nslookup bybit.com
Server:		127.0.0.1
Address:	127.0.0.1:53

Non-authoritative answer:
Name:	bybit.com
Address: 54.179.102.61
Name:	bybit.com
Address: 52.221.16.35

Non-authoritative answer:

I guess your host have a DNS server of it's own ...

Partly true.

His host seems to use systemd-resolved, the upstream DNS server is defined in the resolved config file and/or in the network definition files. In most cases systemd-resolved operates as a caching DNS server for this host.