How to remove an ip from dns results?

I live in iran and all sort of messing with internet goes on here.
I recently saw that when I try to get to greasyfork website I would timeout.

I use dns to see if it was filtered nationally
because they usually give a internal ip for filtered websites ,like facebook,in the range of 10.10.34.34-6

drill @8.8.8.8 greasyfork.org 
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 20935
;; flags: qr rd ra ; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 
;; QUESTION SECTION:
;; greasyfork.org.      IN      A

;; ANSWER SECTION:
greasyfork.org. 20597   IN      A       104.200.26.154
greasyfork.org. 20597   IN      A       96.126.99.28
greasyfork.org. 20597   IN      A       104.200.26.234

so I used curl and saw that only when the 96 ip was used it would timeout.

now my question is this:
can I make my dns-server on openwrt (dnsmasq or any equivalent) remove that ip from results (all results) ?
if I use ignore-address with dnsmasq the the drill would timeout as if the 96 ignore would cause all of it to be ignored.

Can't you use a foreign DNS provider?

/edit: Maybe the ignore-address option works for you.

2 Likes

I do use a dnscrypt provider too and as I said the dns results are NOT filtered for this website. I was just giving history to how I got there.

and as I also said ignore-address causes the whole answer containing the 96. result to be ignored and so I would get timeout on dns.

If the target addresses are stable then the approach here might work for you: Adding "Custom DNS Server" to /tmp/resolv.conf.auto via /lib/netifd/dhcp.script - #2 by lleachii

It might also work with a /etc/resolv/greasyfork.org file - not sure on that one.

I thought about that too but I wanted to see if I could remove an ip.
sometimes this behavior happens with cdns too so it would help if I could delete ips that my government has issues with routing or they have issues with iranian ips.