Hello,
I tried to search for an answer but wasn't able to find, but for sure this was already discussed.
How I can exclude domains from a firewall alias? "!" works fine with ip addresses and subnets, but not with domains.
I tried like this !youtube.com , should i use some additional character?
What I am doing wrong?
Thanks
Best create an additional block rule before your rule that allows hosts.
Then you do not need to invert anything, you simply have a selective block rule before the more broad allow rule.
Ok, I thought so...but just in case there would be the chance to exclude domains or it is just not possible?
Thanks
Firewall aliases are meant to be used with pf rules. pf acts on IPs and subnets. So what should a DNS "domain" mean in that context?
It is not even a specific hostname within a domain, which could at least be resolved to an IP (or a set of IPs).
You can use domains in DNSBL lists to block DNS resolution of specific names, but that is another concept that has nothing to do with firewall rules (and aliases).