DNS Proxywall blocking does not take effect right away

Problem Description

After adding a blocking rule to DNS Proxywall, the blocked website can still be accessed with a web browser.

Analysis of the Issue

DNS Proxywall operates on DNS traffic that goes between the DNS client and the DNS server.

1. Windows has the following features that affect filtering by DNS Proxywall:
   • Files that directly specify DNS-name-to-IP-address mapping c:\Windows\system32\drivers\etc\hosts , c:\Windows\system32\drivers\etc\lmhosts
   • Global DNS cache that resolves domain/website names to IP addresses without sending requests to remote DNS servers for previously resolved DNS names.
2. Many web browsers use their own DNS caches.
3. Some web browsers use DNS over HTTPS that prevents inspection and blocking of DNS traffic.

Solution

1. Instead of using c:\Windows\system32\drivers\etc\hosts for direct DNS-name-to-IP-address mapping, use Permanent Host Address Table of DNS Proxywall.

2. All DNS caches within Windows and within web browsers should be cleared.

• To clear Windows DNS cache, run the command from the command line: "ipconfig.exe /flushdns"

• To clear DNS cache within Chrome: Navigate to "chrome://net-internals/#dns"

• To clear DNS cache within Firefox: Navigate to "about:networking#dns"

• To clear DNS cache within Safari:
  a) Enable hidden Develop menu by navigating to the menu Safari->Preferences, then select Advanced tab, then check Show Develop menu in menu bar.
  b) Click the menu item Develop->Empty Caches.

For more details on clearing DNS caches see: https://geekflare.com/clear-dns-cache-on-windows-chrome-firefox-and-safari/

3. Instead of using DNS over HTTPS protocol, consider other solutions that would allow DNS traffic being inspected and filtered by DNS Proxywall.

Last updated: Sep 22, 2022.