Fedora: regexps lists not working

[tQ6yf4Mc]

Fedora 40/39 (Gnome).
IPs lists blocks, and hosts format lists based blocking works without any problem (whether system-wide DNS query-based blocks or for individual apps). OpenSnitch is also processing regexps in general without any problem.
So very strange to me as I understand that if host file-based blocking works well then there is no reason to even touch system DNS sub-system / DNS query protocol / DNS server / VPN kind of problems. A kernel module problem? do I need to compile sth ? very strange...

RegExps logic processing is working generally as it works properly in [Rule>Network>To_this_host] (using full regexps notation) and also for regexps for example in [Rule>Network>Protocol] and [Rule>Network>To_this_port].
But they do not work when list is used as in [...>To_this_list_of_domains_(regular_expressions)]. All is ok with folder and <file.txt>. I saw in logs that OpenSnitch reports changes done in the file - how many new regexps were found. However, It does not use those regexps, neither full regexps <^(.*\.)?example\.com$> nor plain domains <example.com>.

???

• all rpms, whether system or OpenSnitch most new, as is kernel, but it was like that before.
• opensnitchd -check-requirements OK (for 39 but I think for 40 of course too).
• nothing interesting in "debug" type log I think, it confirms for example that there are 5 regexps entered in the file but does not process them at all.

[gustavo-iniguez-goya]

Hi @tQ6yf4Mc ,

Could you post the regular expressions of that file, and the logs of a simple test? like telnet www.mydomain.com , with a regexp in the .txt file like .*\.mydomain.com.

Does the rule contain more than one type of lists (to this IP list + to this regexp list, etc)?

For testing purposes, be sure that you marked the rule as priority ([x] Priority rule).

[tQ6yf4Mc]

Hi @gustavo-iniguez-goya, once again thank you for your work.

My directory/file/regexps_domains/rule/configuration is 99.9% OK. I've created new directory+file copying it from hosts solution (but the file has an other name just in case), and recreated the regexps rule (ofc priority one). There is only your regexpn in the file (1 line in the file in total). The rule contains only one type of list and that is also broadly speaking the only factor in this rule to reject always.
Only systemd-resolved may ask via port 53, and only via UDP|UDP6, and only just a few IPv4 / IPv6 servers.
Regexps rule is before the DNS rule, like the hosts file-based blocking rule which works 100% ok for everything including ofc also DNS queries.

With your test systemd-resolved resolved the address unfortunately, OpenSnitch asked for telnet, and telnet connected after allowing.

As I see the part of the detailed log I've prepared includes my host name, IPs on local/dummy/VPN interfaces, my DNS servers, sth about routes and so on - so I will later include it redacted.
In any case, there is completely nothing about regexps. It is like Opensnitch uses all kind of other blocks and sees the regexps file but somehow does not take regexps rules into account at all.
Maybe may I grep "debug" type log for something for anonymity?