3

I've been trying to setup Launchd to block several websites on osX 10.12.2 from 9AM - 3PM Monday-Friday

I set up launchd to cp /etc/hosts_BLOCKED_sites.txt /etc/hosts

Launchd seems to be copying the file correctly.

$ ls -la /etc/hosts   

    -rw-r--r--  1 root  wheel  715 Jan 10 15:01 /etc/hosts

 

$ sudo cat /etc/hosts

    ##  
    # Host Database  
    #  
    # localhost is used to configure the loopback interface  
    # when the system is booting.  Do not change this entry.  
    ##   
    127.0.0.1   localhost   
    255.255.255.255 broadcasthost  
    ::1             localhost   


    # Blocked sites redirected to 0.0.0.0  
    0.0.0.0 reddit.com   
    0.0.0.0 www.reddit.com  
    0.0.0.0 facebook.com  
    0.0.0.0 www.facebook.com

However, I can still open the blocked sites after the /etc/hosts are set to block access.

Any suggestions about why /etc/hosts isn't blocking access to the sites?

Things I have attempted but have failed to block sites on Chrome:

  • sudo killall -HUP mDNSResponder from the command line
  • I attempted to flush the Chrome DNS cache via chrome://net-internals/#dns
  • I attempted to flush the Chrome Sockets chrome://netinternals/#sockets
  • I switched the hosts file to redirect sites to 127.0.0.1 , it did not block the site and I was told it's faster to redirect to 0.0.0.0

This did not make a difference. All the blocked sites are still accessible via Chrome v55.0.2883.95.

Improve this question
5
  • Try echo "" >> /etc/hosts_BLOCKED_sites.txt. Also what does if grep -E -rl '\r' /etc/hosts_BLOCKED_sites.txt ; then echo windows; else echo unix; fi print?
    – Camden Narzt
    Commented Jan 6, 2017 at 21:53
  • 1
    Why would I want to pass an empty string to /etc/hosts_BLOCKED_sites.txt ?
    – BryanWheelock
    Commented Jan 6, 2017 at 22:58
  • unix was returned from the conditional statement.
    – BryanWheelock
    Commented Jan 6, 2017 at 22:58
  • 1
    The empty string gets appended to the end (thus the double angle brackets) to ensure the last line is a newline.
    – Camden Narzt
    Commented Jan 6, 2017 at 23:01
  • It might be helpful if you could check with a packet analyzer (tcpdump), for instance) whether DNS queries for the supposedly blocked sites leave your pc or not. Also, it might be helpful to see exactly the DNQ query for any of the blocked site, say reddit.com.
    – MariusMatutiae
    Commented Jan 10, 2017 at 8:02

7 Answers 7

Reset to default
4
+50

I noticed that your /etc/hosts file has permission 600. The permissions on that file should generally be 644. If your application can't read /etc/hosts then it will just use DNS.

Improve this answer
5

Having entered hosts entries for ipv4 + ipv6 and running

sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder

to clear caches, I still had to restart Chrome for the hosts entries to take effect.

My hosts entries:

127.0.0.1       youtube.com
127.0.0.1       www.youtube.com
fe80::1%lo0      youtube.com
fe80::1%lo0     www.youtube.com
Improve this answer
3
  • The way you've worded this sounds like a comment (from the OP), rather than an answer.
    – jpaugh
    Commented Feb 2, 2018 at 15:31
  • This answer could do with a bit of fleshing out.
    – Darren
    Commented Feb 2, 2018 at 15:46
  • @Darren I dunno, I think it looked a lot better in its original form.
    – Michael Hampton
    Commented Feb 4, 2018 at 1:57
3

Try to write them as an alias for the 127.0.0.1

127.0.0.1     localhost www.facebook.com www.reddit.com
Improve this answer
1
  • Attempted that and I was still able to access the blocked site via Chrome.
    – BryanWheelock
    Commented Jan 5, 2017 at 17:30
2

I'm open to being wrong on this, as I'm no networking expert...

0.0.0.0 is a strictly invalid, non-routable meta-address & may therefore be just being ignored.

In the context of routing, 0.0.0.0 usually means the default route, i.e. the route which leads to "the rest of" the internet instead of somewhere on the local network.

Try 127.0.0.1 instead, which is the default loopback address, i.e. "me"

I'm less good on IPv6, but have known some issues fixed by changing
::1 localhost
to
::1 127.0.0.1

Improve this answer
6
  • I attempted that: 127.0.0.1 reddit.com It did not block the site.
    – BryanWheelock
    Commented Jan 3, 2017 at 19:41
  • the site is www.reddit.com not reddit.com
    – Tetsujin
    Commented Jan 3, 2017 at 19:50
  • I tried both. Neither worked.
    – BryanWheelock
    Commented Jan 4, 2017 at 14:52
  • You're not giving me much to go on - "it doesn't work" gives me no clues. I've got maybe 50 lines in my hosts file, all work exactly as expected. It's a pretty standard form. Try commenting out all the IPv6 addresses, or at least make sure you're actually capable of routing IPv6. I can't test as my ISP doesn't have it yet.
    – Tetsujin
    Commented Jan 4, 2017 at 15:18
  • I'm not sure what more info I can provide. I have shown how my /etc/hosts file is configured, I added the changes suggested but I can still access the sites. Is there a log file or something I can look at to determine why the hosts file is not redirecting to 127.0.0.1 ?
    – BryanWheelock
    Commented Jan 4, 2017 at 15:37
2

Have you verified that /etc/nsswitch.conf has a line like this:

hosts: files dns

If there is not a line like that in the file or if the line has dns before files, then dns queries are made first and if it gets a valid answer the /etc/hosts file is not even looked at

Improve this answer
1
  • 2
    Macs don't have an /etc/nsswitch.conf file.
    – Camden Narzt
    Commented Jan 9, 2017 at 19:41
1

First identify the source of the issue, is it from Chrome? is it from Cache? Or, maybe from hosts file itself?

  1. Check the encoding of the hosts file as it should be ASCII not UTF-8.
  2. Try adding a website that you didn't visit ever in hosts file and then check if the issue from cache or hosts file.
  3. Try using dig command to check if Chrome cache is the problem.

Suggestion: You can achieve your goal in Chrome by using extensions like: https://chrome.google.com/webstore/detail/block-site/eiimnmioipafcokbfikbljfdeojpcgbh?hl=en.

Improve this answer
10
  • 1
    I'm not sure how to interpret dig results.
    – BryanWheelock
    Commented Jan 6, 2017 at 16:30
  • reddit.com. 119 IN A 151.101.65.140
    – BryanWheelock
    Commented Jan 6, 2017 at 16:30
  • reddit.com. 119 IN A 151.101.1.140
    – BryanWheelock
    Commented Jan 6, 2017 at 16:30
  • 2
    It means the IP address of reddit.com is 151.101.65.140 which means your hosts file is not effective and the issue is not related to Chrome cache.
    – Opaida
    Commented Jan 6, 2017 at 16:42
  • 1
    @BryanWheelock check the encoding of the hosts file as in the edited answer.
    – Opaida
    Commented Jan 7, 2017 at 11:48
0

According to Host file override not working in Mavericks | Official Apple Support Communities:

The hosts file is cached. Rebooting OS X will reload it. You can also attempt to force a cache reload with the following command:

sudo killall -HUP mDNSResponder

<...> using TextEdit can corrupt the file. The file needs to be plain ASCII text <...>. Use the TextWrangler tool (free) or use the nano editor (or vim or emacs, if you're more familiar with those) <...>:

sudo nano /etc/hosts

/etc/hosts file not being used in Snow Leopard | Official Apple Support Communities suggests:

make sure you use the correct syntax when editing it and also make sure that it has correct permissions. it should be owned by the system and have 644 permissions.

Improve this answer
2
  • osX has switched back to using /etc/hosts
    – BryanWheelock
    Commented Jan 11, 2017 at 18:47
  • Isn't the user 'root' the same as being owned by 'the system' ?
    – BryanWheelock
    Commented Jan 11, 2017 at 21:20

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .