by both FireFox 61.0.1 and the latest Chromium in BIONIC's repository.
I only noticed the problem in BIONIC when I switched to my special hosts file to block facebook and the other anti-social websites.
Searched the problem on the web. It first appeared in 2015.
I've tried all the recommended "fixes", flushing the cache, changing internal settings, etc.m but too numerous to mention here. None work.
I've removed Chromium because I rarely used it and never loaded my bookmarks on it.
I've installed falkon and Konqueror to play with.
Falkon does NOT honor the hosts file but Konqueror did honor it for a while then ignored it.
Strange problem. nsswitch is at the default setting. I'm not using a proxy.
EDIT:
New information:
https://support.mozilla.org/en-US/questions/1011327
EDIT:EDIT:
https://bugzilla.mozilla.org/show_bug.cgi?id=1453207
Conclusion: WONTFIX
EDIT:EDIT:EDIT
A lack of resolution forced me to look at alternative ways. I begin experimenting with hosts.deny and got some success.
Here is my hosts file:
Here is my hosts.deny file:
To find the IPv6 address for facebook and alternative web pages for newsroom.fb.com I used:
dig -t AAAA domain name
in a Konsole.
My network configuration uses IPv6 so those are the addresses that are returned. In the case of newsroom.fb.com the alternative website,vip-lb.wordpress.com, was returned and when I used it instead of .fb.com or .newsroom.fb.com the block worked.
If I didn't include the IPv6 address in hosts the block wouldn't work, even if the domains were in hosts.deny.Without the domain name in hosts.deny the block wouldn't work. [emoji20]
EDIT#4:
I disabled my entry in hosts.deny and tested the blocking. It worked. So, it appears that if one is using IPv6 then the hosts file has to include BOTH the 127.0.0.1 and the ::1 for IPv4 and IPv6 domain names.
I only noticed the problem in BIONIC when I switched to my special hosts file to block facebook and the other anti-social websites.
Searched the problem on the web. It first appeared in 2015.
I've tried all the recommended "fixes", flushing the cache, changing internal settings, etc.m but too numerous to mention here. None work.
I've removed Chromium because I rarely used it and never loaded my bookmarks on it.
I've installed falkon and Konqueror to play with.
Falkon does NOT honor the hosts file but Konqueror did honor it for a while then ignored it.
Strange problem. nsswitch is at the default setting. I'm not using a proxy.
EDIT:
New information:
https://support.mozilla.org/en-US/questions/1011327
This was implied before, but I think I can be more explicit: Firefox doesn't read the operating system's hosts file directly. Ever.
In its default configuration, Firefox sends DNS requests to your OS for resolution. Your OS should check the hosts file first since that has precedence, and if a host name is not in the file, then check its upstream DNS service provider.
In its default configuration, Firefox sends DNS requests to your OS for resolution. Your OS should check the hosts file first since that has precedence, and if a host name is not in the file, then check its upstream DNS service provider.
https://bugzilla.mozilla.org/show_bug.cgi?id=1453207
Conclusion: WONTFIX
EDIT:EDIT:EDIT
A lack of resolution forced me to look at alternative ways. I begin experimenting with hosts.deny and got some success.
Here is my hosts file:
Code:
127.0.0.1 localhost GreyGeek 192.168.11.100 GreyGeek # The following lines are desirable for IPv6 capable hosts ::1 ip6-localhost ip6-loopback ::1 GreyGeek fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 127.0.0.1 www.facebook.com ::1 www.v6.facebook.com 127.0.0.1 www.newsroom.fb.com 127.0.0.1 vip-lb.wordpress.com 127.0.0.1 .265.com
Code:
# /etc/hosts.deny: list of hosts that are _not_ allowed to access the system. # See the manual pages hosts_access(5) and hosts_options(5). # # Example: ALL: some.host.name, .some.domain # ALL EXCEPT in.fingerd: other.host.name, .other.domain # # If you're going to protect the portmapper use the name "rpcbind" for the # daemon name. See rpcbind(8) and rpc.mountd(8) for further information. # # The PARANOID wildcard matches any host whose name does not match its # address. # # You may wish to enable this to ensure any programs that don't # validate looked up hostnames still leave understandable logs. In past # versions of Debian this has been the default. # ALL: PARANOID ALL: .v6.facebook.com, .facebook.com, .fb.com, vip-lb.wordpress.com
dig -t AAAA domain name
in a Konsole.
My network configuration uses IPv6 so those are the addresses that are returned. In the case of newsroom.fb.com the alternative website,vip-lb.wordpress.com, was returned and when I used it instead of .fb.com or .newsroom.fb.com the block worked.
If I didn't include the IPv6 address in hosts the block wouldn't work, even if the domains were in hosts.deny.
EDIT#4:
I disabled my entry in hosts.deny and tested the blocking. It worked. So, it appears that if one is using IPv6 then the hosts file has to include BOTH the 127.0.0.1 and the ::1 for IPv4 and IPv6 domain names.