Twitch seems to be blocking PIA VPN service, so I would like to make an Pfsense firewall rule to have Twitch go through my WAN connection. I tried making a rule based only twitch.tv, but it did not work. I’m guessing like Netflix, they have multiple domains. Does any body know what domains/IP addresses are used by twitch?
Also there are several other sites and services I would like to make firewall rules for. Is there a method to look up what domains a given service uses? Microsoft telemetry and Netflix are the only ones I could find easily with a google search.
Haven't gotten that advanced with Pfsense, but twitchstatus.com has some.
https://twitchstatus.com/
Not sure if that helps, hope it does though.
I wonder if you could use wildcards/regex matching on the domain to achieve what you want. I haven't tried this on PfSense but i'm sure someone's found a way to do it.
It seems all the IP addresses listed are for chat, and all the domain names end in Twitch.tv, so I think my rule would cover all those domains, thanks though
You have to have the whole domain in the alias for it to work, not just twitch.tv but all the subdomains.
Easiest way to figure out what you need (if you can't find a list) is to run wireshark or some other packet sniffer on the machine trying to access twitch and filter only the dns traffic, then you will see which domains are being connected to.
It still may not work as the domain used by the alias will be resolved periodically and theres no guarantee that the ip that pfsense gets for the alias will be the same as the ip your client device will get when it resolves the domain.