Brave shields custom content filters not working and dnsmasq

Brave Browser Desktop Support
, ,
1

Description of the issue: Apparent conflict with dnsmasq and custom content filters
How can this issue be reproduced?

  1. install dnsmasq on Ubuntu LTS 24

  2. enable dnsmasq as service

  3. go to URL blocked in customer filters

The problem is that individual humans have lost control. Technological complexity has overwhelmed them.

The purpose of installing dnsmasq was to further control this individuals control of interacting via the internet and what it serves to humanity. There are some things I just don’t want to look at any longer. To be able to filter out what might be harmful.

In regard to the concerns explored in the remainder of this post. The proposition made is that the user should have control over type of content requested and served. At different levels of fine to course grain control. Where one might be content by mine-type; image, video, text, and so on. Another might be content by file-type; jpg, png, vtt, mp4, and so on. Other thing to be controlled as potential input to the user. Control at the;

  • application level
  • domain level
  • browser level, similar but in addition to Brave Shields content filters,
  • system level, similar but in addition to /etc/hots file
  • network level, similar but in addition to firewall? - not sure if this is a good example.
  • an other?

Riffing and blue sky thinking. On ways for end users the consumers can have more control. Consumer protection consumer rights. It shouldn’t be this difficult for users though to control at a more fine grain level content consumed. This level of technical capability is not available to most users. And they don’t have the time or know how and would rather spend their lives doing other things than fighting exponential technical complexity. Notwithstanding sometime gross dysfunctional effects of technological complexity on their lives. A technology life balance issue.

How can the user be in control of technology rather than technology controlling the user.

Expected result:

The page will render even though it appears in the customer filters list to be blocked.

!! doom scrolling
||theguardian.com^
||bbc.co.uk^
||bbc.com^

other websites .

However this does seem to work sometimes. The page returned is blank when a specific channel is sought. That is no content appears to be rendered in the browser window.

||youtube.com^

But if the URL is `youtube.com` then the following is returned when the hope was that nothing would be.

image
image1429×455 33.5 KB

And history is turned off and the user is not logged in.

But often it brings back the page contents. Like with the following URL `https://www.youtube.com/@BBCNews\`

At some point in the near past for all `youtube.com` channels a blank page would be displayed. No longer. Which is the behavior wanted. No content rendered, and preferably returned, with an entry like those above in custom content filters.

Some of the popular community lists are selected and do seem to work. `YouTube thumbnail image blocker` appears to be working.

So the issue may only be with custom content filters.

When the `youtube.com` link is refreshed the following is returned.

image
image3708×2096 234 KB

There appears to be behavior I don’t understand. Which may be intended behavior and my expectations are misplaced.

2026.05.16

System updates. Ubuntu LTS 24 things. Think kernel related.

Power Off.

Reboot.

Brave browser enter URL, https://www.youtube.com/@BBCNews/videos

image
image3708×2096 175 KB

Enter /etc/hosts file, comment out URL for

127.0.0.1 # www.youtube.com # Alphabet, addictive algos, most immersive so most attention farming,

Refresh URL, blank page as expected

image
image3708×2096 118 KB

Enter Brave Settings, comment out line

!||youtube.com^

Save Changes

Refresh page, as expected no thumbnails, but video links appear, page renders according the community filters selected,

image
image1920×1085 309 KB

Brave Setting, comment line back in

||youtube.com^

Save Settings

Refresh URL, the GIANT YouTube logo appears again, as above,

In /etc/hosts remove comment before URL,

127.0.0.1 www.youtube.com # Alphabet, addictive algos, most immersive so most attention farming,

Save hosts file

Refresh page in Brave browser, the ERR_CONNECTION_REFUSED screen appears, as above

Comment /etc/host again

Save file

127.0.0.1 #www.youtube.com # Alphabet, addictive algos, most immersive so most attention farming,

Refresh page in Brave browser,

Blank screen again as expected.

The issue appears to be a lag time of sometimes a minute or two or more before Brave recognizes/acknowledges changes in either /etc/hosts file and/or customer filter entries.

But after a few minutes the expected behavior is once again shown.

So not a great big defect. Just a minor one which is confusing to the user because of the lag in acknowledge changes. When sometimes the changes are acknowledge almost immediately in real time.

So solved but maybe a caching issue in relation to lag time in acknowledging changes to hosts file or customer filters? Or tasks stacking issue in reading changes in expected reaction time. Nice to have immediate response to changes in either custom filters or hosts. :slightly_smiling_face:

Did not have today, 2026.05.16, recurrence of ‘Your YouTube history is off’ screen. :grinning_face:

Have not tried this with dnsmasq enabled and active. Throughout the testing today, 2026.05.16 dnsmasq as remained disabled and inactive. It may likely be the case that dnsmasq was a red herring, correlation and not causation.

Will start using dnsmasq again sometime next week. will report back bandwidth permitting. :blush:

2026.05.17 BST

After Power Off last night and Reboot this morning. Brave browser no longer has cached images or videos. As expected and hoped for and as advertised. :star_struck:

image
image3708×2096 455 KB

The following text from /etc/hosts file rough notes on same. <todo: consider, refining notes to more cohesive message. >

The guardian url’s ‘guim’ below not working, that is not be blocked, media player issue likely. Was a browser content image caching issue.
This is a browser caching issue in part. The hoped for behavior is once blocked the thing blocked if cached content will not be displayed in the browser window/page. So clear the cache of that page’s content of that type. Or keep cached content but don’t display it. Getting rid of cache content thing kind easier? So when page is rendered the if the content is an image the alt text is displayed and broken image link icon? Or also have a don’t show alt text option. And so on.
url’s inclusion here did not stop video playing; Unite the Kingdom and pro-Palestine marches in London
@ url; https://www.theguardian.com/uk-news/live/2026/may/16/far-right-unite-the-kingdom-rally-tommy-robinson-london-nakba-day-march-latest-news-updates
lag in browser response, probably caching,
inclusion in Brave Shields, custom filters, did work in stop video playing and displaying some images,
inclusion here too some images not displaying,
Can’t be doing this for every site, that is inspect html in DevTools and try and find the specific URL’s to include in /etc/hosts or Brave Shields custom filters or dnsmasq blocklist
Requires system wide and browser specific options to block entire meme types; video, image, … . As well as specific ones video/mp4 image/gif or something else, . Or network wide. Or file type. Or part of file type. Or by domain name so no image meme types or video meme types from theguardian.com domain for example. And so on.
More choice needed at the user to control content received (on request) or served (on response).
Only riffing here, blue sky. So needs IETF, W3C, ISO, browser ISVs, OS ISVs, others? to get round the table and sort this out. Probs initial IETF/W3C joint lead?
127.0.0.1 #www.theguardian.com #
127.0.0.1 uploads.guim.co.uk # guardian, videos?, .mp4#t=0.001" type=“video/mp4”, .m3u8#t=0.001" type=“application/vnd.apple.mpegurl”, .vtt" srclang=“en”
127.0.0.1 i.guim.co.uk # guardian, images?, .jpg?
127.0.0.1 media.guim.co.uk # guardian, what?, elsewhere in page, did not seem related to video div,

2026.05.18 BST

Attempting something similar with the BBC site as with the Guardian site above poses different problems. This difference in how the sites were authored/constructed will be replicated with other sites from other reputable content publishers. So no standard way currently to attempt to manage mine-types or file-types and so on.
In the BBC’s instance image can be blocked at the /etc/hosts level, the system level, but video not so. So attempts will have to be made for video only at the browser level with Brave filters. And the caching issue persists.

image
image1920×1085 274 KB

image
image1920×1085 327 KB

image
image1920×1085 192 KB

The last image above shows how blocking video is more difficult in the BBC site. Which is not a criticism of the BBC . The BBC is an excellent organisation doing excellent work in many domains of concern . Most especially in its natural history unit.

Please find first cut attempts at the browser level using Brave Shield custom content filters inline below.
!! doom scrolling
!! BBC
!||bbc.co.uk^
||bbc.com^
!! find solution for these
@blob:https://www.bbc.co.uk^
@bbc.co.uk/iplayer^
@bbc.co.uk/souds^

Please find rough notes from experiments at the system level with /etc/hots file inline below.

BBC
It appears images can be blocked here idhef.bbci.co.uk, and indeed they are blocked,
It appears videos cannot be blocked here /etc/hosts without blocking the entire site, as the video url is the same domain name as the BBC site,
So an entirely different issue to the guardian below, re video
Try and find a solution in Brave filters, for videos,
127.0.0.1 #www.bbc.co.uk # UK
127.0.0.1 ichef.bbci.co.uk # .jpg.webp, .png.webp, type=“image/webp”, .jpg, .png,
127.0.0.1 # < video id=“smpVideoElement” playsinline=“playsinline” style=“width: 100%; height: 100%;” preload=“auto” src=“blob:https://www.bbc.co.uk/be77cf97-415a-45ec-b5d3-b333e1b28ab4” >< /video >
127.0.0.1 # < video id=“smpVideoElement” playsinline=“playsinline” style=“width: 100%; height: 100%;” preload=“auto” src=“blob:https://www.bbc.co.uk/1139d746-4225-47e7-9960-70071db467cd” >< /video >
127.0.0.1 www.bbc.com # UK

Please note. The use of the BBC and the Guardian are as examples only. It is not to criticize these organisations. They were chosen in part as they are on the whole examples of attempts which are most often better than most others at trying to take a balanced look at things. They are trusted information sources . This user finds useful in trying to navigate a complex world. Finding more balance than in many other sources even if on occasion disagreeing with point editorial or corporate positions. :ok_hand: :love_you_gesture: :star:

2026.05.18 BST
Brave filters don’t seem to be working now. Confused. :roll_eyes:
The only thing that works consistently is the /etc/hosts file. :heart_eyes:

image
image3708×2096 453 KB

image
image1920×1085 304 KB

dnsmasq was not active or enabled as a service when the test above was carried out.

2026.05.19 BST
Now video is not working on BBC site. Likely due to changes made by this user somewhere on host system. But not clear what that change was and how to turn video back on again. Ponder more. :scream:
Actually turns out it was hoped outcome. But the behavior of Brave filters remains a bit of a mystery. :face_with_bags_under_eyes:
||bbc.co.uk^ , in Brave filters was stopping videos, but why does it not stop site showing all content for the domain for url, https://www.bbc.co.uk/news/videos/czx20g00ly1o
127.0.0.1 #www.bbc.co.uk , current /etc/hosts file .
Perhaps it has something to do with the BBC site domain being commented in/out of Brave filters and /etc/hosts in some order? There being something to do with browser sessions?
The video was made available when the Brave custom filters was commented out, !||bbc.co.uk^ .
Remembering BBC videos are made available via the main BBC domain name. So /etc/hosts and Brave Shields custom filters interaction remains confusing. :face_with_spiral_eyes:
So precedence is not well understood by this user.

image
image1920×1085 228 KB

The expected behavior with the following settings

  • Ubuntu OS, system wide, /etc/hosts, 127.0.0.1 www.bbc.co.uk , ERR_CONNECTION_REFUSED
  • Brave Shields, browser specific, custom filters, ||bbc.co.uk^ , blank screen

Both have the end state where no content from the domain is requested or returned or rendered and so on to the user. The functionality of using either approach is no content from the domain will be consumed by the user. Offering two layers of protection for the user to not consume content from a particular domain. This offers the ability to slow down and provides time for the user to reflect as they physically have to go through the motions of commenting out each kind of content block. Two distinct sets of activities, workflows, to unblock domain content .

use case; control content consumed
description; don’t show content for a domain/app/service or only parts permitted by the user
pre condition; the user is not in control of content consumed from a domain in whole or in part

  1. Block domain content at the system level, activities text description
  2. Block domain content at the browser level, activities text description
  3. Block domain content at the app level, …

Expected outcome; the use does not see content from the domain
Post conditions; there is a cascade of fallback capability if one or more content blocks are removed, the user sees no content until the very last content blocker is disabled, enabling or disabling a content blocking mechanism is logged, the user can use the logged content to view engagement practice overtime, the user is in control of the content consumed from a domain,
diagram; use case diagram
diagram; activity diagram
diagram; interaction diagram?

At design time use case might be documented with a UML activity diagram.

Brave Version( check About Brave):

Brave 1.90.122 (Official Build) (64-bit)

Chromium: 148.0.7778.167

Additional Information:

Before installing dnsmasq Brave Shields Custom Content Filters seemed to work okay. After installing dnsmasq not. But this may be correlation and not causation. As other host OS system updates also occurred. But dnsmasq install and system changes arising seems most likely cause.

The issue remains even if the dnsmasq service is

  • ‘inactive’
  • ‘disabled’

$ systemctl status dnsmasq
○ dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; disabled; preset:>
Active: inactive (dead)

$ cat /etc/os-release
PRETTY_NAME=“Ubuntu 24.04.4 LTS”
NAME=“Ubuntu”
VERSION_ID=“24.04”
VERSION=“24.04.4 LTS (Noble Numbat)”
VERSION_CODENAME=noble
ID=ubuntu
ID_LIKE=debian
HOME_URL=“https://www.ubuntu.com/
SUPPORT_URL=“https://help.ubuntu.com/
BUG_REPORT_URL=“https://bugs.launchpad.net/ubuntu/
PRIVACY_POLICY_URL=“https://www.ubuntu.com/legal/terms-and-policies/privacy-policy
UBUNTU_CODENAME=noble
LOGO=ubuntu-logo

$ dnsmasq -v
Dnsmasq version 2.90 Copyright (c) 2000-2024 Simon Kelley
Compile time options: IPv6 GNU-getopt DBus no-UBus i18n IDN2 DHCP DHCPv6 no-Lua TFTP conntrack ipset nftset auth cryptohash DNSSEC loop-detect inotify dumpfile

This software comes with ABSOLUTELY NO WARRANTY.
Dnsmasq is free software, and you are welcome to redistribute it
under the terms of the GNU General Public License, version 2 or 3.

Please find some notes on things done with dnsmasq at the link inline below

GitHub page, notes, WS