Sorry I may be dense, but although adding the
'/32' suffix to a single IP Address is effectively redundant in most cases (but I did add this auto-CIDR for your convenience as it made sense), the last octet when specifying the
'/24' suffix is invariably almost always
'0' - as evidenced in your output above.
Not quite sure why you can't
explicitly specify the subnet mask in CIDR notation i.e. you may actually wish to use only the first 7 (technically 8) IP Addresses
e.g.
in which the script would get it wrong.
Anyway all of this discussion is moot unless you can confirm that the
unbound 'NoYouTube' 'view:' does allow you to alter the
DNS response based on the source IP address - in this
block access to YouTube for any
LAN device defined to the
'NoYouTube' 'view:'