Hi everyone and Thank You for showing your interest by clicking my post, my english is not perfect so i will try to make short as possible.
the goal is to make a whitelist with the DNS Dynamic Resolver function in "Firewall -> address_list",
and than restrict my phone to only access internet with this whitelist.
my issue is the Mikrotik DNS resolver and wireshark don't give me the same answer!!!
if i open winbox, go to Firewall -> address_list, and create a new address list and i paste exemple here "game.clashofclans.com"
the Mikrotik DNS Resolver give me a different answer than wireshark
Here is the Test: my phone ask dns to my router, the NAT rule send the request to my pi-hole, and my pi-hole send the request to 1.1.1.1 (my pi-hole is on the same local network/diff subnet)
when my router need a dns request for itself or an other device without pi-hole filter , my router go directly on internet and ask dns to 1.1.1.1 ,
i have captured my phone dns traffic with wireshark if someone have explanation. Thank You