[Arnavion]

Unfortunately, the browsers are one step ahead of you. They already have a way to ignore your DHCP-provided DNS and instead use DoH, which you can't inspect and filter easily, especially since it's over the HTTPS port. There is also a proposal for individual web properties to tell the browser what DNS (DoH) servers should be used for further requests to them, so even blocking a few well-known DoH resolvers could become impossible: https://datatracker.ietf.org/doc/rfc9462/

[kadomony]

Ugh. Can't someone please just let us customize how we want to experience the Internet? It seems like a right to repair law. But right to remove. If I know how to take out ads and I want them gone, I should be free to do so.