This document explains how to configure a firewall rule by domain name.
Create a new firewall rule at Network > Firewall > Access Rules. Select Domain Name in the Destination field:
Example:
After a firewall rule by domain name is created, all traffic from that domain will be allowed or denied according to your settings.
TIP: If you are trying to block outgoing HTTP access to a website using a domain name, consider using the Web Blocking feature.
Actually, I would like to see an example of limiting all outbound connections except those to a specific domain or set of domains (or IP addresses). An example of where this would be useful is using “smart” IoT devices based on the Tuya OS. (Smart plugs, smart appliances, etc.). All of these devices normally have commands relayed to/from them via Tuya’s servers, so there’s no reason they should ever contact anything else on the Internet. Honeywell smart thermostats are similar - all communication to/from them is via Honeywell’s servers. So it would be nice to set up firewall rules so that if these devices did in fact acquire malware, the malware would be blocked from communicating with anything else on the Internet except the manufacturer’s servers.
Hi mjburns,
This can be done.
Your default rule would be Deny All.
And your new rule would be for that device and domain name only.
This is how you’d do it:
Network > Access Rules > Outbound Firewall Rules > Default > Deny > Save
Then
Add Rule > [Rule Name] ie, “Honeywell” > Source IP & Port > [your device] > Destination IP & Port > Domain Name > “honeywell.com” > Save
Apply Changes.
Hope this helps 
Kind Regards,
Adam
The Peplink Team
In the original example, if the pattern was just simply “foobar”, would that function the same as foobar? Or would using just “foobar” only be an exact match?
It will match with foobar only. Anyway, this is not a valid domain rule. You should enter foobar.com to match with *.foobar.com or foobar.* to match any host with a name having the domain name in the middle.
