I am not familiar with Firehol, so I might be missing something, but isn't this already solved in a (potentially) more powerful, mature and standardized way by DNS RPZ (Response Policy Zones, [1])? Well-established resolvers like Unbound fully support integrating multiple block lists (like oisd.nl, energized.pro, abuse.ch, etc), keeping them up-to-date via zone transfers or HTTPS download, see [2].[1] https://www.isc.org/rpz/
[2] https://unbound.docs.nlnetlabs.nl/en/latest/topics/filtering...
shivam-dev|1 year ago