diff --git a/flake.nix b/flake.nix
index 20ae92a..8b63287 100644
--- a/flake.nix
+++ b/flake.nix
@@ -24,6 +24,12 @@
             ];
           };
         };
+
+        packages.default = pkgs.buildGoModule {
+          name = "nutdns";
+          src = ./.;
+          vendorHash = "sha256-4V3cIgEN8WkHHrPz9SRshoiu0C+NHR0Xov1FZ06Q9XI=";
+        };
       }
     );
 }
diff --git a/main.go b/main.go
index 71ce85d..68cc7a5 100644
--- a/main.go
+++ b/main.go
@@ -9,8 +9,21 @@ import (
 
 const upstream = "1.1.1.1:53"
 
-var blocklist = map[string]bool{
-	"x.com.": true,
+var blocklist = []string{
+	"x.com.",
+	"twitter.com.",
+	"example.com.",
+}
+
+func isBlocked(domain string) bool {
+	domain = strings.ToLower(domain)
+	for _, blocked := range blocklist {
+		// Check exact match or subdomain
+		if domain == blocked || strings.HasSuffix(domain, "."+blocked) {
+			return true
+		}
+	}
+	return false
 }
 
 func handleDNS(w dns.ResponseWriter, r *dns.Msg) {
@@ -20,7 +33,7 @@ func handleDNS(w dns.ResponseWriter, r *dns.Msg) {
 	c := new(dns.Client)
 	for _, q := range r.Question {
 		log.Printf("question: %s", q.Name)
-		if blocklist[strings.ToLower(q.Name)] {
+		if isBlocked(q.Name) {
 			res, err := dns.NewRR(q.Name + " 60 IN A 0.0.0.0")
 			if err != nil {
 				log.Fatal(err)
@@ -41,10 +54,8 @@ func handleDNS(w dns.ResponseWriter, r *dns.Msg) {
 }
 
 func main() {
-
 	dns.HandleFunc(".", handleDNS)
-
-	server := &dns.Server{Addr: ":8053", Net: "udp"}
+	server := &dns.Server{Addr: ":53", Net: "udp"}
 	log.Println("Starting DNS Server on :53")
 	log.Fatal(server.ListenAndServe())
 }