Set DNS filter for “shopping” but need Amazon as an exception. When put amazon.com in the “allowed domains” section it sort of brings up the main page but can’t look at any product, etc.. Tried *.amazon.com to include any amazon subdomains but that says invalid.
PS: A general comment about the DNS Filters… This is a neat new feature but uses pretty broad strokes. Need to keep staff off of social media but certain staff need to access the company’s facebook page for maintenance, etc. Also generally the majority of staff needs limiting but there are always a case where specific people in the office need to get to particular things that the staff in general need to stay away from. Just saying. 
The entries for the whitelist have to be full domain names not subdomains.
You can’t use *.amazon.com because the code adds the * wildcard itself. That would then end up giving ..amazon.com which creates errors.
That check was added into the DNS Firewall in CU202.
Looking in the IPFire DBL Shopping list it has the following entries with amazon in the domain name.
amazon.ae
amazon.at
amazon.ca
amazon.cn
amazon.co.jp
amazon.co.uk
amazon.com
amazon.com.au
amazon.com.br
amazon.com.mx
amazon.com.tr
amazon.de
amazon.eg
amazon.es
amazon.fr
amazon.in
amazon.it
amazon.nl
amazon.pl
amazon.sa
amazon.se
amazon.sg
amazonmoosey.com
media-amazon.com
so if you have added amazon.com into the whitelist section and saved it then this would allow amazon.com and media-amazon.com but none of the other country specific amazon sites.
EDIT:
I was incorrect. The automatic *.amazon.com that would be entered is only for things like www.amazon.com.
Therefore media-amazon.com would still be blocked.
This might be because amazon are then using other non amazon urls for providing the info.
Do you have any other DNS Firewall categories checked such as Advertising. Maybe the access within amazon.com is getting flagged up by other activities occurring on their pages.
Try to access the amazon.com page and look at a product and then go the the Logs - System Logs and choose DNS: Unbound in the Section: drop down box.
You can then see all the DNS Firewall blocks that will have occurred. Just look at the entries starting from the time period that you tested accessing amazon.com.
That might give you an indication of what other domains you have to whitelist in other categories.
I tested it out myself and I think I have found your answer.
I tested with amazon.nl and with only the Shopping category selected.
I added amazon.nl to the whitelist but that still gave problems.
Looked in the logs and found that amazon.com is also used by the amazon.nl site.
Whitelisted amazon.com and now I could get the page but without any pictures, just a text based display.
Checked logs and found lots of accesses to media-amazon.com were being blocked.
I therefor whitelisted media-amazon.com as well and now I can get the amazon.nl pages showing as normal.