1
0
mirror of https://github.com/pi-hole/pi-hole synced 2025-01-18 12:00:55 +00:00
pi-hole/advanced/01-pihole.conf

47 lines
1.4 KiB
Plaintext
Raw Normal View History

2016-01-30 20:12:40 +00:00
# Pi-hole: A black hole for Internet advertisements
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
2016-01-30 20:12:40 +00:00
#
# Dnsmasq config for Pi-hole's FTLDNS
#
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
2016-01-30 20:12:40 +00:00
###############################################################################
# FILE AUTOMATICALLY POPULATED BY PI-HOLE INSTALL/UPDATE PROCEDURE. #
# ANY CHANGES MADE TO THIS FILE AFTER INSTALL WILL BE LOST ON THE NEXT UPDATE #
# #
# IF YOU WISH TO CHANGE THE UPSTREAM SERVERS, CHANGE THEM IN: #
# /etc/pihole/setupVars.conf #
# #
# ANY OTHER CHANGES SHOULD BE MADE IN A SEPARATE CONFIG FILE #
# WITHIN /etc/dnsmasq.d/yourname.conf #
###############################################################################
2015-12-03 09:29:26 +00:00
addn-hosts=/etc/pihole/local.list
addn-hosts=/etc/pihole/custom.list
2015-12-03 09:29:26 +00:00
domain-needed
localise-queries
bogus-priv
2015-12-03 09:29:26 +00:00
no-resolv
2015-12-03 09:29:26 +00:00
server=@DNS1@
server=@DNS2@
2015-12-03 09:29:26 +00:00
Enable DNS forwarding loop detection Found below by accident: ``` pi@ph5:~ $ man dnsmasq [..] --dns-loop-detect Enable code to detect DNS forwarding loops; ie the situa‐ tion where a query sent to one of the upstream server eventually returns as a new query to the dnsmasq instance. The process works by generating TXT queries of the form <hex>.test and sending them to each upstream server. The hex is a UID which encodes the instance of dnsmasq sending the query and the upstream server to which it was sent. If the query returns to the server which sent it, then the upstream server through which it was sent is disabled and this event is logged. Each time the set of upstream servers changes, the test is re-run on all of them, in‐ cluding ones which were previously disabled. ``` Seems to work just fine if I point my router 10.0.0.1 back to Pi-hole in the WAN DNS settings: ``` pi@ph5:~ $ grep server= -R /etc/dnsmasq.* /etc/dnsmasq.d/01-pihole.conf:server=9.9.9.10 /etc/dnsmasq.d/01-pihole.conf:server=149.112.112.10 /etc/dnsmasq.d/01-pihole.conf:server=10.0.0.1 /etc/dnsmasq.d/01-pihole.conf:rev-server=10.0.0.0/24,10.0.0.2 /etc/dnsmasq.d/01-pihole.conf:server=/dehakkelaar.nl/10.0.0.2 /etc/dnsmasq.d/01-pihole.conf:server=/use-application-dns.net/ ``` ``` pi@ph5:~ $ sudo tee /etc/dnsmasq.d/99-my-settings.conf <<< $'dns-loop-detect' dns-loop-detect ``` ``` pi@ph5:~ $ pihole restartdns [✓] Restarting DNS server ``` ``` pi@ph5:~ $ tail -F /var/log/pihole.log [..] Oct 22 18:17:41 dnsmasq[17301]: using nameserver 10.0.0.2#53 for domain dehakkelaar.nl Oct 22 18:17:41 dnsmasq[17301]: using nameserver 10.0.0.2#53 for domain 0.0.10.in-addr.arpa Oct 22 18:17:41 dnsmasq[17301]: NOT using nameserver 10.0.0.1#53 - query loop detected Oct 22 18:17:41 dnsmasq[17301]: using nameserver 149.112.112.10#53 Oct 22 18:17:41 dnsmasq[17301]: using nameserver 9.9.9.10#53 ```
2020-10-22 16:54:04 +00:00
dns-loop-detect
2017-03-03 22:14:12 +00:00
interface=@INT@
cache-size=@CACHE_SIZE@
2015-12-03 09:29:26 +00:00
log-queries
2015-07-29 11:20:39 +00:00
log-facility=/var/log/pihole.log
2015-12-03 09:29:26 +00:00
local-ttl=2
log-async