From ef30a85afb1653df4d3ce393dd6b8d7ecbb29ab0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sun, 26 Dec 2021 17:10:48 +0100 Subject: [PATCH 01/18] Include port in status function MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- pihole | 81 ++++++++++++++++++++++++++++++++++------------------------ 1 file changed, 47 insertions(+), 34 deletions(-) diff --git a/pihole b/pihole index 055bd702..faa9fc2e 100755 --- a/pihole +++ b/pihole @@ -312,42 +312,55 @@ analyze_ports() { } statusFunc() { - # Determine if there is a pihole service is listening on port 53 - local listening - listening="$(lsof -Pni:53)" - if grep -q "pihole" <<< "${listening}"; then - if [[ "${1}" != "web" ]]; then - analyze_ports "${listening}" - fi + # Determine if there is pihole-FTL service is listening on any UDP port + local listening pid port + + pid="$(getFTLPID)" + if [[ "$pid" -eq "-1" ]]; then + case "${1}" in + "web") echo "-1";; + *) echo -e " ${CROSS} DNS service is NOT running";; + esac + return 0 else - case "${1}" in - "web") echo "-1";; - *) echo -e " ${CROSS} DNS service is NOT listening";; - esac - return 0 - fi + #get the port pihole-FTL is listening on + port="$(lsof -Pni UDP -p ${pid} -a | grep -m1 : | awk -F ":" '{print $2}')" + listening="$(lsof -Pni:53)" + if [[ ! -z "$port" ]]; then + if [[ "${1}" != "web" ]]; then + analyze_ports "${listening}" + fi + else + case "${1}" in + "web") echo "-1";; + *) echo -e " ${CROSS} DNS service is NOT listening";; + esac + return 0 + fi + + # Determine if Pi-hole's blocking is enabled + if grep -q "BLOCKING_ENABLED=false" /etc/pihole/setupVars.conf; then + # A config is commented out + case "${1}" in + "web") echo 0;; + *) echo -e " ${CROSS} Pi-hole blocking is disabled";; + esac + elif grep -q "BLOCKING_ENABLED=true" /etc/pihole/setupVars.conf; then + # Configs are set + case "${1}" in + "web") echo "$port";; + *) echo -e " ${TICK} Pi-hole blocking is enabled";; + esac + else + # No configs were found + case "${1}" in + "web") echo -2;; + *) echo -e " ${INFO} Pi-hole blocking will be enabled";; + esac + # Enable blocking + "${PI_HOLE_BIN_DIR}"/pihole enable + fi - # Determine if Pi-hole's blocking is enabled - if grep -q "BLOCKING_ENABLED=false" /etc/pihole/setupVars.conf; then - # A config is commented out - case "${1}" in - "web") echo 0;; - *) echo -e " ${CROSS} Pi-hole blocking is disabled";; - esac - elif grep -q "BLOCKING_ENABLED=true" /etc/pihole/setupVars.conf; then - # Configs are set - case "${1}" in - "web") echo 1;; - *) echo -e " ${TICK} Pi-hole blocking is enabled";; - esac - else - # No configs were found - case "${1}" in - "web") echo 99;; - *) echo -e " ${INFO} Pi-hole blocking will be enabled";; - esac - # Enable blocking - "${PI_HOLE_BIN_DIR}"/pihole enable fi } From 9f0e0dbd378bc3989c63e7fd98e2ef34c2a541f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sun, 26 Dec 2021 18:10:36 +0100 Subject: [PATCH 02/18] Fix analyse ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- pihole | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pihole b/pihole index faa9fc2e..c16f46e8 100755 --- a/pihole +++ b/pihole @@ -327,7 +327,7 @@ statusFunc() { port="$(lsof -Pni UDP -p ${pid} -a | grep -m1 : | awk -F ":" '{print $2}')" listening="$(lsof -Pni:53)" if [[ ! -z "$port" ]]; then - if [[ "${1}" != "web" ]]; then + if [[ "${1}" != "web" ]] && [[ "$port" -eq 53 ]]; then analyze_ports "${listening}" fi else From 71ebd64f4e9745ca5ea021d2bfb2035bd5c2c64b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sun, 26 Dec 2021 18:13:14 +0100 Subject: [PATCH 03/18] mend MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- pihole | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pihole b/pihole index c16f46e8..b0f3b02c 100755 --- a/pihole +++ b/pihole @@ -285,7 +285,7 @@ Options: analyze_ports() { # FTL is listening at least on at least one port when this # function is getting called - echo -e " ${TICK} DNS service is listening" + echo -e " ${TICK} DNS service is listening on port 53" # Check individual address family/protocol combinations # For a healthy Pi-hole, they should all be up (nothing printed) if grep -q "IPv4.*UDP" <<< "${1}"; then From 5ef731fc576825d2dbb9d59aff937e1838aa5c06 Mon Sep 17 00:00:00 2001 From: yubiuser Date: Tue, 28 Dec 2021 12:11:26 +0100 Subject: [PATCH 04/18] Fix indention Co-authored-by: DL6ER --- pihole | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pihole b/pihole index b0f3b02c..01bbaaed 100755 --- a/pihole +++ b/pihole @@ -317,11 +317,11 @@ statusFunc() { pid="$(getFTLPID)" if [[ "$pid" -eq "-1" ]]; then - case "${1}" in - "web") echo "-1";; - *) echo -e " ${CROSS} DNS service is NOT running";; - esac - return 0 + case "${1}" in + "web") echo "-1";; + *) echo -e " ${CROSS} DNS service is NOT running";; + esac + return 0 else #get the port pihole-FTL is listening on port="$(lsof -Pni UDP -p ${pid} -a | grep -m1 : | awk -F ":" '{print $2}')" From 4a2f4c1bcea5ba554a2e3831431bef043fd89761 Mon Sep 17 00:00:00 2001 From: yubiuser Date: Tue, 28 Dec 2021 12:11:46 +0100 Subject: [PATCH 05/18] Fix indention_2 Co-authored-by: DL6ER --- pihole | 70 +++++++++++++++++++++++++++++----------------------------- 1 file changed, 35 insertions(+), 35 deletions(-) diff --git a/pihole b/pihole index 01bbaaed..c3bab4f1 100755 --- a/pihole +++ b/pihole @@ -323,43 +323,43 @@ statusFunc() { esac return 0 else - #get the port pihole-FTL is listening on - port="$(lsof -Pni UDP -p ${pid} -a | grep -m1 : | awk -F ":" '{print $2}')" - listening="$(lsof -Pni:53)" - if [[ ! -z "$port" ]]; then - if [[ "${1}" != "web" ]] && [[ "$port" -eq 53 ]]; then - analyze_ports "${listening}" - fi - else - case "${1}" in - "web") echo "-1";; - *) echo -e " ${CROSS} DNS service is NOT listening";; - esac - return 0 + #get the port pihole-FTL is listening on + port="$(lsof -Pni UDP -p ${pid} -a | grep -m1 : | awk -F ":" '{print $2}')" + listening="$(lsof -Pni:53)" + if [[ ! -z "$port" ]]; then + if [[ "${1}" != "web" ]] && [[ "$port" -eq 53 ]]; then + analyze_ports "${listening}" fi + else + case "${1}" in + "web") echo "-1";; + *) echo -e " ${CROSS} DNS service is NOT listening";; + esac + return 0 + fi - # Determine if Pi-hole's blocking is enabled - if grep -q "BLOCKING_ENABLED=false" /etc/pihole/setupVars.conf; then - # A config is commented out - case "${1}" in - "web") echo 0;; - *) echo -e " ${CROSS} Pi-hole blocking is disabled";; - esac - elif grep -q "BLOCKING_ENABLED=true" /etc/pihole/setupVars.conf; then - # Configs are set - case "${1}" in - "web") echo "$port";; - *) echo -e " ${TICK} Pi-hole blocking is enabled";; - esac - else - # No configs were found - case "${1}" in - "web") echo -2;; - *) echo -e " ${INFO} Pi-hole blocking will be enabled";; - esac - # Enable blocking - "${PI_HOLE_BIN_DIR}"/pihole enable - fi + # Determine if Pi-hole's blocking is enabled + if grep -q "BLOCKING_ENABLED=false" /etc/pihole/setupVars.conf; then + # A config is commented out + case "${1}" in + "web") echo 0;; + *) echo -e " ${CROSS} Pi-hole blocking is disabled";; + esac + elif grep -q "BLOCKING_ENABLED=true" /etc/pihole/setupVars.conf; then + # Configs are set + case "${1}" in + "web") echo "$port";; + *) echo -e " ${TICK} Pi-hole blocking is enabled";; + esac + else + # No configs were found + case "${1}" in + "web") echo -2;; + *) echo -e " ${INFO} Pi-hole blocking will be enabled";; + esac + # Enable blocking + "${PI_HOLE_BIN_DIR}"/pihole enable + fi fi } From 2a869419b4d7b958f98f685be8a96f4da7c594e4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Tue, 28 Dec 2021 12:18:39 +0100 Subject: [PATCH 06/18] Add netcat to dependencies MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index bd2bf4c3..6a9f9491 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -287,7 +287,7 @@ package_manager_detect() { # Packages required to run this install script (stored as an array) INSTALLER_DEPS=(git iproute2 whiptail ca-certificates) # Packages required to run Pi-hole (stored as an array) - PIHOLE_DEPS=(cron curl iputils-ping lsof psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data libcap2) + PIHOLE_DEPS=(cron curl iputils-ping lsof psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data libcap2 netcat) # Packages required for the Web admin interface (stored as an array) # It's useful to separate this from Pi-hole, since the two repos are also setup separately PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-sqlite3" "${phpVer}-xml" "${phpVer}-intl") @@ -332,7 +332,7 @@ package_manager_detect() { PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" OS_CHECK_DEPS=(grep bind-utils) INSTALLER_DEPS=(git iproute newt procps-ng which chkconfig ca-certificates) - PIHOLE_DEPS=(cronie curl findutils sudo unzip libidn2 psmisc sqlite libcap lsof) + PIHOLE_DEPS=(cronie curl findutils sudo unzip libidn2 psmisc sqlite libcap lsof nmap-ncat) PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo php-xml php-json php-intl) LIGHTTPD_USER="lighttpd" LIGHTTPD_GROUP="lighttpd" From 5729f64ddc82d3ef477293c6d404a05d1a2ac82b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Tue, 28 Dec 2021 12:21:31 +0100 Subject: [PATCH 07/18] Fix missing fi MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- pihole | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pihole b/pihole index c3bab4f1..5b062267 100755 --- a/pihole +++ b/pihole @@ -337,7 +337,7 @@ statusFunc() { esac return 0 fi - + fi # Determine if Pi-hole's blocking is enabled if grep -q "BLOCKING_ENABLED=false" /etc/pihole/setupVars.conf; then # A config is commented out From f45248df805c426f9d9e654c0f71eb1fd8b795e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Tue, 28 Dec 2021 13:39:45 +0100 Subject: [PATCH 08/18] Use FTL's new dns-port API endpoint MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- pihole | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/pihole b/pihole index 5b062267..d9f8b5fa 100755 --- a/pihole +++ b/pihole @@ -312,7 +312,7 @@ analyze_ports() { } statusFunc() { - # Determine if there is pihole-FTL service is listening on any UDP port + # Determine if there is pihole-FTL service is listening local listening pid port pid="$(getFTLPID)" @@ -323,21 +323,22 @@ statusFunc() { esac return 0 else - #get the port pihole-FTL is listening on - port="$(lsof -Pni UDP -p ${pid} -a | grep -m1 : | awk -F ":" '{print $2}')" + #get the port pihole-FTL is listening on by using FTL's telnet API + port="$(echo ">dns-port >quit" | nc 127.0.0.1 4711)" listening="$(lsof -Pni:53)" - if [[ ! -z "$port" ]]; then - if [[ "${1}" != "web" ]] && [[ "$port" -eq 53 ]]; then - analyze_ports "${listening}" - fi - else + if [[ "${port}" == "0" ]]; then case "${1}" in "web") echo "-1";; *) echo -e " ${CROSS} DNS service is NOT listening";; esac return 0 + else + if [[ "${1}" != "web" ]] && [[ "$port" -eq 53 ]]; then + analyze_ports "${listening}" + fi fi fi + # Determine if Pi-hole's blocking is enabled if grep -q "BLOCKING_ENABLED=false" /etc/pihole/setupVars.conf; then # A config is commented out @@ -361,7 +362,6 @@ statusFunc() { "${PI_HOLE_BIN_DIR}"/pihole enable fi - fi } tailFunc() { From 71ed842dfd782d2b20315493e9684a02297ca9f0 Mon Sep 17 00:00:00 2001 From: Matthew Nickson Date: Tue, 28 Dec 2021 18:32:06 +0000 Subject: [PATCH 09/18] Fixed path to 404 file when using custom.php (#4488) Signed-off-by: Computroniks --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index bd2bf4c3..9a975f4b 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1334,7 +1334,7 @@ installConfigs() { chmod 644 /etc/lighttpd/external.conf # If there is a custom block page in the html/pihole directory, replace 404 handler in lighttpd config if [[ -f "${PI_HOLE_BLOCKPAGE_DIR}/custom.php" ]]; then - sed -i 's/^\(server\.error-handler-404\s*=\s*\).*$/\1"pihole\/custom\.php"/' "${lighttpdConfig}" + sed -i 's/^\(server\.error-handler-404\s*=\s*\).*$/\1"\/pihole\/custom\.php"/' "${lighttpdConfig}" fi # Make the directories if they do not exist and set the owners mkdir -p /run/lighttpd From 2b52f9264769e9b1254da9552bd65df46f198cdf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Tue, 28 Dec 2021 19:36:32 +0100 Subject: [PATCH 10/18] Inlcude port also in cli output MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- pihole | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pihole b/pihole index d9f8b5fa..f93da52c 100755 --- a/pihole +++ b/pihole @@ -350,7 +350,8 @@ statusFunc() { # Configs are set case "${1}" in "web") echo "$port";; - *) echo -e " ${TICK} Pi-hole blocking is enabled";; + *) echo -e " ${TICK} Pi-hole blocking is enabled. FTL is listening on port ${port}" + ;; esac else # No configs were found From bcb59159ed659c7c8e2ccec8447285aede7f6845 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Tue, 28 Dec 2021 19:52:11 +0100 Subject: [PATCH 11/18] Analyse port also on ports other than 53 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- pihole | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pihole b/pihole index f93da52c..a8f20b69 100755 --- a/pihole +++ b/pihole @@ -325,7 +325,7 @@ statusFunc() { else #get the port pihole-FTL is listening on by using FTL's telnet API port="$(echo ">dns-port >quit" | nc 127.0.0.1 4711)" - listening="$(lsof -Pni:53)" + listening="$(lsof -Pni:${port})" if [[ "${port}" == "0" ]]; then case "${1}" in "web") echo "-1";; @@ -333,7 +333,8 @@ statusFunc() { esac return 0 else - if [[ "${1}" != "web" ]] && [[ "$port" -eq 53 ]]; then + if [[ "${1}" != "web" ]]; then + echo -e " ${TICK} FTL is listening on port ${port}" analyze_ports "${listening}" fi fi @@ -350,8 +351,7 @@ statusFunc() { # Configs are set case "${1}" in "web") echo "$port";; - *) echo -e " ${TICK} Pi-hole blocking is enabled. FTL is listening on port ${port}" - ;; + *) echo -e " ${TICK} Pi-hole blocking is enabled";; esac else # No configs were found From 3989cc19e9a50a84fc996c870a94d044d1d152f1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Tue, 28 Dec 2021 19:55:42 +0100 Subject: [PATCH 12/18] Remove double text output MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- pihole | 1 - 1 file changed, 1 deletion(-) diff --git a/pihole b/pihole index a8f20b69..cd18b273 100755 --- a/pihole +++ b/pihole @@ -285,7 +285,6 @@ Options: analyze_ports() { # FTL is listening at least on at least one port when this # function is getting called - echo -e " ${TICK} DNS service is listening on port 53" # Check individual address family/protocol combinations # For a healthy Pi-hole, they should all be up (nothing printed) if grep -q "IPv4.*UDP" <<< "${1}"; then From 5bd7cc9c9d9be16bc6cd499635a19a042088c97e Mon Sep 17 00:00:00 2001 From: WaLLy3K Date: Sun, 2 Jan 2022 05:02:20 +1100 Subject: [PATCH 13/18] Replace `which` with `command -v` (#4499) Signed-off-by: WaLLy3K WaLLy3K@users.noreply.github.com --- automated install/basic-install.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 5b8de022..e3a9764f 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -2277,7 +2277,7 @@ FTLcheckUpdate() { printf " %b Checking for existing FTL binary...\\n" "${INFO}" local ftlLoc - ftlLoc=$(which pihole-FTL 2>/dev/null) + ftlLoc=$(command -v pihole-FTL 2>/dev/null) local ftlBranch @@ -2315,7 +2315,7 @@ FTLcheckUpdate() { # We already have a pihole-FTL binary downloaded. # Alt branches don't have a tagged version against them, so just confirm the checksum of the local vs remote to decide whether we download or not remoteSha1=$(curl -sSL --fail "https://ftl.pi-hole.net/${ftlBranch}/${binary}.sha1" | cut -d ' ' -f 1) - localSha1=$(sha1sum "$(which pihole-FTL)" | cut -d ' ' -f 1) + localSha1=$(sha1sum "$(command -v pihole-FTL)" | cut -d ' ' -f 1) if [[ "${remoteSha1}" != "${localSha1}" ]]; then printf " %b Checksums do not match, downloading from ftl.pi-hole.net.\\n" "${INFO}" @@ -2345,7 +2345,7 @@ FTLcheckUpdate() { printf " %b Latest FTL Binary already installed (%s). Confirming Checksum...\\n" "${INFO}" "${FTLlatesttag}" remoteSha1=$(curl -sSL --fail "https://github.com/pi-hole/FTL/releases/download/${FTLversion%$'\r'}/${binary}.sha1" | cut -d ' ' -f 1) - localSha1=$(sha1sum "$(which pihole-FTL)" | cut -d ' ' -f 1) + localSha1=$(sha1sum "$(command -v pihole-FTL)" | cut -d ' ' -f 1) if [[ "${remoteSha1}" != "${localSha1}" ]]; then printf " %b Corruption detected...\\n" "${INFO}" From 0e359a6321ff77581795a1fb76e20773ca30d81d Mon Sep 17 00:00:00 2001 From: yubiuser Date: Tue, 4 Jan 2022 09:40:07 +0100 Subject: [PATCH 14/18] Set dnsmasq interface listening by default to local (#4509) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- automated install/basic-install.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index e3a9764f..5f69eb73 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1731,7 +1731,7 @@ finalExports() { # If the setup variable file exists, if [[ -e "${setupVars}" ]]; then # update the variables in the file - sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1\b/d;/PIHOLE_DNS_2\b/d;/QUERY_LOGGING/d;/INSTALL_WEB_SERVER/d;/INSTALL_WEB_INTERFACE/d;/LIGHTTPD_ENABLED/d;/CACHE_SIZE/d;/DNS_FQDN_REQUIRED/d;/DNS_BOGUS_PRIV/d;' "${setupVars}" + sed -i.update.bak '/PIHOLE_INTERFACE/d;/IPV4_ADDRESS/d;/IPV6_ADDRESS/d;/PIHOLE_DNS_1\b/d;/PIHOLE_DNS_2\b/d;/QUERY_LOGGING/d;/INSTALL_WEB_SERVER/d;/INSTALL_WEB_INTERFACE/d;/LIGHTTPD_ENABLED/d;/CACHE_SIZE/d;/DNS_FQDN_REQUIRED/d;/DNS_BOGUS_PRIV/d;/DNSMASQ_LISTENING/d;' "${setupVars}" fi # echo the information to the user { @@ -1747,6 +1747,7 @@ finalExports() { echo "CACHE_SIZE=${CACHE_SIZE}" echo "DNS_FQDN_REQUIRED=${DNS_FQDN_REQUIRED:-true}" echo "DNS_BOGUS_PRIV=${DNS_BOGUS_PRIV:-true}" + echo "DNSMASQ_LISTENING=${DNSMASQ_LISTENING:-local}" }>> "${setupVars}" chmod 644 "${setupVars}" From 241e53ed454ab6a1ee02b071da848390d2b8c55e Mon Sep 17 00:00:00 2001 From: yubiuser Date: Tue, 4 Jan 2022 20:06:41 +0100 Subject: [PATCH 15/18] Skip debug upload question if called from web interface (#4494) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Skip debug upload question if called from web interface Signed-off-by: Christian König * Suppress upload error if users opt-out from uploading from web interface Signed-off-by: Christian König * Fix and reverse logic Signed-off-by: Christian König * Remove addtional space Signed-off-by: Christian König * Include reviewer's comment :D Co-authored-by: Adam Warner Co-authored-by: Adam Warner --- advanced/Scripts/piholeDebug.sh | 36 ++++++++++++++++++++------------- 1 file changed, 22 insertions(+), 14 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 3ac63e80..62e2732d 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -1386,9 +1386,9 @@ upload_to_tricorder() { log_write "${TICK} ${COL_GREEN}** FINISHED DEBUGGING! **${COL_NC}\\n" # Provide information on what they should do with their token - log_write " * The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only." + log_write " * The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only." - # If pihole -d is running automatically (usually through the dashboard) + # If pihole -d is running automatically if [[ "${AUTOMATED}" ]]; then # let the user know log_write "${INFO} Debug script running in automated mode" @@ -1396,16 +1396,19 @@ upload_to_tricorder() { curl_to_tricorder # If we're not running in automated mode, else - echo "" - # give the user a choice of uploading it or not - # Users can review the log file locally (or the output of the script since they are the same) and try to self-diagnose their problem - read -r -p "[?] Would you like to upload the log? [y/N] " response - case ${response} in - # If they say yes, run our function for uploading the log - [yY][eE][sS]|[yY]) curl_to_tricorder;; - # If they choose no, just exit out of the script - *) log_write " * Log will ${COL_GREEN}NOT${COL_NC} be uploaded to tricorder.\\n * A local copy of the debug log can be found at: ${COL_CYAN}${PIHOLE_DEBUG_LOG}${COL_NC}\\n";exit; - esac + # if not being called from the web interface + if [[ ! "${WEBCALL}" ]]; then + echo "" + # give the user a choice of uploading it or not + # Users can review the log file locally (or the output of the script since they are the same) and try to self-diagnose their problem + read -r -p "[?] Would you like to upload the log? [y/N] " response + case ${response} in + # If they say yes, run our function for uploading the log + [yY][eE][sS]|[yY]) curl_to_tricorder;; + # If they choose no, just exit out of the script + *) log_write " * Log will ${COL_GREEN}NOT${COL_NC} be uploaded to tricorder.\\n * A local copy of the debug log can be found at: ${COL_CYAN}${PIHOLE_DEBUG_LOG}${COL_NC}\\n";exit; + esac + fi fi # Check if tricorder.pi-hole.net is reachable and provide token # along with some additional useful information @@ -1425,8 +1428,13 @@ upload_to_tricorder() { # If no token was generated else # Show an error and some help instructions - log_write "${CROSS} ${COL_RED}There was an error uploading your debug log.${COL_NC}" - log_write " * Please try again or contact the Pi-hole team for assistance." + # Skip this if being called from web interface and autmatic mode was not chosen (users opt-out to upload) + if [[ "${WEBCALL}" ]] && [[ ! "${AUTOMATED}" ]]; then + : + else + log_write "${CROSS} ${COL_RED}There was an error uploading your debug log.${COL_NC}" + log_write " * Please try again or contact the Pi-hole team for assistance." + fi fi # Finally, show where the log file is no matter the outcome of the function so users can look at it log_write " * A local copy of the debug log can be found at: ${COL_CYAN}${PIHOLE_DEBUG_LOG}${COL_NC}\\n" From c6a2a6f7398cd35e89f0d444a047644e7688aa73 Mon Sep 17 00:00:00 2001 From: yubiuser Date: Tue, 4 Jan 2022 20:09:30 +0100 Subject: [PATCH 16/18] Install pihole-FTL.conf template on fresh installation (#4496) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Templates/pihole-FTL.conf | 2 ++ automated install/basic-install.sh | 4 ++-- 2 files changed, 4 insertions(+), 2 deletions(-) create mode 100644 advanced/Templates/pihole-FTL.conf diff --git a/advanced/Templates/pihole-FTL.conf b/advanced/Templates/pihole-FTL.conf new file mode 100644 index 00000000..269fcf9d --- /dev/null +++ b/advanced/Templates/pihole-FTL.conf @@ -0,0 +1,2 @@ +#; Pi-hole FTL config file +#; Comments should start with #; to avoid issues with PHP and bash reading this file diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 5f69eb73..465c8cc1 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -1299,10 +1299,10 @@ installConfigs() { echo "${DNS_SERVERS}" > "${PI_HOLE_CONFIG_DIR}/dns-servers.conf" chmod 644 "${PI_HOLE_CONFIG_DIR}/dns-servers.conf" - # Install empty file if it does not exist + # Install template file if it does not exist if [[ ! -r "${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf" ]]; then install -d -m 0755 ${PI_HOLE_CONFIG_DIR} - if ! install -o pihole -m 664 /dev/null "${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf" &>/dev/null; then + if ! install -T -o pihole -m 664 "${PI_HOLE_LOCAL_REPO}/advanced/Templates/pihole-FTL.conf" "${PI_HOLE_CONFIG_DIR}/pihole-FTL.conf" &>/dev/null; then printf " %bError: Unable to initialize configuration file %s/pihole-FTL.conf\\n" "${COL_LIGHT_RED}" "${PI_HOLE_CONFIG_DIR}" return 1 fi From 7807a93e10f114982a31d8d224827b8e14846dec Mon Sep 17 00:00:00 2001 From: Adam Warner Date: Tue, 4 Jan 2022 21:46:06 +0000 Subject: [PATCH 17/18] If PIHOLE_DOCKER_TAG is set, then include that info in the debug run (#4515) Signed-off-by: Adam Warner --- advanced/Scripts/piholeDebug.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 62e2732d..ef85ed10 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -467,6 +467,9 @@ diagnose_operating_system() { # Display the current test that is running echo_current_diagnostic "Operating system" + # If the PIHOLE_DOCKER_TAG variable is set, include this information in the debug output + [ -n "${PIHOLE_DOCKER_TAG}" ] && log_write "${INFO} Pi-hole Docker Container: ${PIHOLE_DOCKER_TAG}" + # If there is a /etc/*release file, it's probably a supported operating system, so we can if ls /etc/*release 1> /dev/null 2>&1; then # display the attributes to the user from the function made earlier From 5823f5e254e33c3f6b5d1dcd1a94564c67fe3f0d Mon Sep 17 00:00:00 2001 From: DL6ER Date: Wed, 5 Jan 2022 17:41:46 +0100 Subject: [PATCH 18/18] Use ss instead of lsof (#4518) * Use ss instead of lsof for pihole status checks Signed-off-by: DL6ER * Use ss FILTER instead of piping into bash Signed-off-by: DL6ER * Use ss in debug log generation Signed-off-by: DL6ER * Remove lsof from dependencies Signed-off-by: DL6ER --- advanced/Scripts/piholeDebug.sh | 26 +++++++++++--------------- automated install/basic-install.sh | 4 ++-- pihole | 14 ++++++++------ 3 files changed, 21 insertions(+), 23 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index ef85ed10..dc4a2729 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -733,11 +733,11 @@ compare_port_to_service_assigned() { # If the service is a Pi-hole service, highlight it in green if [[ "${service_name}" == "${expected_service}" ]]; then - log_write "[${COL_GREEN}${port}${COL_NC}] is in use by ${COL_GREEN}${service_name}${COL_NC}" + log_write "${TICK} ${COL_GREEN}${port}${COL_NC} is in use by ${COL_GREEN}${service_name}${COL_NC}" # Otherwise, else # Show the service name in red since it's non-standard - log_write "[${COL_RED}${port}${COL_NC}] is in use by ${COL_RED}${service_name}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS_PORTS})" + log_write "${CROSS} ${COL_RED}${port}${COL_NC} is in use by ${COL_RED}${service_name}${COL_NC} (${FAQ_HARDWARE_REQUIREMENTS_PORTS})" fi } @@ -753,32 +753,28 @@ check_required_ports() { # Sort the addresses and remove duplicates while IFS= read -r line; do ports_in_use+=( "$line" ) - done < <( lsof -iTCP -sTCP:LISTEN -P -n +c 10 ) + done < <( ss --listening --numeric --tcp --udp --processes --oneline --no-header ) # Now that we have the values stored, for i in "${!ports_in_use[@]}"; do # loop through them and assign some local variables local service_name - service_name=$(echo "${ports_in_use[$i]}" | awk '{print $1}') + service_name=$(echo "${ports_in_use[$i]}" | awk '{gsub(/users:\(\("/,"",$7);gsub(/".*/,"",$7);print $7}') local protocol_type - protocol_type=$(echo "${ports_in_use[$i]}" | awk '{print $5}') + protocol_type=$(echo "${ports_in_use[$i]}" | awk '{print $1}') local port_number - port_number="$(echo "${ports_in_use[$i]}" | awk '{print $9}')" + port_number="$(echo "${ports_in_use[$i]}" | awk '{print $5}')" # | awk '{gsub(/^.*:/,"",$5);print $5}') - # Skip the line if it's the titles of the columns the lsof command produces - if [[ "${service_name}" == COMMAND ]]; then - continue - fi # Use a case statement to determine if the right services are using the right ports - case "$(echo "$port_number" | rev | cut -d: -f1 | rev)" in - 53) compare_port_to_service_assigned "${resolver}" "${service_name}" 53 + case "$(echo "${port_number}" | rev | cut -d: -f1 | rev)" in + 53) compare_port_to_service_assigned "${resolver}" "${service_name}" "${protocol_type}:${port_number}" ;; - 80) compare_port_to_service_assigned "${web_server}" "${service_name}" 80 + 80) compare_port_to_service_assigned "${web_server}" "${service_name}" "${protocol_type}:${port_number}" ;; - 4711) compare_port_to_service_assigned "${ftl}" "${service_name}" 4711 + 4711) compare_port_to_service_assigned "${ftl}" "${service_name}" "${protocol_type}:${port_number}" ;; # If it's not a default port that Pi-hole needs, just print it out for the user to see - *) log_write "${port_number} ${service_name} (${protocol_type})"; + *) log_write " ${protocol_type}:${port_number} is in use by ${service_name:=}"; esac done } diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 465c8cc1..3780f7b0 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -287,7 +287,7 @@ package_manager_detect() { # Packages required to run this install script (stored as an array) INSTALLER_DEPS=(git iproute2 whiptail ca-certificates) # Packages required to run Pi-hole (stored as an array) - PIHOLE_DEPS=(cron curl iputils-ping lsof psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data libcap2 netcat) + PIHOLE_DEPS=(cron curl iputils-ping psmisc sudo unzip idn2 sqlite3 libcap2-bin dns-root-data libcap2 netcat) # Packages required for the Web admin interface (stored as an array) # It's useful to separate this from Pi-hole, since the two repos are also setup separately PIHOLE_WEB_DEPS=(lighttpd "${phpVer}-common" "${phpVer}-cgi" "${phpVer}-sqlite3" "${phpVer}-xml" "${phpVer}-intl") @@ -332,7 +332,7 @@ package_manager_detect() { PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l" OS_CHECK_DEPS=(grep bind-utils) INSTALLER_DEPS=(git iproute newt procps-ng which chkconfig ca-certificates) - PIHOLE_DEPS=(cronie curl findutils sudo unzip libidn2 psmisc sqlite libcap lsof nmap-ncat) + PIHOLE_DEPS=(cronie curl findutils sudo unzip libidn2 psmisc sqlite libcap nmap-ncat) PIHOLE_WEB_DEPS=(lighttpd lighttpd-fastcgi php-common php-cli php-pdo php-xml php-json php-intl) LIGHTTPD_USER="lighttpd" LIGHTTPD_GROUP="lighttpd" diff --git a/pihole b/pihole index cd18b273..8af47dc8 100755 --- a/pihole +++ b/pihole @@ -283,26 +283,29 @@ Options: } analyze_ports() { + local lv4 lv6 port=${1} # FTL is listening at least on at least one port when this # function is getting called # Check individual address family/protocol combinations # For a healthy Pi-hole, they should all be up (nothing printed) - if grep -q "IPv4.*UDP" <<< "${1}"; then + lv4="$(ss --ipv4 --listening --numeric --tcp --udp src :${port})" + if grep -q "udp " <<< "${lv4}"; then echo -e " ${TICK} UDP (IPv4)" else echo -e " ${CROSS} UDP (IPv4)" fi - if grep -q "IPv4.*TCP" <<< "${1}"; then + if grep -q "tcp " <<< "${lv4}"; then echo -e " ${TICK} TCP (IPv4)" else echo -e " ${CROSS} TCP (IPv4)" fi - if grep -q "IPv6.*UDP" <<< "${1}"; then + lv6="$(ss --ipv6 --listening --numeric --tcp --udp src :${port})" + if grep -q "udp " <<< "${lv6}"; then echo -e " ${TICK} UDP (IPv6)" else echo -e " ${CROSS} UDP (IPv6)" fi - if grep -q "IPv6.*TCP" <<< "${1}"; then + if grep -q "tcp " <<< "${lv6}"; then echo -e " ${TICK} TCP (IPv6)" else echo -e " ${CROSS} TCP (IPv6)" @@ -324,7 +327,6 @@ statusFunc() { else #get the port pihole-FTL is listening on by using FTL's telnet API port="$(echo ">dns-port >quit" | nc 127.0.0.1 4711)" - listening="$(lsof -Pni:${port})" if [[ "${port}" == "0" ]]; then case "${1}" in "web") echo "-1";; @@ -334,7 +336,7 @@ statusFunc() { else if [[ "${1}" != "web" ]]; then echo -e " ${TICK} FTL is listening on port ${port}" - analyze_ports "${listening}" + analyze_ports "${port}" fi fi fi