DL6ER
0711f4d63a
Revert "Enable DNS forwarding loop detection"
4 years ago
Adam Warner
d2e9a20d96
Merge pull request #3859 from yubiuser/tweak/debug_pihole-FTL_status
...
Add systemctl status --full --no-pager pihole-FTL.service to the debug log
4 years ago
DL6ER
d4c33e5188
Include the raw messages from the Pi-hole diagnosis systems in debug logs
...
Signed-off-by: DL6ER <dl6er@dl6er.de>
4 years ago
Christian König
70c48afc04
Add else statement
...
Signed-off-by: Christian König <ckoenig@posteo.de>
4 years ago
Christian König
ec5183b553
Rename function
...
Signed-off-by: Christian König <ckoenig@posteo.de>
4 years ago
Christian König
50316ee617
Add systemctl status --full --no-pager pihole-FTL.service to the debug log
...
Signed-off-by: Christian König <ckoenig@posteo.de>
4 years ago
Adam Warner
1c2c10c4a5
Merge pull request #3761 from BastiG/development
...
read REV_SERVER_CIDR from environment
4 years ago
Adam Warner
e03585e0bb
Merge pull request #3810 from deHakkelaar/patch-5
...
Enable DNS forwarding loop detection
4 years ago
Adam Warner
cd8120d33f
Add some output to the --nuke command
...
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
4 years ago
Adam Warner
4abd8196ae
Merge pull request #3349 from Forceflow/development
...
Fix for pihole -w --nuke displaying help info even if command is exec…
4 years ago
Craig Mayhew
95a28ae125
unset() now also occurs for $splashPage
...
After some email discussion with Adam, there is a preference to also prevent $splashPage from using variables
Signed-off-by: craigmayhew <craig@mayhew.io>
4 years ago
Craig Mayhew
e5c7549f8f
Fixed potential security issue with $landPage receiving variables
...
Signed-off-by: craigmayhew <craig@mayhew.io>
4 years ago
deHakkelaar
ad39ba30bd
Enable DNS forwarding loop detection
...
Found below by accident:
```
pi@ph5:~ $ man dnsmasq
[..]
--dns-loop-detect
Enable code to detect DNS forwarding loops; ie the situa‐
tion where a query sent to one of the upstream server
eventually returns as a new query to the dnsmasq instance.
The process works by generating TXT queries of the form
<hex>.test and sending them to each upstream server. The
hex is a UID which encodes the instance of dnsmasq sending
the query and the upstream server to which it was sent. If
the query returns to the server which sent it, then the
upstream server through which it was sent is disabled and
this event is logged. Each time the set of upstream
servers changes, the test is re-run on all of them, in‐
cluding ones which were previously disabled.
```
Seems to work just fine if I point my router 10.0.0.1 back to Pi-hole in the WAN DNS settings:
```
pi@ph5:~ $ grep server= -R /etc/dnsmasq.*
/etc/dnsmasq.d/01-pihole.conf:server=9.9.9.10
/etc/dnsmasq.d/01-pihole.conf:server=149.112.112.10
/etc/dnsmasq.d/01-pihole.conf:server=10.0.0.1
/etc/dnsmasq.d/01-pihole.conf:rev-server=10.0.0.0/24,10.0.0.2
/etc/dnsmasq.d/01-pihole.conf:server=/dehakkelaar.nl/10.0.0.2
/etc/dnsmasq.d/01-pihole.conf:server=/use-application-dns.net/
```
```
pi@ph5:~ $ sudo tee /etc/dnsmasq.d/99-my-settings.conf <<< $'dns-loop-detect'
dns-loop-detect
```
```
pi@ph5:~ $ pihole restartdns
[✓] Restarting DNS server
```
```
pi@ph5:~ $ tail -F /var/log/pihole.log
[..]
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 10.0.0.2#53 for domain dehakkelaar.nl
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 10.0.0.2#53 for domain 0.0.10.in-addr.arpa
Oct 22 18:17:41 dnsmasq[17301]: NOT using nameserver 10.0.0.1#53 - query loop detected
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 149.112.112.10#53
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 9.9.9.10#53
```
4 years ago
DL6ER
50100017a5
Merge pull request #3794 from pi-hole/security/non_FQDNs_locality
...
Security enhancement for the "never forward non-FQDNs" feature
4 years ago
Adam Warner
59b0a6af6f
Remove references to privacy level 4 (no longer functional)
...
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
4 years ago
bcambl
47aa1644a8
add debug checking for firewalld
...
Signed-off-by: bcambl <blayne@blaynecampbell.com>
4 years ago
DL6ER
08a84e51d6
Only add local=/<domain>/ when the "only forward FQDN queries" function is enabled to prevent unintended side-effects of this change
...
Signed-off-by: DL6ER <dl6er@dl6er.de>
4 years ago
DL6ER
d631cd8b04
Security enhancement for the "never forward non-FQDNs" feature. This should prevent all local queries from being forwarded (will show up as blocked by regex) as well as any hostname without a domain (for example one word searches from the address bar in browsers). This fixes #3303
...
Signed-off-by: DL6ER <dl6er@dl6er.de>
4 years ago
Adam Warner
0445559610
Accidentally a number ( #3788 )
...
Co-authored-by: MichaIng <micha@dietpi.com>
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
Co-authored-by: MichaIng <micha@dietpi.com>
4 years ago
Adam Warner
948337dd8e
Merge pull request #3740 from pi-hole/new/adlist_date_updated
...
Add date_updated field to adlist table
4 years ago
Adam Warner
fe463f15b3
Merge pull request #3741 from pi-hole/new/debug_scan_dhcp
...
Discover active DHCP servers during debugger run
4 years ago
Christian König
568ebd67ca
Update comment
...
Signed-off-by: Christian König <ckoenig@posteo.de>
4 years ago
Christian König
c628c970ae
Print tail of logs in /var/log/lighttpd in debug run as well
...
Signed-off-by: Christian König <ckoenig@posteo.de>
4 years ago
Sebastian Gmeiner
8041bbf443
read REV_SERVER_CIDR from environment
...
Signed-off-by: Sebastian Gmeiner <sebastian@gmeiners.net>
4 years ago
DirkJanIT
b88510d89a
Add CACHE_SIZE to setupVars ( #3170 )
...
* Update 01-pihole.conf
Signed-off-by: DoubleOhmSeven <57564379+DoubleOhmSeven@users.noreply.github.com>
* Update basic-install.sh
Signed-off-by: DoubleOhmSeven <57564379+DoubleOhmSeven@users.noreply.github.com>
Co-authored-by: DoubleOhmSeven <57564379+DoubleOhmSeven@users.noreply.github.com>
4 years ago
DL6ER
41e899260f
Discover active DHCP servers during debugger run
...
Signed-off-by: DL6ER <dl6er@dl6er.de>
4 years ago
DL6ER
12b9748c43
Fine-tune adlist:adte_modified trigger and don't default new date_updated column to now but use NULL instead
...
Signed-off-by: DL6ER <dl6er@dl6er.de>
4 years ago
DL6ER
4fd412d7c3
Add date_updated field in adlist table set when a list changes.
...
Signed-off-by: DL6ER <dl6er@dl6er.de>
4 years ago
Michael Paul Killian
5eabf4255b
Sign-off for DCO
...
Signed-off-by: Michael Paul Killian <spammyreset-github@gmail.com>
4 years ago
Michael Paul Killian
538827397c
Update index.php
...
See #3736
4 years ago
Adam Warner
b8cd238fa1
Update advanced/Scripts/piholeDebug.sh
...
Co-authored-by: DL6ER <DL6ER@users.noreply.github.com>
4 years ago
Adam Warner
8e219cb799
Make output more meaningful in case of dig failure.
...
Include dig return code and response in debug run
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
4 years ago
Dan Schaper
ebdb68a47a
display_warning fixes
...
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
4 years ago
Dan Schaper
623ce1fe18
Tabs and debug.sh
...
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
4 years ago
Adam Warner
bb1a6243d6
Merge pull request #3669 from pi-hole/release/v5.1.2
...
Release/v5.1.2 to development
4 years ago
Samuel Boucher
d4dd446ba3
Update advanced/Scripts/chronometer.sh
...
Co-authored-by: Dan Schaper <dan.schaper@pi-hole.net>
Signed-off-by: Samuel Boucher <scboucher@users.noreply.github.com>
4 years ago
Samuel Boucher
8b4921405a
Upercase the temp_unit
...
Signed-off-by: Samuel Boucher <scboucher@users.noreply.github.com>
4 years ago
Nathan Friend
5a48478196
Update "About Pi-hole" link
...
Signed-off-by: Nathan Friend <nathan@gitlab.com>
4 years ago
Aiden Mitchell
7c53b97004
Updating FAQ_HARDWARE_REQUIREMENTS and FAQ_HARDWARE_REQUIREMENTS_PORTS ( #3632 )
...
Signed-off-by: Aiden Mitchell <aiden@bcyouthcouncil.ca>
Co-authored-by: Adam Warner <me@adamwarner.co.uk>
4 years ago
DL6ER
8f7f0881c6
Add /usr/sbin to cronjob PATH
...
Signed-off-by: DL6ER <dl6er@dl6er.de>
4 years ago
DL6ER
17aabf26f7
Also use pkill/pgrep in the FTL service script
...
Signed-off-by: DL6ER <dl6er@dl6er.de>
4 years ago
Adam Warner
f50cff54de
*innocent whistling*
...
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
4 years ago
Adam Warner
849139176e
fallback to NC if curl fails on uploadgit checkout
...
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
4 years ago
Adam Warner
b8bba7951f
Just one more newline, give it to me.
...
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
4 years ago
Adam Warner
76ce5ec66b
Add additional information about local debug log location
...
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
4 years ago
Adam Warner
7b41b99549
Merge pull request #2887 from tlk/fix/reenable
...
Prevent "pihole disable $timeout" from messing up future state changes
4 years ago
XhmikosR
d8822b70cf
Fix minor typo
...
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
4 years ago
XhmikosR
cf1c1e2e7e
Tweak lighttpd configs
...
* Compress more types
* Add charset=utf-8 in more text types
* Use proper media types
* Add default expire header
* Use consistent indentation
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
4 years ago
Adam Warner
f5a5f68a1a
Merge pull request #3403 from XhmikosR/XhmikosR-patch-1
...
Fix/tweak blocking page
4 years ago
Adam Warner
3205606fc3
Also validate IPV6 in the `setdns` function
...
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
4 years ago