1
0
mirror of https://github.com/pi-hole/pi-hole synced 2024-12-23 07:18:07 +00:00
Commit Graph

257 Commits

Author SHA1 Message Date
DL6ER
49810262db
When there is a Pi-hole domain set and "Never forward non-FQDNs" is ticked, we add to tell FTL that this domain is purely local and FTL may answer queries from /etc/hosts or DHCP but should never forward queries on that domain to any upstream servers
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-12-01 09:16:50 +01:00
Adam Warner
58bc98ca44
Update advanced/Scripts/webpage.sh
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-11-30 22:30:59 +00:00
Adam Warner
4093959d3e
Appease stickler
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-11-30 21:55:07 +00:00
Adam Warner
06c5fe2a89
Set REV_SERVER_CIDR in the else condition if it is not in-addr.arpa
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-11-30 21:29:54 +00:00
Adam Warner
6cb8f3f403
Add some comments
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-11-30 21:18:25 +00:00
Adam Warner
e004d27b28
Fix processing of CONDITIONAL_FORWARDING_REVERSE
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-11-30 18:58:23 +00:00
Adam Warner
1c2c10c4a5
Merge pull request #3761 from BastiG/development
read REV_SERVER_CIDR from environment
2020-11-18 21:56:08 +00:00
DL6ER
50100017a5
Merge pull request #3794 from pi-hole/security/non_FQDNs_locality
Security enhancement for the "never forward non-FQDNs" feature
2020-10-21 21:09:05 +02:00
Adam Warner
59b0a6af6f
Remove references to privacy level 4 (no longer functional)
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-10-13 23:53:23 +01:00
DL6ER
08a84e51d6
Only add local=/<domain>/ when the "only forward FQDN queries" function is enabled to prevent unintended side-effects of this change
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-10-10 11:23:55 +02:00
DL6ER
d631cd8b04
Security enhancement for the "never forward non-FQDNs" feature. This should prevent all local queries from being forwarded (will show up as blocked by regex) as well as any hostname without a domain (for example one word searches from the address bar in browsers). This fixes #3303
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-10-10 11:01:01 +02:00
Sebastian Gmeiner
8041bbf443 read REV_SERVER_CIDR from environment
Signed-off-by: Sebastian Gmeiner <sebastian@gmeiners.net>
2020-09-25 15:26:43 +02:00
Adam Warner
3205606fc3
Also validate IPV6 in the setdns function
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-06-23 20:38:18 +01:00
Dan Schaper
3aaf9d89b3
Merge pull request #3260 from pi-hole/new/rev-server
Improve conditional forwarding
2020-06-21 13:26:07 -07:00
DL6ER
9bf0f2a161
Reduce handholding when trying to foresee the intentions of the user. The code does now preserve legacy behavior and users can open up the subnet manually if they like.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-06-21 21:47:30 +02:00
Adam Warner
011fa8c6ea
fix sticklr complaint
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-06-13 21:47:00 +01:00
Adam Warner
0320d85028
Additionally source the install script in webpage.sh to validate IP entered on pihole -a setdns
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-06-13 20:57:57 +01:00
DL6ER
2b1bc6a46e
Replace possible "\#" by "#". This fixes AdminLTE#1427
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-06-04 09:32:40 +02:00
DL6ER
6160eb6894
This regex is too complex for bash's own replacement. Add ignore for the shellcheck rule.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-06-04 09:22:40 +02:00
DL6ER
318ca75269
Merge branch 'development' into new/rev-server 2020-06-04 08:56:08 +02:00
Frank Riley
9d04c517e6 Reload the lists, which will cause the cached privacy level to be updated.
Signed-off-by: Frank Riley <fhriley@gmail.com>
2020-05-20 15:47:53 -07:00
DL6ER
b421e422c2
Merge pull request #3351 from marank/development
Added support for CNAME record add/remove
2020-05-20 09:13:54 +02:00
Adam Warner
be25b4d9c4
Merge pull request #3352 from pi-hole/merge-master-dev
Merge master dev
2020-05-12 22:27:24 +01:00
DL6ER
a9c66c7b45
Implement pihole -a theme option
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-05-12 23:03:49 +02:00
Matthias Rank
2b9898e9ca Fixed indentation
Signed-off-by: Matthias Rank <development@m-rank.de>
2020-05-12 21:04:30 +02:00
Matthias Rank
0add5eb291 Added support for CNAME record add/remvoe
Signed-off-by: Matthias Rank <development@m-rank.de>
2020-05-12 21:02:29 +02:00
DL6ER
78469ee58d
Merge pull request #3255 from pi-hole/tweak/emailregex
Enhanced email validation regex
2020-05-06 09:48:26 +02:00
Adam Warner
369288cc48
Update advanced/Scripts/webpage.sh
Co-authored-by: DL6ER <DL6ER@users.noreply.github.com>
2020-05-06 08:40:54 +01:00
DL6ER
989bbad37e
Remove pihole -a hostrecord
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-04-23 13:20:15 +02:00
DL6ER
093054a1eb
Automatically convert legacy IP range to Class C network
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-04-09 09:49:07 +02:00
DL6ER
4130af0aab
Retain rev-server settings when the feature gets disabled.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-04-09 09:05:50 +02:00
DL6ER
90a5a13197
Convert CONDITIONAL_FORWARDING to REV_SERVER settings. Try to detect intended CIDR range automatically.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-04-08 15:35:35 +02:00
Adam Warner
26f71e4dbe
accidentally a space
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-04-05 12:34:14 +01:00
Adam Warner
b6ac1585ec
add regex attribution
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-04-05 12:29:45 +01:00
Adam Warner
a9b19df4ec
expand email validation regex to catch more valid emails see comments on PR #3254
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-04-05 12:28:33 +01:00
M4x
2de5362adc
Sanitize email address in case of security issues (#3254)
* Sanitize email address in case of security issues

Signed-off-by: bash-c <aboultraman@gmail.com>
2020-04-05 10:20:35 +01:00
Adam Warner
7d19ee1b25
validate blocklist URL before adding to the database (#3237)
Signed-off-by: Adam Warner <me@adamwarner.co.uk>

Co-authored-by: DL6ER <dl6er@dl6er.de>
2020-03-31 21:48:10 +01:00
DL6ER
277179f150 Remove 19036 trust anchor, now expired: https://www.icann.org/resources/pages/ksk-rollover
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-03-27 19:34:41 +01:00
DL6ER
5c6dd3f6f4
Merge pull request #2978 from Mograine/patch-1
Add commands to add/remove custom DNS records
2019-11-29 13:25:09 +01:00
Mograine
c809c34024 Add user feedback
Signed-off-by: Mograine <ghiot.pierre@gmail.com>
2019-11-27 00:28:44 +01:00
Mograine
b93628acb3 Merge branch 'development' of https://github.com/Mograine/pi-hole into patch-1 2019-11-13 09:44:48 +01:00
DL6ER
7f7b9d089c
Merge pull request #2965 from pi-hole/tweak/BackendChangesForAdlistComments
backend changes to allow comment when adding new adlist
2019-11-12 21:50:19 +01:00
Mograine
193ff38ab3 Allow more precise deletion by passing ip as parameter
Signed-off-by: Mograine <ghiot.pierre@gmail.com>
2019-10-28 13:21:05 +01:00
Pierre Ghiot
f9d16c2b15 Update webpage.sh
Signed-off-by: Mograine <ghiot.pierre@gmail.com>
2019-10-27 16:55:54 +01:00
John Krull
c6f9fe3af2 Fix spelling of the word "permitting"
Signed-off-by: John Krull <john.a.krull@gmail.com>
2019-10-15 21:29:55 -05:00
Adam Warner
5bac1ad58b
backend changes to allow comment when adding new adlist
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2019-10-14 22:59:58 +01:00
Adam Warner
61a40c1b43
merge devel into 4.3.2 And Resolve merge conflicts
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2019-09-22 01:16:44 +01:00
DL6ER
1f36ec48e3
Add use-application-dns.net = NXDOMAIN in ProcessDNSSettings rather than in the template so we can ensure that it will survive config-renewals.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2019-09-07 23:11:20 +02:00
DL6ER
d8eee47ca4
Add dhcp-ignore-names option when enabling DHCP service. We currently remove anything that starts with "dhcp-" to have a clean configuration and removed these lines without noticing when enabling the DHCP server.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2019-08-28 22:10:26 -07:00
Dan Schaper
03c65dd0e9
Convert hardcoded /usr/local/bin to variable
Update pihole script with full path to 'pihole'

Variable for webpage.sh 'pihole' call.

Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
2019-08-24 04:49:14 -07:00
snapsl
20a839fef5 fixed local declaration before assignment
Signed-off-by: snapsl <chris.baller@gmx.de>
2019-08-15 11:20:55 +02:00
snapsl
b2d8c4374b tweaked code style of webpage.sh
Signed-off-by: snapsl <chris.baller@gmx.de>
2019-08-14 23:28:13 +02:00
DL6ER
5ff9052200
Review comments
Signed-off-by: DL6ER <dl6er@dl6er.de>
2019-07-09 11:41:44 +02:00
DL6ER
3d3fc2947e
Review comments
Signed-off-by: DL6ER <dl6er@dl6er.de>
2019-07-08 19:22:35 +02:00
DL6ER
8382f4d727
Rename table to domain_audit and simplify subroutine addAudit().
Signed-off-by: DL6ER <dl6er@dl6er.de>
2019-07-07 21:21:56 +02:00
DL6ER
0405aaa3da
Review comments and fixing stickler complaints.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2019-07-06 09:32:41 +02:00
DL6ER
2fb4256f84
Rename table to "auditlist"
Signed-off-by: DL6ER <dl6er@dl6er.de>
2019-07-05 16:28:36 +02:00
DL6ER
82476138c1
Instead of calling sqlite3 multiple times within a loop, we use the ability to add multiple rows within one INSERT clause. This is supported since sqlite3 3.7.11 (2012-03-20) and should be available on all systems.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2019-07-05 16:09:13 +02:00
DL6ER
5293beeb77
Update audit script to store domains in new database table.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2019-07-05 14:10:33 +02:00
DL6ER
1fe3507bc5
Adlists table was renamed to Adlist. Adapt further places in the code to match the new name.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2019-07-03 07:56:10 +02:00
DL6ER
c5df104a66
Add dhcp-ignore-names option when enabling DHCP service. We currently remove anything that starts with "dhcp-" to have a clean configuration and removed these lines without noticing when enabling the DHCP server.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2019-05-30 16:41:37 +02:00
Dan Schaper
7de6bbca61
Merge branch 'development' into release/v4.3 2019-05-18 13:18:14 -07:00
Mcat12
8e1bf6e3d4
Merge branch 'development' into new/gravitydb
# Conflicts:
#	advanced/Scripts/list.sh
#	gravity.sh
#	pihole
2019-05-12 15:20:52 -07:00
pvogt09
8a92fb24c4 Incorporates changes requested by @Mcat12
Signed-off-by: pvogt09 <50047961+pvogt09@users.noreply.github.com>
2019-05-01 11:20:26 +02:00
pvogt09
5c575e73c7 Adds world readable attribute to files created by Pi-hole to circumvent #2724
Signed-off-by: pvogt09 <50047961+pvogt09@users.noreply.github.com>
2019-04-30 22:41:12 +02:00
DL6ER
efeba594ae
Add support for manipulating adlists from the CLI
Signed-off-by: DL6ER <dl6er@dl6er.de>
2019-04-28 21:39:06 +02:00
Mark Drobnak
d2c7c426de
Fix teleporter backup file extension
Fixes #2714 

Signed-off-by: Mark Drobnak <mark.drobnak@gmail.com>
2019-04-22 19:43:26 -07:00
Mcat12
1cad069050
Add privacy level 4 to all privacy level code
Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
2018-12-10 10:18:25 -05:00
Dan Schaper
9f672593bc
Update advanced/Scripts/webpage.sh
Co-Authored-By: DL6ER <DL6ER@users.noreply.github.com>
2018-11-26 20:01:41 +01:00
DL6ER
a285ae65fb
Backend changes for DHCPv4 rapid commit support
Signed-off-by: DL6ER <dl6er@dl6er.de>
2018-11-25 08:39:58 +01:00
Dan Schaper
a986f53134
Merge pull request #2436 from pi-hole/fix/password-read-error
Fix error when reading in new password
2018-11-01 07:05:27 -07:00
Dan Schaper
72829be281
Remove shellcheck overrides
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
2018-10-26 12:14:10 -07:00
Adam Warner
3d4fea6510
Move -r to before the -p
Signed-off-by: Adam Warner <adamw@rner.email>
2018-10-26 19:17:49 +01:00
WaLLy3K
180d29c7b3
Prevent BASH from expanding Web Password
* Resolves issue #2471

Signed-off-by: WaLLy3K <wally3k@pi-hole.net>
2018-10-21 11:08:22 +11:00
Mcat12
7c6eecc9c8
Ignore shellcheck warning
Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
2018-09-30 18:16:08 -04:00
Mcat12
e4cbf5023a
Fix error when reading in new password
Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
2018-09-30 18:09:59 -04:00
Mark Drobnak
cedc39bf09
Merge pull request #2426 from mrmajik45/master
Read without -r will mangle backslashes. (Fix)
2018-09-30 17:19:56 -04:00
mrmajik45
8684356b44
read without -r will mangle backslashes. 2018-09-26 10:31:44 -04:00
Mcat12
f141b9f778
Add support for privacy level 4
Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
2018-08-20 17:36:16 -04:00
DL6ER
94e4ed6644
Add facility to add multiple audit list entries at once and to nuke audit list
Signed-off-by: DL6ER <dl6er@dl6er.de>
2018-08-10 18:22:55 +02:00
Dan Schaper
b54e32f0ca
Space/Tab webpage.sh
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
2018-07-20 13:57:15 -07:00
Mcat12
d21298c156
Add back conditional forwarding to webpage.sh
This was accidentally removed in a previous PR.

Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
2018-07-07 15:23:47 -04:00
Mark Drobnak
ab45360808
Merge pull request #1954 from ryanknapper/adlist.lists
Prevent redundant entries from being added to Adlists.list
2018-05-31 14:58:16 -04:00
DL6ER
2ef76d5e31
Remove LOCAL_DNS_PORT support
Signed-off-by: DL6ER <dl6er@dl6er.de>
2018-05-04 22:19:39 +02:00
DL6ER
ce35509a40
Change command to "pihole -a localdnsport X"
Signed-off-by: DL6ER <dl6er@dl6er.de>
2018-04-18 17:30:51 +02:00
DL6ER
24b8b4e904
Add backend changes for supporting a local recursive DNS server
Signed-off-by: DL6ER <dl6er@dl6er.de>
2018-04-18 17:12:20 +02:00
DL6ER
6086614274
Add "-l, privacylevel" description to "pihole -a"
Signed-off-by: DL6ER <dl6er@dl6er.de>
2018-04-04 18:10:23 +02:00
DL6ER
4941e0f8ad
Backend changes needed to be able to set the privacy level
Signed-off-by: DL6ER <dl6er@dl6er.de>
2018-04-04 13:12:39 +02:00
Ryan Knapper
5ecfc58e5f
Require exact match
Updated to require an exact match to reduce false-positives, as suggested by DL6ER.

Signed-off-by: Ryan Knapper <ryanknapper@gmail.com>
2018-02-28 13:06:07 -05:00
Mark Drobnak
7265935cd4
Merge pull request #1915 from ryanknapper/development
Add conditional forwarding options to webpage.sh
2018-02-18 12:51:46 -05:00
Ryan Knapper
f2b3752f3d
lan to local
Reduced differences.

Signed-off-by: Ryan Knapper <ryanknapper@gmail.com>
2018-02-07 17:08:55 -05:00
Ryan Knapper
36945a67d0
Prevent redundant entries in to adlists.list
Grep ${args[3]} and only add if grep -c -eq 0

Signed-off-by: Ryan Knapper <ryanknapper@gmail.com>
2018-02-07 17:04:10 -05:00
DL6ER
52cc8e2fcf
Use "lan" as fallback TLD for DHCP generated domains
Signed-off-by: DL6ER <dl6er@dl6er.de>
2018-01-16 22:10:27 +01:00
ryanknapper
607664c860
Update webpage.sh
Updated webpage.sh to include conditional forwarding options.
2018-01-14 21:01:08 -05:00
DL6ER
793bdd9743
No need for cat | sed here as we source setupVars.conf, so we can use interface="${PIHOLE_INTERFACE}"
Signed-off-by: DL6ER <dl6er@dl6er.de>
2018-01-07 14:36:03 +01:00
DL6ER
9d50f52bb2
Add fallback interface for DNS listening behavior in case PIHOLE_INTERFACE is not set in setupVars.conf
Signed-off-by: DL6ER <dl6er@dl6er.de>
2018-01-07 14:34:02 +01:00
DL6ER
cfca367eef Quickly verified in dnsmasq's source code: It has to be "trust-anchor" (with "-")
Signed-off-by: DL6ER <dl6er@dl6er.de>
2017-12-18 21:45:24 -05:00
DL6ER
8a243c5872 Insert also old trust anchor
Signed-off-by: DL6ER <dl6er@dl6er.de>
2017-12-18 21:45:15 -05:00
DL6ER
b30b3f3aeb Update DNSSEC trust anchor
Signed-off-by: DL6ER <dl6er@dl6er.de>
2017-12-18 21:44:34 -05:00
WaLLy3K
2dc1851892
Allow passwords with spaces
e.g: `pihole -a -p "foo bar"`

 Signed off by WaLLy3K <wally3k@pi-hole.net>
2017-11-23 13:17:34 +11:00