piHole not blocking

Forums › LAN (ethernet/Wifi/routers/Bluetooth) › piHole not blocking

xpd

Geek @ Coastguard NZ
13691 posts

Uber Geek

Retired Mod

ID Verified

Trusted

Lifetime subscriber

#271844 29-May-2020 07:58

About a year ago, I played with piHole and had it running reasonably well, except it would prevent TVNZ from working.... which upset the wife so I removed it.

So this week I decided to give it another go, and having a different issue....

Installed on a HyperV Ubuntu box, its all running, can access the interface etc. Gave it my ISP DNS, set my desktop to fixed IP with the pihole box as the DNS server.

Started browsing.... no ads blocked. Checking the pihole interface, I can see its being used by my desktop, but its not blocking any queries at all.

Ensured the block lists are enabled etc.

What am I missing ?

TIA

Gavin / xpd / FastRaccoon / Geek of Coastguard New Zealand

LinkTree - kiwiblast.co.nz - Lego and more

Support Kiwi music! The People Black Smoke Trigger Like A Storm Devilskin

NZ GEEKS Discord______________________________

kobiak

1615 posts

Uber Geek

Trusted

#2494082 29-May-2020 08:22

it's all down to the lists of ads you are using. and what is been whitelisted.

this is my list:

https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts

https://mirror1.malwaredomains.com/files/justdomains

https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt

https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt

http://sysctl.org/cameleon/hosts

https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist

https://hosts-file.net/ad_servers.txt

https://dbl.oisd.nl/

This gives me 99.99% ads blocked.

check that your clients (PC/browser) is using piHoles IP as DNS.

helping others at evgenyk.nz

Lenovo

Shop now for Lenovo laptops and other devices (affiliate link).

gbwelly

1238 posts

Uber Geek

#2494083 29-May-2020 08:25

Your browser may have decided to use DNS over HTTPS in which case it will be ignoring your DNS settings. I find uBlock Origin does the best job in browser on PCs for advert blocking. My Pi-Hole is for phones and other non-PC devices.

fearandloathing

497 posts

Ultimate Geek

ID Verified

Lifetime subscriber

#2494086 29-May-2020 08:42

firefox?

https://support.mozilla.org/en-US/kb/firefox-dns-over-https

Also, check Pi-Hole console to make sure you haven't accidentally disabled adblocking.

mentalinc

3167 posts

Uber Geek

Trusted

#2494088 29-May-2020 08:48

ipconfig /flushdns

Will also make sure the pihole is being used and removes any caching you have on your pc.

CPU: AMD 5900x | RAM: GSKILL Trident Z Neo RGB F4-3600C16D-32GTZNC-32-GB | MB: Asus X570-E | GFX: EVGA FTW3 Ultra RTX 3080Ti| Monitor: LG 27GL850-B 2560x1440

Quic: https://account.quic.nz/refer/473833 R473833EQKIBX

benchit

37 posts

Geek

#2494100 29-May-2020 09:04

So you can install the cloudflared service for DoH (not as an issue as above stated in browser config if applicable), https://docs.pi-hole.net/guides/dns-over-https/

For your issue which i observed over 2 piHole's this past week or two was version 5 installed for me.

If you ain't running a clean install of PiHole itself, you have to remove the adlists and re-add them again, as it isn't reading the files that it copies back locally to local.list / *.lists from the web pointer it gets them from. That fixed it for me.

*So if it's an upgrade or install but you didn't purge/autoremove the /etc/pihole and other configs related to it then install again, well try the above via the Web GUI for adlists adding them.

Also version 5 brings Group Management, so your piHole may not have a client/subnet defined for Default group (or extras if you added those). Check this out just in case.

I observed the pihole in v5 for me at least, isn't allowing a CNAME extra conf file in /etc/dnsmasq.d/ (used for youtube restrict.youtube.com for kids). It breaks the youtube app on Android for me.

If you really want to give it another go, try also the lists mentioned on https://firebog.net/

xpd

Geek @ Coastguard NZ
13691 posts

Uber Geek

Retired Mod

ID Verified

Trusted

Lifetime subscriber

#2494212 29-May-2020 10:30

Odd, found that the pihole box wasnt resolving Ip's.... rebooted, and worked - for a short time, then stopped resolving again.

Can someone confirm for me what BigPipes DNS are ? :)

Gavin / xpd / FastRaccoon / Geek of Coastguard New Zealand

LinkTree - kiwiblast.co.nz - Lego and more

Support Kiwi music! The People Black Smoke Trigger Like A Storm Devilskin

NZ GEEKS Discord______________________________

ShinyChrome

1563 posts

Uber Geek

ID Verified

Trusted

#2494225 29-May-2020 10:52

What are you using to resolve DNS upstream? Is the Pihole just forwarding queries to your ISP servers? Is your router advertising the Pihole as a DNS server, or just forwarding queries? Also make sure that you aren't supplying any secondary servers other the pihole in either case.

For Firefox, disable DoH as per the link above and make sure the canary domain is blocked in the Pihole.

I have also put firewall rules in place to drop all port 853, 8.8.8.8, 1.1.1.1 traffic, and redirect any port 53 traffic to my Pihole to capture those hardcoded devices

Another issue I had was that my ISP was pushing a IPv6 DNS advertisement, as part of the IPv6 DHCP I am guessing, and any Android devices were latching on to that and ignoring the Pihole. I scrubbed those and disabled IPv6 DNS on my router, and they started using the Pihole.

NightStalker

309 posts

Ultimate Geek

#2494310 29-May-2020 12:37

xpd:

Odd, found that the pihole box wasnt resolving Ip's.... rebooted, and worked - for a short time, then stopped resolving again.

Can someone confirm for me what BigPipes DNS are ? :)

couple of things to check
1. Router is getting dynamic WAN DNS (or set to your preferred)
2. Make sure Router is not advertising its own IP as a DNS server in addition to the user specified DNS (pi-hole IP)
3. When I go away from home for long periods I turn off power to save money but the pi-hole loses its DNS settings (dont know why).
-- on pihole terminal - sudo nano /etc/resolv.conf
-- check its not looping - if nameserver is 127.0.0.1 then change it to known good DNS servers 1.1.1.1 or 8.8.8.8 and exit/save.
-- reboot Pi, check web browsing from pc and then via pi-hole gui set to your preferred DNS (can test its working by setting different pi-hole DNS servers to the routers WAN DNS servers)
4. check pc or device DNS - may need reboot to get new DNS from pihole.

xpd

Geek @ Coastguard NZ
13691 posts

Uber Geek

Retired Mod

ID Verified

Trusted

Lifetime subscriber

#2494328 29-May-2020 13:12

Router is using ISP DNS, issued to LAN via DHCP. Pihole is on 1.22.

Pihole has Xtra (aka BP) DNS as upstream. Workstation set to fixed IP using 1.22 as DNS.

I have had it running past but as mentioned a couple posts ago, found that pihole host wasnt getting DNS. have restarted host, and its responding again, just got to test it again from a workstation.

Gavin / xpd / FastRaccoon / Geek of Coastguard New Zealand

LinkTree - kiwiblast.co.nz - Lego and more

Support Kiwi music! The People Black Smoke Trigger Like A Storm Devilskin

NZ GEEKS Discord______________________________