ad39ba30bd
Enable DNS forwarding loop detection
...
Found below by accident:
```
pi@ph5:~ $ man dnsmasq
[..]
--dns-loop-detect
Enable code to detect DNS forwarding loops; ie the situa‐
tion where a query sent to one of the upstream server
eventually returns as a new query to the dnsmasq instance.
The process works by generating TXT queries of the form
<hex>.test and sending them to each upstream server. The
hex is a UID which encodes the instance of dnsmasq sending
the query and the upstream server to which it was sent. If
the query returns to the server which sent it, then the
upstream server through which it was sent is disabled and
this event is logged. Each time the set of upstream
servers changes, the test is re-run on all of them, in‐
cluding ones which were previously disabled.
```
Seems to work just fine if I point my router 10.0.0.1 back to Pi-hole in the WAN DNS settings:
```
pi@ph5:~ $ grep server= -R /etc/dnsmasq.*
/etc/dnsmasq.d/01-pihole.conf:server=9.9.9.10
/etc/dnsmasq.d/01-pihole.conf:server=149.112.112.10
/etc/dnsmasq.d/01-pihole.conf:server=10.0.0.1
/etc/dnsmasq.d/01-pihole.conf:rev-server=10.0.0.0/24,10.0.0.2
/etc/dnsmasq.d/01-pihole.conf:server=/dehakkelaar.nl/10.0.0.2
/etc/dnsmasq.d/01-pihole.conf:server=/use-application-dns.net/
```
```
pi@ph5:~ $ sudo tee /etc/dnsmasq.d/99-my-settings.conf <<< $'dns-loop-detect'
dns-loop-detect
```
```
pi@ph5:~ $ pihole restartdns
[✓] Restarting DNS server
```
```
pi@ph5:~ $ tail -F /var/log/pihole.log
[..]
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 10.0.0.2#53 for domain dehakkelaar.nl
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 10.0.0.2#53 for domain 0.0.10.in-addr.arpa
Oct 22 18:17:41 dnsmasq[17301]: NOT using nameserver 10.0.0.1#53 - query loop detected
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 149.112.112.10#53
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 9.9.9.10#53
```
2020-10-22 18:54:04 +02:00
50100017a5
Merge pull request #3794 from pi-hole/security/non_FQDNs_locality
...
Security enhancement for the "never forward non-FQDNs" feature
2020-10-21 21:09:05 +02:00
de02bcc8a0
Merge pull request #3787 from pi-hole/verdantfire
...
fixed small grammatical error
2020-10-19 10:53:41 +01:00
83f2e2d85a
Merge pull request #3801 from pi-hole/new/armv4_armv5_armv8
...
Add native ARMv4T, ARMv5TE and ARMv8-A support
2020-10-18 19:53:56 +02:00
01c9bbd3ca
Improve processor detection to use the new dedicated ARMv4T, ARMv5TE and ARMv8-A binaries we provide for FTL.
...
Signed-off-by: DL6ER <dl6er@dl6er.de >
2020-10-14 20:31:22 +02:00
e93d7ad8ff
Merge pull request #3803 from pi-hole/privacylevel
...
Remove references to privacy level 4 (no longer functional)
2020-10-14 14:05:20 +09:00
59b0a6af6f
Remove references to privacy level 4 (no longer functional)
...
Signed-off-by: Adam Warner <me@adamwarner.co.uk >
2020-10-13 23:53:23 +01:00
326168509c
Merge pull request #3798 from bcambl/debug_firewalld
...
add FirewallD configuration checks to debug script
2020-10-12 12:37:20 -07:00
47aa1644a8
add debug checking for firewalld
...
Signed-off-by: bcambl <blayne@blaynecampbell.com >
2020-10-11 22:20:31 -06:00
08a84e51d6
Only add local=/<domain>/ when the "only forward FQDN queries" function is enabled to prevent unintended side-effects of this change
...
Signed-off-by: DL6ER <dl6er@dl6er.de >
2020-10-10 11:23:55 +02:00
d631cd8b04
Security enhancement for the "never forward non-FQDNs" feature. This should prevent all local queries from being forwarded (will show up as blocked by regex) as well as any hostname without a domain (for example one word searches from the address bar in browsers). This fixes #3303
...
Signed-off-by: DL6ER <dl6er@dl6er.de >
2020-10-10 11:01:01 +02:00
0445559610
Accidentally a number ( #3788 )
...
Co-authored-by: MichaIng <micha@dietpi.com >
Signed-off-by: Adam Warner <me@adamwarner.co.uk >
Co-authored-by: MichaIng <micha@dietpi.com >
2020-10-09 17:24:42 +02:00
615b19c3d6
web server question enhancements ( #3225 )
...
+ Do not ask to install the web server, if the web interface has been deselected before.
+ Add additional info, that PHP modules need to be installed manually, when web server is deselected and the web server user needs to be member of the "pihole" group.
+ Consequently use webroot variable instead of /var/www/html
Signed-off-by: MichaIng <micha@dietpi.com >
2020-10-09 16:12:21 +02:00
948337dd8e
Merge pull request #3740 from pi-hole/new/adlist_date_updated
...
Add date_updated field to adlist table
2020-10-09 14:04:13 +01:00
fe463f15b3
Merge pull request #3741 from pi-hole/new/debug_scan_dhcp
...
Discover active DHCP servers during debugger run
2020-10-09 14:00:57 +01:00
716e981a79
Merge pull request #3776 from yubiuser/tweak/Debug
...
Print tail of logs in /var/log/lighttpd in debug run as well
2020-10-09 13:50:46 +01:00
b88efd2527
fixed small grammatical error
...
Co-authored-by: Himanshu Ruhela <himanshuruhela013@gmail.com >
Signed-off-by: Adam Warner <me@adamwarner.co.uk >
2020-10-09 13:46:25 +01:00
568ebd67ca
Update comment
...
Signed-off-by: Christian König <ckoenig@posteo.de >
2020-10-03 16:17:37 +02:00
c628c970ae
Print tail of logs in /var/log/lighttpd in debug run as well
...
Signed-off-by: Christian König <ckoenig@posteo.de >
2020-10-02 21:04:27 +02:00
fa0815fb1d
Merge pull request #3763 from yubiuser/cleanup
...
Remove traces of previous default adlists
2020-09-28 08:53:08 +01:00
e9796d5671
Remove traces of previous default adlists
...
Signed-off-by: Christian König <ckoenig@posteo.de >
2020-09-28 06:15:46 +02:00
d6c4f0696f
Merge pull request #3698 from yubiuser/remove/FreeSpaceCheck
...
Remove check for free disk space and associated variables
2020-09-21 08:47:41 +01:00
b88510d89a
Add CACHE_SIZE to setupVars ( #3170 )
...
* Update 01-pihole.conf
Signed-off-by: DoubleOhmSeven <57564379+DoubleOhmSeven@users.noreply.github.com >
* Update basic-install.sh
Signed-off-by: DoubleOhmSeven <57564379+DoubleOhmSeven@users.noreply.github.com >
Co-authored-by: DoubleOhmSeven <57564379+DoubleOhmSeven@users.noreply.github.com >
2020-09-17 23:13:40 +02:00
4d98e156b6
Merge pull request #3607 from cgzones/selinux
...
basic-install: document how to continue after SELinux check
2020-09-16 23:54:05 -06:00
5db45aed8b
Merge pull request #3178 from jlagermann/wormhole
...
added instructions for forking and rebase
2020-09-08 22:58:43 +02:00
b865fa7c0a
Merge pull request #3739 from pi-hole/tweak/remove_gravity_optimization
...
Remove extra gravity optimization flag
2020-09-07 14:23:54 -07:00
41e899260f
Discover active DHCP servers during debugger run
...
Signed-off-by: DL6ER <dl6er@dl6er.de >
2020-09-07 23:17:50 +02:00
12b9748c43
Fine-tune adlist:adte_modified trigger and don't default new date_updated column to now but use NULL instead
...
Signed-off-by: DL6ER <dl6er@dl6er.de >
2020-09-07 21:11:57 +02:00
4fd412d7c3
Add date_updated field in adlist table set when a list changes.
...
Signed-off-by: DL6ER <dl6er@dl6er.de >
2020-09-07 20:59:23 +02:00
aa7c3b6852
Remove gravity optimization. Further investigations have shown that it is useless because the standard gravity run already produces an optimal database.
...
Signed-off-by: DL6ER <dl6er@dl6er.de >
2020-09-07 20:50:11 +02:00
17ed5398e6
Merge pull request #3737 from michi-zuri/patch-2
...
Update index.php
2020-09-06 13:00:01 +01:00
5eabf4255b
Sign-off for DCO
...
Signed-off-by: Michael Paul Killian <spammyreset-github@gmail.com >
2020-09-06 13:53:03 +02:00
538827397c
Update index.php
...
See #3736
2020-09-06 11:51:33 +02:00
b81cbaa088
Merge pull request #3702 from pi-hole/tweak/os_check_output
...
Display more meaningful exit message if `dig` command fails during os_check
2020-08-23 16:08:56 +02:00
e02cf6fac5
further tweaks, plus a spelling mistake correction
...
Signed-off-by: Adam Warner <me@adamwarner.co.uk >
2020-08-23 14:50:04 +01:00
b8cd238fa1
Update advanced/Scripts/piholeDebug.sh
...
Co-authored-by: DL6ER <DL6ER@users.noreply.github.com >
2020-08-23 14:35:02 +01:00
8e219cb799
Make output more meaningful in case of dig failure.
...
Include dig return code and response in debug run
Signed-off-by: Adam Warner <me@adamwarner.co.uk >
2020-08-23 10:48:15 +01:00
65786ba5d6
Remove check for free disk space and associated variables
...
Signed-off-by: Christian König <ckoenig@posteo.de >
2020-08-18 20:16:35 +02:00
42f55f5202
Merge pull request #3688 from pi-hole/tweak/os-check
...
Tweaks to os_check() Redux
2020-08-17 17:31:58 +01:00
725f02f442
Merge pull request #3673 from yubiuser/fix/double_check_adlist_not_selected
...
Revert "fix #3336 by creating adlist file even if no list was selecte…
2020-08-17 17:30:31 +01:00
ebdb68a47a
display_warning fixes
...
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net >
2020-08-15 10:54:31 -07:00
623ce1fe18
Tabs and debug.sh
...
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net >
2020-08-14 14:37:58 -07:00
57e65dd5c0
Use fewer subshells and descriptive variables.
...
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net >
2020-08-14 11:42:54 -07:00
bb1a6243d6
Merge pull request #3669 from pi-hole/release/v5.1.2
...
Release/v5.1.2 to development
2020-08-14 16:28:53 +01:00
ad9b981e8b
Merge pull request #3678 from yubiuser/fix/brokenVideoLink
...
Removes broken youtube link
2020-08-11 15:06:49 -07:00
5b1eaa7e38
Removes broken youtube link
...
Signed-off-by: Christian König <ckoenig@posteo.de >
2020-08-11 22:35:33 +02:00
5c72ff75d9
Revert "fix #3336 by creating adlist file even if no list was selected by user"
...
This reverts commit 3c6ea2612dckoenig@posteo.de >
2020-08-10 23:52:53 +02:00
cd4072fbf8
Merge pull request #3665 from scboucher/fix_Pi-hole_temp_unit_default_value
...
Change default value of temp_unit to 'C'
2020-08-09 17:10:11 -07:00
d4dd446ba3
Update advanced/Scripts/chronometer.sh
...
Co-authored-by: Dan Schaper <dan.schaper@pi-hole.net >
Signed-off-by: Samuel Boucher <scboucher@users.noreply.github.com >
2020-08-09 17:12:20 -04:00
8b4921405a
Upercase the temp_unit
...
Signed-off-by: Samuel Boucher <scboucher@users.noreply.github.com >
2020-08-09 15:09:49 -04:00
