After setup, pihole isn't blocking a thing

patrickeakin · October 1, 2019, 4:11am

Debug Token: https://tricorder.pi-hole.net/q2r539i1lh

Hey all. I've installed pi-hole on a raspberry pi. I've done this before without issue. This time, after installing my pi-hole isn't blocking anything. In UI i show over 2 million domains in the blocklist and I'm showing total queries though nothing for blocked queries. I've attempted visiting domains that are blocked and I get through.

The raspberry pi has a static IP. The only dns server i have set in my router is the static ip. This should be working. But it isn't.

Oddly enough as i was writing this, I noticed that pi-hole has blocked 2 queries. Strange it hasn't blocked anything else for over an hour up until now. Yet I can still get to websites that are specifically blocked in my blocklists.

I must have done something wrong. Hopefully some of you can point me in the right direction.

Thanks a ton.

jfb · October 1, 2019, 4:15am

From a client that you believe to be using Pi-Hole for DNS, what is the output of this command from the client command line:

nslookup pi.hole

patrickeakin · October 1, 2019, 4:39am

Server: 127.0.0.1
Address: 127.0.0.1#53

Name: pi.hole
Address: 192.168.0.10

192.168.0.10 is what I have set as my dns server.

jfb · October 1, 2019, 5:05am

What is the output of the following from the same client:

nslookup pablosantiago.blogspot.com.co

patrickeakin · October 1, 2019, 5:06am

Server: 127.0.0.1
Address: 127.0.0.1#53

Name: pablosantiago.blogspot.com.co
Address: 0.0.0.0
Name: pablosantiago.blogspot.com.co
Address: ::

jfb · October 1, 2019, 5:13am

Pi-Hole is responding and blocking as expected.

Is this a client on which you see ads? If so, what is a specific URL where ads are seen?

patrickeakin · October 1, 2019, 5:23am

One of the main reasons I want to use pi-hole is to block adult sites. I've added the lists from Wally 3k. If i pick one of the domains in the list I still get through. As a test I specifically blacklisted www.google.com and that still works.

Previously when i set up pi-hole these lists definitely stopped anyone from accessing these sites.

Thanks for helping me with this. I really appreciate it.

patrickeakin · October 1, 2019, 5:25am

All the ads at https://www.forbes.com/ are showing up.

jfb · October 1, 2019, 5:27am

What is an exact domain that you are able to access, and have you checked that this domain is actually being blocked by Pi-Hole? For the domain that you provide (let's assume badporn.com for this example, substitute your own), run the following command from the Pi terminal to see if it is blocked and if so, by which blacklist.

pihole -q -adlist badporn.com

Also note that www.badporn.com is a different domain than badporn.com, so if only one is on the blacklist, the other will not be blocked.

jfb · October 1, 2019, 5:29am

When you load the Forbes site, are you seeing matching entries in the pihole.log? Tail the log with pihole -t while you load the site again and see if there is a burst of activity in the log.

patrickeakin · October 1, 2019, 5:31am

I verified the domain is blocked by one of the lists i imported. Also, I tailed the log, went to forbes.com and there was no activity in the terminal.

jfb · October 1, 2019, 5:33am

That client is not using Pi-Hole for DNS resolution (at least that browser and that client combined). What is the client OS and browser?

patrickeakin · October 1, 2019, 5:35am

Client OS: macOS High Sierra 10.13.6.
Browsers: Brave / Safari / iOS Chrome.

jfb · October 1, 2019, 5:36am

I missed this detail. From the server IP, it appears that this command was run from the Pi, and not from a client (or ssh'd into the Pi). Is that the case? I would expect the server IP to be the IP of the Pi-Hole if the command were run from a client.

patrickeakin · October 1, 2019, 5:37am

Yes. I ran that while ssh'd into the Pi. I'll run it from the client.

patrickeakin · October 1, 2019, 5:38am

Server: 103.86.96.100
Address: 103.86.96.100#53

Non-authoritative answer:
pablosantiago.blogspot.com.co canonical name = blogspot.l.googleusercontent.com.
Name: blogspot.l.googleusercontent.com
Address: 172.217.0.225

jfb · October 1, 2019, 5:39am

From the MacOS terminal (not ssh'd into the Pi), what are the outputs of:

nlsookup pi.hole

If the Pi is providing DNS service, the result should look something like this (this was run from a Mac using a Pi-Hole at IP 100).

nslookup pi.hole

Server: 192.168.0.100
Address: 192.168.0.100#53
Name: pi.hole
Address: 192.168.0.100

patrickeakin · October 1, 2019, 5:41am

Server: 103.86.96.100
Address: 103.86.96.100#53

** server can't find pi.hole: NXDOMAIN

jfb · October 1, 2019, 5:41am

This shows that the Mac is not using Pi-Hole as DNS server. Go to system preferences > Network > Advanced > DNS and you can manually set your DNS to Pi-Hole. Manually add the DNS of Pi-Hole, delete the existing entries, then save and run the command again.

jfb · October 1, 2019, 5:44am

This looks to be a NordVPN DNS server. Are you running your Mac through a VPN currently? If so, most VPNs route their DNS traffic through their own DNS servers and override your DNS settings while on the VPN.