Thanks, everything looks to be in order from the debug log, but we didn't catch any traffic to the site that was serving the ad. Those domains may be in cache in the browser or the DNS cache, are you able to share with us the site or sites that you are seeing new ad traffic from?
Thanks, we'll take a look. I'm not seeing any ads on the site with the default blocklists in place, so I'll take a look at the site HTML and see if there's anything I can find...
thanks I've added ipv6 edge.quantserve.com to the blacklist and it's still showing green (forwarded)
I don't know if that's where the ad is i just think it should be noted that I've added it and it's still forwarded.. but i see the blacklist doesn't list ip version.
That's a false positive, since you don't have an IPv6 address for the Pi-hole, it doesn't know to use IPv6 AAAA blocking and it instead sends the DNS requests to the upstream. The only way currently to get those to show blocked would be to set up a Unique Local Address (ULA) for IPv6 on the network. But for now, they will show green, even though nothing is coming in to the network that way.
that's logical.
so you don't see any ads when you hit www.drudgereport.com ? because I'm still seeing them.
I do believe pi-hole is blocking on other sites.
do you have a site you hit to test against?
http://osxdaily.com has a number of adverts on their page, if you see banner adds or side ads, then there is some misconfiguration. Check out that page and let us know what you see.
I did not see ads on that site. ,,, and you don't on drudge?
odd, I see a banner ad at the top and three in the lower body of the site.
I had another developer take a look also at the site, and he was unable to see the adverts. I did try without the Pi-hole, and with cookies enabled, and the top banner ads were visible. But then without cookies I was unable to see them, so I think they may be serving some adverts directly or via a JavaScript call that is on the parent domain. Will still investigate further.
thanks Dan
.................
BTW when i click them they go here
http://www.tmn.today/2017/06/dolly-parton-stone-soup/?source=DRadbl
Just an update/FYI.. I see these adds @ work also and I use the host file from hosts-file.net (no pi-hole) so they are sneaking them by them too. I do incorporate the hosts-file.net files into my pi-hole.
It's most likely that they are self hosting them on the same domain as the webpage, in which case it would be next to impossible to block with a pure DNS solution. Since disabling cookies for the site effectively blocks the adverts I would pretty much bet that is the solution and upgrading the Pi-hole was just something that was unrelated.
I believe you're right.
You can adjust this behavior now by setting
AAAA_QUERY_ANALYSIS=no
in /etc/pihole/pihole-FTL.conf
pihole-FTL.conf file created
analyze_AAAA=no
thanks
came across this thread Why do blacklisted domains show IPv4 as "Pi-holed" but not IPv6 in the query log? - #3 by jacob.salmela
and the correct syntax is AAAA_QUERY_ANALYSIS=no
is this correct?
"Mcat12Developer
16d
1
frankrpi3
Did you put exactly this into the config file?
analyze_AAAA=no
Then run sudo service pihole-FTL restart. Then run cat /var/log/pihole-FTL.log and share the output securely1.
EDIT: Sorry, there was a mixup with the documentation. The correct thing to put in the config is:
AAAA_QUERY_ANALYSIS=no"
in any case, I added
AAAA_QUERY_ANALYSIS=no
to the file and installed the latest updates and I no longer see IPv6 entries in the query logs
this in effect renders the "Query Types over Time" graph unnecessary.
Thanks. I updated my post to reflect the correct flag. So is it working for you now?
yes, thanks............