Asus AC68


#1

Please follow the below template, it will help us to help you!

Expected Behaviour:

Adverts get blocked

Actual Behaviour:

Adverts on suggested test site not blocked!!

Debug Token:

https://tricorder.pi-hole.net/k736lszxg5!


#2

You have Pi-Hole configured for IP 240, but the Pi does not have that IP address on that interface. Verify the static or reserved IP of the Pi, ensure it is assigned to the interface used to connect your Pi to the network, then run pihole -r (select reconfigure) to set up the Pi-Hole for that IP and interface.

*** [ DIAGNOSING ]: Networking
[✗] No IPv4 address(es) found on the eth0 interface.

[✗] No IPv6 address(es) found on the eth0 interface.

[i] Default IPv4 gateway: 10.1.1.1
   * Pinging 10.1.1.1...
[✗] Gateway did not respond. (https://discourse.pi-hole.net/t/why-is-a-default-gateway-important-for-pi-hole/3546)

*** [ DIAGNOSING ]: Setup variables
    BLOCKING_ENABLED=true
    PIHOLE_INTERFACE=eth0
    IPV4_ADDRESS=10.1.1.240/24

#3

And read this bit bout Asus routers:


#4

Thank you for your suggestions: I checked the fixed IP and did the pihole -r. But see the errors below. Apparently no cache available for the blocklists…what am I missing?

[i] Pi-hole blocking is enabled
[i] Neutrino emissions detected…
[✓] Pulling blocklist source list into range

[i] Target: raw.githubusercontent.com (hosts)
[✗] Status: Connection Refused
[✗] List download failed: no cached list available

[i] Target: mirror1.malwaredomains.com (justdomains)
[✗] Status: Connection Refused
[✗] List download failed: no cached list available

[i] Target: sysctl.org (hosts)
[✗] Status: Connection Refused
[✗] List download failed: no cached list available

[i] Target: zeustracker.abuse.ch (blocklist.php?download=domainblocklist)
[✗] Status: Connection Refused
[✗] List download failed: no cached list available

[i] Target: s3.amazonaws.com (simple_tracking.txt)
[✗] Status: Connection Refused
[✗] List download failed: no cached list available

[i] Target: s3.amazonaws.com (simple_ad.txt)
[✗] Status: Connection Refused
[✗] List download failed: no cached list available

[i] Target: hosts-file.net (ad_servers.txt)
[✗] Status: Connection Refused
[✗] List download failed: no cached list available

[✓] Consolidating blocklists
[✓] Extracting domains from blocklists
[i] Number of domains being pulled in by gravity: 0
[✓] Removing duplicate domains
[i] Number of unique domains trapped in the Event Horizon: 0
[i] Number of whitelisted domains: 0
[i] Number of blacklisted domains: 2
[i] Number of regex filters: 0
[✓] Parsing domains into hosts format
[✓] Cleaning up stray matter

[✓] Force-reloading DNS service
[✓] DNS service is running
[✓] Pi-hole blocking is Enabled
[i] View the web interface at http://pi.hole/admin or http://10.1.1.240/admin

[i] You may now configure your devices to use the Pi-hole as their DNS server
[i] Pi-hole DNS (IPv4): 10.1.1.240
[i] If you set a new IP address, please restart the server running the Pi-hole

[i] The install log is located at: /etc/pihole/install.log


#5

pi@PiHole:~ $ sudo apt install nmap
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following packages were automatically installed and are no longer required:
realpath vlc-plugin-notify vlc-plugin-samba vlc-plugin-video-splitter
vlc-plugin-visualization
Use ‘sudo apt autoremove’ to remove them.
The following additional packages will be installed:
liblinear3 liblua5.3-0 libpcap0.8 ndiff python-bs4 python-html5lib
python-lxml python-webencodings
Suggested packages:
liblinear-tools liblinear-dev python-genshi python-lxml-dbg python-lxml-doc
The following NEW packages will be installed:
liblinear3 liblua5.3-0 libpcap0.8 ndiff nmap python-bs4 python-html5lib
python-lxml python-webencodings
0 upgraded, 9 newly installed, 0 to remove and 19 not upgraded.
Need to get 6,565 kB of archives.
After this operation, 28.0 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
Err:1 http://raspbian.raspberrypi.org/raspbian stretch/main armhf liblinear3 armhf 2.1.0+dfsg-2
Temporary failure resolving ‘raspbian.raspberrypi.org
0% [Connecting to raspbian.raspberrypi.org]


#6

So PiHole, it appears - cos I have tested this, does not seem to be able to access the web!?!


#7

pj@pj-selgbuild:~$ nslookup pi.hole
Server: 127.0.0.53
Address: 127.0.0.53#53

** server can’t find pi.hole: NXDOMAIN

pj@pj-selgbuild:~$ nslookup pi.hole 10.1.1.240
;; connection timed out; no servers could be reached

pj@pj-selgbuild:~$


#8

Try change nameserver to that of Google’s 8.8.8.8 in file /etc/resolv.conf:

echo 'nameserver 8.8.8.8' | sudo tee /etc/resolv.conf

And run repair:

pihole -r

When repair is successfull, you can try install nmap again to see if your router dishes out two DNS servers.


#10

Thank you for that suggestion. I tried it and it does not work…well nor for long…the file quickly reverts to nameserver 127.0.0.1. I can access the first 1 or 2 web pages…but when I use the command line for pinhole -r the blocklists still will not get downloaded and when I check the resolv.conf it has gone back to 127.0.0.1


#11

Can you post outcome for below three ?

sudo systemctl status pihole-FTL -l

sudo journalctl -u pihole-FTL

sudo netstat -nltup | grep 'Proto\|:53 \|:67 \|:80 \|:471[1-8] '


#12

pi@PiHole:~ $ sudo systemctl status pihole-FTL -l
● pihole-FTL.service - LSB: pihole-FTL daemon
Loaded: loaded (/etc/init.d/pihole-FTL; generated; vendor preset: enabled)
Active: active (exited) since Mon 2019-03-11 23:22:45 NZDT; 13min ago
Docs: man:systemd-sysv-generator(8)
Process: 1989 ExecStop=/etc/init.d/pihole-FTL stop (code=exited, status=0/SUCC
Process: 2049 ExecStart=/etc/init.d/pihole-FTL start (code=exited, status=0/SU
CGroup: /system.slice/pihole-FTL.service

Mar 11 23:22:33 PiHole systemd[1]: Starting LSB: pihole-FTL daemon…
Mar 11 23:22:33 PiHole pihole-FTL[2049]: Not running
Mar 11 23:22:44 PiHole su[2105]: Successful su for pihole by root
Mar 11 23:22:44 PiHole su[2105]: + ??? root:pihole
Mar 11 23:22:44 PiHole su[2105]: pam_unix(su:session): session opened for user p
Mar 11 23:22:45 PiHole pihole-FTL[2049]: FTL started!
Mar 11 23:22:45 PiHole systemd[1]: Started LSB: pihole-FTL daemon.
lines 1-15/15 (END)…skipping…
● pihole-FTL.service - LSB: pihole-FTL daemon
Loaded: loaded (/etc/init.d/pihole-FTL; generated; vendor preset: enabled)
Active: active (exited) since Mon 2019-03-11 23:22:45 NZDT; 13min ago
Docs: man:systemd-sysv-generator(8)
Process: 1989 ExecStop=/etc/init.d/pihole-FTL stop (code=exited, status=0/SUCC
Process: 2049 ExecStart=/etc/init.d/pihole-FTL start (code=exited, status=0/SU
CGroup: /system.slice/pihole-FTL.service

Mar 11 23:22:33 PiHole systemd[1]: Starting LSB: pihole-FTL daemon…
Mar 11 23:22:33 PiHole pihole-FTL[2049]: Not running
Mar 11 23:22:44 PiHole su[2105]: Successful su for pihole by root
Mar 11 23:22:44 PiHole su[2105]: + ??? root:pihole
Mar 11 23:22:44 PiHole su[2105]: pam_unix(su:session): session opened for user p
Mar 11 23:22:45 PiHole pihole-FTL[2049]: FTL started!
Mar 11 23:22:45 PiHole systemd[1]: Started LSB: pihole-FTL daemon.
~
~
~


#13

pi@PiHole:~ $ sudo journalctl -u pihole-FTL
– Logs begin at Fri 2016-11-04 06:16:42 NZDT, end at Mon 2019-03-11 23:38:09 NZ
Mar 11 23:15:46 PiHole systemd[1]: Starting LSB: pihole-FTL daemon…
Mar 11 23:15:46 PiHole pihole-FTL[396]: Not running
Mar 11 23:16:03 PiHole su[773]: Successful su for pihole by root
Mar 11 23:16:03 PiHole su[773]: + ??? root:pihole
Mar 11 23:16:03 PiHole su[773]: pam_unix(su:session): session opened for user pi
Mar 11 23:16:04 PiHole pihole-FTL[396]: FTL started!
Mar 11 23:16:04 PiHole systemd[1]: Started LSB: pihole-FTL daemon.
Mar 11 23:22:31 PiHole systemd[1]: Stopping LSB: pihole-FTL daemon…
Mar 11 23:22:33 PiHole pihole-FTL[1989]: .
Mar 11 23:22:33 PiHole pihole-FTL[1989]: Stopped
Mar 11 23:22:33 PiHole systemd[1]: Stopped LSB: pihole-FTL daemon.
Mar 11 23:22:33 PiHole systemd[1]: Starting LSB: pihole-FTL daemon…
Mar 11 23:22:33 PiHole pihole-FTL[2049]: Not running
Mar 11 23:22:44 PiHole su[2105]: Successful su for pihole by root
Mar 11 23:22:44 PiHole su[2105]: + ??? root:pihole
Mar 11 23:22:44 PiHole su[2105]: pam_unix(su:session): session opened for user p
Mar 11 23:22:45 PiHole pihole-FTL[2049]: FTL started!
Mar 11 23:22:45 PiHole systemd[1]: Started LSB: pihole-FTL daemon.
lines 1-19/19 (END)


#14

pi@PiHole:~ $ sudo netstat -nltup | grep 'Proto|:53 |:67 |:80 |:471[1-8] ’
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1898/lighttpd
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 2120/pihole-FTL
tcp 0 0 127.0.0.1:4711 0.0.0.0:* LISTEN 2120/pihole-FTL
tcp6 0 0 :::80 :::* LISTEN 1898/lighttpd
tcp6 0 0 :::53 :::* LISTEN 2120/pihole-FTL
tcp6 0 0 ::1:4711 :::* LISTEN 2120/pihole-FTL
udp 0 0 0.0.0.0:53 0.0.0.0:* 2120/pihole-FTL
udp6 0 0 :::53 :::* 2120/pihole-FTL
pi@PiHole:~ $


#15

That look all good.
Can you post stats on Pi-hole (might need to break with ctrl-c) ?

echo '>stats' | nc localhost 4711

What about an nslookup on Pi-hole itself ?

nslookup pi.hole 10.1.1.240

And an nslookup from that Linux client ?

nslookup pi.hole 10.1.1.240

Firewall on Pi-hole active maybe ?

sudo iptables -L -n

No route from the client ?

traceroute 10.1.1.240


#16

pi@PiHole:~ $ echo ‘>stats’ | nc localhost 4711
domains_being_blocked 2
dns_queries_today 22387
ads_blocked_today 0
ads_percentage_today 0.000000
unique_domains 94
queries_forwarded 21840
queries_cached 45
clients_ever_seen 1
unique_clients 1
dns_queries_all_types 22387
reply_NODATA 0
reply_NXDOMAIN 0
reply_CNAME 0
reply_IP 0
privacy_level 0
status enabled
—EOM—


#17

pi@PiHole:~ $ nslookup pi.hole 10.1.1.240
;; connection timed out; no servers could be reached


#18

pj@pj-selgbuild:~$ nslookup pi.hole 10.1.1.240

;; connection timed out; no servers could be reached


#19

pi@PiHole:~ $ sudo iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
pi@PiHole:~ $


#20

pj@pj-selgbuild:~$ traceroute 10.1.1.240
traceroute to 10.1.1.240 (10.1.1.240), 64 hops max
1 10.1.1.240 1.699ms 1.385ms 1.331ms
pj@pj-selgbuild:~$


#21

On Pi-hole ?

ip a

And below one ?

grep 'IPV[4,6]_ADDRESS' /etc/pihole/setupVars.conf