Asus AC68


#42

Post reboot of Pi (did you reboot the Pi or the client?)
pi@PiHole:~ $ nslookup pi.hole 10.1.1.240
;; connection timed out; no servers could be reached

pi@PiHole:~ $


#43

On Client pre and post reboot of Pi

pj@pj-selgbuild:~$ nslookup pi.hole 10.1.1.240
;; connection timed out; no servers could be reached

pj@pj-selgbuild:~$ nslookup pi.hole 10.1.1.240
;; connection timed out; no servers could be reached


#44

I don’t see any personal details…what am I missing?

pi@PiHole:~ $ sudo grep -v ‘^#|^$’ -R /etc/dnsmasq.*
/etc/dnsmasq.conf:conf-dir=/etc/dnsmasq.d
/etc/dnsmasq.conf.old:conf-dir=/etc/dnsmasq.d
/etc/dnsmasq.d/01-pihole.conf:addn-hosts=/etc/pihole/gravity.list
/etc/dnsmasq.d/01-pihole.conf:addn-hosts=/etc/pihole/black.list
/etc/dnsmasq.d/01-pihole.conf:addn-hosts=/etc/pihole/local.list
/etc/dnsmasq.d/01-pihole.conf:localise-queries
/etc/dnsmasq.d/01-pihole.conf:no-resolv
/etc/dnsmasq.d/01-pihole.conf:cache-size=10000
/etc/dnsmasq.d/01-pihole.conf:log-queries
/etc/dnsmasq.d/01-pihole.conf:log-facility=/var/log/pihole.log
/etc/dnsmasq.d/01-pihole.conf:local-ttl=2
/etc/dnsmasq.d/01-pihole.conf:log-async
/etc/dnsmasq.d/01-pihole.conf:dhcp-name-match=set:wpad-ignore,wpad
/etc/dnsmasq.d/01-pihole.conf:dhcp-ignore-names=tag:wpad-ignore
/etc/dnsmasq.d/01-pihole.conf:server=10.1.1.240
/etc/dnsmasq.d/01-pihole.conf:server=10.1.1.240
/etc/dnsmasq.d/01-pihole.conf:interface=eth0


#45

Like in I forgot something :wink:

Above two shows its still clinging on the the eth0 interface instead of wlan0.

And above one tells you have have configured Pi-hole to use its own IP address for upstream DNS resolution thus creating a loop.
Try run the reconfigure again (with nameserver hack) and select another upstream resolver and not the Pi-hole IP address!
And make sure wlan0 is selected during the reconfigure!


#46

Nameserver hack??

So, should I choose the router 10.1.1.1 as the upstream?


#47

Yeah why not at first.
Can alter later with the web GUI.


#48

Ah got you the 8.8.8.8 hack…ok! Running now!


#49

sudo echo ‘nameserver 8.8.8.8’ | sudo tee /etc/resolv.conf
nameserver 8.8.8.8
pi@PiHole:~ $ pihole -r

[✓] Root user check

    .;;,.
    .ccccc:,.
     :cccclll:.      ..,,
      :ccccclll.   ;ooodc
       'ccll:;ll .oooodc
         .;cll.;;looo:.
             .. ','.
            .',,,,,,'.
          .',,,,,,,,,,.
        .',,,,,,,,,,,,....
      ....''',,,,,,,'.......
    .........  ....  .........
    ..........      ..........
    ..........      ..........
    .........  ....  .........
      ........,,,,,,,'......
        ....',,,,,,,,,,,,.
           .',,,,,,,,,'.
            .',,,,,,'.
              ..'''.

[i] Existing PHP installation detected : PHP version 7.0.33-0+deb9u3
[i] Reconfigure option selected
[✓] Disk space check
[✓] Update local cache of available packages

[✓] Checking apt-get for upgraded packages… 1 updates available
[i] It is recommended to update your OS after installing the Pi-hole!

[i] Installer Dependency checks…
[✓] Checking for apt-utils
[✓] Checking for dialog
[✓] Checking for debconf
[✓] Checking for dhcpcd5
[✓] Checking for git
[✓] Checking for iproute2
[✓] Checking for whiptail

[i] Using interface: eth0
[i] Using [i] Static IP already configured
[i] Unable to find IPv6 ULA/GUA address, IPv6 adblocking will not be enabled
[i] IPv4 address: 10.1.1.240/24
[i] IPv6 address:
[i] Web Interface On
[i] Web Server On
[i] Logging On.
[i] Privacy level 0 [i] Performing reconfiguration, skipping download of local repos
[✓] Resetting repository within /etc/.pihole…
[✓] Resetting repository within /var/www/html/admin…
[i] Main Dependency checks…
[✓] Checking for cron
[✓] Checking for curl
[✓] Checking for dnsutils
[✓] Checking for iputils-ping
[✓] Checking for lsof
[✓] Checking for netcat
[✓] Checking for psmisc
[✓] Checking for sudo
[✓] Checking for unzip
[✓] Checking for wget
[✓] Checking for idn2
[✓] Checking for sqlite3
[✓] Checking for libcap2-bin
[✓] Checking for dns-root-data
[✓] Checking for resolvconf
[✓] Checking for libcap2
[✓] Checking for lighttpd
[✓] Checking for php7.0-common
[✓] Checking for php7.0-cgi
[✓] Checking for php7.0-sqlite3

[✓] Enabling lighttpd service to start on reboot…

[i] FTL Checks…

[✓] Detected ARM-hf architecture (armv7+)
[i] Checking for existing FTL binary…
[i] Latest FTL Binary already installed (v4.2.3). Confirming Checksum…
[i] Checksum correct. No need to download!
[✓] Checking for user ‘pihole’
[✓] Installing scripts from /etc/.pihole

[i] Installing configs from /etc/.pihole…
[i] Existing dnsmasq.conf found… it is not a Pi-hole file, leaving alone!
[✓] Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf

[i] Installing blocking page…
[✓] Creating directory for blocking page, and copying files
[✗] Backing up index.lighttpd.html
No default index.lighttpd.html file found… not backing up

[✓] Installing sudoer file

[✓] Installing latest Cron script

[✓] Installing latest logrotate script
[i] Backing up /etc/dnsmasq.conf to /etc/dnsmasq.conf.old

[i] Skipping firewall configuration
[✓] man pages installed and database updated
[i] Testing if systemd-resolved is enabled
[i] Systemd-resolved is not enabled
[✓] Restarting lighttpd service…
[✓] Enabling lighttpd service to start on reboot…
[i] Restarting services…
[✓] Enabling pihole-FTL service to start on reboot…
[✓] Restarting pihole-FTL service…
[✓] Deleting existing list cache
[i] Pi-hole blocking is enabled
[i] Neutrino emissions detected…
[✓] Pulling blocklist source list into range

[i] Target: raw.githubusercontent.com (hosts)
[✓] Status: Retrieval successful

[i] Target: mirror1.malwaredomains.com (justdomains)
[✓] Status: Retrieval successful

[i] Target: sysctl.org (hosts)
[✓] Status: Retrieval successful

[i] Target: zeustracker.abuse.ch (blocklist.php?download=domainblocklist)
[✓] Status: Retrieval successful

[i] Target: s3.amazonaws.com (simple_tracking.txt)
[✓] Status: Retrieval successful

[i] Target: s3.amazonaws.com (simple_ad.txt)
[✓] Status: Retrieval successful

[i] Target: hosts-file.net (ad_servers.txt)
[✓] Status: Retrieval successful

[✓] Consolidating blocklists
[✓] Extracting domains from blocklists
[i] Number of domains being pulled in by gravity: 134827
[✓] Removing duplicate domains
[i] Number of unique domains trapped in the Event Horizon: 112384
[i] Number of whitelisted domains: 0
[i] Number of blacklisted domains: 2
[i] Number of regex filters: 0
[✓] Parsing domains into hosts format
[✓] Cleaning up stray matter

[✓] Force-reloading DNS service
[✓] DNS service is running
[✓] Pi-hole blocking is Enabled
[i] View the web interface at http://pi.hole/admin or http://10.1.1.240/admin

[i] You may now configure your devices to use the Pi-hole as their DNS server
[i] Pi-hole DNS (IPv4): 10.1.1.240
[i] If you set a new IP address, please restart the server running the Pi-hole

[i] The install log is located at: /etc/pihole/install.log
Installation Complete!
pi@PiHole:~ $


#50

OK we have web access on the Pi!


#51

Hmmm one glitch tough, it still says eth0.
What if you hard set with below:

sudo sed -i 's/PIHOLE_INTERFACE=eth0/PIHOLE_INTERFACE=wlan0/' /etc/pihole/setupVars.conf

And run REPAIR this time:

echo 'nameserver 8.8.8.8' | sudo tee /etc/resolv.conf

pihole -r

EDIT: and check afterwards again:

grep 'IPV[4,6]_ADDRESS\|PIHOLE_INTERFACE' /etc/pihole/setupVars.conf


#52

i@PiHole:~ $ sudo sed -i ‘s/PIHOLE_INTERFACE=eth0/PIHOLE_INTERFACE=wlan0/’ /etc/pihole/setupVars.conf
pi@PiHole:~ $
pi@PiHole:~ $ sudo sed -i ‘s/PIHOLE_INTERFACE=eth0/PIHOLE_INTERFACE=wlan0/’ /etc/pihole/setupVars.conf
pi@PiHole:~ $ sudo echo ‘nameserver 8.8.8.8’ | sudo tee /etc/resolv.conf
nameserver 8.8.8.8
pi@PiHole:~ $ pihole -r

[✓] Root user check

    .;;,.
    .ccccc:,.
     :cccclll:.      ..,,
      :ccccclll.   ;ooodc
       'ccll:;ll .oooodc
         .;cll.;;looo:.
             .. ','.
            .',,,,,,'.
          .',,,,,,,,,,.
        .',,,,,,,,,,,,....
      ....''',,,,,,,'.......
    .........  ....  .........
    ..........      ..........
    ..........      ..........
    .........  ....  .........
      ........,,,,,,,'......
        ....',,,,,,,,,,,,.
           .',,,,,,,,,'.
            .',,,,,,'.
              ..'''.

[i] Existing PHP installation detected : PHP version 7.0.33-0+deb9u3
[i] Repair option selected
[✓] Disk space check
[✓] Update local cache of available packages

[✓] Checking apt-get for upgraded packages… 1 updates available
[i] It is recommended to update your OS after installing the Pi-hole!

[i] Installer Dependency checks…
[✓] Checking for apt-utils
[✓] Checking for dialog
[✓] Checking for debconf
[✓] Checking for dhcpcd5
[✓] Checking for git
[✓] Checking for iproute2
[✓] Checking for whiptail

[i] Performing reconfiguration, skipping download of local repos
[✓] Resetting repository within /etc/.pihole…
[✓] Resetting repository within /var/www/html/admin…
[i] Main Dependency checks…
[✓] Checking for cron
[✓] Checking for curl
[✓] Checking for dnsutils
[✓] Checking for iputils-ping
[✓] Checking for lsof
[✓] Checking for netcat
[✓] Checking for psmisc
[✓] Checking for sudo
[✓] Checking for unzip
[✓] Checking for wget
[✓] Checking for idn2
[✓] Checking for sqlite3
[✓] Checking for libcap2-bin
[✓] Checking for dns-root-data
[✓] Checking for resolvconf
[✓] Checking for libcap2
[✓] Checking for lighttpd
[✓] Checking for php7.0-common
[✓] Checking for php7.0-cgi
[✓] Checking for php7.0-sqlite3

[✓] Enabling lighttpd service to start on reboot…

[i] FTL Checks…

[✓] Detected ARM-hf architecture (armv7+)
[i] Checking for existing FTL binary…
[i] Latest FTL Binary already installed (v4.2.3). Confirming Checksum…
[i] Checksum correct. No need to download!
[✓] Checking for user ‘pihole’
[✓] Installing scripts from /etc/.pihole

[i] Installing configs from /etc/.pihole…
[i] Existing dnsmasq.conf found… it is not a Pi-hole file, leaving alone!
[✓] Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf

[i] Installing blocking page…
[✓] Creating directory for blocking page, and copying files
[✗] Backing up index.lighttpd.html
No default index.lighttpd.html file found… not backing up

[✓] Installing sudoer file

[✓] Installing latest Cron script

[✓] Installing latest logrotate script
[i] Backing up /etc/dnsmasq.conf to /etc/dnsmasq.conf.old
[✓] man pages installed and database updated
[i] Testing if systemd-resolved is enabled
[i] Systemd-resolved is not enabled
[✓] Restarting lighttpd service…
[✓] Enabling lighttpd service to start on reboot…
[i] Restarting services…
[✓] Enabling pihole-FTL service to start on reboot…
[✓] Restarting pihole-FTL service…
[✓] Deleting existing list cache
[i] Pi-hole blocking is enabled
[✗] DNS resolution is currently unavailable
[✓] DNS resolution is now available

[i] Neutrino emissions detected…
[✓] Pulling blocklist source list into range

[i] Target: raw.githubusercontent.com (hosts)
[✓] Status: Retrieval successful

[i] Target: mirror1.malwaredomains.com (justdomains)
[✓] Status: Retrieval successful

[i] Target: sysctl.org (hosts)
[✓] Status: Retrieval successful

[i] Target: zeustracker.abuse.ch (blocklist.php?download=domainblocklist)
[✓] Status: Retrieval successful

[i] Target: s3.amazonaws.com (simple_tracking.txt)
[✓] Status: Retrieval successful

[i] Target: s3.amazonaws.com (simple_ad.txt)
[✓] Status: Retrieval successful

[i] Target: hosts-file.net (ad_servers.txt)
[✓] Status: Retrieval successful

[✓] Consolidating blocklists
[✓] Extracting domains from blocklists
[i] Number of domains being pulled in by gravity: 134827
[✓] Removing duplicate domains
[i] Number of unique domains trapped in the Event Horizon: 112384
[i] Number of whitelisted domains: 0
[i] Number of blacklisted domains: 2
[i] Number of regex filters: 0
[✓] Parsing domains into hosts format
[✓] Cleaning up stray matter

[✓] Force-reloading DNS service
[✓] DNS service is running
[✓] Pi-hole blocking is Enabled

[i] The install log is located at: /etc/pihole/install.log
Update Complete!

Current Pi-hole version is v4.2.2
Current AdminLTE version is v4.2
Current FTL version is v4.2.3
pi@PiHole:~ $ grep ‘IPV[4,6]_ADDRESS|PIHOLE_INTERFACE’ /etc/pihole/setupVars.conf
PIHOLE_INTERFACE=wlan0
IPV4_ADDRESS=10.1.1.240/24
IPV6_ADDRESS=
pi@PiHole:~ $


#53

Looks better.
And what bout nslookup's on Pi and client ?


#54

Ooops! Sorry!


#55

pi@PiHole:~ $ nslookup pi.hole 10.1.1.240
Server: 10.1.1.240
Address: 10.1.1.240#53

Name: pi.hole
Address: 10.1.1.240

pi@PiHole:~ $


#56

pj@pj-selgbuild:~$ nslookup pi.hole 10.1.1.240
Server: 10.1.1.240
Address: 10.1.1.240#53

Name: pi.hole
Address: 10.1.1.240

pj@pj-selgbuild:~$


#57

That look all good.
DNS is working and if you query a naughty domain, you’ll notice it gets redirected to 0.0.0.0:

nslookup doubleclick.com 10.1.1.240

I wouldn’t even bother trying to configure the Asus router to push the Pi-hole IP address for DNS resolution via DHCP to its clients as described here (method 1):

This because most Asus routers encountered push two DNS servers instead of only the Pi-hole IP address:

Better switch off the DHCP service on the Asus router and flip it on on Pi-hole:

But before that, try assign a lower static IP address to Pi-hole like for example 10.1.1.2 or 10.1.1.3.
That way you can set the DHCP range of IP addresses to be handed out to the clients (can alter later on web GUI) from lets say 10.1.1.10 up to 10.1.1.254

If you edit below file, you’ll notice it has a section at the bottom with your interface and IP address.
If edit any, you’ll need to reboot and run pihole -r reconfigure again (maybe with nameserver hack).
If you change IP address, make sure its not taken already by pinging the address first!

sudo nano /etc/dhcpcd.conf

If your interested if your Asus router’s DHCP service behaves the same as hours:

sudo apt install nmap

sudo nmap -sU -p67 --script dhcp-discover 10.1.1.1


#58

Thank you for your help…it is very much appreciated!
Can I just not leave it as it is now…it seem quite complicated to go too much further. 10.1.1.3 is available. If all I have to do is to set 10.1.1.3 as the static address for the Pi and put that ip address at the end of the dhcpcd.conf file, I think I can manage that! :slight_smile:


#59

pi@PiHole:~ $ sudo nmap -sU -p67 --script dhcp-discover 10.1.1.1

Starting Nmap 7.40 ( https://nmap.org ) at 2019-03-12 21:54 NZDT
Nmap scan report for router.asus.com (10.1.1.1)
Host is up (0.0014s latency).
PORT STATE SERVICE
67/udp open dhcps
| dhcp-discover:
| DHCP Message Type: DHCPACK
| Server Identifier: 10.1.1.1
| IP Address Lease Time: 20h18m24s
| Subnet Mask: 255.255.255.0
| Broadcast Address: 10.1.1.255
| WPAD:
|
| Domain Name Server: 10.1.1.240, 10.1.1.1
|_ Router: 10.1.1.1
MAC Address: xxxxxxxxxxxxxxxx (Asustek Computer)

Nmap done: 1 IP address (1 host up) scanned in 2.04 seconds
pi@PiHole:~ $


#60

Hmmm! Maybe I over reacted…it does not seem too complicated. Just turn off on Asus and turn on on Rpi?


#61

"But before that, try assign a lower static IP address to Pi-hole like for example 10.1.1.2 or 10.1.1.3 .
That way you can set the DHCP range of IP addresses to be handed out to the clients (can alter later on web GUI) from lets say 10.1.1.10 up to 10.1.1.254

If you edit below file, you’ll notice it has a section at the bottom with your interface and IP address.
If edit any, you’ll need to reboot and run pihole -r reconfigure again (maybe with nameserver hack).
If you change IP address, make sure its not taken already by pinging the address first!

sudo nano /etc/dhcpcd.conf"

So, let me sure I understand this. On my PC I assign 10.1.1.3 to my RPi. Then I just need to go to dhcpcd.conf and change the IP address as the end (which now reads 10.1.1.240). Do the pi -r and it is all done!?