Blocked A Device From Bypassing PiHole, Queries are Now Flooded With Loopback Entries

I noticed a device was trying to circumvent my PiHole by directly accessing Cloudflare's DNS Servers. When I started blocking those connections it started flooding my PiHole Query screen making it much less useful, how do I fix this situation.


These are the rules on the router

The device creating the problem is a Home Assistant Smart Hub running on Raspberry Pi, if it's easier to fix the problem there.

There is no way so far to "hide" them from the query log, but you can hide them from "top permitted domains" via Settings/API Web Interface/Top List"

Better option would be to ask Frenck why there are hardcoded DNS servers being used now.

You mean "block the requests" as in: Ignore them?

If you want Pi-hole to ignore them, what should happen with them? Should they silently be dropped (the client never gets an answer), should they silently be answered with 0.0.0.0 / :: or NXDOMAIN or SERVFAIL or ... (the client does get an answer) or something else?

<Personal opinion>
I so not like if systems do something silently, this will cause issues when you forget about having configured something and then wondering half a year later why the heck some queries are not showing up. This will also be tough for the guys to debug because it is happening in the dark.
</Personal opinion>

Even if you would block them, they would show up in the log.

If you want to vote for such a feature:

Ah, so this is the real problem here :wink:

You can sort by the status if a query. This will show the blocked content first in the Query Log table so you can access them quickly (this is obviously assuming you did not block the loopback domain)

Pi-hole is a learning tool. It shows you what is really going on with your network. You can use that to find clients that are misbehaving and either fix the clients or report the unwanted behavior to the people responsible for the clients.

Pi-hole has revealed to you that a client is behaving badly. That is where you should be spending your efforts. Fix the bad client.

2 Likes

Yes, he already said:

I don't know about this particular software, however, basing on the sole concept of that it runs on a Raspberry Pi (Linux) and hoping it is not some proprietary blob, the issue can surely be fixed. Most likely it is sufficient to open an issue ticket for this software. It may depend on a particular or a specific combination of plugins (assuming such a thing exists in there).

Other users will be affected as well so it should be fixed upstream. I don't think any actual coding by you will be required.

Another solution (without opening a bug report = without fixing the underlying bug!!) would be to create an entry for loopback in the /etc/hosts of said device. This will prevent any requests to be made to your Pi-hole at all. Quick and correct solution, however, more circumventing than fixing.

Your call.