Cant access pihole log suggests its working! no ssh connection

Sorry your template doesn't fit.

I run pi-hole on an iomega iconnect, it's an arm device running debian from a small external ssd and everything was working well till it stopped last night.
The webmin interface refused to connect and so did ssh.

Unfortunately this system uses systemd so I can't just read the log files. Since the boot drive is usb I can plug it into any system that can read ext4 but I can't run it.

The iconnect isn't responding to pings either. The pihole log is plain text and it appears that it is working it looks like it talked to my apple tv. Might be mistaken here as I can't find an open port running wireshark I can see traffic from 192.168.3.253 the address of pihole.

4157 359.459274 Apple_97:f9:c6 Broadcast ARP 42 Who has 192.168.3.253? Tell 192.168.3.100
4158 359.459423 Iomega_0c:d6:68 Apple_97:f9:c6 ARP 60 192.168.3.253 is at 00:d0:b8:0c:d6:68

Any suggestions something strange going on here

Have you tried restarting it?

several times, I have a sneaking suspicion that when i updated last time some changes may have occurred to the firewall running on the iconnect. I just did a reinstall of the os on the iconnect as soon as i installed pi-hole I lost comms with it after i rebooted.

As it is just the base system + Pi-hole something in the installer seems to be an issue. I would bet its the firewall rules that are broken.

It might be related to dhcpcd

It might but I have just done a reinstall with 1 difference I said no to pi-hole writing its firewall rules.

Pi-hole Version v3.1.4 Web Interface Version v3.1 FTL Version v2.10

So what would Pi-hole's installer have written if I said yes? did it create a backup file? that I can revert too?

I'd rather restore my server image and correct the problem on that that than completely rebuild it.

It opens the DNS, HTTP, and FTL (localhost only) ports
If you have firewall-cmd:

Otherwise, it uses iptables:

ok I don't have firewall-cmd

and IPTables says this when I list rules

iptables --list-rules
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j LED --led-trigger-id "tcpssh" --led-delay 100

Now would I find a text file with the iptable rules if so i can restore the server image alter the rule file and hopefully be up and running again :slight_smile:

I don't understand what you're asking. Do you want to enable those IPTable rules? If so, just run those lines.

I think I have it.

  1. sudo su
  2. iptables-save > /etc/iptables.rules
  3. In /etc/network/if-pre-up.d/iptables,put:

#!/bin/sh
iptables-restore < /etc/iptables.rules
exit 0

sudo chmod +x /etc/network/if-pre-up.d/iptables

but what are the rules ? using my current config on the iconnect

Generated by iptables-save v1.4.21 on Wed Aug 9 23:09:40 2017

*filter
:INPUT ACCEPT [1331:130046]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [839:206424]
-A INPUT -p tcp -m tcp --dport 22 -j LED --led-trigger-id "tcpssh" --led-delay 100
COMMIT

Completed on Wed Aug 9 23:09:40 2017

Ok so now if I reboot hopefully my test install will work. and if I dd the original server image that I backed up placing these 2 files on my old image it should take in these rules on reboot and give me my server back :slight_smile: and if anyone comes looking with the same issue they might try these rules. just rebooting now .. and yes i have a blue led pulsing red so.. yes that works. so now to restore the old image and install these 2 files.

I can't run those lines the pi-hole update locked me out but as you see in my previous post I can restore the disk and put these 2 files on the disk and with a little luck my original image will execute the new file when i put the drive back to the iconnect and restore the open rules and i will be able to login again.
hopefully ...

unfortunately that hasn't been effective

Try disabling dhcpcd before you reboot.

how would I do that? bare in mind I can't run anything at best i can drop a bash script somewhere and hope it gets to run.

I appreciate the help with this btw, thank you

If its systemd, below one will disable:

sudo systemctl disable dhcpcd

Need to run that one before you update (and lose connection) and make sure your network works the old way using the "/etc/network/interfaces file" before updating.

I have no connection all I can do is take the hard drive off and edit files on another system thats the problem really I can't work on the system live as i am locked out.

wireshark is showing its at the ip and talking occasionally it answers when asked who has 192.168.3.253 it replies with its mac address

You could try writing a simple shell script to uninstall dhcpcd and activate it by adding it to cron

You said before you had working system ?
Need to dd a working image, disable dhcpcd, make sure networking survives a reboot and then do the updates that broke your setup.

I have an initial install that installs a minimal version of jesse i then have to update it recreate all the services it was running. It would be better if i can fix the broken image.

there is a lot of work that will need to be redone if i need to start from the very beginning again.

at least systemd hasn't broken this time... so if its possible to repair it i would prefer to do so. Also what happens next time pi-hole is updated will it leave me with a broken system again?

what all do you run on it?

The main thing is my archives and media theres around 10tb of storage the main thing is my mac shares. my photo's ect. it also runs print server and a couple of other things. It also was doing backups for the other systems on the lan