Can't reach admin interface

fenyx · May 27, 2020, 9:37am

Expected Behaviour:

Accessing http://pi-hole/admin or http://<Pi-hole IP>/admin should show the admin interface.

Actual Behaviour:

Connection timed out, page not displayed

Debug Token:

https://tricorder.pi-hole.net/7z48j723fs

##Additional info:

performed a re-install of pi-hole including a prior removal of lighttpd -> nothing changed
lighttpd service seems to be running
curl -f 127.0.0.1 can access the page (Black hole for internet advertisements...)
pinging the site is successful

Thanks for the help!

Bucking_Horn · May 27, 2020, 10:48am

As far as Pi-hole's configuration is concerned, your debug log looks normal.
It shows that Pi-hole has successfully joined your network with full IPv4 connectivity.

However, your Pi-hole has not received any traffic so far. (click for details)

*** [ DIAGNOSING ]: contents of /var/log

-rw-r--r-- 1 pihole pihole 9053 May 27 10:19 /var/log/pihole-FTL.log
   [2020-05-27 10:19:25.210 527] Imported 0 queries from the long-term database
   [2020-05-27 10:19:25.210 527]  -> Total DNS queries: 0
   [2020-05-27 10:19:25.210 527]  -> Cached DNS queries: 0
   [2020-05-27 10:19:25.211 527]  -> Forwarded DNS queries: 0
   [2020-05-27 10:19:25.211 527]  -> Blocked DNS queries: 0
   [2020-05-27 10:19:25.211 527]  -> Unknown DNS queries: 0
   [2020-05-27 10:19:25.211 527]  -> Unique domains: 0
   [2020-05-27 10:19:25.211 527]  -> Unique clients: 0
   [2020-05-27 10:19:25.211 527]  -> Known forward destinations: 0

This may be the case if you haven't introduced Pi-hole as your network's new DNS server yet. Going through Pi-hole's documentation on post install procedures should help with that.

However, that wouldn't explain why you can ping Pi-hole's IP address, but fail to access its UI via the same IP.
What IP address did you use?

jfb · May 27, 2020, 11:50am

This should be http://pi.hole/admin

fenyx · May 27, 2020, 12:24pm

Hi, the log didn't show any queries as I had just reinstalled pi-hole. Now it shows some but there are still some issues as there are too few... Need to look into that too.

As for the website, I did try with pi.hole/admin also with IP (192.168.2.3/admin) and none work.

Bucking_Horn · May 27, 2020, 4:15pm

There is a line in your debug log that hints at a potential problem with your network interface:

*** [ DIAGNOSING ]: Pi-hole log
-rw-r--r-- 1 pihole pihole 2511 May 27 10:28 /var/log/pihole.log
   -----head of pihole.log------
   May 27 10:19:25 dnsmasq[531]: warning: interface eth0 does not currently exist

What is the output of the following command, run from a terminal/console on your Pi-hole machine?

ip address show

fenyx · May 28, 2020, 6:13am

Hi,
output of ip address show:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether b8:27:eb:61:8c:66 brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.3/24 brd 192.168.2.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever

deHakkelaar · May 28, 2020, 6:21am

Firewall active ?

sudo iptables -nL

fenyx · May 28, 2020, 6:26am

~ $ sudo iptables -nL
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:22
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0            state RELATED,ESTABLISHED

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

fenyx · May 28, 2020, 6:27am

But...

$ curl -f 192.168.2.3
curl: (7) Failed to connect to 192.168.2.3 port 80: Connection refused

deHakkelaar · May 28, 2020, 6:29am

Firewall seems not configured to allow ports needed by Pi-hole:

For diagnosing, you can try flush all iptables rules with below and try access with browser after:

If that works, you'll need to figure out what firewall software is applying those iptables rules.
Could be UFW.

fenyx · May 28, 2020, 7:01am

Well, I started with flushing all the rules but...I "flushed" myself out of SSH and now can't get back in. It's a headless RasPi so...need to get to fixing the access issue first

deHakkelaar · May 28, 2020, 7:02am

lol

Yeah connect keyboard video.
Power cycling will restore the old iptables rules.

Do you have any idea what firewall software is applying those rules ?

EDIT: Maybe changing the order will allow you to flush via SSH:

sudo iptables -P INPUT ACCEPT
sudo iptables -P OUTPUT ACCEPT
sudo iptables -P FORWARD ACCEPT
sudo iptables -F
sudo iptables -X

fenyx · May 28, 2020, 9:21am

Ok, as I only had Pi-Hole running on thie RasPi I did a reinstall of Raspbian and pi-hole and now everything works. Next would be figuring out how to only make pi-hole block ads on some devices and on some not without entering the DNS manually on any device. But that's another story

jfb · May 28, 2020, 11:38am

system · June 18, 2020, 11:52am

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.