I put your pcap command in both my containers and now both are broken and not resolving DNS at all. Looks like that changed the ftl config to point to the pcap file? How can I quickly correct this without losing my configurations?
Logging into the IP:8080 web interface and removing the writable pcap variable in the All Settings Expert brought back resolution. I would hope writing a pcap file would mirror the traffic to an output and not take over the interface. I do not believe I'll be able to capture a pcap of this behavior given my environment.
I'm open to having a screen share session to help troubleshoot, but this error is not easily reproduceable on my end. The only records I can see that may cause it to happen are related to netflix.com which are blocked. Any other query log items I see during the error timestamps are passed correctly or not logged at all for some reason.
Maybe the file location wasn't writable, this could theoretically prevent dnsmasq from starting. But there would have been a clear error message about this in the log files.
I touched a file to my /pihole mapped config folder and performed chmod 777 inside the container on the touched pcap file. Once I put the command in to write to the .pcap (or placing it directly in the file field in the GUI), I get the following message on the dashboard:
