"Beta 5.0 with stock lists
"
Why am I not seeing this on my pihole? It didn't show as blocked just NODATA as I posted earlier.
Which upstream DNS server do you use?
Please run
pihole restartdns
and then try again.
done that 17 min ago
Please send us the token generated by
pihole -d
or do it through the Web interface:
You're not using our lighttpd configuration.
-rw-r--r-- 1 root root 2038 May 31 2019 /etc/lighttpd/lighttpd.conf
server.modules = (
"mod_indexfile",
"mod_access",
"mod_alias",
"mod_redirect",
)
server.document-root = "/var/www"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
server.http-parseopts = (
"header-strict" => "enable",
"host-strict" => "enable",
"host-normalize" => "enable",
"url-normalize-unreserved"=> "enable",
"url-normalize-required" => "enable",
"url-ctrls-reject" => "enable",
"url-path-2f-decode" => "enable",
"url-path-dotseg-remove" => "enable",
)
index-file.names = ( "index.php", "index.html" )
url.access-deny = ( "~", ".inc" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.conf.pl"
include "/etc/lighttpd/conf-enabled/*.conf"
server.modules += (
"mod_compress",
"mod_dirlisting",
"mod_staticfile",
)```Not with v5. If you whitelist the first domain (link.freebooksys.com) then the CNAMEs are not checked for blocking. No need to whitelist cb. as that would allow any domain that points to that CNAME through.
1 Like
You are correct - I had forgotten this detail of the new version.
1 Like
We had some discussion about how to handle this condition. The end idea was that whitelisting the CNAME makes the CNAME blocking kind of pointless. Users are expecting to see the direct domain so that is the domain allowed. DL's work ends up with a whitelist match causing any further checks against blocklists / CNAMEs to be skipped.
2 Likes
@DanSchaper
I don't know why not, it isn't something I have changed. Where do I get your version? - ignore got it from github
" Not with v5. If you whitelist the first domain ( link.freebooksys.com ) then the CNAMEs are not checked for blocking. No need to whitelist cb. as that would allow any domain that points to that CNAME through"
I tried whitelisting the domain and it was still being blocked. I had to whitelist the cb. one.
How did you whitelist? Using the CLI, direct database editing or the web GUI?
Both, web page failed with ro db, cli added it.
Just added your lighthttp.config but it is failing to start now
"root@PiHole:/etc/lighttpd# systemctl start lighttpd.service
Job for lighttpd.service failed because the control process exited with error code.
See "systemctl status lighttpd.service" and "journalctl -xe" for details.
root@PiHole:/etc/lighttpd# systemctl status lighttpd.service
● lighttpd.service - Lighttpd Daemon
Loaded: loaded (/lib/systemd/system/lighttpd.service; disabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Sat 2020-02-22 11:13:50 GMT; 1s ago
Process: 1035 ExecStartPre=/usr/sbin/lighttpd -tt -f /etc/lighttpd/lighttpd.conf (code=exited, status=255)
Feb 22 11:13:49 PiHole systemd[1]: lighttpd.service: Control process exited, code=exited status=255
Feb 22 11:13:49 PiHole systemd[1]: Failed to start Lighttpd Daemon.
Feb 22 11:13:49 PiHole systemd[1]: lighttpd.service: Unit entered failed state.
Feb 22 11:13:49 PiHole systemd[1]: lighttpd.service: Failed with result 'exit-code'.
Feb 22 11:13:50 PiHole systemd[1]: lighttpd.service: Service hold-off time over, scheduling restart.
Feb 22 11:13:50 PiHole systemd[1]: Stopped Lighttpd Daemon.
Feb 22 11:13:50 PiHole systemd[1]: lighttpd.service: Start request repeated too quickly.
Feb 22 11:13:50 PiHole systemd[1]: Failed to start Lighttpd Daemon.
Feb 22 11:13:50 PiHole systemd[1]: lighttpd.service: Unit entered failed state.
Feb 22 11:13:50 PiHole systemd[1]: lighttpd.service: Failed with result 'exit-code'."
OK so I will write a new image on the sdcard and try again. See if the same happens
Nope. Definitely said database is read only when I tried to add it via the web page.
Just updating the image file at the moment will probably be a couple of hours before I can test again.
OK just found out why the lighthttp config is wrong, I am/was using diet.pi and it writes it own.
Will change back to raspberrian.
Thanks, DietPi uses a slightly modified variant of our installer if I'm not mistaken. I have no testing equipment for DietPi available.
OK back up.
Just tried agiin using the web page
" Error, something went wrong!
Domain link.freebooksys.comis not a valid domain."
Another issue is with custom dns.
I added my local server with duo & 192.168.1.68 as the address, pihole is happily pinging it but my clients are not seeing it.
Pihole is my dns & dhcp server and router's is dhcp is disabled.
hairybiker@octo:~$ ping duo
ping: duo: Name or service not known
pi@raspberrypi:~ $ ping duo
PING duo (192.168.1.68) 56(84) bytes of data.
64 bytes from duo (192.168.1.68): icmp_seq=1 ttl=64 time=3.09 ms
64 bytes from duo (192.168.1.68): icmp_seq=2 ttl=64 time=9.62 ms
OK seems to be working now for the link.freebooksy.com ones, with it whitelisted.
Looks like it actually DID whitelist it even though it said it failed.
OK so why .local when my lan suffix is .lan I did try adding duo.lan