PiHole should log all comps on network
Doesn't log for one of computers witch is mine "Linux Mint 18.3"
It logs my wife comp 
, orangepizero and localhost. There is no my comp
link in client list
e2qqvusmw6
On the client that isn't showing in the Pi-Hole logs, please run the following command (substitute nslookup for dig if your client doesn't support dig):
dig pi.hole
Then on the Pi-Hole host terminal, run the following command substituting the IP address of the missing client where the "zzz" appears:
sudo grep zzz /var/log/pihole.log
Thanks for helping so fast
dig pi hole
; <<>> DiG 9.10.3-P4-Ubuntu <<>> pi.hole
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60356
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;pi.hole. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2018120301 1800 900 604800 86400
;; Query time: 34 msec
;; SERVER: 127.0.2.1#53(127.0.2.1)
;; WHEN: Mon Dec 03 17:16:55 CET 2018
;; MSG SIZE rcvd: 111
Second command doesn't show, but I open nano an here is content
Dec 3 15:17:10 dnsmasq[1161]: started, version pi-hole-2.79 cachesize 10000
Dec 3 15:17:10 dnsmasq[1161]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ip$
Dec 3 15:17:10 dnsmasq[1161]: warning: failed to change owner of /var/log/pihole.log: Operation not permitted
Dec 3 15:17:10 dnsmasq[1161]: using nameserver 1.0.0.1#53
Dec 3 15:17:10 dnsmasq[1161]: using nameserver 1.1.1.1#53
Dec 3 15:17:10 dnsmasq[1161]: read /etc/hosts - 6 addresses
Dec 3 15:17:10 dnsmasq[1161]: read /etc/pihole/local.list - 2 addresses
Dec 3 15:17:10 dnsmasq[1161]: failed to load names from /etc/pihole/black.list: No such file or directory
Dec 3 15:17:12 dnsmasq[1161]: read /etc/pihole/gravity.list - 275338 addresses
Dec 3 16:14:57 dnsmasq[1161]: 1 127.0.0.1/47822 query[A] view.atdmt.com.35626.9169.302br.net from 127.0.0.1
Dec 3 16:14:57 dnsmasq[1161]: 1 127.0.0.1/47822 /etc/pihole/gravity.list view.atdmt.com.35626.9169.302br.net is 0.0.0.0
Dec 3 16:14:57 dnsmasq[1161]: 2 192.168.5.113/37014 query[A] view.atdmt.com.35626.9169.302br.net from 192.168.5.113
Dec 3 16:14:57 dnsmasq[1161]: 2 192.168.5.113/37014 /etc/pihole/gravity.list view.atdmt.com.35626.9169.302br.net is 0.0.0.0Since the client can't lookup the pi.hole name, the client is apparently not using Pi-Hole as its DNS. Carefully check the DNS settings on that client.
I found that lighttpd stops working. After restarting as in this tread
content of pi hole log is different.
Dec 3 15:17:10 dnsmasq[1161]: started, version pi-hole-2.79 cachesize 10000
Dec 3 15:17:10 dnsmasq[1161]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ip$
Dec 3 15:17:10 dnsmasq[1161]: warning: failed to change owner of /var/log/pihole.log: Operation not permitted
Dec 3 15:17:10 dnsmasq[1161]: using nameserver 1.0.0.1#53
Dec 3 15:17:10 dnsmasq[1161]: using nameserver 1.1.1.1#53
Dec 3 15:17:10 dnsmasq[1161]: read /etc/hosts - 6 addresses
Dec 3 15:17:10 dnsmasq[1161]: read /etc/pihole/local.list - 2 addresses
Dec 3 15:17:10 dnsmasq[1161]: failed to load names from /etc/pihole/black.list: No such file or directory
Dec 3 15:17:12 dnsmasq[1161]: read /etc/pihole/gravity.list - 275338 addresses
Dec 3 16:14:57 dnsmasq[1161]: 1 127.0.0.1/47822 query[A] view.atdmt.com.35626.9169.302br.net from 127.0.0.1
Dec 3 16:14:57 dnsmasq[1161]: 1 127.0.0.1/47822 /etc/pihole/gravity.list view.atdmt.com.35626.9169.302br.net is 0.0.0.0
Dec 3 16:14:57 dnsmasq[1161]: 2 192.168.5.113/37014 query[A] view.atdmt.com.35626.9169.302br.net from 192.168.5.113
Dec 3 16:14:57 dnsmasq[1161]: 2 192.168.5.113/37014 /etc/pihole/gravity.list view.atdmt.com.35626.9169.302br.net is 0.0.0.0
Dec 3 16:26:51 dnsmasq[1161]: 3 192.168.5.50/51153 query[A] client.dropbox.com from 192.168.5.50
Dec 3 16:26:51 dnsmasq[1161]: 3 192.168.5.50/51153 forwarded client.dropbox.com to 1.0.0.1
Dec 3 16:26:51 dnsmasq[1161]: 3 192.168.5.50/51153 forwarded client.dropbox.com to 1.1.1.1
Dec 3 16:26:51 dnsmasq[1161]: 3 192.168.5.50/51153 reply client.dropbox.com is <CNAME>
Dec 3 16:26:51 dnsmasq[1161]: 3 192.168.5.50/51153 reply client.dropbox-dns.com is 162.125.69.3
Dec 3 16:26:53 dnsmasq[1161]: 4 192.168.5.50/52332 query[A] api.dropboxapi.com from 192.168.5.50
Dec 3 16:26:53 dnsmasq[1161]: 4 192.168.5.50/52332 forwarded api.dropboxapi.com to 1.0.0.1
Dec 3 16:26:53 dnsmasq[1161]: 4 192.168.5.50/52332 reply api.dropboxapi.com is <CNAME>
Dec 3 16:26:53 dnsmasq[1161]: 4 192.168.5.50/52332 reply api.dropbox-dns.com is 162.125.69.7
Dec 3 16:27:57 dnsmasq[1161]: 5 192.168.5.50/54713 query[A] d.dropbox.com from 192.168.5.50
Dec 3 16:27:57 dnsmasq[1161]: 5 192.168.5.50/54713 forwarded d.dropbox.com to 1.0.0.1
Dec 3 16:27:57 dnsmasq[1161]: 5 192.168.5.50/54713 reply d.dropbox.com is <CNAME>
Dec 3 16:27:57 dnsmasq[1161]: 5 192.168.5.50/54713 reply d.v.dropbox.com is <CNAME>
Dec 3 16:27:57 dnsmasq[1161]: 5 192.168.5.50/54713 reply d-sjc.v.dropbox.com is 162.125.32.135
Dec 3 16:38:45 dnsmasq[1161]: 6 192.168.5.50/51794 query[A] client.dropbox.com from 192.168.5.50
Dec 3 16:38:45 dnsmasq[1161]: 6 192.168.5.50/51794 forwarded client.dropbox.com to 1.0.0.1
Dec 3 16:38:45 dnsmasq[1161]: 6 192.168.5.50/51794 forwarded client.dropbox.com to 1.1.1.1
Dec 3 16:38:45 dnsmasq[1161]: 6 192.168.5.50/51794 reply client.dropbox.com is <CNAME>
Dec 3 16:38:45 dnsmasq[1161]: 6 192.168.5.50/51794 reply client.dropbox-dns.com is 162.125.69.3
Dec 3 16:38:45 dnsmasq[1161]: 7 192.168.5.50/55901 query[A] block-edge-anycast.dropbox.com from 192.168.5.50
Dec 3 16:38:45 dnsmasq[1161]: 7 192.168.5.50/55901 forwarded block-edge-anycast.dropbox.com to 1.0.0.1
Dec 3 16:38:45 dnsmasq[1161]: 8 192.168.5.50/51519 query[A] dl-debug.dropbox.com from 192.168.5.50
Please can an you point where you see that I don't us Pihole for DNS?
Thanks
The client can't resolve "pi.hole" and this address is mapped by the Pi-Hole working as DNS server. If you test this from another connected client, do you get the IP address of the Pi-Hole?
What is the IP address of the missing client?
192.168.5.10 is my comp (client) which is missing.
192.168.5.113 is Orange PI zero address
192.168.5.50 is my wife comp
192.168.5.55 should be pi.hole
The Pi-Hole appears to be using the 113 address as well. From your debug log:
*** [ DIAGNOSING ]: Networking
[ā] IPv4 address(es) bound to the eth0 interface:
192.168.5.113/24 does not match the IP found in /etc/pihole/setupVars.conf (https://discourse.pi-hole.net/t/use-ipv6-ula-addresses-for-pi-hole/2127)
192.168.5.55/24 matches the IP found in /etc/pihole/setupVars.con
What physical or virtual platform is hosting the Pi-Hole software?
Orange Pi zero
Armbian_5.65_Orangepizero_Ubuntu_bionic_next_4.14.78
I changed IP address from original Armbian to different, to not be confused which is which. I have a crash of pi.hole and still don't know the reason.
The Pi-Hole should be listening on the assigned IP address of the ethernet port (which appears to be the active connection).
Ensure that the IP address assigned to the Zero is static or reserved at the router. Then run pihole -r and select reconfigure; then select the assigned IP address when asked.
I know that, now pi.hole have static address and in router is reserved for pi.hole.
It was always the case, static and reserved.
Now is this
*** [ DIAGNOSING ]: Networking
[ā] IPv4 address(es) bound to the eth0 interface:
192.169.5.55/24 does not match the IP found in /etc/pihole/setupVars.conf (Use IPv6 ULA addresses for Pi-hole)
192.168.5.55/24 matches the IP found in /etc/pihole/setupVars.conf
There may be an error in the first IP address. The rest of your network is on 192.168.xxx and that address is 192.169.xxx.
Do you know how to change that typo?
Confirm the IP configuration on the Pi with ip addr
You can look in /etc/pihole/setupVars.conf and see if that line appears. If so, delete it.
No its not there only this
IPV4_ADDRESS=192.168.5.55/24
Thanks man for your patience with newbie like me,
Let's look for the missing client.
On the terminal on the Pi, run this command to live tail the pihole.log, and leave the window open:
tail -f /var/log/pihole.log
Then, on the missing client, open a browser and open www.cnn.com. This should result in a burst of activity in the pihole log from that client, starting with some cnn domains.
No there is no activity. just 15 lines of text
Dec 3 20:53:49 dnsmasq[1216]: 2341 192.168.5.50/53658 reply block-debug.x.dropbox.com is 52.6.78.241
Dec 3 20:53:49 dnsmasq[1216]: 2341 192.168.5.50/53658 reply block-debug.x.dropbox.com is 52.7.182.237
Dec 3 20:53:49 dnsmasq[1216]: 2341 192.168.5.50/53658 reply block-debug.x.dropbox.com is 52.21.155.87
Dec 3 20:53:49 dnsmasq[1216]: 2341 192.168.5.50/53658 reply block-debug.x.dropbox.com is 52.73.220.123
Dec 3 21:09:10 dnsmasq[1216]: 2342 192.168.5.50/53300 query[A] d.dropbox.com from 192.168.5.50
Dec 3 21:09:10 dnsmasq[1216]: 2342 192.168.5.50/53300 forwarded d.dropbox.com to 1.0.0.1
Dec 3 21:09:10 dnsmasq[1216]: 2342 192.168.5.50/53300 forwarded d.dropbox.com to 1.1.1.1
Dec 3 21:09:10 dnsmasq[1216]: 2342 192.168.5.50/53300 reply d.dropbox.com is
Dec 3 21:09:10 dnsmasq[1216]: 2342 192.168.5.50/53300 reply d.v.dropbox.com is
Dec 3 21:09:10 dnsmasq[1216]: 2342 192.168.5.50/53300 reply d-sjc.v.dropbox.com is 162.125.34.137
Dec 3 21:21:43 dnsmasq[1216]: 2343 192.168.5.50/55052 query[A] bolt.dropbox.com from 192.168.5.50
Dec 3 21:21:43 dnsmasq[1216]: 2343 192.168.5.50/55052 forwarded bolt.dropbox.com to 1.0.0.1
Dec 3 21:21:43 dnsmasq[1216]: 2343 192.168.5.50/55052 forwarded bolt.dropbox.com to 1.1.1.1
Dec 3 21:21:43 dnsmasq[1216]: 2343 192.168.5.50/55052 reply bolt.dropbox.com is
Dec 3 21:21:43 dnsmasq[1216]: 2343 192.168.5.50/55052 reply bolt.v.dropbox.com is 162.125.18.133
On the missing client (Linux based) open up a terminal window and see what nameserver it is using:
cat /etc/resolv.conf
nameserver 127.0.2.1