I am trying to get pi-hole configured on a rpi running Parrot OS that is being used as a range extender connected to a public AP.
It is currently configured to forward ipv4 from Wlan0 to eth0 providing internet access to my internal network.
The internet is currently accessible from the internal network and Ads are being blocked as expected when running pi-hole on eth0.
My problem is that i am unable to access the pi-hole interace from either the rpi or PC1.
The services dnsmaq and lighttpd fail to start which is why im confused adblocking is working on the internal network.
EDIT: The drawing is confusing me a bit.
Are the "Rpi" and "Pi-Hole Service" symbols one and the same box ?
If so, why does it have two IP adresses 10.42.0.1 & 10.42.0.2 in the same subnet ?
@deHakkelaar Yes pi-hole is running on the rpi, the rpi is just forwarding the traffic from wlan0 to eth0.
Im currently a student so still learning. I have update the diagram with subnets for you.
im not sure i have the pihole address configured correctly.
I wasnt sure wether to have an ip assigned to it on the /20 or /24 subnet. I was trying to avoid having an ip assigned to the server that caused a conflict with the DHCP ips assigned by the AP.
pi-hole is currently sinkholing ads before they reach my internal network however, if i browse from the pii, adds are let through. I assume this is because i configure pi-hole to run on eth0. should i be running it on Wlan0 instead?
traceroute 10.192.64.1
traceroute to 10.192.64.1 (10.192.64.1), 30 hops max, 60 byte packets
1 10.192.64.1 (10.192.64.1) 1.942 ms 1.826 ms 1.767 ms
#sudo netstat -nltup | grep 'Proto\|:53 \|:67 \|:80 \|:471'
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:80 0.0.0.0:* LISTEN 764/gsad
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1669/dnsmasq
tcp 0 0 10.42.0.1:53 0.0.0.0:* LISTEN 1105/dnsmasq
udp 14592 0 127.0.0.1:53 0.0.0.0:* 1669/dnsmasq
udp 14720 0 10.42.0.1:53 0.0.0.0:* 1105/dnsmasq
udp 42368 0 0.0.0.0:67 0.0.0.0:* 1105/dnsmasq
EDIT: I have also tried running pihole on wlan0. still get ads block on internal network but dnsmasq still failed
Tried changing listening address from local, eth0 and wlan0 but still same problem.
When configuring pihole for wlan0 i used the dhcp assigned address from the AP and the AP defautl gateway. ie ip 10.192.x.x/20 gw 10.192.64.1
also no matter what I cannot kill the dnsmaq service and the addresses it is listening on.
ββ[β]β[root@parrot]β[/etc]
ββββΌ #dnsmasq --interface=wlan0
Reading profile /etc/firejail/dnsmasq.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Parent pid 2772, child pid 2773
The new log directory is /proc/2773/root/var/log
Child process initialized in 120.58 ms
dnsmasq: failed to create listening socket for 127.0.0.1: Address already in use
Parent is shutting down, bye...
ββ[β]β[root@parrot]β[/etc]
ββββΌ #dnsmasq --interface=eth0
Reading profile /etc/firejail/dnsmasq.profile
Reading profile /etc/firejail/disable-common.inc
Reading profile /etc/firejail/disable-devel.inc
Reading profile /etc/firejail/disable-passwdmgr.inc
Reading profile /etc/firejail/disable-programs.inc
Parent pid 2671, child pid 2672
The new log directory is /proc/2672/root/var/log
Child process initialized in 109.09 ms
dnsmasq: failed to create listening socket for 10.42.0.1: Address already in use
Parent is shutting down, bye...
ββ[β]β[root@parrot]β[/etc]
ββββΌ #
Initially you want dnsmasq to listen on all IP addresses 0.0.0.0 instead of only on localhost 127.0.0.1 and 10.42.0.1.
Like so (mine is also doing DHCP on port 67 UDP):
Sounds like that Parot OS is already starting its own dnsmasq instance in a jail probably for DNS caching.
Need to figure out how to stop and disable that instance to allow Pi-hole to start its own dnsmasq instance.
Or configure the instance running in the jail with the necessary settings for Pi-hole though this could cause issues as the config files are not at the location Pi-hole is expecting (cant use the web GUI to change settings).
Here are my dnsmasq settings for comparison (older version of Pi-hole though):
pi@noads:~ $ sudo ps -aux | grep '^USER\|[d]nsmasq'
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
dnsmasq 27880 0.0 6.3 16632 11668 ? S Mar15 35:52 /usr/sbin/dnsmasq -x /run/dnsmasq/dnsmasq.pid -u dnsmasq -r /run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service
If you know the PID from above command, you can kill the instance with:
sudo kill -9 <PID>
And check if dnsmasq is not listening anymore with the netstat or ps -aux command.
And try start dnsmasq like the default Pi-hole installation is expecting (not in a jail):
On a client PC (Linux, Windows or Mac), you can check if she is blocking/redirecting a naughty domain to Pi-hole's own IP address with the nslookup command:
nslookup doubleclick.com <PIHOLE_IP_ADDRESS>
It should resemble below with 10.0.0.2 being my Pi-hole:
Probably the reason lighttpd isn't able to start is because another daemon called "gsad" has taken the socket (port 80 TCP + IP) on the loopback interface already.
For diagnosing, you could try stop "gsad" with:
sudo service gsad stop
Or kill it if you know the PID (ps -aux).
Start up lighttpd:
sudo service lighttpd restart
Check again with the netstat command.
And try access the admin page in a browser.