Could not activate remote peer.

Always. Anything else would be like running Windows with the virus scanner, and windows defender turned off. It is never a good idea. There have been a few times when I've risked turning it off just to find out if SELinux was the problem.

Nope. That part surprised me too. But maybe the 4.3.3 version doesn't use that file?

I ran the uninstall and install again. Not only is the 01-pihole.conf file back again, but the custom file I created has also been restored.

But pihole-FTL still reports the same error...

[root@media1 automated install]# ls -latZ /etc/dnsmasq.*
-rw-r--r--  1 root root    ?                                    24 Feb 24 14:47 /etc/dnsmasq.conf
-rw-r--r--  1 root root    ?                                    24 Feb 24 14:47 /etc/dnsmasq.conf.old

/etc/dnsmasq.d:
total 24
-rw-r--r--    1 root root    ?                                   1404 Feb 24 14:47 01-pihole.conf
drwxr-xr-x.   2 root dnsmasq system_u:object_r:dnsmasq_etc_t:s0  4096 Feb 24 14:47 .
drwxr-xr-x. 164 root root    system_u:object_r:etc_t:s0         12288 Feb 24 14:47 ..
-rw-r--r--    1 root root    ?                                     56 Feb 23 12:57 01-pihole-custom.conf

If you run SEL enforcing then you will have to write your own policy files and configure that aspect. We intentionally do not change anything with SEL and have a large notice during installation that says SEL enforce is not supported. I think you actually have to positively confirm that the notice was read?

The configuration files are unlabeled and will not be read/write by the daemons. That's most likely why the error as pihole-FTL can not use the configurations. The remote peer error comes when you can not write to the files.

Edit: If you want to check, try labeling the *.conf's to system_u:object_r:dnsmasq_etc_t:s0, may need to make them user objects but the idea is what I'm proposing.

I noticed my first ls -latZ was on the host briemers, the secound on media1. So it looks like I ran the command in the wrong terminal window the first time.

I can confirm I did not see such a notice... But it would be a great idea to add one. Generally if I see such a notice, I will simply abort the install, unless it is clear what policy is needed to be added. Just if I go to install software on Windows and it tells me to turn off my virus scanner, I abort the install.

But in this case I doubt SELinux is the culprit:

[root@media1 automated install]# ausearch -m AVC,USER_AVC -ts recent
<no matches>

No actions are being denied. I see why. It looks like I did actually disable it a few yours ago and forgot to reenable it... So I correct my self. SELinux is not in enforcement mode.

[root@media1 automated install]# ./basic-install.sh 

  [βœ“] Root user check

        .;;,.
        .ccccc:,.
         :cccclll:.      ..,,
          :ccccclll.   ;ooodc
           'ccll:;ll .oooodc
             .;cll.;;looo:.
                 .. ','.
                .',,,,,,'.
              .',,,,,,,,,,.
            .',,,,,,,,,,,,....
          ....''',,,,,,,'.......
        .........  ....  .........
        ..........      ..........
        ..........      ..........
        .........  ....  .........
          ........,,,,,,,'......
            ....',,,,,,,,,,,,.
               .',,,,,,,,,'.
                .',,,,,,'.
                  ..'''.

  [βœ“] Disk space check
  [βœ“] Update local cache of available packages

  [βœ“] Checking dnf for upgraded packages... 19 updates available
  [i] It is recommended to update your OS after installing the Pi-hole!

  [i] Installer Dependency checks...
  [βœ“] Checking for chkconfig

  [i] SELinux mode detected: Disabled
  [i] Using interface: enp0s25
  [i] Using OpenDNS (ECS)
  [i] Static IP already configured
  [i] Found IPv6 GUA address, using it for blocking IPv6 ads
  [i] IPv4 address: 172.31.253.119/22
  [i] IPv6 address: 2001:1970:50ec:b000:3e13:3379:d0ba:7cf7
  [i] Web Interface On
  [i] Web Server On
  [i] Logging On.
  [βœ—] Check for existing repository in /etc/.pihole
  [βœ“] Clone https://github.com/pi-hole/pi-hole.git into /etc/.pihole

  [βœ—] Check for existing repository in /var/www/html/admin
  [βœ“] Clone https://github.com/pi-hole/AdminLTE.git into /var/www/html/admin

  [i] Main Dependency checks...
  [βœ“] Checking for php-json
  [βœ“] Enabling lighttpd service to start on reboot...
  [βœ“] Creating user 'pihole'

  [i] FTL Checks...

  [βœ“] Detected x86_64 architecture
  [i] Checking for existing FTL binary...
  [βœ“] Downloading and Installing FTL
  [βœ“] Checking for user 'pihole'
  [i] Warning: 'lighty-enable-mod' utility not found
      Please ensure fastcgi is enabled if you experience issues
  [βœ“] Installing scripts from /etc/.pihole

  [i] Installing configs from /etc/.pihole...
  [i] Existing dnsmasq.conf found... it is not a Pi-hole file, leaving alone!
  [βœ“] Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf

  [i] Installing blocking page...
  [βœ“] Creating directory for blocking page, and copying files
  [βœ—] Backing up index.lighttpd.html
      No default index.lighttpd.html file found... not backing up

  [βœ“] Installing sudoer file

  [βœ“] Installing latest Cron script

  [βœ“] Installing latest logrotate script
  [i] Backing up /etc/dnsmasq.conf to /etc/dnsmasq.conf.old

  [βœ“] Configuring FirewallD for httpd and pihole-FTL
Warning: ALREADY_ENABLED: http
Warning: ALREADY_ENABLED: dns
success
success
  [βœ“] man pages installed and database updated
  [i] Testing if systemd-resolved is enabled
  [βœ“] Disabling systemd-resolved DNSStubListener and restarting systemd-resolved
  [βœ“] Restarting lighttpd service...
  [βœ“] Enabling lighttpd service to start on reboot...
  [i] Restarting services...
  [βœ“] Enabling pihole-FTL service to start on reboot...
  [βœ“] Restarting pihole-FTL service...
  [βœ“] Deleting existing list cache
  [i] Pi-hole blocking is enabled
  [i] Neutrino emissions detected...
  [βœ“] Pulling blocklist source list into range

  [i] Target: raw.githubusercontent.com (hosts)
  [βœ“] Status: Retrieval successful

  [i] Target: mirror1.malwaredomains.com (justdomains)
  [βœ“] Status: Retrieval successful

  [i] Target: sysctl.org (hosts)
  [βœ“] Status: Retrieval successful

  [i] Target: s3.amazonaws.com (simple_tracking.txt)
  [βœ“] Status: Retrieval successful

  [i] Target: s3.amazonaws.com (simple_ad.txt)
  [βœ“] Status: Retrieval successful

  [i] Target: hosts-file.net (ad_servers.txt)
  [βœ“] Status: Retrieval successful

  [βœ“] Consolidating blocklists
  [βœ“] Extracting domains from blocklists
  [i] Number of domains being pulled in by gravity: 147579
  [βœ“] Removing duplicate domains
  [i] Number of unique domains trapped in the Event Horizon: 125247
  [i] Nothing to whitelist!
  [i] Number of regex filters: 0
  [βœ“] Parsing domains into hosts format
  [βœ“] Cleaning up stray matter

  [βœ“] Force-reloading DNS service
  [βœ“] DNS service is running
  [i] Pi-hole blocking will be enabled
  [i] Enabling blocking
  [βœ“] Reloading DNS service
  [βœ“] Pi-hole Enabled
  [i] Web Interface password: ........
  [i] This can be changed using 'pihole -a -p'

  [i] View the web interface at http://pi.hole/admin or http://172.31.253.119/admin

  [i] You may now configure your devices to use the Pi-hole as their DNS server
  [i] Pi-hole DNS (IPv4): 172.31.253.119
  [i] Pi-hole DNS (IPv6): 2001:1970:50ec:b000:3e13:3379:d0ba:7cf7
  [i] If you set a new IP address, please restart the server running the Pi-hole

  [i] The install log is located at: /etc/pihole/install.log
Installation Complete!

Are you sure? The debug log you sent me earlier suggests otherwise:

*** [ DIAGNOSING ]: Operating system
βœ“Fedora 31 (Workstation Edition)

*** [ DIAGNOSING ]:e[0m SELinux
βœ“ Default SELinux: disabled
βœ“ Current SELinux: Disabled

Selinux should be permissive or disabled For the project to function properly.
Selinux file contexts displayed with the Z argument to the ls command should not matter when selinux is not enforcing.

Are you still having this problem? What is the output of the following command from the Pi terminal:

sudo netstat -nltup | grep 'Proto\|:53 \|:5053 \|:5353 \|:8953 \|:67 \|:80 \|:471'

dnsmasq is handling the requests in this case. Not Pi-hole.

FTL uses the very same dnsmasq config lines as long as

/etc/dnsmasq.conf

points into

/etc/dnsmasq.d

How does

get involved here?

This is not a warning we generate (it is not contained in the source code anywhere), so it seems to come from the system itself masquerading as coming from our process. There is a ton of stuff on the wb on this message, however, it always seems to be related to VPN. Just pasing the first result from Google here (not necessarily the right answer to your problem!):

But I see the discussion already moved on and towards a different direction, I though leaving this here would be beneficial, nonetheless.

1 Like

Just to make sure nobody is still trying to follow this false lead. SELinux was disabled. Looks like I turned it off years ago and forgot. For the most part I just use the machine as a plex server, and I probably decided I prefer performance over security...

Yes. I think it is seen related to vpn, because many vpn services mistakens try to directly /etc/resolv.conf. That is almost never the right things to do, since this is a file managed by Network Manager. So in Fedora 31, there was a service introduced that is suppose to be used to manage the updates. It is still not clear to me though how the error actually gets generated. And I doubt pihole would be updating /etc/resolv.conf. It would make sense for pihole to do that, since it already has the name servers it is using directly configured it doesn't need to reference /etc/resolv.conf. That should be impacting other processing running on the same host. In fact I should be able to change /etc/resolv.conf to 127.0.0.1 if I just want everything on the same host use pihole. But I probably don't want that... As I would want to let applications like squidguard make their own filter decisions.

I still see the same error logged:

● pihole-FTL.service - LSB: pihole-FTL daemon
   Loaded: loaded (/etc/rc.d/init.d/pihole-FTL; generated)
   Active: active (exited) since Tue 2020-02-25 10:23:01 EST; 9s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 1267782 ExecStart=/etc/rc.d/init.d/pihole-FTL start (code=exited, status=0/SUCCESS)

Feb 25 10:23:01 media1.docbill.info systemd[1]: Starting LSB: pihole-FTL daemon...
Feb 25 10:23:01 media1.docbill.info pihole-FTL[1267782]: Not running
Feb 25 10:23:01 media1.docbill.info pihole-FTL[1267782]: Failed to set DNS configuration: Could not activate remote peer.
Feb 25 10:23:01 media1.docbill.info su[1267808]: (to pihole) root on none
Feb 25 10:23:01 media1.docbill.info su[1267808]: pam_unix(su:session): session opened for user pihole by (uid=0)
Feb 25 10:23:01 media1.docbill.info pihole-FTL[1267782]: FTL started!
Feb 25 10:23:01 media1.docbill.info su[1267808]: pam_unix(su:session): session closed for user pihole
Feb 25 10:23:01 media1.docbill.info systemd[1]: Started LSB: pihole-FTL daemon.

However, as near as I can tell this is not actually resulting in anytype of failure.

[briemers@media1 ~]$ sudo netstat -nltup | grep 'Proto\|:53 \|:5053 \|:5353 \|:8953 \|:67 \|:80 \|:471'
[sudo] password for briemers: 
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      689788/pihole-FTL   
tcp        0      0 172.31.253.119:53       0.0.0.0:*               LISTEN      689788/pihole-FTL   
tcp        0      0 192.168.124.1:53        0.0.0.0:*               LISTEN      1488/dnsmasq        
tcp        0      0 127.0.0.1:4711          0.0.0.0:*               LISTEN      689788/pihole-FTL   
tcp6       0      0 ::1:53                  :::*                    LISTEN      689788/pihole-FTL   
tcp6       0      0 2001:1970:50ec:b000::53 :::*                    LISTEN      689788/pihole-FTL   
tcp6       0      0 fe80::9687:25d3:ceb3:53 :::*                    LISTEN      689788/pihole-FTL   
tcp6       0      0 ::1:4711                :::*                    LISTEN      689788/pihole-FTL   
udp        0      0 127.0.0.1:53            0.0.0.0:*                           689788/pihole-FTL   
udp        0      0 172.31.253.119:53       0.0.0.0:*                           689788/pihole-FTL   
udp        0      0 192.168.124.1:53        0.0.0.0:*                           1488/dnsmasq        
udp        0      0 0.0.0.0:67              0.0.0.0:*                           1488/dnsmasq        
udp   213440      0 0.0.0.0:5353            0.0.0.0:*                           2015/python         
udp   213440      0 0.0.0.0:5353            0.0.0.0:*                           2015/python         
udp   213440      0 0.0.0.0:5353            0.0.0.0:*                           2015/python         
udp   213440      0 0.0.0.0:5353            0.0.0.0:*                           2015/python         
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           2015/python         
udp   213440      0 0.0.0.0:5353            0.0.0.0:*                           2015/python         
udp   213440      0 0.0.0.0:5353            0.0.0.0:*                           2015/python         
udp   213440      0 0.0.0.0:5353            0.0.0.0:*                           2015/python         
udp   213440      0 0.0.0.0:5353            0.0.0.0:*                           2015/python         
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           2015/python         
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           985/avahi-daemon: r 
udp6       0      0 ::1:53                  :::*                                689788/pihole-FTL   
udp6       0      0 2001:1970:50ec:b000::53 :::*                                689788/pihole-FTL   
udp6       0      0 fe80::9687:25d3:ceb3:53 :::*                                689788/pihole-FTL   
udp6       0      0 :::5353                 :::*                                985/avahi-daemon: r 

Doc, your configuration is full of suprises you are revealing to us only piece by piece: :partying_face:
A separate dnsmasq instance, libvirt, a VPN of undisclosed provenience, SELinux, and now NetworkManager and a probably not yet supported Fedora release... :thinking:

Any more surprises, and I am going to call it a premature xmas :christmas_tree: :wink:

@devs: Any chances to have the template ask for some of the basics that would reduce our guesswork, for future topics?

NetworkManager is another tool that starts its own dnsmasq by default.
Your netstat -nltup shows a dnsmasq intance running alongside pihole-FTL, which may still lead to conflicts. I think the link I provided above contains some details on how to disable that for NM (towards the end).

I agree that this is likely not the cause for Could not activate remote peer, but I suspect resolv.conf to be involved in this as well.

A multitude of network daemons may be using that file, including but not limited to systemd-resolvd, NetworkManager and dhclient, as may Pi-hole v4 during installation (but that should be confirmed by a dev).

Have you probed into my hint at verifying that systemd-resolved is up and running yet?

1 Like

No. The VPN is running on my laptop. No on the server running pihole. I just made it seem like pihole stopped working, because as soon as I activate VPN on my laptop 99% of my dns queries stop.

Surprisingly I found pihole help reduce this problem. I put the 3 domains my laptop kept looking up in the pihole blacklist. Because of the way that works, my laptop stops recursing all possible variations of the domain names, so if my vpn is off my dns queries are still being significantly reduced by the blacklist. I'd classify that as a win for pihole.

That is the dnsmasq instance started by libvirt. I currently have that confined to running on virbr0. iphole is running on enp0s25. The two do not seem to conflict. I'm not really sure if my modifications to libvirt's dnsmasq config file to restrict dnsmasq to virb0 will cause problems with my docker containers. I doubt it will.

[briemers@media1 ~]$ systemctl status systemd-resolved|cat
● systemd-resolved.service - Network Name Resolution
   Loaded: loaded (/usr/lib/systemd/system/systemd-resolved.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2020-02-24 14:47:20 EST; 21h ago
     Docs: man:systemd-resolved.service(8)
           https://www.freedesktop.org/wiki/Software/systemd/resolved
           https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers
           https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients
 Main PID: 682697 (systemd-resolve)
   Status: "Processing requests..."
    Tasks: 1 (limit: 9254)
   Memory: 11.1M
   CGroup: /system.slice/systemd-resolved.service
           └─682697 /usr/lib/systemd/systemd-resolved

Feb 24 14:47:20 media1.docbill.info systemd[1]: Starting Network Name Resolution...
Feb 24 14:47:20 media1.docbill.info systemd-resolved[682697]: Positive Trust Anchors:
Feb 24 14:47:20 media1.docbill.info systemd-resolved[682697]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d
Feb 24 14:47:20 media1.docbill.info systemd-resolved[682697]: Negative trust anchors: 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.172.in-addr.arpa 25.172.in-addr.arpa 26.172.in-addr.arpa 27.172.in-addr.arpa 28.172.in-addr.arpa 29.172.in-addr.arpa 30.172.in-addr.arpa 31.172.in-addr.arpa 168.192.in-addr.arpa d.f.ip6.arpa corp home internal intranet lan local private test
Feb 24 14:47:20 media1.docbill.info systemd-resolved[682697]: Using system hostname 'media1.docbill.info'.
Feb 24 14:47:20 media1.docbill.info systemd[1]: Started Network Name Resolution.

Now that things are working can you provide a pihole -d token?

This process collects information from your Pi-hole, and optionally uploads it to a unique and random directory on tricorder.pi-hole.net.

The intent of this script is to allow users to self-diagnose their installations.  This is accomplished by running tests against our software and providing the user with links to FAQ articles when a problem is detected.  Since we are a small team and Pi-hole has been growing steadily, it is our hope that this will help us spend more time on development.

NOTE: All log files auto-delete after 48 hours and ONLY the Pi-hole developers can access your data via the given token. We have taken these extra steps to secure your data and will work to further reduce any personal information gathered.

*** [ INITIALIZING ]
[i] 2020-02-25:12:34:48 debug log has been initialized.

*** [ INITIALIZING ] Sourcing setup variables
[i] Sourcing /etc/pihole/setupVars.conf...

*** [ DIAGNOSING ]: Core version
[i] Core: v4.3.4 (https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249)
[i] Branch: master
[i] Commit: v4.3.4-0-g14944b0

*** [ DIAGNOSING ]: Web version
[i] Web: v4.3.3 (https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249)
[i] Branch: master
[i] Commit: v4.3.3-0-g62f2ffc

*** [ DIAGNOSING ]: FTL version
[βœ“] FTL: v4.3.1

*** [ DIAGNOSING ]: lighttpd version
[i] 1.4.54

*** [ DIAGNOSING ]: php version
[i] 7.3.14

*** [ DIAGNOSING ]: Operating system
[βœ“] Fedora 31 (Workstation Edition)

*** [ DIAGNOSING ]: SELinux
[βœ“] Default SELinux: disabled
[βœ“] Current SELinux: Disabled

*** [ DIAGNOSING ]: Processor
[i] x86_64

*** [ DIAGNOSING ]: Networking
[βœ“] IPv4 address(es) bound to the enp0s25 interface:
   172.31.253.119/22 matches the IP found in /etc/pihole/setupVars.conf

[βœ“] IPv6 address(es) bound to the enp0s25 interface:
   2001:1970:50ec:b000:3e13:3379:d0ba:7cf7 matches the IP found in /etc/pihole/setupVars.conf
   fe80::9687:25d3:ceb3:de9e does not match the IP found in /etc/pihole/setupVars.conf (https://discourse.pi-hole.net/t/use-ipv6-ula-addresses-for-pi-hole/2127)

   ^ Please note that you may have more than one IP address listed.
   As long as one of them is green, and it matches what is in /etc/pihole/setupVars.conf, there is no need for concern.

   The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes, which is why we check for it.

[i] Default IPv4 gateway: 172.31.252.1
   * Pinging 172.31.252.1...
[βœ“] Gateway responded.
[i] Default IPv6 gateway: fe80::6d9:f5ff:fe74:4b00
   * Pinging fe80::6d9:f5ff:fe74:4b00...
ping6: Warning: source address might be selected on device other than: enp0s25
[βœ“] Gateway responded.

*** [ DIAGNOSING ]: Ports in use
*:111 systemd (IPv4)
*:111 systemd (IPv6)
*:111 rpcbind (IPv4)
*:111 rpcbind (IPv6)
[::1]:631 cupsd (IPv6)
127.0.0.1:631 cupsd (IPv4)
*:22 sshd (IPv4)
*:22 sshd (IPv6)
*:57617 rpc.statd (IPv4)
*:57571 rpc.statd (IPv6)
*:20048 rpc.mountd (IPv4)
*:20048 rpc.mountd (IPv6)
[53] is in use by dnsmasq (https://discourse.pi-hole.net/t/hardware-software-requirements/273#ports)
*:8123 python (IPv4)
172.31.253.119:8300 python (IPv4)
*:8080 docker-pro (IPv6)
*:32400 Plex Me (IPv6)
127.0.0.1:32401 Plex Me (IPv4)
*:445 smbd (IPv6)
*:139 smbd (IPv6)
*:445 smbd (IPv4)
*:139 smbd (IPv4)
127.0.0.1:35903 Plex Sc (IPv4)
127.0.0.1:32600 Plex Tu (IPv4)
127.0.0.1:40671 Plex Sc (IPv4)
*:33400 Plex Sc (IPv4)
*:33443 Plex Sc (IPv4)
127.0.0.1:36699 Plex Sc (IPv4)
*:5355 systemd-re (IPv4)
*:5355 systemd-re (IPv6)
*:9080 lighttpd (IPv4)
[53] is in use by pihole-FTL
[53] is in use by pihole-FTL
[53] is in use by pihole-FTL
[53] is in use by pihole-FTL
[53] is in use by pihole-FTL
[4711] is in use by pihole-FTL
[4711] is in use by pihole-FTL

*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[βœ“] ad.doubleclick.net.79392.9678.302br.net is 0.0.0.0 via localhost (127.0.0.1)
[βœ“] ad.doubleclick.net.79392.9678.302br.net is 0.0.0.0 via Pi-hole (172.31.253.119)
[βœ“] doubleclick.com is 172.217.164.206 via a remote, public DNS server (8.8.8.8)

*** [ DIAGNOSING ]: Name resolution (IPv6) using a random blocked domain and a known ad-serving domain
[βœ“] ad32m.adk2.co is :: via localhost (::1)
[βœ“] ad32m.adk2.co is :: via Pi-hole (2001:1970:50ec:b000:3e13:3379:d0ba:7cf7)
[βœ“] doubleclick.com is 2607:f8b0:400b:801::200e via a remote, public DNS server (2001:4860:4860::8888)

*** [ DIAGNOSING ]: Pi-hole processes
[βœ“] lighttpd daemon is active
[βœ“] pihole-FTL daemon is active

*** [ DIAGNOSING ]: Setup variables
    PIHOLE_INTERFACE=enp0s25
    IPV4_ADDRESS=172.31.253.119/22
    IPV6_ADDRESS=2001:1970:50ec:b000:3e13:3379:d0ba:7cf7
    QUERY_LOGGING=true
    INSTALL_WEB_SERVER=true
    INSTALL_WEB_INTERFACE=true
    LIGHTTPD_ENABLED=true
    BLOCKING_ENABLED=true
    DNSMASQ_LISTENING=single
    PIHOLE_DNS_1=208.67.222.222
    PIHOLE_DNS_2=208.67.220.220
    PIHOLE_DNS_3=2620:119:35::35
    PIHOLE_DNS_4=2620:119:53::53
    DNS_FQDN_REQUIRED=true
    DNS_BOGUS_PRIV=true
    DNSSEC=false
    CONDITIONAL_FORWARDING=false

*** [ DIAGNOSING ]: Dashboard and block page
[βœ—] Block page X-Header: X-Header does not match or could not be retrieved.

[βœ—] Web interface X-Header: X-Header does not match or could not be retrieved.


*** [ DIAGNOSING ]: Gravity list
-rw-r--r-- 1 root root 2906013 Feb 24 14:47 /etc/pihole/gravity.list
   -----head of gravity.list------
   0.0.0.0
   0.nextyourcontent.com
   0.r.msn.com
   0.start.bz

   -----tail of gravity.list------
   zzz.clickbank.net
   zzzezeroe.fr
   zzzpooeaz-france.com
   zzzrtrcm2.com

*** [ DIAGNOSING ]: contents of /etc/pihole

-rw-r--r-- 1 root root 313 Feb 24 14:46 /etc/pihole/adlists.list
   https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
   https://mirror1.malwaredomains.com/files/justdomains
   http://sysctl.org/cameleon/hosts
   https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
   https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
   https://hosts-file.net/ad_servers.txt

-rw-r--r-- 1 root root 166 Feb 24 14:47 /etc/pihole/local.list
   172.31.253.119 media1.docbill.info
   2001:1970:50ec:b000:3e13:3379:d0ba:7cf7 media1.docbill.info
   172.31.253.119 pi.hole
   2001:1970:50ec:b000:3e13:3379:d0ba:7cf7 pi.hole

-rw-r--r-- 1 root root 234 Feb 24 14:47 /etc/pihole/logrotate
   /var/log/pihole.log {
   	su root root
   	daily
   	copytruncate
   	rotate 5
   	compress
   	delaycompress
   	notifempty
   	nomail
   }
   /var/log/pihole-FTL.log {
   	su root root
   	weekly
   	copytruncate
   	rotate 3
   	compress
   	delaycompress
   	notifempty
   	nomail
   }

*** [ DIAGNOSING ]: contents of /etc/dnsmasq.d

-rw-r--r-- 1 root root 1475 Feb 24 15:00 /etc/dnsmasq.d/01-pihole.conf
   addn-hosts=/etc/pihole/gravity.list
   addn-hosts=/etc/pihole/black.list
   addn-hosts=/etc/pihole/local.list
   localise-queries
   no-resolv
   cache-size=10000
   log-queries
   log-facility=/var/log/pihole.log
   local-ttl=2
   log-async
   server=208.67.222.222
   server=208.67.220.220
   server=2620:119:35::35
   server=2620:119:53::53
   domain-needed
   bogus-priv
   interface=enp0s25

*** [ DIAGNOSING ]: contents of /etc/lighttpd

-rw-r--r-- 1 root root 3638 Feb 24 14:48 /etc/lighttpd/lighttpd.conf
   server.modules = (
   	"mod_access",
   	"mod_auth",
   	"mod_fastcgi",
   	"mod_accesslog",
   	"mod_expire",
   	"mod_compress",
   	"mod_redirect",
   	"mod_setenv",
   	"mod_rewrite"
   )
   server.document-root        = "/var/www/html"
   server.error-handler-404    = "/pihole/index.php"
   server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
   server.errorlog             = "/var/log/lighttpd/error.log"
   server.pid-file             = "/var/run/lighttpd.pid"
   server.username             = "lighttpd"
   server.groupname            = "lighttpd"
   server.port                 = 9080
   accesslog.filename          = "/var/log/lighttpd/access.log"
   accesslog.format            = "%{%s}t|%V|%r|%s|%b"
   index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )
   url.access-deny             = ( "~", ".inc", ".md", ".yml", ".ini" )
   static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
   compress.cache-dir          = "/var/cache/lighttpd/compress/"
   compress.filetype           = ( "application/javascript", "text/css", "text/html", "text/plain" )
   mimetype.assign   = ( ".png"  => "image/png",
                         ".jpg"  => "image/jpeg",
                         ".jpeg" => "image/jpeg",
                         ".html" => "text/html",
                         ".css" => "text/css; charset=utf-8",
                         ".js" => "application/javascript",
                         ".json" => "application/json",
                         ".txt"  => "text/plain",
                         ".svg"  => "image/svg+xml" )
   fastcgi.server = ( ".php" =>
                      ( "localhost" =>
                        (
                          "socket" => "/tmp/php-fastcgi.socket",
                          "bin-path" => "/usr/bin/php-cgi"
                        )
                      )
                    )
   $HTTP["url"] =~ "^/admin/" {
   	  
       setenv.add-response-header = (
           "X-Pi-hole" => "The Pi-hole Web interface is working!",
           "X-Frame-Options" => "DENY"
       )
       $HTTP["url"] =~ ".ttf$" {
           
           setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
       }
   }
   $HTTP["url"] =~ "^/admin/\.(.*)" {
        url.access-deny = ("")
   }
   include_shell "cat external.conf 2>/dev/null"

*** [ DIAGNOSING ]: contents of /etc/cron.d

-rw-r--r-- 1 root root 1704 Feb 24 14:47 /etc/cron.d/pihole
   46 4   * * 7   root    PATH="$PATH:/usr/local/bin/" pihole updateGravity >/var/log/pihole_updateGravity.log || cat /var/log/pihole_updateGravity.log
   00 00   * * *   root    PATH="$PATH:/usr/local/bin/" pihole flush once quiet
   @reboot root /usr/sbin/logrotate /etc/pihole/logrotate
   */10 *  * * *   root    PATH="$PATH:/usr/local/bin/" pihole updatechecker local
   18 17  * * *   root    PATH="$PATH:/usr/local/bin/" pihole updatechecker remote
   @reboot root    PATH="$PATH:/usr/local/bin/" pihole updatechecker remote reboot

*** [ DIAGNOSING ]: contents of /var/log/lighttpd

-rw-r--r-- 1 lighttpd lighttpd 3210 Feb 25 10:23 /var/log/lighttpd/error.log
   2020-02-23 13:27:16: (server.c.1521) server started (lighttpd/1.4.54) 
   2020-02-23 13:29:17: (server.c.2091) server stopped by UID = 0 PID = 1 
   2020-02-23 13:32:07: (server.c.1521) server started (lighttpd/1.4.54) 
   2020-02-23 13:36:10: (server.c.2091) server stopped by UID = 0 PID = 1 
   2020-02-23 13:38:31: (server.c.1521) server started (lighttpd/1.4.54) 
   2020-02-23 14:40:48: (server.c.1521) server started (lighttpd/1.4.54) 
   2020-02-23 14:40:48: (gw_backend.c.468) unlink /tmp/php-fastcgi.socket-0 after connect failed: Connection refused 
   2020-02-23 14:40:48: (gw_backend.c.468) unlink /tmp/php-fastcgi.socket-1 after connect failed: Connection refused 
   2020-02-23 14:40:48: (gw_backend.c.468) unlink /tmp/php-fastcgi.socket-2 after connect failed: Connection refused 
   2020-02-23 14:40:48: (gw_backend.c.468) unlink /tmp/php-fastcgi.socket-3 after connect failed: Connection refused 
   2020-02-23 14:50:34: (server.c.1521) server started (lighttpd/1.4.54) 
   2020-02-23 14:50:34: (gw_backend.c.468) unlink /tmp/php-fastcgi.socket-0 after connect failed: Connection refused 
   2020-02-23 14:50:34: (gw_backend.c.468) unlink /tmp/php-fastcgi.socket-1 after connect failed: Connection refused 
   2020-02-23 14:50:34: (gw_backend.c.468) unlink /tmp/php-fastcgi.socket-2 after connect failed: Connection refused 
   2020-02-23 14:50:34: (gw_backend.c.468) unlink /tmp/php-fastcgi.socket-3 after connect failed: Connection refused 
   2020-02-23 15:06:34: (server.c.2091) server stopped by UID = 0 PID = 1 
   2020-02-23 15:11:41: (server.c.1521) server started (lighttpd/1.4.54) 
   2020-02-23 17:15:50: (server.c.2091) server stopped by UID = 0 PID = 1 
   2020-02-23 17:17:49: (server.c.1521) server started (lighttpd/1.4.54) 
   2020-02-23 17:47:28: (server.c.2091) server stopped by UID = 0 PID = 1 
   2020-02-23 17:48:13: (server.c.1521) server started (lighttpd/1.4.54) 
   2020-02-23 18:04:12: (server.c.2091) server stopped by UID = 0 PID = 1 
   2020-02-23 18:05:32: (server.c.1521) server started (lighttpd/1.4.54) 
   2020-02-23 18:08:31: (server.c.2091) server stopped by UID = 0 PID = 1 
   2020-02-23 18:08:56: (server.c.1521) server started (lighttpd/1.4.54) 

*** [ DIAGNOSING ]: contents of /var/log

-rw-r--r-- 1 pihole pihole 11846 Feb 25 12:20 /var/log/pihole-FTL.log
   -----head of pihole-FTL.log------
   [2020-02-25 00:43:52.844 689788] Resizing "/FTL-queries" from 1605632 to 1835008
   [2020-02-25 03:12:25.929 689788] Resizing "/FTL-queries" from 1835008 to 2064384
   [2020-02-25 05:16:48.489 689788] Resizing "/FTL-strings" from 20480 to 24576
   [2020-02-25 06:27:14.725 689788] Resizing "/FTL-queries" from 2064384 to 2293760
   [2020-02-25 09:13:43.701 689788] Resizing "/FTL-queries" from 2293760 to 2523136
   [2020-02-25 10:21:45.196 689788] Shutting down...
   [2020-02-25 10:21:45.569 689788] Finished final database update
   [2020-02-25 10:21:45.570 689788] ########## FTL terminated after 69699016.0 ms! ##########
   [2020-02-25 10:21:52.996 1267112] Using log file /var/log/pihole-FTL.log
   [2020-02-25 10:21:52.996 1267112] ########## FTL started! ##########
   [2020-02-25 10:21:52.996 1267112] FTL branch: master
   [2020-02-25 10:21:52.996 1267112] FTL version: v4.3.1
   [2020-02-25 10:21:52.996 1267112] FTL commit: b60d63f
   [2020-02-25 10:21:52.996 1267112] FTL date: 2019-05-25 21:37:26 +0200
   [2020-02-25 10:21:52.996 1267112] FTL user: pihole
   [2020-02-25 10:21:52.996 1267112] Starting config file parsing (/etc/pihole/pihole-FTL.conf)
   [2020-02-25 10:21:52.996 1267112]    SOCKET_LISTENING: only local
   [2020-02-25 10:21:52.996 1267112]    AAAA_QUERY_ANALYSIS: Show AAAA queries
   [2020-02-25 10:21:52.996 1267112]    MAXDBDAYS: max age for stored queries is 365 days
   [2020-02-25 10:21:52.996 1267112]    RESOLVE_IPV6: Resolve IPv6 addresses
   [2020-02-25 10:21:52.996 1267112]    RESOLVE_IPV4: Resolve IPv4 addresses
   [2020-02-25 10:21:52.996 1267112]    DBINTERVAL: saving to DB file every minute
   [2020-02-25 10:21:52.996 1267112]    DBFILE: Using /etc/pihole/pihole-FTL.db
   [2020-02-25 10:21:52.996 1267112]    MAXLOGAGE: Importing up to 24.0 hours of log data
   [2020-02-25 10:21:52.996 1267112]    PRIVACYLEVEL: Set to 0
   [2020-02-25 10:21:52.996 1267112]    IGNORE_LOCALHOST: Show queries from localhost
   [2020-02-25 10:21:52.996 1267112]    BLOCKINGMODE: Null IPs for blocked domains
   [2020-02-25 10:21:52.996 1267112]    ANALYZE_ONLY_A_AND_AAAA: Disabled. Analyzing all queries
   [2020-02-25 10:21:52.996 1267112]    DBIMPORT: Importing history from database
   [2020-02-25 10:21:52.996 1267112]    PIDFILE: Using /var/run/pihole-FTL.pid
   [2020-02-25 10:21:52.996 1267112]    PORTFILE: Using /var/run/pihole-FTL.port
   [2020-02-25 10:21:52.996 1267112]    SOCKETFILE: Using /var/run/pihole/FTL.sock
   [2020-02-25 10:21:52.996 1267112]    WHITELISTFILE: Using /etc/pihole/whitelist.txt
   [2020-02-25 10:21:52.996 1267112]    BLACKLISTFILE: Using /etc/pihole/black.list
   [2020-02-25 10:21:52.997 1267112]    GRAVITYFILE: Using /etc/pihole/gravity.list

   -----tail of pihole-FTL.log------
   [2020-02-25 10:23:01.498 1267810] Resizing "/FTL-strings" from 4096 to 8192
   [2020-02-25 10:23:01.502 1267810] Resizing "/FTL-strings" from 8192 to 12288
   [2020-02-25 10:23:01.504 1267810] Resizing "/FTL-queries" from 229376 to 458752
   [2020-02-25 10:23:01.510 1267810] Resizing "/FTL-queries" from 458752 to 688128
   [2020-02-25 10:23:01.513 1267810] Resizing "/FTL-strings" from 12288 to 16384
   [2020-02-25 10:23:01.522 1267810] Resizing "/FTL-queries" from 688128 to 917504
   [2020-02-25 10:23:01.539 1267810] Resizing "/FTL-queries" from 917504 to 1146880
   [2020-02-25 10:23:01.552 1267810] Resizing "/FTL-strings" from 16384 to 20480
   [2020-02-25 10:23:01.556 1267810] Resizing "/FTL-queries" from 1146880 to 1376256
   [2020-02-25 10:23:01.573 1267810] Resizing "/FTL-queries" from 1376256 to 1605632
   [2020-02-25 10:23:01.588 1267810] Resizing "/FTL-queries" from 1605632 to 1835008
   [2020-02-25 10:23:01.598 1267810] Resizing "/FTL-queries" from 1835008 to 2064384
   [2020-02-25 10:23:01.604 1267810] Resizing "/FTL-strings" from 20480 to 24576
   [2020-02-25 10:23:01.606 1267810] Resizing "/FTL-queries" from 2064384 to 2293760
   [2020-02-25 10:23:01.614 1267810] Resizing "/FTL-queries" from 2293760 to 2523136
   [2020-02-25 10:23:01.617 1267810] Imported 42512 queries from the long-term database
   [2020-02-25 10:23:01.617 1267810]  -> Total DNS queries: 42512
   [2020-02-25 10:23:01.617 1267810]  -> Cached DNS queries: 6438
   [2020-02-25 10:23:01.617 1267810]  -> Forwarded DNS queries: 21894
   [2020-02-25 10:23:01.617 1267810]  -> Exactly blocked DNS queries: 14180
   [2020-02-25 10:23:01.617 1267810]  -> Unknown DNS queries: 0
   [2020-02-25 10:23:01.617 1267810]  -> Unique domains: 879
   [2020-02-25 10:23:01.617 1267810]  -> Unique clients: 24
   [2020-02-25 10:23:01.617 1267810]  -> Known forward destinations: 4
   [2020-02-25 10:23:01.617 1267810] Successfully accessed setupVars.conf
   [2020-02-25 10:23:01.620 1267819] PID of FTL process: 1267819
   [2020-02-25 10:23:01.620 1267819] Listening on port 4711 for incoming IPv4 telnet connections
   [2020-02-25 10:23:01.621 1267819] Listening on port 4711 for incoming IPv6 telnet connections
   [2020-02-25 10:23:01.622 1267819] Listening on Unix socket
   [2020-02-25 10:23:01.623 1267819] Received SIGHUP, reloading cache
   [2020-02-25 10:23:01.623 1267819] Blocking status is enabled
   [2020-02-25 10:23:01.624 1267819] INFO: No whitelist file found
   [2020-02-25 10:23:01.624 1267819] Compiled 3 Regex filters and 0 whitelisted domains in 1.2 msec (0 errors)
   [2020-02-25 10:23:02.213 1267819] /etc/pihole/gravity.list: parsed 125247 domains (took 588.0 ms)
   [2020-02-25 12:20:20.226 1267819] Resizing "/FTL-queries" from 2523136 to 2752512

*** [ DIAGNOSING ]: contents of /dev/shm
-rw------- 1 pihole pihole 331776 Feb 25 12:34 /dev/shm/FTL-clients
-rw------- 1 pihole pihole 108 Feb 25 10:23 /dev/shm/FTL-counters
-rw------- 1 pihole pihole 98304 Feb 25 10:23 /dev/shm/FTL-domains
-rw------- 1 pihole pihole 20480 Feb 25 10:23 /dev/shm/FTL-forwarded
-rw------- 1 pihole pihole 48 Feb 25 10:23 /dev/shm/FTL-lock
-rw------- 1 pihole pihole 12288 Feb 25 10:23 /dev/shm/FTL-overTime
-rw------- 1 pihole pihole 2752512 Feb 25 12:34 /dev/shm/FTL-queries
-rw------- 1 pihole pihole 12 Feb 25 10:23 /dev/shm/FTL-settings
-rw------- 1 pihole pihole 24576 Feb 25 10:23 /dev/shm/FTL-strings

*** [ DIAGNOSING ]: Locale
    LANG=en_CA.UTF-8

*** [ DIAGNOSING ]: Pi-hole log
-rw-r--r-- 1 pihole pihole 7194765 Feb 25 12:34 /var/log/pihole.log
   -----head of pihole.log------
   Feb 25 00:00:07 dnsmasq[689788]: query[AAAA] ms.applovin.com from 172.31.252.170
   Feb 25 00:00:07 dnsmasq[689788]: /etc/pihole/gravity.list ms.applovin.com is 0.0.0.0
   Feb 25 00:00:07 dnsmasq[689788]: query[AAAA] ms.applovin.com from 172.31.252.170
   Feb 25 00:00:07 dnsmasq[689788]: /etc/pihole/gravity.list ms.applovin.com is 0.0.0.0
   Feb 25 00:00:07 dnsmasq[689788]: query[A] ms.applovin.com from 172.31.252.170
   Feb 25 00:00:07 dnsmasq[689788]: /etc/pihole/gravity.list ms.applovin.com is 0.0.0.0
   Feb 25 00:00:07 dnsmasq[689788]: query[A] ms.applovin.com from 172.31.252.170
   Feb 25 00:00:07 dnsmasq[689788]: /etc/pihole/gravity.list ms.applovin.com is 0.0.0.0
   Feb 25 00:00:07 dnsmasq[689788]: query[AAAA] device-metrics-us.amazon.com from 172.31.252.203
   Feb 25 00:00:07 dnsmasq[689788]: /etc/pihole/gravity.list device-metrics-us.amazon.com is 0.0.0.0
   Feb 25 00:00:07 dnsmasq[689788]: query[A] device-metrics-us.amazon.com from 172.31.252.203
   Feb 25 00:00:07 dnsmasq[689788]: /etc/pihole/gravity.list device-metrics-us.amazon.com is 0.0.0.0
   Feb 25 00:00:08 dnsmasq[689788]: query[A] mobile.pipe.aria.microsoft.com from 172.31.252.173
   Feb 25 00:00:08 dnsmasq[689788]: /etc/pihole/gravity.list mobile.pipe.aria.microsoft.com is 0.0.0.0
   Feb 25 00:00:08 dnsmasq[689788]: query[AAAA] telemetry.sdk.inmobi.com from 172.31.252.170
   Feb 25 00:00:08 dnsmasq[689788]: /etc/pihole/gravity.list telemetry.sdk.inmobi.com is 0.0.0.0
   Feb 25 00:00:08 dnsmasq[689788]: query[A] telemetry.sdk.inmobi.com from 172.31.252.170
   Feb 25 00:00:08 dnsmasq[689788]: /etc/pihole/gravity.list telemetry.sdk.inmobi.com is 0.0.0.0
   Feb 25 00:00:09 dnsmasq[689788]: query[AAAA] adc3-launch.adcolony.com from 172.31.252.170
   Feb 25 00:00:09 dnsmasq[689788]: /etc/pihole/gravity.list adc3-launch.adcolony.com is 0.0.0.0


********************************************
********************************************
[βœ“] ** FINISHED DEBUGGING! **

    * The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only.
    * For more information, see: https://pi-hole.net/2016/11/07/crack-our-medical-tricorder-win-a-raspberry-pi-3/
    * If available, we'll use openssl to upload the log, otherwise it will fall back to netcat.

[?] Would you like to upload the log? [y/N] y
    * Using curl for transmission.
[βœ—]  There was an error uploading your debug log.
   * Please try again or contact the Pi-hole team for assistance.
   * A local copy of the debug log can be found at: /var/log/pihole_debug.log

One thing worth noting, which I hadn't picked up on before now, you're running Fedora 31, which is not currently a supported operating system for Pi-hole

https://docs.pi-hole.net/main/prerequesites/#supported-operating-systems

image

If you've got it running, then that's great, but it is by no means designed to run on that operating system, and as such we can only offer a limited level of support

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.