Expected Behaviour:
Pi Hole should resolve Domains
Actual Behaviour:
Pi Hole doesn't resolve domains. Perhabs, something is blocking piholes DNS requests to the extern DNS like Google
dig pi-hole output:
# dig pi-hole.net
; <<>> DiG 9.10.3-P4-Debian <<>> pi-hole.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 62332
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;pi-hole.net. IN A
;; ANSWER SECTION:
pi-hole.net. 288 IN A 206.189.252.21
;; Query time: 12 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Thu Jan 10 09:54:28 UTC 2019
;; MSG SIZE rcvd: 56
I'm using NATing for my network:
#!/bin/bash
# Flush existing rules
iptables -F
# Anything from the internet should have an public IP
iptables -A FORWARD -i $WAN_IF -s 192.168.0.0/16 -j REJECT
iptables -A FORWARD -i $WAN_IF -s 172.16.0.0/12 -j REJECT
iptables -A FORWARD -i $WAN_IF -s 10.0.0.0/8 -j REJECT
iptables -A INPUT -i $WAN_IF -s 192.168.0.0/16 -j REJECT
iptables -A INPUT -i $WAN_IF -s 172.16.0.0/12 -j REJECT
iptables -A INPUT -i $WAN_IF -s 10.0.0.0/8 -j REJECT
# Block NetBIOS (Stupid Windows... don't tell anyone that you're there!)
iptables -A FORWARD -p tcp --sport 137:139 -o $WAN_IF -j REJECT
iptables -A FORWARD -p udp --sport 137:139 -o $WAN_IF -j REJECT
iptables -A OUTPUT -p tcp --sport 137:139 -o $WAN_IF -j REJECT
iptables -A OUTPUT -p udp --sport 137:139 -o $WAN_IF -j REJECT
# Already existing connections would be accepted on every port
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Einkommende Pings erlauben
iptables -A INPUT -p icmp --icmp-type echo-request -j $PING_ALLOW
#### SPECIFIC ####
# Enable SSH and protect by x-tries
iptables -A INPUT -p tcp --dport $SSH_PORT -m state --state NEW -m recent --set --name SSH --rsource -j ACCEPT
iptables -A INPUT -m recent --update --seconds $SSH_BAN_TIME --hitcount $SSH_MAX_TRIES --rttl --name SSH --rsource -j REJECT
#### PORT OPENING ON HOST MACHINE
#iptables -A INPUT -j ACCEPT -p tcp --dport 80
#iptables -A INPUT -j ACCEPT -p tcp --dport 443
#### PORT FORWARDING ####
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s $LAN_NET -o $WAN_IF -j MASQUERADE
# Port Forwarding
iptables -t nat -A PREROUTING -i $WAN_IF -p tcp --dport 53 -j DNAT --to $LAN_IP.10:53 # CT110 - PiHole PiHole DNS
iptables -t nat -A PREROUTING -i $WAN_IF -p udp --dport 53 -j DNAT --to $LAN_IP.10:53 # CT110 - PiHole PiHole DNS
iptables -t nat -A PREROUTING -i $WAN_IF -p tcp --dport $DIFFERENT_PORT -j DNAT --to $LAN_IP.10:80
_
Debug Token:
pt62pjhba8