Not sure what you are suggesting I do here. I was under the impression that i was using the DHCP server. How do i know if i'm using it or not? If i'm not how do i use it? Here is the output for pihole -d that you requested. This was taken during the time where the internet was working on the clients(s) connected to the AP.
while working:
Detecting Installed Package Versions:
Pi-hole: v2.12.1
WebUI: v2.4
lighttpd/1.4.35
PHP 5.6.29-0+deb8u1 (cli) (built: Dec 17 2016 06:04:43)
Pi-hole branch: master
Pi-hole rev: v2.12.1-0-g5333895
AdminLTE branch: master
AdminLTE rev: v2.4-0-g406877d
Detecting existence of /etc/pihole/setupVars.conf:
PIHOLE_INTERFACE=wlan0
IPV4_ADDRESS=192.168.42.1/24
IPV6_ADDRESS=2601:8c:c003:6188::240f
PIHOLE_DNS_1=8.8.8.8
PIHOLE_DNS_2=8.8.4.4
QUERY_LOGGING=true
WEBPASSWORD=6cfa96e963ea4a22ea6bd3f4311d7be7ecbb2ee2403e6f485bdcc705ffb1bcfe
Detecting installed OS Distribution
PRETTY_NAME="Raspbian GNU/Linux 8 (jessie)"
NAME="Raspbian GNU/Linux"
VERSION_ID="8"
VERSION="8 (jessie)"
ID=raspbian
ID_LIKE=debian
HOME_URL="http://www.raspbian.org/"
SUPPORT_URL="http://www.raspbian.org/RaspbianForums"
BUG_REPORT_URL="http://www.raspbian.org/RaspbianBugs"
Checking processor variety
armv6l
IP Address Information
::1/128
fe80::297a:a3e2:8205:67ae/64
2601:8c:c003:6188::240f/128
2601:8c:c003:6188:39c9:2e22:89d2:c4b0/64
fe80::3088:9e67:6ed:7675/64
127.0.0.1/8
192.168.42.1/24
10.0.0.214/24
Daemon Process Information
Found user www-data with process lighttpd
Found user www-data with process lighttpd
Daemon Process Information
Found user dnsmasq with process dnsmasq
Found user dnsmasq with process dnsmasq
Processes Check
lighttpd
processes status:
● lighttpd.service - Lighttpd Daemon
Loaded: loaded (/lib/systemd/system/lighttpd.service; enabled)
Active: active (running) since Fri 2017-02-24 14:35:55 EST; 17min ago
Process: 744 ExecStartPre=/usr/sbin/lighttpd -t -f /etc/lighttpd/lighttpd.conf (code=exited, status=0/SUCCESS)
Main PID: 844 (lighttpd)
CGroup: /system.slice/lighttpd.service
├─ 844 /usr/sbin/lighttpd -D -f /etc/lighttpd/lighttpd.conf
├─ 989 /usr/bin/php-cgi
├─1032 /usr/bin/php-cgi
├─1033 /usr/bin/php-cgi
├─1034 /usr/bin/php-cgi
└─1037 /usr/bin/php-cgi
Feb 24 14:35:52 raspberrypi systemd[1]: Starting Lighttpd Daemon...
Feb 24 14:35:55 raspberrypi lighttpd[744]: Syntax OK
Feb 24 14:35:55 raspberrypi systemd[1]: Started Lighttpd Daemon.
dnsmasq
processes status:
● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled)
Drop-In: /run/systemd/generator/dnsmasq.service.d
└─50-dnsmasq-$named.conf, 50-insserv.conf-$named.conf
Active: active (running) since Fri 2017-02-24 14:35:49 EST; 17min ago
Process: 529 ExecStartPost=/etc/init.d/dnsmasq systemd-start-resolvconf (code=exited, status=0/SUCCESS)
Process: 470 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=0/SUCCESS)
Process: 399 ExecStartPre=/usr/sbin/dnsmasq --test (code=exited, status=0/SUCCESS)
Main PID: 525 (dnsmasq)
CGroup: /system.slice/dnsmasq.service
└─525 /usr/sbin/dnsmasq -x /var/run/dnsmasq/dnsmasq.pid -u dnsmasq -r /var/run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service --trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
Feb 24 14:35:46 raspberrypi dnsmasq[399]: dnsmasq: syntax check OK.
Feb 24 14:35:50 raspberrypi systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server.
Resolver Functions Check
Resolution of doubleclick.com from Pi-hole:
; <<>> DiG 9.9.5-9+deb8u9-Raspbian <<>> doubleclick.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 42189
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;doubleclick.com. IN A
;; ANSWER SECTION:
doubleclick.com. 300 IN A 192.168.42.1
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Feb 24 14:52:57 EST 2017
;; MSG SIZE rcvd: 60
Resolution of doubleclick.com from 8.8.8.8:
; <<>> DiG 9.9.5-9+deb8u9-Raspbian <<>> doubleclick.com @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25213
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;doubleclick.com. IN A
;; ANSWER SECTION:
doubleclick.com. 299 IN A 172.217.3.14
;; Query time: 42 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Feb 24 14:52:57 EST 2017
;; MSG SIZE rcvd: 60
Pi-hole dnsmasq specific records lookups
Cache Size:
"10000"
Upstream Servers:
"8.8.8.8#53 246 6" "8.8.4.4#53 33 0"
Detecting existence of /etc/lighttpd/lighttpd.conf:
server.modules = (
"mod_access",
"mod_accesslog",
"mod_auth",
"mod_expire",
"mod_compress",
"mod_redirect",
"mod_setenv",
"mod_rewrite"
)
server.document-root = "/var/www/html"
server.error-handler-404 = "pihole/index.php"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
accesslog.filename = "/var/log/lighttpd/access.log"
accesslog.format = "%{%s}t|%V|%r|%s|%b"
index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny = ( "~", ".inc" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
$HTTP["url"] =~ "^/admin/" {
setenv.add-response-header = (
"X-Pi-hole" => "The Pi-hole Web interface is working!",
"X-Frame-Options" => "DENY"
)
}
url.rewrite = ( "^(?!/admin/)..js$" => "pihole/index.js" )
$HTTP["url"] =~ "^(?!/admin)/." {
setenv.add-response-header = ( "X-Pi-hole" => "A black hole for Internet advertisements." )
}
include_shell "cat external.conf 2>/dev/null"
Detecting existence of /var/log/lighttpd/error.log:
2017-02-24 13:15:53: (log.c.164) server started
2017-02-24 13:17:56: (server.c.1558) server stopped by UID = 0 PID = 1
2017-02-24 13:17:58: (log.c.164) server started
2017-02-24 14:35:31: (server.c.1558) server stopped by UID = 0 PID = 1
2017-02-24 14:35:56: (log.c.164) server started
Detecting existence of /etc/dnsmasq.conf:
domain-needed
bogus-priv
server=8.8.8.8
interface=wlan0
except-interface=wlan1
listen-address=192.168.42.1
bind-interfaces
dhcp-range=192.168.42.50,192.168.42.150,12h
conf-dir=/etc/dnsmasq.d
Detecting existence of /etc/dnsmasq.d/01-pihole.conf:
addn-hosts=/etc/pihole/gravity.list
addn-hosts=/etc/pihole/local.list
domain-needed
bogus-priv
no-resolv
server=8.8.8.8
server=8.8.4.4
interface=wlan0
cache-size=10000
log-queries
log-facility=/var/log/pihole.log
local-ttl=300
log-async
Detecting existence of /etc/pihole/whitelist.txt:
raw.githubusercontent.com
mirror1.malwaredomains.com
sysctl.org
zeustracker.abuse.ch
s3.amazonaws.com
hosts-file.net
Detecting existence of /etc/pihole/blacklist.txt:
/etc/pihole/blacklist.txt not found!
Detecting existence of /etc/pihole/adlists.list:
/etc/pihole/adlists.list not found!
Analyzing gravity.list
/etc/pihole/gravity.list is 207574 lines long.
Analyzing pihole.log
/var/log/pihole.log is 2768 lines long.
/var/log/pihole.log is 212K.
pihole.log
Feb 24 14:52:59 dnsmasq[525]: query[A] shavar.services.mozilla.com from 192.168.42.51
Feb 24 14:52:59 dnsmasq[525]: forwarded shavar.services.mozilla.com to 8.8.8.8
Feb 24 14:52:59 dnsmasq[525]: forwarded shavar.services.mozilla.com to 8.8.4.4
Feb 24 14:52:59 dnsmasq[525]: forwarded shavar.services.mozilla.com to 8.8.8.8
Feb 24 14:52:59 dnsmasq[525]: query[AAAA] shavar.services.mozilla.com from 192.168.42.51
Feb 24 14:52:59 dnsmasq[525]: forwarded shavar.services.mozilla.com to 8.8.8.8
Feb 24 14:52:59 dnsmasq[525]: reply shavar.services.mozilla.com is
Feb 24 14:52:59 dnsmasq[525]: reply shavar.prod.mozaws.net is 52.38.179.134
Feb 24 14:52:59 dnsmasq[525]: reply shavar.prod.mozaws.net is 35.163.182.235
Feb 24 14:52:59 dnsmasq[525]: reply shavar.prod.mozaws.net is 52.43.151.131
Feb 24 14:52:59 dnsmasq[525]: reply shavar.prod.mozaws.net is 54.68.47.234
Feb 24 14:52:59 dnsmasq[525]: reply shavar.prod.mozaws.net is 52.27.92.252
Feb 24 14:52:59 dnsmasq[525]: reply shavar.prod.mozaws.net is 35.163.17.139
Feb 24 14:52:59 dnsmasq[525]: reply shavar.prod.mozaws.net is 52.24.240.17
Feb 24 14:52:59 dnsmasq[525]: reply shavar.prod.mozaws.net is 52.35.153.7
Feb 24 14:53:00 dnsmasq[525]: reply shavar.services.mozilla.com is
Feb 24 14:53:00 dnsmasq[525]: reply shavar.prod.mozaws.net is NODATA-IPv6
Feb 24 14:53:00 dnsmasq[525]: query[A] shavar.services.mozilla.com from 192.168.42.51
Feb 24 14:53:00 dnsmasq[525]: cached shavar.services.mozilla.com is
Feb 24 14:53:00 dnsmasq[525]: cached shavar.prod.mozaws.net is 52.35.153.7
Feb 24 14:53:00 dnsmasq[525]: cached shavar.prod.mozaws.net is 52.24.240.17
Feb 24 14:53:00 dnsmasq[525]: cached shavar.prod.mozaws.net is 35.163.17.139
Feb 24 14:53:00 dnsmasq[525]: cached shavar.prod.mozaws.net is 52.27.92.252
Feb 24 14:53:00 dnsmasq[525]: cached shavar.prod.mozaws.net is 54.68.47.234
Feb 24 14:53:00 dnsmasq[525]: cached shavar.prod.mozaws.net is 52.43.151.131
Feb 24 14:53:00 dnsmasq[525]: cached shavar.prod.mozaws.net is 35.163.182.235
Feb 24 14:53:00 dnsmasq[525]: cached shavar.prod.mozaws.net is 52.38.179.134
Feb 24 14:53:02 dnsmasq[525]: query[A] graph.facebook.com from 192.168.42.51
Feb 24 14:53:02 dnsmasq[525]: cached graph.facebook.com is
Feb 24 14:53:02 dnsmasq[525]: cached api.facebook.com is
Feb 24 14:53:02 dnsmasq[525]: forwarded graph.facebook.com to 8.8.8.8
Feb 24 14:53:02 dnsmasq[525]: query[A] pro.imdb.com from 192.168.42.51
Feb 24 14:53:02 dnsmasq[525]: forwarded pro.imdb.com to 8.8.8.8
Feb 24 14:53:02 dnsmasq[525]: reply graph.facebook.com is
Feb 24 14:53:02 dnsmasq[525]: reply api.facebook.com is
Feb 24 14:53:02 dnsmasq[525]: reply star.c10r.facebook.com is 31.13.71.1
Feb 24 14:53:02 dnsmasq[525]: reply pro.imdb.com is 54.239.24.159
Feb 24 14:53:02 dnsmasq[525]: query[A] ia.media-imdb.com from 192.168.42.51
Feb 24 14:53:02 dnsmasq[525]: cached ia.media-imdb.com is
Feb 24 14:53:02 dnsmasq[525]: cached ia.media-imdb.com.edgekey.net is
Feb 24 14:53:02 dnsmasq[525]: forwarded ia.media-imdb.com to 8.8.8.8
Feb 24 14:53:02 dnsmasq[525]: query[A] platform.twitter.com from 192.168.42.51
Feb 24 14:53:02 dnsmasq[525]: forwarded platform.twitter.com to 8.8.8.8
Feb 24 14:53:02 dnsmasq[525]: query[A] staticxx.facebook.com from 192.168.42.51
Feb 24 14:53:02 dnsmasq[525]: cached staticxx.facebook.com is
Feb 24 14:53:02 dnsmasq[525]: forwarded staticxx.facebook.com to 8.8.8.8
Feb 24 14:53:02 dnsmasq[525]: query[A] cdn.syndication.twimg.com from 192.168.42.51
Feb 24 14:53:02 dnsmasq[525]: forwarded cdn.syndication.twimg.com to 8.8.8.8
Feb 24 14:53:02 dnsmasq[525]: query[A] ton.twimg.com from 192.168.42.51
Feb 24 14:53:02 dnsmasq[525]: cached ton.twimg.com is
Feb 24 14:53:02 dnsmasq[525]: forwarded ton.twimg.com to 8.8.8.8
Feb 24 14:53:02 dnsmasq[525]: query[A] www.facebook.com from 192.168.42.51
Feb 24 14:53:02 dnsmasq[525]: cached www.facebook.com is
Feb 24 14:53:02 dnsmasq[525]: forwarded www.facebook.com to 8.8.8.8
Feb 24 14:53:02 dnsmasq[525]: reply platform.twitter.com is
Feb 24 14:53:02 dnsmasq[525]: reply platform-eb.twitter.com is 199.96.57.6
Feb 24 14:53:02 dnsmasq[525]: reply staticxx.facebook.com is
Feb 24 14:53:02 dnsmasq[525]: reply scontent.xx.fbcdn.net is 31.13.69.203
Feb 24 14:53:02 dnsmasq[525]: reply ton.twimg.com is
Feb 24 14:53:02 dnsmasq[525]: reply wildcard.twimg.com is 104.244.43.103
Feb 24 14:53:02 dnsmasq[525]: reply wildcard.twimg.com is 104.244.43.231
Feb 24 14:53:02 dnsmasq[525]: reply www.facebook.com is
Feb 24 14:53:02 dnsmasq[525]: reply star-mini.c10r.facebook.com is 31.13.71.36
Feb 24 14:53:02 dnsmasq[525]: reply cdn.syndication.twimg.com is
Feb 24 14:53:02 dnsmasq[525]: reply cs139.wac.edgecastcdn.net is 93.184.216.172
Feb 24 14:53:02 dnsmasq[525]: reply ia.media-imdb.com is
Feb 24 14:53:02 dnsmasq[525]: reply ia.media-imdb.com.edgekey.net is
Feb 24 14:53:02 dnsmasq[525]: reply e4642.g.akamaiedge.net is 23.205.211.21
Feb 24 14:53:03 dnsmasq[525]: query[A] m.imdb.com from 192.168.42.51
Feb 24 14:53:03 dnsmasq[525]: forwarded m.imdb.com to 8.8.8.8
Feb 24 14:53:03 dnsmasq[525]: query[A] secure.imdb.com from 192.168.42.51
Feb 24 14:53:03 dnsmasq[525]: forwarded secure.imdb.com to 8.8.8.8
Feb 24 14:53:03 dnsmasq[525]: reply m.imdb.com is 52.94.225.254
Feb 24 14:53:03 dnsmasq[525]: reply secure.imdb.com is 176.32.96.115
Feb 24 14:53:04 dnsmasq[525]: query[A] facebook.com from 192.168.42.51
Feb 24 14:53:04 dnsmasq[525]: forwarded facebook.com to 8.8.8.8
Feb 24 14:53:04 dnsmasq[525]: query[A] t.co from 192.168.42.51
Feb 24 14:53:04 dnsmasq[525]: forwarded t.co to 8.8.8.8
Feb 24 14:53:04 dnsmasq[525]: query[A] tumblr.com from 192.168.42.51
Feb 24 14:53:04 dnsmasq[525]: forwarded tumblr.com to 8.8.8.8
Feb 24 14:53:04 dnsmasq[525]: reply facebook.com is 31.13.71.36
Feb 24 14:53:04 dnsmasq[525]: reply t.co is 199.16.156.75
Feb 24 14:53:04 dnsmasq[525]: reply t.co is 199.16.156.11
Feb 24 14:53:04 dnsmasq[525]: reply tumblr.com is 66.6.32.31
Feb 24 14:53:04 dnsmasq[525]: reply tumblr.com is 66.6.33.159
Feb 24 14:53:04 dnsmasq[525]: reply tumblr.com is 66.6.33.31
Feb 24 14:53:04 dnsmasq[525]: query[A] www.amazon.com from 192.168.42.51
Feb 24 14:53:04 dnsmasq[525]: cached www.amazon.com is
Feb 24 14:53:04 dnsmasq[525]: cached www.cdn.amazon.com is
Feb 24 14:53:04 dnsmasq[525]: forwarded www.amazon.com to 8.8.8.8
Feb 24 14:53:04 dnsmasq[525]: reply www.amazon.com is
Feb 24 14:53:04 dnsmasq[525]: reply www.cdn.amazon.com is
Feb 24 14:53:04 dnsmasq[525]: reply opf-www.amazon.com is 54.239.25.200
Feb 24 14:53:05 dnsmasq[525]: query[A] scontent-lga3-1.xx.fbcdn.net from 192.168.42.51
Feb 24 14:53:05 dnsmasq[525]: forwarded scontent-lga3-1.xx.fbcdn.net to 8.8.8.8
Feb 24 14:53:05 dnsmasq[525]: query[A] connect.facebook.net from 192.168.42.51
Feb 24 14:53:05 dnsmasq[525]: forwarded connect.facebook.net to 8.8.8.8
Feb 24 14:53:05 dnsmasq[525]: query[A] i.media-imdb.com from 192.168.42.51
Feb 24 14:53:05 dnsmasq[525]: cached i.media-imdb.com is
Feb 24 14:53:05 dnsmasq[525]: forwarded i.media-imdb.com to 8.8.8.8
Feb 24 14:53:05 dnsmasq[525]: reply scontent-lga3-1.xx.fbcdn.net is 31.13.71.7
Feb 24 14:53:05 dnsmasq[525]: reply connect.facebook.net is
Feb 24 14:53:05 dnsmasq[525]: reply scontent.xx.fbcdn.net is 31.13.71.7
Feb 24 14:53:05 dnsmasq[525]: reply i.media-imdb.com is
Feb 24 14:53:05 dnsmasq[525]: reply d3k42v5me62qu0.cloudfront.net is 54.192.48.69
Feb 24 14:53:05 dnsmasq[525]: reply d3k42v5me62qu0.cloudfront.net is 54.192.48.144
Feb 24 14:53:05 dnsmasq[525]: reply d3k42v5me62qu0.cloudfront.net is 54.192.48.110
Feb 24 14:53:05 dnsmasq[525]: reply d3k42v5me62qu0.cloudfront.net is 54.192.48.235
Feb 24 14:53:05 dnsmasq[525]: reply d3k42v5me62qu0.cloudfront.net is 54.192.48.238
Feb 24 14:53:05 dnsmasq[525]: reply d3k42v5me62qu0.cloudfront.net is 54.192.48.158
Feb 24 14:53:05 dnsmasq[525]: reply d3k42v5me62qu0.cloudfront.net is 54.192.48.51
Feb 24 14:53:05 dnsmasq[525]: reply d3k42v5me62qu0.cloudfront.net is 54.192.48.228
Feb 24 14:53:06 dnsmasq[525]: query[A] g-ecx.images-amazon.com from 192.168.42.51
Feb 24 14:53:06 dnsmasq[525]: forwarded g-ecx.images-amazon.com to 8.8.8.8
Feb 24 14:53:06 dnsmasq[525]: query[A] contribute.imdb.com from 192.168.42.51
Feb 24 14:53:06 dnsmasq[525]: forwarded contribute.imdb.com to 8.8.8.8
Feb 24 14:53:06 dnsmasq[525]: reply g-ecx.images-amazon.com is
Feb 24 14:53:06 dnsmasq[525]: reply d1ge0kk1l5kms0.cloudfront.net is 52.85.94.195
Feb 24 14:53:06 dnsmasq[525]: reply d1ge0kk1l5kms0.cloudfront.net is 52.85.94.90
Feb 24 14:53:06 dnsmasq[525]: reply d1ge0kk1l5kms0.cloudfront.net is 52.85.94.190
Feb 24 14:53:06 dnsmasq[525]: reply d1ge0kk1l5kms0.cloudfront.net is 52.85.94.74
Feb 24 14:53:06 dnsmasq[525]: reply d1ge0kk1l5kms0.cloudfront.net is 52.85.94.76
Feb 24 14:53:06 dnsmasq[525]: reply d1ge0kk1l5kms0.cloudfront.net is 52.85.94.121
Feb 24 14:53:06 dnsmasq[525]: reply d1ge0kk1l5kms0.cloudfront.net is 52.85.94.152
Feb 24 14:53:06 dnsmasq[525]: reply d1ge0kk1l5kms0.cloudfront.net is 52.85.94.226
Feb 24 14:53:06 dnsmasq[525]: reply contribute.imdb.com is 52.94.226.0
Feb 24 14:53:13 dnsmasq[525]: query[A] clients4.google.com from 192.168.42.51
Feb 24 14:53:13 dnsmasq[525]: forwarded clients4.google.com to 8.8.8.8
Feb 24 14:53:13 dnsmasq[525]: reply clients4.google.com is
Feb 24 14:53:13 dnsmasq[525]: reply clients.l.google.com is 172.217.7.14
Feb 24 14:53:15 dnsmasq[525]: query[A] sync-348-us-west-2.sync.services.mozilla.com from 192.168.42.51
Feb 24 14:53:15 dnsmasq[525]: forwarded sync-348-us-west-2.sync.services.mozilla.com to 8.8.8.8
Feb 24 14:53:15 dnsmasq[525]: reply sync-348-us-west-2.sync.services.mozilla.com is 52.40.32.186
Feb 24 14:53:16 dnsmasq[525]: query[A] dq4ijymydgrfx.cloudfront.net from 192.168.42.51
Feb 24 14:53:16 dnsmasq[525]: forwarded dq4ijymydgrfx.cloudfront.net to 8.8.8.8
Feb 24 14:53:16 dnsmasq[525]: reply dq4ijymydgrfx.cloudfront.net is 52.85.94.213
Feb 24 14:53:16 dnsmasq[525]: reply dq4ijymydgrfx.cloudfront.net is 52.85.94.180
Feb 24 14:53:16 dnsmasq[525]: reply dq4ijymydgrfx.cloudfront.net is 52.85.94.100
Feb 24 14:53:16 dnsmasq[525]: reply dq4ijymydgrfx.cloudfront.net is 52.85.94.104
Feb 24 14:53:16 dnsmasq[525]: reply dq4ijymydgrfx.cloudfront.net is 52.85.94.229
Feb 24 14:53:16 dnsmasq[525]: reply dq4ijymydgrfx.cloudfront.net is 52.85.94.222
Feb 24 14:53:16 dnsmasq[525]: reply dq4ijymydgrfx.cloudfront.net is 52.85.94.24
Feb 24 14:53:16 dnsmasq[525]: reply dq4ijymydgrfx.cloudfront.net is 52.85.94.192
Feb 24 14:53:16 dnsmasq[525]: query[A] images-na.ssl-images-amazon.com from 192.168.42.51
Feb 24 14:53:16 dnsmasq[525]: forwarded images-na.ssl-images-amazon.com to 8.8.8.8
Feb 24 14:53:16 dnsmasq[525]: reply images-na.ssl-images-amazon.com is
Feb 24 14:53:16 dnsmasq[525]: reply dk9ps7goqoeef.cloudfront.net is 54.230.50.193
Feb 24 14:53:16 dnsmasq[525]: reply dk9ps7goqoeef.cloudfront.net is 54.230.50.4
Feb 24 14:53:16 dnsmasq[525]: reply dk9ps7goqoeef.cloudfront.net is 54.230.50.18
Feb 24 14:53:16 dnsmasq[525]: reply dk9ps7goqoeef.cloudfront.net is 54.230.50.158
Feb 24 14:53:28 dnsmasq[525]: query[A] api.openweathermap.org from 192.168.42.51
Feb 24 14:53:28 dnsmasq[525]: forwarded api.openweathermap.org to 8.8.8.8
Feb 24 14:53:28 dnsmasq[525]: forwarded api.openweathermap.org to 8.8.4.4
Feb 24 14:53:28 dnsmasq[525]: forwarded api.openweathermap.org to 8.8.8.8
Feb 24 14:53:28 dnsmasq[525]: query[AAAA] api.openweathermap.org from 192.168.42.51
Feb 24 14:53:28 dnsmasq[525]: forwarded api.openweathermap.org to 8.8.8.8
Feb 24 14:53:28 dnsmasq[525]: reply api.openweathermap.org is NODATA-IPv6
Feb 24 14:53:28 dnsmasq[525]: reply api.openweathermap.org is 192.241.169.168
Feb 24 14:53:28 dnsmasq[525]: reply api.openweathermap.org is 162.243.53.59
Feb 24 14:53:29 dnsmasq[525]: query[A] www.imdb.com from 192.168.42.51
Feb 24 14:53:29 dnsmasq[525]: cached www.imdb.com is
Feb 24 14:53:29 dnsmasq[525]: forwarded www.imdb.com to 8.8.4.4
Feb 24 14:53:29 dnsmasq[525]: reply www.imdb.com is
Feb 24 14:53:29 dnsmasq[525]: reply us.dd.imdb.com is 54.239.17.118
Feb 24 14:53:53 dnsmasq[525]: query[A] www.networkadvertising.org from 192.168.42.51
Feb 24 14:53:53 dnsmasq[525]: /etc/pihole/gravity.list www.networkadvertising.org is 192.168.42.1
Feb 24 14:53:56 dnsmasq[525]: query[A] i.imdb.com from 192.168.42.51
Feb 24 14:53:56 dnsmasq[525]: forwarded i.imdb.com to 8.8.8.8
Feb 24 14:53:56 dnsmasq[525]: forwarded i.imdb.com to 8.8.4.4
Feb 24 14:53:56 dnsmasq[525]: forwarded i.imdb.com to 8.8.8.8
Feb 24 14:53:56 dnsmasq[525]: query[A] instagram.com from 192.168.42.51
Feb 24 14:53:56 dnsmasq[525]: forwarded instagram.com to 8.8.4.4
Feb 24 14:53:56 dnsmasq[525]: query[A] itunes.apple.com from 192.168.42.51
Feb 24 14:53:56 dnsmasq[525]: cached itunes.apple.com is
Feb 24 14:53:56 dnsmasq[525]: cached itunes-cdn.itunes-apple.com.akadns.net is
Feb 24 14:53:56 dnsmasq[525]: cached itunes.apple.com.edgekey.net is
Feb 24 14:53:56 dnsmasq[525]: forwarded itunes.apple.com to 8.8.4.4
Feb 24 14:53:56 dnsmasq[525]: query[A] market.android.com from 192.168.42.51
Feb 24 14:53:56 dnsmasq[525]: forwarded market.android.com to 8.8.4.4
Feb 24 14:53:56 dnsmasq[525]: reply i.imdb.com is
Feb 24 14:53:56 dnsmasq[525]: reply d3k42v5me62qu0.cloudfront.net is 54.192.48.144
Feb 24 14:53:56 dnsmasq[525]: reply d3k42v5me62qu0.cloudfront.net is 54.192.48.69
Feb 24 14:53:56 dnsmasq[525]: reply d3k42v5me62qu0.cloudfront.net is 54.192.48.235
Feb 24 14:53:56 dnsmasq[525]: reply d3k42v5me62qu0.cloudfront.net is 54.192.48.158
Feb 24 14:53:56 dnsmasq[525]: reply d3k42v5me62qu0.cloudfront.net is 54.192.48.238
Feb 24 14:53:56 dnsmasq[525]: reply d3k42v5me62qu0.cloudfront.net is 54.192.48.110
Feb 24 14:53:56 dnsmasq[525]: reply d3k42v5me62qu0.cloudfront.net is 54.192.48.51
Feb 24 14:53:56 dnsmasq[525]: reply d3k42v5me62qu0.cloudfront.net is 54.192.48.228
Feb 24 14:53:56 dnsmasq[525]: reply instagram.com is 34.193.132.158
Feb 24 14:53:56 dnsmasq[525]: reply instagram.com is 52.0.142.173
Feb 24 14:53:56 dnsmasq[525]: reply instagram.com is 52.0.219.254
Feb 24 14:53:56 dnsmasq[525]: reply instagram.com is 52.2.136.73
Feb 24 14:53:56 dnsmasq[525]: reply instagram.com is 52.206.111.202
Feb 24 14:53:56 dnsmasq[525]: reply instagram.com is 52.21.139.51
Feb 24 14:53:56 dnsmasq[525]: reply instagram.com is 54.84.64.80
Feb 24 14:53:56 dnsmasq[525]: reply instagram.com is 54.85.174.32
Feb 24 14:53:56 dnsmasq[525]: reply market.android.com is
Feb 24 14:53:56 dnsmasq[525]: reply android-market.l.google.com is 172.217.2.206
Feb 24 14:53:56 dnsmasq[525]: query[A] www.amazon.de from 192.168.42.51
Feb 24 14:53:56 dnsmasq[525]: cached www.amazon.de is
Feb 24 14:53:56 dnsmasq[525]: cached www.cdn.amazon.de is
Feb 24 14:53:56 dnsmasq[525]: forwarded www.amazon.de to 8.8.4.4
Feb 24 14:53:56 dnsmasq[525]: query[A] www.amazon.fr from 192.168.42.51
Feb 24 14:53:56 dnsmasq[525]: cached www.amazon.fr is
Feb 24 14:53:56 dnsmasq[525]: forwarded www.amazon.fr to 8.8.4.4
Feb 24 14:53:56 dnsmasq[525]: reply www.amazon.de is
Feb 24 14:53:56 dnsmasq[525]: reply www.cdn.amazon.de is
Feb 24 14:53:56 dnsmasq[525]: reply opf-www.amazon.de is 54.239.34.172
Feb 24 14:53:56 dnsmasq[525]: reply www.amazon.fr is
Feb 24 14:53:56 dnsmasq[525]: reply www.cdn.amazon.fr is
Feb 24 14:53:56 dnsmasq[525]: reply opf-www.amazon.fr is 178.236.7.228
Feb 24 14:53:56 dnsmasq[525]: query[A] www.amazon.in from 192.168.42.51
Feb 24 14:53:56 dnsmasq[525]: cached www.amazon.in is
Feb 24 14:53:56 dnsmasq[525]: forwarded www.amazon.in to 8.8.4.4
Feb 24 14:53:56 dnsmasq[525]: query[A] www.amazon.it from 192.168.42.51
Feb 24 14:53:56 dnsmasq[525]: cached www.amazon.it is
Feb 24 14:53:56 dnsmasq[525]: forwarded www.amazon.it to 8.8.4.4
Feb 24 14:53:56 dnsmasq[525]: reply www.amazon.in is
Feb 24 14:53:56 dnsmasq[525]: reply www.cdn.amazon.in is
Feb 24 14:53:56 dnsmasq[525]: reply opf-www.amazon.in is 54.239.34.40
Feb 24 14:53:56 dnsmasq[525]: reply itunes.apple.com is
Feb 24 14:53:56 dnsmasq[525]: reply itunes-cdn.itunes-apple.com.akadns.net is
Feb 24 14:53:56 dnsmasq[525]: reply itunes.apple.com.edgekey.net is
Feb 24 14:53:56 dnsmasq[525]: reply e673.e9.akamaiedge.net is 23.64.76.175
Feb 24 14:53:56 dnsmasq[525]: reply www.amazon.it is
Feb 24 14:53:56 dnsmasq[525]: reply www.cdn.amazon.it is
Feb 24 14:53:56 dnsmasq[525]: reply opf-www.amazon.it is 178.236.4.216
Feb 24 14:53:56 dnsmasq[525]: query[A] www.audible.com from 192.168.42.51
Feb 24 14:53:56 dnsmasq[525]: forwarded www.audible.com to 8.8.4.4
Feb 24 14:53:56 dnsmasq[525]: query[A] www.boxofficemojo.com from 192.168.42.51
Feb 24 14:53:56 dnsmasq[525]: forwarded www.boxofficemojo.com to 8.8.4.4
Feb 24 14:53:56 dnsmasq[525]: query[A] www.dpreview.com from 192.168.42.51
Feb 24 14:53:56 dnsmasq[525]: forwarded www.dpreview.com to 8.8.4.4
Feb 24 14:53:56 dnsmasq[525]: reply www.audible.com is 54.239.31.60
Feb 24 14:53:56 dnsmasq[525]: reply www.boxofficemojo.com is
Feb 24 14:53:56 dnsmasq[525]: reply PROD-FE-1516923033.us-east-1.elb.amazonaws.com is 52.44.238.196
Feb 24 14:53:56 dnsmasq[525]: reply PROD-FE-1516923033.us-east-1.elb.amazonaws.com is 54.164.170.88
Feb 24 14:53:56 dnsmasq[525]: reply PROD-FE-1516923033.us-east-1.elb.amazonaws.com is 52.200.237.72
Feb 24 14:53:56 dnsmasq[525]: query[A] www.withoutabox.com from 192.168.42.51
Feb 24 14:53:56 dnsmasq[525]: forwarded www.withoutabox.com to 8.8.4.4
Feb 24 14:53:56 dnsmasq[525]: reply www.dpreview.com is 52.44.246.156
Feb 24 14:53:56 dnsmasq[525]: reply www.dpreview.com is 107.23.189.8
Feb 24 14:53:56 dnsmasq[525]: reply www.withoutabox.com is 52.94.237.80
and this is a pihole -d log taken while internet was not working:
Detecting Installed Package Versions:
Pi-hole: v2.12.1
WebUI: v2.4
lighttpd/1.4.35
PHP 5.6.29-0+deb8u1 (cli) (built: Dec 17 2016 06:04:43)
Pi-hole branch: master
Pi-hole rev: v2.12.1-0-g5333895
AdminLTE branch: master
AdminLTE rev: v2.4-0-g406877d
Detecting existence of /etc/pihole/setupVars.conf:
PIHOLE_INTERFACE=wlan0
IPV4_ADDRESS=192.168.42.1/24
IPV6_ADDRESS=2601:8c:c003:6188::240f
PIHOLE_DNS_1=8.8.8.8
PIHOLE_DNS_2=8.8.4.4
QUERY_LOGGING=true
WEBPASSWORD=6cfa96e963ea4a22ea6bd3f4311d7be7ecbb2ee2403e6f485bdcc705ffb1bcfe
Detecting installed OS Distribution
PRETTY_NAME="Raspbian GNU/Linux 8 (jessie)"
NAME="Raspbian GNU/Linux"
VERSION_ID="8"
VERSION="8 (jessie)"
ID=raspbian
ID_LIKE=debian
HOME_URL="http://www.raspbian.org/"
SUPPORT_URL="http://www.raspbian.org/RaspbianForums"
BUG_REPORT_URL="http://www.raspbian.org/RaspbianBugs"
Checking processor variety
armv6l
IP Address Information
::1/128
fe80::297a:a3e2:8205:67ae/64
2601:8c:c003:6188::240f/128
2601:8c:c003:6188:39c9:2e22:89d2:c4b0/64
fe80::3088:9e67:6ed:7675/64
127.0.0.1/8
192.168.42.1/24
10.0.0.214/24
Daemon Process Information
Found user www-data with process lighttpd
Found user www-data with process lighttpd
Daemon Process Information
Found user dnsmasq with process dnsmasq
Found user dnsmasq with process dnsmasq
Processes Check
lighttpd
processes status:
● lighttpd.service - Lighttpd Daemon
Loaded: loaded (/lib/systemd/system/lighttpd.service; enabled)
Active: active (running) since Fri 2017-02-24 14:35:55 EST; 23min ago
Process: 744 ExecStartPre=/usr/sbin/lighttpd -t -f /etc/lighttpd/lighttpd.conf (code=exited, status=0/SUCCESS)
Main PID: 844 (lighttpd)
CGroup: /system.slice/lighttpd.service
├─ 844 /usr/sbin/lighttpd -D -f /etc/lighttpd/lighttpd.conf
├─ 989 /usr/bin/php-cgi
├─1032 /usr/bin/php-cgi
├─1033 /usr/bin/php-cgi
├─1034 /usr/bin/php-cgi
└─1037 /usr/bin/php-cgi
Feb 24 14:35:52 raspberrypi systemd[1]: Starting Lighttpd Daemon...
Feb 24 14:35:55 raspberrypi lighttpd[744]: Syntax OK
Feb 24 14:35:55 raspberrypi systemd[1]: Started Lighttpd Daemon.
dnsmasq
processes status:
● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled)
Drop-In: /run/systemd/generator/dnsmasq.service.d
└─50-dnsmasq-$named.conf, 50-insserv.conf-$named.conf
Active: active (running) since Fri 2017-02-24 14:35:49 EST; 24min ago
Process: 529 ExecStartPost=/etc/init.d/dnsmasq systemd-start-resolvconf (code=exited, status=0/SUCCESS)
Process: 470 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=0/SUCCESS)
Process: 399 ExecStartPre=/usr/sbin/dnsmasq --test (code=exited, status=0/SUCCESS)
Main PID: 525 (dnsmasq)
CGroup: /system.slice/dnsmasq.service
└─525 /usr/sbin/dnsmasq -x /var/run/dnsmasq/dnsmasq.pid -u dnsmasq -r /var/run/dnsmasq/resolv.conf -7 /etc/dnsmasq.d,.dpkg-dist,.dpkg-old,.dpkg-new --local-service --trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
Feb 24 14:35:46 raspberrypi dnsmasq[399]: dnsmasq: syntax check OK.
Feb 24 14:35:50 raspberrypi systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server.
Resolver Functions Check
Resolution of doubleclick.com from Pi-hole:
; <<>> DiG 9.9.5-9+deb8u9-Raspbian <<>> doubleclick.com @127.0.0.1
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45688
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;doubleclick.com. IN A
;; ANSWER SECTION:
doubleclick.com. 300 IN A 192.168.42.1
;; Query time: 2 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Feb 24 14:59:55 EST 2017
;; MSG SIZE rcvd: 60
Resolution of doubleclick.com from 8.8.8.8:
; <<>> DiG 9.9.5-9+deb8u9-Raspbian <<>> doubleclick.com @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44528
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;doubleclick.com. IN A
;; ANSWER SECTION:
doubleclick.com. 299 IN A 172.217.3.14
;; Query time: 143 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Feb 24 14:59:55 EST 2017
;; MSG SIZE rcvd: 60
Pi-hole dnsmasq specific records lookups
Cache Size:
"10000"
Upstream Servers:
"8.8.8.8#53 279 6" "8.8.4.4#53 56 0"
Detecting existence of /etc/lighttpd/lighttpd.conf:
server.modules = (
"mod_access",
"mod_accesslog",
"mod_auth",
"mod_expire",
"mod_compress",
"mod_redirect",
"mod_setenv",
"mod_rewrite"
)
server.document-root = "/var/www/html"
server.error-handler-404 = "pihole/index.php"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
accesslog.filename = "/var/log/lighttpd/access.log"
accesslog.format = "%{%s}t|%V|%r|%s|%b"
index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny = ( "~", ".inc" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
$HTTP["url"] =~ "^/admin/" {
setenv.add-response-header = (
"X-Pi-hole" => "The Pi-hole Web interface is working!",
"X-Frame-Options" => "DENY"
)
}
url.rewrite = ( "^(?!/admin/)..js$" => "pihole/index.js" )
$HTTP["url"] =~ "^(?!/admin)/." {
setenv.add-response-header = ( "X-Pi-hole" => "A black hole for Internet advertisements." )
}
include_shell "cat external.conf 2>/dev/null"
Detecting existence of /var/log/lighttpd/error.log:
2017-02-24 13:15:53: (log.c.164) server started
2017-02-24 13:17:56: (server.c.1558) server stopped by UID = 0 PID = 1
2017-02-24 13:17:58: (log.c.164) server started
2017-02-24 14:35:31: (server.c.1558) server stopped by UID = 0 PID = 1
2017-02-24 14:35:56: (log.c.164) server started
Detecting existence of /etc/dnsmasq.conf:
domain-needed
bogus-priv
server=8.8.8.8
interface=wlan0
except-interface=wlan1
listen-address=192.168.42.1
bind-interfaces
dhcp-range=192.168.42.50,192.168.42.150,12h
conf-dir=/etc/dnsmasq.d
Detecting existence of /etc/dnsmasq.d/01-pihole.conf:
addn-hosts=/etc/pihole/gravity.list
addn-hosts=/etc/pihole/local.list
domain-needed
bogus-priv
no-resolv
server=8.8.8.8
server=8.8.4.4
interface=wlan0
cache-size=10000
log-queries
log-facility=/var/log/pihole.log
local-ttl=300
log-async
Detecting existence of /etc/pihole/whitelist.txt:
raw.githubusercontent.com
mirror1.malwaredomains.com
sysctl.org
zeustracker.abuse.ch
s3.amazonaws.com
hosts-file.net
Detecting existence of /etc/pihole/blacklist.txt:
/etc/pihole/blacklist.txt not found!
Detecting existence of /etc/pihole/adlists.list:
/etc/pihole/adlists.list not found!
Analyzing gravity.list
/etc/pihole/gravity.list is 207574 lines long.
Analyzing pihole.log
/var/log/pihole.log is 3063 lines long.
/var/log/pihole.log is 232K.
pihole.log