peick
June 16, 2020, 1:07am
1
FTL updated to 5.0. I know this was already covered, but the solution was far too technical for me to follow. Also, my dig command worked, where the other user's did not. I can supply that information as needed.
Error: URL https://github.com/pi-hole/ftl/releases/latest/download/pihole-FTL-arm-linux-gnueabihf not found
https://tricorder.pi-hole.net/q4ezbpl4a8
Thanks.
peick (formerly peic)
What does curl -IL https://github.com/pi-hole/ftl/releases/latest/download/pihole-FTL-arm-linux-gnueabihf show?
peick
June 16, 2020, 1:21am
3
HTTP/1.1 302 Found
server: GitHub.com
date: Tue, 16 Jun 2020 01:20:19 GMT
content-type: text/html; charset=utf-8
status: 302 Found
vary: X-PJAX, Accept-Encoding, Accept, X-Requested-With
location: https://github.com/pi-hole/ftl/releases/download/v5.0/pihole-FTL-arm-linux-gnueabihf
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expect-ct: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker.js gist.github.com/socket-worker.js
Set-Cookie: _gh_sess=Wp2eUIU5W2oTeoe%2BVlpJWvRBesazeFVzmU0R2nVymTAL1%2BCdQCrZDCb51a3Uyiex43UIO5h9KJH3c7MJoLMB%2F3dDRQzYo64jBYTJna1llA8Td1E9V7ix1l7qZKrj0pzX8pb4YcfJRI%2FsQ0jABxxhMcMCRRzoVIWfRy5JOQZJ9YAh0n0MxT9TaMflxNHty9n1H9eyE2tJbOFQNh5YqcdF6JajeH%2Fs4zjf1eZ%2FzhxJ8rFqNpFTNebryqc%2BrFYoB8qlnMe3w%2FzkkCESP8ejI2C3Bg%3D%3D--kVXY4upM7qiu2MU9--Rbrr%2FfE1wPCu%2BGGkM8iFcg%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
Set-Cookie: _octo=GH1.1.1783327892.1592270423; Path=/; Domain=github.com; Expires=Wed, 16 Jun 2021 01:20:23 GMT; Secure; SameSite=Lax
Set-Cookie: logged_in=no; Path=/; Domain=github.com; Expires=Wed, 16 Jun 2021 01:20:23 GMT; HttpOnly; Secure; SameSite=Lax
Content-Length: 150
X-GitHub-Request-Id: D5A4:75F3:83552:112B9A:5EE81E57
HTTP/1.1 302 Found
server: GitHub.com
date: Tue, 16 Jun 2020 01:20:19 GMT
content-type: text/html; charset=utf-8
status: 302 Found
vary: X-PJAX, Accept-Encoding, Accept, X-Requested-With
location: https://github-production-release-asset-2e65be.s3.amazonaws.com/80716356/8129df00-92f1-11ea-8d73-1cff84242ab8?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20200616%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20200616T012019Z&X-Amz-Expires=300&X-Amz-Signature=ea425e341f5e7dbee7d4c967fd6093c5af26424197f251876c4c52eacc97972d&X-Amz-SignedHeaders=host&actor_id=0&repo_id=80716356&response-content-disposition=attachment%3B%20filename%3Dpihole-FTL-arm-linux-gnueabihf&response-content-type=application%2Foctet-stream
cache-control: no-cache
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
expect-ct: max-age=2592000, report-uri="https://api.github.com/_private/browser/errors"
content-security-policy: default-src 'none'; base-uri 'self'; block-all-mixed-content; connect-src 'self' uploads.github.com www.githubstatus.com collector.githubapp.com api.github.com www.google-analytics.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com cdn.optimizely.com logx.optimizely.com/v1/events wss://live.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com; frame-ancestors 'none'; frame-src render.githubusercontent.com; img-src 'self' data: github.githubassets.com identicons.github.com collector.githubapp.com github-cloud.s3.amazonaws.com *.githubusercontent.com; manifest-src 'self'; media-src 'none'; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; worker-src github.com/socket-worker.js gist.github.com/socket-worker.js
Set-Cookie: _gh_sess=qwj3H08pT6bPuQXL6sqxKitcZ%2BiNFbcESBlQePxR7jUt8pz4CUfPljYT3IpctsY%2FfWg7aXviNlnIiwVdHiiOhh4XvjYFYgXi%2BcAWK2ni0Z8Hc%2FgMnP0AKNLKHhLeSosTYQmATZhdN3VYgL47uAujs8Pz%2F1BD4s0vpL1NB5kup76JXGXV7gE6PRd0nUWa3cqj3OD3BnO%2FhQ1AS14CCcV5EfxwhcwGvi1cbLRR9Ew2INkts74e0Z8CKp8fSJQEZ%2F3NR1duWS7Me%2FKYagMe7jBtig%3D%3D--AQIpwVkKfCY7x35N--Vb7JUp0OD%2FdKiRBdIMk71w%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
Set-Cookie: _octo=GH1.1.845111632.1592270423; Path=/; Domain=github.com; Expires=Wed, 16 Jun 2021 01:20:23 GMT; Secure; SameSite=Lax
Set-Cookie: logged_in=no; Path=/; Domain=github.com; Expires=Wed, 16 Jun 2021 01:20:23 GMT; HttpOnly; Secure; SameSite=Lax
Content-Length: 641
X-GitHub-Request-Id: D5A4:75F3:83553:112B9B:5EE81E57
curl: (7) Failed to connect to github-production-release-asset-2e65be.s3.amazonaws.com port 443: Connection refused
peick:
Connection refused
That's an issue that is beyond what Pi-hole can handle. Are you blocking any amazonaws.com domains directly or with a regex block?
peick
June 16, 2020, 1:35am
5
I will review my blacklist and unblock any AWS I find. Thanks.
peick
June 16, 2020, 5:27pm
6
I reviewed my blacklist and found a single amazonaws.com domain, which I have whitelisted. I have confirmed it is no longer on the blacklist. Running the above curl command gives me the same error:
curl: (7) Failed to connect to github-production-release-asset-2e65be.s3.amazonaws.com port 443: Connection refused
I'm not sure why you would be refused a connection from aws.
What IP address do you get for github-production-release-asset-2e65be.s3.amazonaws.com?
peick
June 16, 2020, 5:33pm
8
I may not know how to do that. I put in a dig command thus:
dig github-production-release-asset-2e65be.s3.amazonaws.com
; <<>> DiG 9.10.3-P4-Raspbian <<>> github-production-release-asset-2e65be.s3.amazonaws.com
;; OPT PSEUDOSECTION:
;; ANSWER SECTION:
;; Query time: 0 msec
peick
June 16, 2020, 5:33pm
9
PS, would the HTTPS Everywhere plugin cause an issue?
0.0.0.0
It's still being blocked.
What does pihole -q github-production-release-asset-2e65be.s3.amazonaws.com show?
peick
June 16, 2020, 6:15pm
11
[i] No results found for github-production-release-asset-2e65be.s3.amazonaws.com within the block lists
Is there a way for me to download the file directly and then update from a local file?
We're trying to download the file directly.
Does pihole -q s3.amazonaws.com show anything? Something is causing that domain to be blocked.
peick
June 16, 2020, 6:20pm
13
[i] Over 100 results found for s3.amazonaws.com
There's not a reason to block s3, one of your list(s) is really overzealous if there's over 100 entries for that.
peick
June 16, 2020, 6:22pm
15
When I run pihole -b -l, I get only 55 entries, none of which is aws. I also ran a list of regex, and aws is not on there, unless it only shows the first so many entries.
You could try pihole -q -all s3.amazonaws.com and look for anything that would block github-production. Or enable regex debugging and check the logs for any hits.
peick
June 16, 2020, 7:15pm
17
OK, that produced quite a long list of what look like ad domains, which I feel like should be blocked. Do you spot anything? My Ctrl F was not finding "github" except in the first line.
Match found in list.0.raw.githubusercontent.com.domains:
windowsphishingalert158.s3.amazonaws.com
admarvel.s3.amazonaws.com
adpublisher.s3.amazonaws.com
advancelocal-adapter-image-uploads.s3.amazonaws.com
advert-creatives.s3.amazonaws.com
advrts.s3.amazonaws.com
adweek-sales.s3.amazonaws.com
adwerx-marketing-assets.s3.amazonaws.com
adzerk.s3.amazonaws.com
adzip.s3.amazonaws.com
alexa-sitestats.s3.amazonaws.com
ams-ads-cornerstone-creatives.s3.amazonaws.com
ams-ads-cornerstone-creatives-eu.s3.amazonaws.com
ams-ads-cornerstone-creatives-fe.s3.amazonaws.com
ams-ads-creative-assets-na.s3.amazonaws.com
analytics.s3.amazonaws.com
tapps.analytics.s3.amazonaws.com
com.tapps.analytics.s3.amazonaws.com
br.com.tapps.analytics.s3.amazonaws.com
applovin-deploy.s3.amazonaws.com
arc-native-apps.s3.amazonaws.com
btf-analytics.s3.amazonaws.com
campaign-tapad.s3.amazonaws.com
chartbeat-sdk.s3.amazonaws.com
chartiq-client-prod.s3.amazonaws.com
clickwallads.s3.amazonaws.com
digital-ads.s3.amazonaws.com
iacpromotion.s3.amazonaws.com
ignifyecom.s3.amazonaws.com
incoming-data-sense360.s3.amazonaws.com
inneractive-assets.s3.amazonaws.com
interactive-assets.s3.amazonaws.com
nativead.s3.amazonaws.com
sana.newsinccom.s3.amazonaws.com
offerwall.s3.amazonaws.com
html5adkit.plusmo.s3.amazonaws.com
qwilt-cq-prod-prod-media-analytics-upload-pipeline-pickup.s3.amazonaws.com
repro-sdk-log.s3.amazonaws.com
com.djinnworks.scd.s3.amazonaws.com
sdkvideo.s3.amazonaws.com
sift-campaign-creatives.s3.amazonaws.com
yab-adimages.s3.amazonaws.com
yc-ads.s3.amazonaws.com
yieldify-static-files.s3.amazonaws.com
spyhunter-download.s3.amazonaws.com
static-shareaholic.s3.amazonaws.com
matchbin-assets.s3.amazonaws.com
springclick-ads.s3.amazonaws.com
htmlads.s3.amazonaws.com
mondoads.s3.amazonaws.com
vml1.s3.amazonaws.com
advice-ads.s3.amazonaws.com
cdn.installationsafe.net.s3.amazonaws.com
slate-ad-scripts.s3.amazonaws.com
znaptag-us.s3.amazonaws.com
adtago.s3.amazonaws.com
sync.cmedia.s3.amazonaws.com
ecommstats.s3.amazonaws.com
exitsplash.s3.amazonaws.com
load.s3.amazonaws.com
ncads.s3.amazonaws.com
tracking.opencandy.com.s3.amazonaws.com
viewerstats.docstoc.com.s3.amazonaws.com
adagiobanner.s3.amazonaws.com
ad-arata.s3.amazonaws.com
seedapp-creative.s3.amazonaws.com
entrecard.s3.amazonaws.com
Match found in list.5.s3.amazonaws.com.domains:
admarvel.s3.amazonaws.com
adzerk.s3.amazonaws.com
alexa-sitestats.s3.amazonaws.com
entrecard.s3.amazonaws.com
interactive-assets.s3.amazonaws.com
yab-adimages.s3.amazonaws.com
Match found in list.6.hosts-file.net.domains:
admarvel.s3.amazonaws.com
ads_ad_center.s3.amazonaws.com
advice-ads.s3.amazonaws.com
advrts.s3.amazonaws.com
adzerk-www.s3.amazonaws.com
airpushmarketing.s3.amazonaws.com
analyticsengine.s3.amazonaws.com
arabmistress.s3.amazonaws.com
blamads-assets.s3.amazonaws.com
bo-videos.s3.amazonaws.com
cadreon.s3.amazonaws.com
campaign-tapad.s3.amazonaws.com
cd-ladsp-com.s3.amazonaws.com
ce2-dev-trk.s3.amazonaws.com
ce2-dev.s3.amazonaws.com
chartaca.com.s3.amazonaws.com
com.djinnworks.sdm.s3.amazonaws.com
convertglobal.s3.amazonaws.com
demandmedia.s3.amazonaws.com
deskwww.s3.amazonaws.com
epowernetworktrackerimages.s3.amazonaws.com
evs-hosted-14facd241e1c08.s3.amazonaws.com
forumwarz.s3.amazonaws.com
gateways.s3.amazonaws.com
getbarometer.s3.amazonaws.com
getsidecar.s3.amazonaws.com
gfaf-banners.s3.amazonaws.com
homad-global-configs-eu-fra.schneevonmorgen.com.s3.amazonaws.com
html5adkit.plusmo.s3.amazonaws.com
iacpromotion.s3.amazonaws.com
immassets.s3.amazonaws.com
inneractive-assets.s3.amazonaws.com
inpref.s3.amazonaws.com
interactive-assets.s3.amazonaws.com
kkastatic.s3.amazonaws.com
kraken-measurements.s3.amazonaws.com
livechat.s3.amazonaws.com
loved-by.s3.amazonaws.com
ltassrv.com.s3.amazonaws.com
magnify360-cdn.s3.amazonaws.com
matchbin-assets.s3.amazonaws.com
news-whistleout.s3.amazonaws.com
nxa-ls.s3.amazonaws.com
optimizely.s3.amazonaws.com
rich-agent.s3.amazonaws.com
s3-tracking.synthasite.net.s3.amazonaws.com
sana.newsinc.com.s3.amazonaws.com
sdsbucket.s3.amazonaws.com
spyhunter-download.s3.amazonaws.com
strikeadcdn.s3.amazonaws.com
thetradedesk-tags.s3.amazonaws.com
tree-pixel-log.s3.amazonaws.com
twitter-badges.s3.amazonaws.com
vice-ads.s3.amazonaws.com
whistleout.s3.amazonaws.com
yc-ads.s3.amazonaws.com
Try enabling regex debugging and watching the logfile for what is actually blocking that domain.
peick
June 16, 2020, 9:32pm
23
I entered DEBUG_REGEX=true into the /etc/pihole/pihole-FTL.conf file and tried to save, but it will not save. Error message says "Can't open file to write." This is when I attempt to save over the existing file. Maybe I'm doing it wrong.
You'll need to sudo edit the file with your editor. The file is restricted.