Exclude certain LAN addresses from filtering

2 Likes

Thanks for the quick response! :smile:

Thanks for this thread, I was looking for this.
Unfortunately I cannot use the installation tips provided as there is no dnsmasq available, but I read that pihole now already has this integrated.
So what I have right now is the provided file in /etc/dnsmasq.d/ and edited the mac files.
Currently this does not work. What else needs to be done here?

Edit: This is the debug log file.

This process collects information from your Pi-hole, and optionally uploads it to a unique$

The intent of this script is to allow users to self-diagnose their installations.  This is$

NOTE: All log files auto-delete after 48 hours and ONLY the Pi-hole developers can access $

^[[95m*** [ INITIALIZING ]^[[0m
[i] 2019-05-28:19:35:54 debug log has been initialized.

^[[95m*** [ INITIALIZING ]^[[0m Sourcing setup variables
[i] Sourcing /etc/pihole/setupVars.conf...

^[[95m*** [ DIAGNOSING ]:^[[0m Core version
[i] Core: ^[[33mv4.3^[[0m (^[[96mhttps://discourse.pi-hole.net/t/how-do-i-update-pi-hole/2$
[i] Branch: ^[[32mmaster^[[0m
[i] Commit: v4.3-0-g1d43c0a

^[[95m*** [ DIAGNOSING ]:^[[0m Web version
[i] Web: ^[[33mv4.3^[[0m (^[[96mhttps://discourse.pi-hole.net/t/how-do-i-update-pi-hole/24$
[i] Branch: ^[[32mmaster^[[0m
[i] Commit: v4.3-0-g44aff727

^[[95m*** [ DIAGNOSING ]:^[[0m FTL version
[^[[32m✓^[[0m] FTL: ^[[32mv4.3.1^[[0m

^[[95m*** [ DIAGNOSING ]:^[[0m lighttpd version
[i] 1.4.45

^[[95m*** [ DIAGNOSING ]:^[[0m php version
[i] 7.2.18

^[[95m*** [ DIAGNOSING ]:^[[0m Operating system
[^[[32m✓^[[0m] ^[[32mRaspbian GNU/Linux 9 (stretch)^[[0m

^[[95m*** [ DIAGNOSING ]:^[[0m SELinux
[i] ^[[32mSELinux not detected^[[0m

^[[95m*** [ DIAGNOSING ]:^[[0m Processor
[^[[32m✓^[[0m] ^[[32marmv7l^[[0m

^[[95m*** [ DIAGNOSING ]:^[[0m Networking
[^[[32m✓^[[0m] IPv4 address(es) bound to the wlan0 interface:
   ^[[32m192.168.178.38/24^[[0m matches the IP found in /etc/pihole/setupVars.conf   
   
[^[[32m✓^[[0m] IPv6 address(es) bound to the wlan0 interface:
   ^[[91m2a02:2455:dc:ed00:ba27:ebff:fea5:16c0^[[0m does not match the IP found in /etc/pi$
   ^[[91mfe80::ba27:ebff:fea5:16c0^[[0m does not match the IP found in /etc/pihole/setupVa$

   ^ Please note that you may have more than one IP address listed.
   As long as one of them is green, and it matches what is in /etc/pihole/setupVars.conf, $

   The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes$

[i] Default IPv4 gateway: 192.168.178.1
   * Pinging 192.168.178.1...
[^[[32m✓^[[0m] ^[[32mGateway responded.^[[0m
[i] Default IPv6 gateway: fe80::ca0e:14ff:fe8c:7894
   * Pinging fe80::ca0e:14ff:fe8c:7894...
[^[[32m✓^[[0m] ^[[32mGateway responded.^[[0m

^[[95m*** [ DIAGNOSING ]:^[[0m Ports in use
[^[[32m*:53^[[0m] is in use by ^[[32mpihole-FTL^[[0m
[^[[32m*:53^[[0m] is in use by ^[[32mpihole-FTL^[[0m
[^[[32m127.0.0.1:4711^[[0m] is in use by ^[[32mpihole-FTL^[[0m
[^[[32m[::1]:4711^[[0m] is in use by ^[[32mpihole-FTL^[[0m
*:22 dropbear (IPv4)
*:22 dropbear (IPv6)
127.0.0.1:6379 redis-serv (IPv4)
127.0.0.1:3306 mysqld (IPv4)
[^[[32m*:80^[[0m] is in use by ^[[32mlighttpd^[[0m
[^[[32m*:80^[[0m] is in use by ^[[32mlighttpd^[[0m

^[[95m*** [ DIAGNOSING ]:^[[0m Name resolution (IPv4) using a random blocked domain and a $
[^[[32m✓^[[0m] speedcounts.com ^[[32mis 0.0.0.0^[[0m via ^[[96mlocalhost^[[0m (127.0.0.1)
[^[[32m✓^[[0m] speedcounts.com ^[[32mis 0.0.0.0^[[0m via ^[[96mPi-hole^[[0m (192.168.178.3$
[^[[32m✓^[[0m] doubleclick.com ^[[32mis 216.58.207.174^[[0m via ^[[96ma remote, public DNS$

^[[95m*** [ DIAGNOSING ]:^[[0m Name resolution (IPv6) using a random blocked domain and a $
[^[[32m✓^[[0m] ad.iinfo.cz ^[[32mis ::^[[0m via ^[[96mlocalhost^[[0m (::1)
[^[[91m✗^[[0m] ^[[91mFailed to resolve^[[0m ad.iinfo.cz via ^[[91mPi-hole^[[0m (2001:4c50:$
[^[[32m✓^[[0m] doubleclick.com ^[[32mis 2a00:1450:4001:820::200e^[[0m via ^[[96ma remote, $

^[[95m*** [ DIAGNOSING ]:^[[0m Pi-hole processes
[^[[32m✓^[[0m] ^[[32mlighttpd^[[0m daemon is ^[[32mactive^[[0m
[^[[32m✓^[[0m] ^[[32mpihole-FTL^[[0m daemon is ^[[32mactive^[[0m

^[[95m*** [ DIAGNOSING ]:^[[0m Setup variables
    BLOCKING_ENABLED=true
    PIHOLE_INTERFACE=wlan0
    IPV4_ADDRESS=192.168.178.38/24
    IPV6_ADDRESS=2001:4c50:46d:1300:ba27:ebff:fea5:16c0
    PIHOLE_DNS_1=8.8.8.8
    PIHOLE_DNS_2=8.8.4.4
    QUERY_LOGGING=true
    INSTALL_WEB_SERVER=false
    INSTALL_WEB_INTERFACE=true
    LIGHTTPD_ENABLED=false

^[[95m*** [ DIAGNOSING ]:^[[0m Dashboard and block page
[^[[91m✗^[[0m] Block page X-Header: ^[[91mX-Header does not match or could not be retrieve$
^[[91mHTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "3376042388"
Last-Modified: Sat, 27 Oct 2018 12:57:57 GMT
Content-Length: 3378
Date: Tue, 28 May 2019 17:36:06 GMT
Server: lighttpd/1.4.45
^M^[[0m
[^[[91m✗^[[0m] Web interface X-Header: ^[[91mX-Header does not match or could not be retri$
^[[91mHTTP/1.1 200 OK
Set-Cookie: PHPSESSID=um1spogvc47dft88n71q4flclp; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-type: text/html; charset=UTF-8
Date: Tue, 28 May 2019 17:36:06 GMT
Server: lighttpd/1.4.45
^M^[[0m

^[[95m*** [ DIAGNOSING ]:^[[0m Gravity list
^[[32m-rw-r--r-- 1 root root 2647351 May 28 19:18 /etc/pihole/gravity.list^[[0m
   ^[[96m-----head of gravity.list------^[[0m
   0.0.0.0
   0.nextyourcontent.com
   0.r.msn.com
   0.start.bz

   ^[[96m-----tail of gravity.list------^[[0m
   zzz.clickbank.net
   zzzezeroe.fr
   zzzpooeaz-france.com
   zzzrtrcm2.com

^[[95m*** [ DIAGNOSING ]:^[[0m contents of ^[[96m/etc/pihole^[[0m

^[[32m-rw-r--r-- 1 root root 381 Oct 27  2018 /etc/pihole/adlists.list^[[0m
   https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
   https://mirror1.malwaredomains.com/files/justdomains
   http://sysctl.org/cameleon/hosts
   https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
   https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
   https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
   https://hosts-file.net/ad_servers.txt

^[[32m-rw-r--r-- 1 root root 148 May 28 19:18 /etc/pihole/local.list^[[0m
   192.168.178.38 GreatHallPi
   2001:4c50:46d:1300:ba27:ebff:fea5:16c0 GreatHallPi
   192.168.178.38 pi.hole
   2001:4c50:46d:1300:ba27:ebff:fea5:16c0 pi.hole

^[[32m-rw-r--r-- 1 root root 234 May 28 19:18 /etc/pihole/logrotate^[[0m
   /var/log/pihole.log {
        su root root
        daily
        copytruncate
        rotate 5
        compress
        delaycompress
        notifempty
        nomail
   }
   /var/log/pihole-FTL.log {
        su root root
        weekly
        copytruncate
        rotate 3
        compress
        delaycompress
        notifempty
        nomail
   }

^[[95m*** [ DIAGNOSING ]:^[[0m contents of ^[[96m/etc/dnsmasq.d^[[0m

^[[32m-rw-r--r-- 1 root root 1587 May 28 19:18 /etc/dnsmasq.d/01-pihole.conf^[[0m
   addn-hosts=/etc/pihole/gravity.list
   addn-hosts=/etc/pihole/black.list
   addn-hosts=/etc/pihole/local.list
   localise-queries
   no-resolv
   cache-size=10000
   log-queries
   log-facility=/var/log/pihole.log
   local-ttl=2
   log-async
   dhcp-name-match=set:wpad-ignore,wpad
   dhcp-ignore-names=tag:wpad-ignore
   server=8.8.8.8
   server=8.8.4.4
   interface=wlan0

^[[95m*** [ DIAGNOSING ]:^[[0m contents of ^[[96m/etc/lighttpd^[[0m

^[[32m-rw-r--r-- 1 root root 1016 Oct 27  2018 /etc/lighttpd/lighttpd.conf^[[0m
   server.modules = (
        "mod_access",
        "mod_alias",
        "mod_compress",
        "mod_redirect",
   )
   server.document-root        = "/var/www"
   server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
   server.errorlog             = "/var/log/lighttpd/error.log"
   server.pid-file             = "/var/run/lighttpd.pid"
   server.username             = "www-data"
   server.groupname            = "www-data"
   server.port                 = 80
   index-file.names            = ( "index.php", "index.html", "index.lighttpd.html" )
   url.access-deny             = ( "~", ".inc" )
   static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
   compress.cache-dir          = "/var/cache/lighttpd/compress/"
   compress.filetype           = ( "application/javascript", "text/css", "text/html", "tex$
   include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
   include_shell "/usr/share/lighttpd/create-mime.assign.pl"
   include_shell "/usr/share/lighttpd/include-conf-enabled.pl"

^[[95m*** [ DIAGNOSING ]:^[[0m contents of ^[[96m/etc/cron.d^[[0m

^[[32m-rw-r--r-- 1 root root 1704 May 28 19:18 /etc/cron.d/pihole^[[0m
   49 3   * * 7   root    PATH="$PATH:/usr/local/bin/" pihole updateGravity >/var/log/piho$
   00 00   * * *   root    PATH="$PATH:/usr/local/bin/" pihole flush once quiet
   @reboot root /usr/sbin/logrotate /etc/pihole/logrotate
   */10 *  * * *   root    PATH="$PATH:/usr/local/bin/" pihole updatechecker local
   47 14  * * *   root    PATH="$PATH:/usr/local/bin/" pihole updatechecker remote
   @reboot root    PATH="$PATH:/usr/local/bin/" pihole updatechecker remote reboot

^[[95m*** [ DIAGNOSING ]:^[[0m contents of ^[[96m/var/log/lighttpd^[[0m

^[[32m-rw-r--r-- 1 www-data www-data 49 May 28 19:26 /var/log/lighttpd/error.log^[[0m
   2019-05-28 19:26:05: (log.c.217) server started

^[[95m*** [ DIAGNOSING ]:^[[0m contents of ^[[96m/var/log^[[0m

^[[32m-rw-r--r-- 1 pihole pihole 4467 May 28 19:25 /var/log/pihole-FTL.log^[[0m
   ^[[96m-----head of pihole-FTL.log------^[[0m
   [2019-05-28 19:25:04.391 415] Using log file /var/log/pihole-FTL.log
   [2019-05-28 19:25:04.391 415] ########## FTL started! ##########
   [2019-05-28 19:25:04.391 415] FTL branch: master
   [2019-05-28 19:25:04.391 415] FTL version: v4.3.1
   [2019-05-28 19:25:04.391 415] FTL commit: b60d63f
   [2019-05-28 19:25:04.391 415] FTL date: 2019-05-25 21:37:26 +0200
   [2019-05-28 19:25:04.391 415] FTL user: pihole
   [2019-05-28 19:25:04.391 415] Starting config file parsing (/etc/pihole/pihole-FTL.conf)
   [2019-05-28 19:25:04.391 415]    SOCKET_LISTENING: only local
   [2019-05-28 19:25:04.391 415]    AAAA_QUERY_ANALYSIS: Show AAAA queries
   [2019-05-28 19:25:04.392 415]    MAXDBDAYS: max age for stored queries is 365 days
   [2019-05-28 19:25:04.392 415]    RESOLVE_IPV6: Resolve IPv6 addresses
   [2019-05-28 19:25:04.392 415]    RESOLVE_IPV4: Resolve IPv4 addresses
   [2019-05-28 19:25:04.392 415]    DBINTERVAL: saving to DB file every minute
   [2019-05-28 19:25:04.392 415]    DBFILE: Using /etc/pihole/pihole-FTL.db
   [2019-05-28 19:25:04.392 415]    MAXLOGAGE: Importing up to 24.0 hours of log data
   [2019-05-28 19:25:04.392 415]    PRIVACYLEVEL: Set to 0
   [2019-05-28 19:25:04.392 415]    IGNORE_LOCALHOST: Show queries from localhost
   [2019-05-28 19:25:04.392 415]    BLOCKINGMODE: Null IPs for blocked domains
   [2019-05-28 19:25:04.392 415]    ANALYZE_ONLY_A_AND_AAAA: Disabled. Analyzing all queri$
   [2019-05-28 19:25:04.393 415]    DBIMPORT: Importing history from database
   [2019-05-28 19:25:04.393 415]    PIDFILE: Using /var/run/pihole-FTL.pid
   [2019-05-28 19:25:04.393 415]    PORTFILE: Using /var/run/pihole-FTL.port
   [2019-05-28 19:25:04.393 415]    SOCKETFILE: Using /var/run/pihole/FTL.sock
   [2019-05-28 19:25:04.393 415]    WHITELISTFILE: Using /etc/pihole/whitelist.txt
   [2019-05-28 19:25:04.393 415]    BLACKLISTFILE: Using /etc/pihole/black.list
   [2019-05-28 19:25:04.393 415]    GRAVITYFILE: Using /etc/pihole/gravity.list
   [2019-05-28 19:25:04.393 415]    REGEXLISTFILE: Using /etc/pihole/regex.list
   [2019-05-28 19:25:04.393 415]    SETUPVARSFILE: Using /etc/pihole/setupVars.conf
   [2019-05-28 19:25:04.393 415]    AUDITLISTFILE: Using /etc/pihole/auditlog.list
   [2019-05-28 19:25:04.393 415]    MACVENDORDB: Using /etc/pihole/macvendor.db
   [2019-05-28 19:25:04.394 415]    PARSE_ARP_CACHE: Active
   [2019-05-28 19:25:04.394 415] Finished config file parsing
   [2019-05-28 19:25:04.433 415] Database version is 3
   [2019-05-28 19:25:04.433 415] Database successfully initialized

   ^[[96m-----tail of pihole-FTL.log------^[[0m
   [2019-05-28 19:25:04.393 415]    AUDITLISTFILE: Using /etc/pihole/auditlog.list
   [2019-05-28 19:25:04.393 415]    MACVENDORDB: Using /etc/pihole/macvendor.db
   [2019-05-28 19:25:04.394 415]    PARSE_ARP_CACHE: Active
   [2019-05-28 19:25:04.394 415] Finished config file parsing
   [2019-05-28 19:25:04.433 415] Database version is 3
   [2019-05-28 19:25:04.433 415] Database successfully initialized
   [2019-05-28 19:25:04.445 415] New forward server: 8.8.4.4 (0/512)
   [2019-05-28 19:25:04.446 415] New forward server: 8.8.8.8 (1/512)
   [2019-05-28 19:25:04.464 415] Resizing "/FTL-strings" from 4096 to 8192
   [2019-05-28 19:25:04.504 415] Resizing "/FTL-strings" from 8192 to 12288
   [2019-05-28 19:25:04.541 415] Resizing "/FTL-queries" from 196608 to 393216
   [2019-05-28 19:25:04.552 415] Resizing "/FTL-strings" from 12288 to 16384
   [2019-05-28 19:25:04.578 415] Resizing "/FTL-strings" from 16384 to 20480
   [2019-05-28 19:25:04.628 415] Resizing "/FTL-strings" from 20480 to 24576
   [2019-05-28 19:25:04.687 415] Resizing "/FTL-strings" from 24576 to 28672
   [2019-05-28 19:25:04.698 415] Resizing "/FTL-queries" from 393216 to 589824
   [2019-05-28 19:25:04.723 415] Imported 8748 queries from the long-term database
   [2019-05-28 19:25:04.724 415]  -> Total DNS queries: 8748
   [2019-05-28 19:25:04.724 415]  -> Cached DNS queries: 911
   [2019-05-28 19:25:04.724 415]  -> Forwarded DNS queries: 5049
   [2019-05-28 19:25:04.724 415]  -> Exactly blocked DNS queries: 2788
   [2019-05-28 19:25:04.724 415]  -> Unknown DNS queries: 0
   [2019-05-28 19:25:04.724 415]  -> Unique domains: 1135
   [2019-05-28 19:25:04.724 415]  -> Unique clients: 2
   [2019-05-28 19:25:04.725 415]  -> Known forward destinations: 2
   [2019-05-28 19:25:04.725 415] Successfully accessed setupVars.conf
   [2019-05-28 19:25:04.758 433] PID of FTL process: 433
   [2019-05-28 19:25:04.758 433] Listening on port 4711 for incoming IPv4 telnet connectio$
   [2019-05-28 19:25:04.759 433] Listening on port 4711 for incoming IPv6 telnet connectio$
   [2019-05-28 19:25:04.759 433] Listening on Unix socket
   [2019-05-28 19:25:04.760 433] Received SIGHUP, reloading cache
   [2019-05-28 19:25:04.765 433] Blocking status is enabled
   [2019-05-28 19:25:04.765 433] INFO: No whitelist file found
   [2019-05-28 19:25:04.765 433] Compiled 0 Regex filters and 0 whitelisted domains in 0.3$
   [2019-05-28 19:25:06.939 433] /etc/pihole/gravity.list: parsed 113186 domains (took 217$

^[[95m*** [ DIAGNOSING ]:^[[0m contents of ^[[96m/dev/shm^[[0m
-rw------- 1 pihole pihole 323584 May 28 19:25 /dev/shm/FTL-clients
-rw------- 1 pihole pihole 108 May 28 19:25 /dev/shm/FTL-counters
-rw------- 1 pihole pihole 65536 May 28 19:25 /dev/shm/FTL-domains
-rw------- 1 pihole pihole 12288 May 28 19:25 /dev/shm/FTL-forwarded
-rw------- 1 pihole pihole 28 May 28 19:25 /dev/shm/FTL-lock
-rw------- 1 pihole pihole 53248 May 28 19:25 /dev/shm/FTL-overTime
-rw------- 1 pihole pihole 589824 May 28 19:36 /dev/shm/FTL-queries
-rw------- 1 pihole pihole 12 May 28 19:25 /dev/shm/FTL-settings
-rw------- 1 pihole pihole 28672 May 28 19:25 /dev/shm/FTL-strings

^[[95m*** [ DIAGNOSING ]:^[[0m Locale
    LANG=en_GB.UTF-8

^[[95m*** [ DIAGNOSING ]:^[[0m Pi-hole log
^[[32m-rw-r--r-- 1 pihole pihole 55218 May 28 19:36 /var/log/pihole.log^[[0m
   ^[[96m-----head of pihole.log------^[[0m
   May 28 19:25:04 dnsmasq[433]: started, version pi-hole-2.80 cachesize 10000
   May 28 19:25:04 dnsmasq[433]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-$
   May 28 19:25:04 dnsmasq[433]: warning: interface wlan0 does not currently exist
   May 28 19:25:04 dnsmasq[433]: using nameserver 8.8.4.4#53
   May 28 19:25:04 dnsmasq[433]: using nameserver 8.8.8.8#53
   May 28 19:25:04 dnsmasq[433]: read /etc/hosts - 2 addresses
   May 28 19:25:04 dnsmasq[433]: read /etc/pihole/local.list - 4 addresses
   May 28 19:25:04 dnsmasq[433]: failed to load names from /etc/pihole/black.list: No such$
   May 28 19:25:06 dnsmasq[433]: read /etc/pihole/gravity.list - 113186 addresses
   May 28 19:25:17 dnsmasq[433]: query[A] 0.debian.pool.ntp.org from 127.0.0.1
   May 28 19:25:17 dnsmasq[433]: forwarded 0.debian.pool.ntp.org to 8.8.4.4
   May 28 19:25:17 dnsmasq[433]: forwarded 0.debian.pool.ntp.org to 8.8.8.8
   May 28 19:25:17 dnsmasq[433]: query[AAAA] 0.debian.pool.ntp.org from 127.0.0.1
   May 28 19:25:17 dnsmasq[433]: forwarded 0.debian.pool.ntp.org to 8.8.4.4
   May 28 19:25:17 dnsmasq[433]: forwarded 0.debian.pool.ntp.org to 8.8.8.8
   May 28 19:25:17 dnsmasq[433]: reply 0.debian.pool.ntp.org is 213.209.109.45
   May 28 19:25:17 dnsmasq[433]: reply 0.debian.pool.ntp.org is 85.214.38.116
   May 28 19:25:17 dnsmasq[433]: reply 0.debian.pool.ntp.org is 85.114.128.137
   May 28 19:25:17 dnsmasq[433]: reply 0.debian.pool.ntp.org is 37.58.57.238
   May 28 19:25:17 dnsmasq[433]: reply 0.debian.pool.ntp.org is NODATA-IPv6





the easiest way to accomplish this is just manually set the DNS on devices you don't want to use Pi-hole

The dnsmasq settings are effective only if you are using the Pi-Hole to serve DHCP, which does not appear to be the case with your installation.

After reading this topic I found a way to use your local unbound instance to provide unfiltered DNS services, you can find it here. This will let you regain a bit of privacy (read here).
You still need to configure DHCP to use a different resolver (explained by @deathbybandaid here, but you will no longer use external DNS resolvers (if configured like this in unbound.
The topic also provides an alternative method to disable pihole temporary (for a single user, on windows).

This is the setup I'm using by having dnsmasq dhcp provide different DNS server to different hosts. I'm now adding a Windows Active Directory server. All the hosts that will be joining AD must point the DNS server at the AD DNS server or AD doesn't work. Now, Windows DNS must forward to somewhere and it can't do selective forwarding based on client.

Pihole needs to have the capability to exclude clients from filtering in order to integrate well with Windows AD -- to be able to exclude certain hosts from filtering.

Can you use Pi-Hole as the upstream server for the Windows DNS? For all AD clients, since it appears that the only clients mapped to the Window DNS are not mapped to Pi-Hole.

Conditionally forward your AD clients from the Pi-hole to the AD DNS server.

I would still like to see this feature added.

A simple 'whitelist' by local IP or MAC that allows DNS requests from those machines to bypass the PiHole filtering and just forward all requests / answer from cache.

I'm not using the DHCP of PiHole so the DHCP solution does not work for me.

2 Likes

If you have a MikroTik router, or any other router with the same capabilities, you could use a whitelisting rule for your IP addresses. I created some automated commands for my MikroTik which allows users to bypass filtering on the fly by visiting a specific URL.

I posted here Temporary bypass by IP address

We are actively working on this feature:

As this involves a large redesign of the DNS-level blocking algorithms, it will not make it into Pi-hole v5.0 where the beta testing phase is about to start soon.

3 Likes

@DL6ER any eta on beta? :+1:

As you're asking in this thread: The v5.0 beta will not contain the mentioned feature. The code is still somewhat in motion and I don't expect it to converge until maybe the end of the year (this is no ETA).

We are basically ready for v5.0 and just waiting for the entire team to agree (this is no ETA, either).

1 Like

Oh wow this is huge :slight_smile: keep up the good work. Was just wondering if it were possible to have this as some google.com requests, for example, should be block listed on some of my devices

Ah thanks, im ready to test :wink:

Thank you for this thread. Please can I have some further info?

I am running Pi-hole version is v4.3.2 (FTL v4.3.1). I was wondering if the 04-bypass.conf still works with this version? I understand there is no dnsmasq service?

Basically, I have a device, and i just want to send it to an Google DNS, rather than using the PiHole. I am unable to manually configure the device (IPCam).

Therefore, in the config file, do i just need two lines:

dhcp-option=tag:googlesdns1,6,8.8.8.8
dhcp-host=F0:XX:XX:XX:XX,set:googlesdns1

Then run:
sudo service pihole-FTL restart

Thank you in advance

Yes it does. Dnsmasq is embedded in pihole-FTL and all dnsmasq configurations work as before.

1 Like

One issue I had with setting specific dnsmasq conf files is described over this thread: Bypassing / Excluding IP address from Pi-Hole not working - #6 by Bucking_Horn
Hope this feature fixes that.

However, I would like to point out an improvement to this feature, which is the ability to select specific blacklists - instead of a global, have different sets of blacklists that can be applied to a certain client.

Example (blacklists sets)
IT Person: spam, tracking, shopping
Grandpa: spam, tracking, suspicious
Kids: spam, tracking, suspicious, shopping, parental, social media

Since that the feature request in this thread is a dependency to such improvement, I could submit a new one? Either way, I believe the above can be taken into consideration during implementation.

Thanks and keep up with the good work.

I believe this feature request has been submitted and evaluated. See below. If it is not the same as the feature you request, then please open a new feature request.