First use, lighttpd port to 8180, telnet localhost 4711 accepts FTL command, FTL website online
FTL is offline at website and some menus are unavailable
zp9co5lu5l
Please paste a few screen captures of what you are seeing into a reply (you can paste directly on this forum).
Are you running this install of Pi-hole on bare metal, or in a Docker or VM?
Hi, here some screenshots but are a bit generic, the same issue
as a lot of people.
I'm using a VM, exactly an Ubuntu over an Android with the app
Linux Deploy. I had in past similar issues on a Linux Mint
(Baremetal) but I'm not sure if could be the same problem because
I didn't do the debug.
Let me know if you need any additional info
Thanks
In this forum, you can paste text directly into an output, and format it as "preformatted text." That makes the outputs easier to read and nothing gets cut off in a screen snap.
From the terminal on the Pi-hole host, what is the output of the following commands:
pihole status
nslookup pi.hole
nslookup flurry.com
Hi, here the outputs
$ pihole status
[✓] DNS service is running
[✓] Pi-hole blocking is Enabled
$ nslookup pi.hole
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: pi.hole
Address: 192.168.1.240
Name: pi.hole
Address: fd8c:15c7:33b0:e900:8ebe:beff:fe61:3bed
$ nslookup flurry.com
Server: 127.0.0.1
Address: 127.0.0.1#53
Name: flurry.com
Address: 0.0.0.0
Name: flurry.com
Address: ::
$
This shows that FTL is not offline and is working normally. Those are the expected outputs.
The problem is that the web Admin interface isn't making the connection.
Have you tried the usual - clear the browser cache, restart the browser, reload the dashboard?
I agree FTL is working well, I checking the queries, blocks etc and for me the behaviour is good.
Problem with the connection WebSite <->FTL is recurrent, I tried different scenarios, also yesterday I opened another case, from another installation with the same problem where you see I modified the PHP trying to force this connection.
These linux versions are minimal and maybe some command executed at the PHP is missing on my system, I don't know... or if there is anyway to debug the PHP to find the point where the connection fails.
System tested
I tested browsers from Linux Mint and Windows 7. The problem is the same.
Have you any idea to debug the php?
Thanks
Check /var/log/lighttpd/error.log
sudo tail -f /var/log/lighttpd/{access,error}.log
Probably php mods missing.
No messages at error.log
At the access.log all the answers are 200 OK
root@localhost:/home/android# cat /var/log/lighttpd/access.log
1588369443|192.168.1.240::8180|GET /admin/api.php?summary HTTP/1.1|200|22
1588369446|192.168.1.240::8180|GET /admin/api.php?summary HTTP/1.1|200|22
1588369447|192.168.1.240::8180|GET /admin/index.php HTTP/1.1|200|26342
1588369447|192.168.1.240::8180|GET /admin/style/vendor/SourceSansPro/SourceSansPro.css HTTP/1.1|200|252
1588369448|192.168.1.240::8180|GET /admin/img/donate.gif HTTP/1.1|200|3592
1588369448|192.168.1.240::8180|GET /admin/api.php?summary HTTP/1.1|200|22
1588369448|192.168.1.240::8180|GET /admin/api.php?overTimeData10mins HTTP/1.1|200|22
1588369448|192.168.1.240::8180|GET /admin/api.php?overTimeDataClients&getClientNames HTTP/1.1|200|22
1588369448|192.168.1.240::8180|GET /admin/api.php?summaryRaw&topItems HTTP/1.1|200|22
1588369448|192.168.1.240::8180|GET /admin/api.php?summaryRaw&getQuerySources&topClientsBlocked HTTP/1.1|200|22
1588369448|192.168.1.240::8180|GET /admin/api.php?getQueryTypes HTTP/1.1|200|22
1588369448|192.168.1.240::8180|GET /admin/api.php?getForwardDestinations HTTP/1.1|200|22
1588369453|192.168.1.240::8180|GET /admin/api.php?summary HTTP/1.1|200|22
1588369456|192.168.1.240::8180|GET /admin/api.php?summary HTTP/1.1|200|22
1588369458|192.168.1.240::8180|GET /admin/api.php?summary HTTP/1.1|200|22
1588369463|192.168.1.240::8180|GET /admin/api.php?summary HTTP/1.1|200|22
1588369466|192.168.1.240::8180|GET /admin/api.php?summary HTTP/1.1|200|22
1588369468|192.168.1.240::8180|GET /admin/api.php?summary HTTP/1.1|200|22
1588369474|192.168.1.240::8180|GET /admin/api.php?summary HTTP/1.1|200|22
1588369476|192.168.1.240::8180|GET /admin/api.php?summary HTTP/1.1|200|22
1588369478|192.168.1.240::8180|GET /admin/api.php?summary HTTP/1.1|200|22
1588369484|192.168.1.240::8180|GET /admin/api.php?summary HTTP/1.1|200|22
1588369486|192.168.1.240::8180|GET /admin/api.php?summary HTTP/1.1|200|22
1588369486|192.168.1.240::8180|GET /admin/queries.php HTTP/1.1|200|22209
1588369487|192.168.1.240::8180|GET /admin/scripts/pi-hole/js/queries.js HTTP/1.1|200|3682
1588369487|192.168.1.240::8180|GET /admin/img/donate.gif HTTP/1.1|200|3592
1588369487|192.168.1.240::8180|GET /admin/api.php?getAllQueries=100&_=1588368971667 HTTP/1.1|200|22
1588369487|192.168.1.240::8180|GET /admin/style/vendor/bootstrap/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1|200|18028
1588369490|192.168.1.240::8180|GET /admin/api.php?getQueryTypes HTTP/1.1|200|22
1588369490|192.168.1.240::8180|GET /admin/api.php?getForwardDestinations HTTP/1.1|200|22
1588369494|192.168.1.240::8180|GET /admin/api.php?summary HTTP/1.1|200|22
1588369496|192.168.1.240::8180|GET /admin/api.php?summary HTTP/1.1|200|22
1588369504|192.168.1.240::8180|GET /admin/api.php?summary HTTP/1.1|200|22
1588369506|192.168.1.240::8180|GET /admin/api.php?summary HTTP/1.1|200|22
Just to be sure, are below two PHP mods enabled ?
pi@noads:~ $ php-cgi -m | grep 'json\|sqlite3'
json
sqlite3
Yes, they are
root@localhost:/var/www/html/pihole# php-cgi -m | grep 'json\|sqlite3'
json
sqlite3
I installed a Linxu Mint on a VirtualBox and the connection between Web and FTL works fine. There is something at the php on my system failing.
Which file is the responsible to establish the connection between Web and FTL?
api_FTL.php?
root@localhost:/var/www/html/pihole# pidof pihole-FTL
25922
root@localhost:/var/www/html/pihole# cat /var/run/pihole-FTL.pid
25922
root@localhost:/var/www/html/pihole# cat /var/run/pihole-FTL.port
4711
root@localhost:/var/www/html/pihole# netstat -tulpn | grep pihole
tcp 0 0 127.0.0.1:4711 0.0.0.0:* LISTEN 25922/pihole-FTL
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 25922/pihole-FTL
tcp6 0 0 ::1:4711 :::* LISTEN 25922/pihole-FTL
tcp6 0 0 :::53 :::* LISTEN 25922/pihole-FTL
udp 0 0 0.0.0.0:53 0.0.0.0:* 25922/pihole-FTL
udp6 0 0 :::53 :::* 25922/pihole-FTL
Any idea?
pi@noads:~ $ sudo grep 4711 -R /var/www/html/
/var/www/html/admin/scripts/pi-hole/php/FTL.php:function connectFTL($address, $port=4711)
EDIT: ow ps. the GUI pulls allot from the database:
pi@noads:~ $ sudo grep sqlite3 -R /var/www/html/
/var/www/html/admin/api_db.php: // sqlite3 throws an exception when it is unable to connect, try to reconnect after 3 seconds
Hi, print some "echo" to a debug file, I found the problem is at the connectFTL function, cannot create the socket
Here, in FTL.php, function return an empty $socket and $errn=0
function connectFTL($address, $port=4711)
{
if($address == "127.0.0.1")
{
// Read port
$portfile = file_get_contents("/var/run/pihole-FTL.port");
if(is_numeric($portfile))
$port = intval($portfile);
}
// Open Internet socket connection
$socket = @fsockopen($address, $port, $errno, $errstr, 1.0);
#My logs
file_put_contents('/tmp/fitxer.log', 'FTL.php'.PHP_EOL,FILE_APPEND);
file_put_contents('/tmp/fitxer.log', 'FTL.php Address --> '.$address.PHP_EOL,FILE_APPEND);
file_put_contents('/tmp/fitxer.log', 'FTL.php Port --> '.$port.PHP_EOL,FILE_APPEND);
file_put_contents('/tmp/fitxer.log', 'FTL.php Errn --> '.$errno.PHP_EOL,FILE_APPEND);
file_put_contents('/tmp/fitxer.log', 'FTL.php Errstr --> '.$errstr.PHP_EOL,FILE_APPEND);
file_put_contents('/tmp/fitxer.log', 'FTL.php Socket --> '.$socket.PHP_EOL,FILE_APPEND);
return $socket;
}
So in api_FTL.php, the call backs empty
socket = connectFTL($FTL_IP);
file_put_contents('/tmp/fitxer.log', 'api_FTL.php'.PHP_EOL,FILE_APPEND);
file_put_contents('/tmp/fitxer.log', 'api_FTL.php Socket -->'.$socket.PHP_EOL,FILE_APPEND);
if(!is_resource($socket))
{
$data = array_merge($data, array("FTLnotrunning" => true));
file_put_contents('/tmp/fitxer.log', 'api_FTL.php FTLnotRunning'.PHP_EOL,FILE_APPEND);
}
Logs generated by the "file_put_contents". Both "Socket --> XXXX" are empty and then "!is_resource"
FTL.php
FTL.php Address --> 127.0.0.1
FTL.php Port --> 4711
FTL.php Errn --> 0
FTL.php Errstr -->
FTL.php Socket -->
api_FTL.php
api_FTL.php Socket -->
api_FTL.php FTLnotRunning
EDIT: I created a Test.php with a basic code to test against Google.
<?php
$fp = @fsockopen ("172.217.169.14", 80, $errno, $errstr, 10);
if (!$fp) {
echo "$errstr ($errno)
\n";
}else
{
echo "fsockopen Is Working Perfectly.";
}
fclose ($fp);
?>
First I test with telnet and tcpdump and the connection is established
root@localhost:/home/android# telnet 172.217.169.14 80
Trying 172.217.169.14...
Connected to 172.217.169.14.
Escape character is '^]'.
^C
oot@localhost:/home/android# tcpdump -i any host 172.217.169.14
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on any, link-type LINUX_SLL (Linux cooked), capture size 262144 bytes
04:30:55.677785 IP localhost.48101 > lhr25s26-in-f14.1e100.net.http: Flags [S], seq 1601191793, win 65535, options [mss 1460,sackOK,TS val 4557073 ecr 0,nop,wscale 7], length 0
04:30:55.720540 IP lhr25s26-in-f14.1e100.net.http > localhost.48101: Flags [S.], seq 2836713301, ack 1601191794, win 60192, options [mss 1380,sackOK,TS val 2877321768 ecr 4557073,nop,wscale 8], length 0
04:30:55.720662 IP localhost.48101 > lhr25s26-in-f14.1e100.net.http: Flags [.], ack 1, win 685, options [nop,nop,TS val 4557078 ecr 2877321768], length 0
04:30:56.518574 IP localhost.48101 > lhr25s26-in-f14.1e100.net.http: Flags [P.], seq 1:6, ack 1, win 685, options [nop,nop,TS val 4557157 ecr 2877321768], length 5: HTTP
04:30:56.561024 IP lhr25s26-in-f14.1e100.net.http > localhost.48101: Flags [.], ack 6, win 236, options [nop,nop,TS val 2877322612 ecr 4557157], length 0
But when I load the Test.php, a 0 is returned and no traffic is captured by the tcpdump.
So I conclude the fsockopen is not working. Any dependency or permission I should consider?
Thanks
Below the ones I know of:
pi@noads:~ $ groups pihole
pihole : pihole www-data
pi@noads:~ $ sudo cat /etc/sudoers.d/pihole
# Pi-hole: A black hole for Internet advertisements
# (c) 2017 Pi-hole, LLC (https://pi-hole.net)
# Network-wide ad blocking via your own hardware.
#
# Allows the WebUI to use Pi-hole commands
#
# This file is copyright under the latest version of the EUPL.
# Please see LICENSE file for your rights under this license.
#
www-data ALL=NOPASSWD: /usr/local/bin/pihole
pi@noads:~ $ sudo setcap CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN+eip "$(which pihole-FTL)"
pi@noads:~ $
Last one I can think of, what PHP CGI is configured for lighttpd ?
pi@noads:~ $ ll /etc/lighttpd/conf-enabled/
total 8
drwxr-xr-x 2 root root 4096 May 7 2017 .
drwxr-xr-x 4 root root 4096 Mar 11 13:44 ..
lrwxrwxrwx 1 root root 33 May 7 2017 10-fastcgi.conf -> ../conf-available/10-fastcgi.conf
lrwxrwxrwx 1 root root 37 May 7 2017 15-fastcgi-php.conf -> ../conf-available/15-fastcgi-php.conf
Hi, no differences with your outputs
pi@noads:~ $ ps -o uid,user,gid,group,pid,cmd -C lighttpd
UID USER GID GROUP PID CMD
33 www-data 33 www-data 1880 /usr/sbin/lighttpd -D -f /etc/lighttpd/lighttpd.conf
pi@noads:~ $ stat /var/www/html/
[..]
Access: (0775/drwxrwxr-x) Uid: ( 33/www-data) Gid: ( 33/www-data)
Same output
root@localhost:/home/android# ps -o uid,user,gid,group,pid,cmd -C lighttpd
UID USER GID GROUP PID CMD
33 www-data 33 www-data 16180 /usr/sbin/lighttpd -f /etc/lighttpd/lighttpd
root@localhost:/home/android# stat /var/www/html/
File: /var/www/html/
Size: 4096 Blocks: 8 IO Block: 4096 directory
Device: 702h/1794d Inode: 18540 Links: 4
Access: (0775/drwxrwxr-x) Uid: ( 33/www-data) Gid: ( 33/www-data)
Access: 2020-05-02 00:57:07.786183634 +0300
Modify: 2020-05-02 20:53:42.666798864 +0300
Change: 2020-05-02 20:57:34.062550817 +0300
Birth: -
Firewall ?
pi@noads:~ $ sudo iptables -nL
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination