Feedback for "Allow defining clients by their MAC address, host name and networking interface"

Of course I do. It shoud go along with the hostname (which, if multiple exist?) or IP (which, if multiple exist?).

I think it is connected. If you add such a high demanded feature users will start using it. And soon they will raise they questions why top clients consists only of multiple IPs of only one or two devices which they have configured as one device by MAC. I think it is legit to bring it up here - the devs will decide if/how/when they might implement this.

Even with all the flexibility we added in this branch, you should not forget that clients are still identified by their IP addresses inside the DNS server. This entire modification changes only one thing, that is finding the suitable group for a client. We look up if the IP address is associated with a MAC address. If so, we check if this MAC address has a group definition.

Inside FTL, twenty IP addresses are still twenty devices. Changing this would require a massive rewrite and is something I would not like to do with dnsmasq. Don't get me wrong, I'm also fairly familiar with unbound, bind9 and know some of the internals in PowerDNS Recursor and also a few Go DNS servers and neither of them work with "devices" as clients. They all identify their clients by IP addresses. This is only natural from the technical side of things.

This is not a general "no" from me, it is more a "not now" but also a "maybe never". It all depends on a clear concept of how the internal structure would need to get changed and it is definitely nothing that could go in here.

You have seen how many changes were needed to get this bit of extra functionality into the DNS server. Unfortunately, we cannot really reuse much of it for an architectural change.

1 Like

Just noticed vendor is not displayed anymore.
Bildschirmfoto zu 2020-05-31 17-14-58

macvendor.db is used.

[2020-05-31 18:16:46.927 24926]    MACVENDORDB: Using /etc/pihole/macvendor.db

So, in a situation, where there are IPv6 clients in the network that configure their selves via SLAAC with privacy extension, their IPv6 address does change randomly. IMHO all Android smartphones with a recent version of Android will do so. I know, that RFC7217 doesn't require to use random IP addresses, but some devices obviously just do it..

My assumption now was, that identification of such autonomously configuring devices with random IPv6 addresses is only possible on layer 2 with the MAC address (provided, that this is not randomized too, which you can configure in Android 10 for example).

But following your explanation I would understand, this pi-hole would still not be able to identify the device after it randomly changed its IPv6 address, because the "lookup process" is always started by using the requests IP address, right?

I'm quite lost actually, because in such situation network client identification for whatever purpose seems to be impossible at all (which is actually, what is intended)?

It will work, It will not always be in real time though. You have to give it a minute for setup to realize there has been an address change aside from that, once it updates the address there should be no issues. In my testing, the additional feature functions as it should.

1 Like

MAC address blocking is essential in dual-stack networks where IPv6 and IPv4 are configured. Clients get a new IPv6 address often, thus making exclude or blocklists unusable if pihole handles giving out IP addresses as it does for me.

I just pushed another small update to this branch implementing group membership re-checking about three minutes after a client has first been seen. This should suffice to pick up information only becoming available later (interface, MAC address, hostnames). Some things like selective per-client regex group reloading wasn't possible before so even if this sounds like a rather simple change again testing on this will be needed.
I also merged the latest development changes into this branch so you stay up-to-date.

Hi all,
just checkout the branch with ftl and web an saw the following in the log:

2020-06-05 21:26:07.647 3987] Querying gravity database for client with IP 10.4.0.99...
[2020-06-05 21:26:07.647 3987] SQL: Comparing 10.4.0.99 vs. 10.0.4.32/27 (subnet 255.255.255.224) - NO MATCH
[2020-06-05 21:26:07.647 3987] SQL: Comparing 10.4.0.99 vs. 10.0.4.64/26 (subnet 255.255.255.192) - NO MATCH
[2020-06-05 21:26:07.647 3987] SQL: Comparing 10.4.0.99 vs. 10.4.0.0/24 (subnet 255.255.255.0) - !! MATCH !!
[2020-06-05 21:26:07.647 3987] SQL: Comparing 10.4.0.99 vs. 10.4.0.0/24 (subnet 255.255.255.0) - !! MATCH !!
[2020-06-05 21:26:07.648 3987] SQL: Comparing 10.4.0.99 vs. 10.4.0.128/25 (subnet 255.255.255.128) - NO MATCH
[2020-06-05 21:26:07.648 3987] SQL: Comparing 10.4.0.99 vs. 10.4.0.16/28 (subnet 255.255.255.240) - NO MATCH
[2020-06-05 21:26:07.648 3987] SQL: Comparing 10.4.0.99 vs. 10.4.0.3 (subnet 255.255.255.255) - NO MATCH
[2020-06-05 21:26:07.648 3987] SQL: Comparing 10.4.0.99 vs. 10.4.0.0/24 (subnet 255.255.255.0) - !! MATCH !!
[2020-06-05 21:26:07.648 3987] --> Found record for 10.4.0.99 in the client (ID 22)

In my opinion the entry /26 should also match and be selected.

The second thing where I am not sure if I had done everything correct is I don‘t see the statistics on the dashboard for

  • client activity
  • query types
  • query answered
    the others are displayed correctly.

Edited your reply to improve readability.

Hi, thanks
not very familar with the formatting

You can select a block of text, then apply the format tool </> from the top of the reply window. This will format the block of text as "preformatted text" and remove URLs, put in a monospace font, allow scrolling, etc.

Read carefully :wink:

10.4.0.99 vs. 10.0.4.64/26

Hi fjb,
just did that on my iPad, but maybe to thik fingers :wink:

Formatting on an iPad is tougher than on a desktop. Icons are smaller, harder to select a block, etc.

Did you checkout the web as well?

pihole checkout web new/mac_client

Hi man,
need new glasses also... ;-(
I have seen an other typo in the /27 definition.

Thanks for the hint !

Yes, just did the web checkout also, only pihole is on master.
As you described it at the beginning of the thread.

The circle is running all time long

Have you tried restarting pihole-FTL? Do you see any errors in /var/log/pihole-FTL.log?

No, there are no error in the ftl.log
But in the lighttpd error.log i have the following:


2020-06-05 21:53:34: (mod_fastcgi.c.421) FastCGI-stderr: PHP Notice:  Undefined index: PORTFILE in /var/www/html/admin/scripts/pi-hole/php/FTL.php on line 39
2020-06-05 21:53:34: (mod_fastcgi.c.421) FastCGI-stderr: PHP Warning:  file_get_contents(): Filename cannot be empty in /var/www/html/admin/scripts/pi-hole/php/FTL.php on line 39
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr: Array
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr: (
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:     [default-light] => Array
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:         (
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:             [0] => Pi-hole default theme (light, default)
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:             [1] => 
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:             [2] => default-light
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:             [3] => minimal
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:             [4] => blue
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:         )
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:     [default-dark] => Array
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:         (
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:             [0] => Pi-hole midnight theme (dark)
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:             [1] => 1
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:             [2] => default-dark
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:             [3] => polaris
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:             [4] => polaris
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:         )
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:     [default-dark2] => Array
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:         (
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:             [0] => Pi-hole afternoon theme (dark)
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:             [1] => 1
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:             [2] => default-dark
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:             [3] => futurico
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:             [4] => futurico
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr:         )
2020-06-05 21:53:35: (mod_fastcgi.c.421) FastCGI-stderr: )

Will do a restart and report