Gravity list entry 0.0.0.0

I noticed /etc/pihole/gravity.list contains an entry 0.0.0.0

This is of course the result of the choices I made, regarding lists. I recently started using a list, as a result of this reddit topic, the lists can be found here, there are 3 choices:

  • Ticked lists: For when installing Pi-hole where no one will be whitelisting falsely blocked sites
  • Non-crossed lists: For when someone is usually around to whitelist falsely blocked sites
  • All lists: For those who will always be around to whitelist falsely blocked sites

I'm currently using the Non-crossed lists, since I can whitelist, or disable pihole temporary, using a desktop shortcut.

I don't know what the impact on pihole-FTL (or dnsmasq) of this entry (0.0.0.0) is, but couldn't (shouldn't) pihole -g prevent this entry from being added to the list.

I checked, there is no entry for ::, but pihole -g could (should) prevent this entry from being created.

Why?

This line will simply add a domain 0.0.0.0 to pihole-FTL's cache. This is entirely harmless. Don't confuse this domain with an IP address as it is really added as subdomain 0.0 of the domain 0 under the TLD 0.

If you request any domain that happens to look like an IP, e.g.,

dig 192.168.0.5

this will be forwarded to your upstream destination, which, in turn, will correctly reply with NXDOMAIN as the TLD 5 doesn't exist and hence nothing below it can be there.

So dig 0.0.0.0 will return whatever you expect given your configured blocking mode. There is no way such a configuration could at any point lead to a vulnerability.

2 Likes

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.