Importing regex doesn't work

Help
1

I work in a secondary school with 3 IT labs. Every lab has their own PiHole and I would like to import regex filters from a txt file on a shared drive on a regular basis. Updating the file regex.list works well using crontab and grep but still the students can reach all and every one of the restricted domains. The filters appear on a gui alright, but they have no effect at all.

crontab:
grep -v '#' /var/www/html/blocklist/blocklist.txt > /etc/pihole/regex.list && service pihole-FTL restart

I also tried: "killall -SIGHUP pihole-FTL" or "/usr/local/bin/pihole updateGravity" or rebooting the whole system.

Interestingly the system works well if I add the filters manually through the web interface.

Any help would be greatly appreciated!

2

On one of the machines where students can reach the restricted domains, what are the contents of /etc/pihole/regex.list ?

And, what is the contents of this file you are importing? /var/www/html/blocklist/blocklist.txt

3

Typically this command requires authentication to run, so is normally run with root privileges as sudo service pihole-FTL restart

8

Thank you for the lightning quick reply.

After importing the content of blocklist.txt regex.list contains about 100 expressions, like: ((^)|(\.))youtube\. The expressions appear on the web interface as well, but they don't work unless I add them manually. For example ((^)|(\.))youtube\. is in regex.list already but it doesn't have any effect until I add it through the web interface. If I do that pihole adds it as the last entry of the list and it starts to work immediately.

I logged in as root, so that is why there is no sudo before the commands.

9

Have a look over Redirecting... and how to reload pihole-FTL after changes.

10

Thank you! Unfortunately I have seen that page already. :frowning:

To tell FTL DNS to reload the list, either:

  • Execute the >recompile-regex API command ( echo ">recompile-regex" | nc localhost 4711 ) or
  • Send SIGHUP to pihole-FTL ( sudo killall -SIGHUP pihole-FTL ) or
  • Restart the service ( sudo service pihole-FTL restart )

I have tried the second and the third option without any effect.

12

Try the first, and check /var/log/pihole-FTL.log for lines indicating how many regex lines were read and reloaded. Also read through regex debugging to get some more information logged for regex ingestion.

13

Please post the first and last 10 lines of this file.

14

[2019-02-25 19:38:32.977 9220] Received API request to recompile regex
[2019-02-25 19:38:32.993 9220] Compiled 91 Regex filters and 0 whitelisted domains in 11.9 msec (0 errors)

It seems to be alright (I have 91 lines in regex.list), but still the computers can reach the websites.

16

First 10:
((^)|(.))youtube.
((^)|(.))facebook.
((^)|(.))instagram.
((^)|(.))freemail.
((^)|(.))citromail.
((^)|(.))apple.
((^)|(.))gmail.
((^)|(.))chat.
((^)|(.))twitch.
((^)|(.))reddit.

17

Last 10:
((^)|(.))rtl.
((^)|(.))tv2.
((^)|(.))edigital.
((^)|(.))ipon.
((^)|(.))langlovagok.
((^)|(.))startlap.
((^)|(.))pornhub.
((^)|(.))erotika.indavideo.
((^)|(.))rosszlanyok.
((^)|(.))xnxx.

18

Enable debug mode and this will log if regex lines are being hit or not. If there are no logged entries for the domains in either the log file or in the web query log then you might not have your clients using the Pi-hole devices as their sole DNS server.

20

And probably not applicable, but are you using Windows or anything to edit the files? If there are extra line endings or whitespace characters in that file line endings then the regex wouldn't match on those non-linux line endings.

21

I am checking, but I am absolutely sure that the PCs use this PiHole as their sole DNS server because the system works if I add the filters manually. It also worked last week when I used this txt as a regular blocklist. The reason why I want to move to regex is to block all subdomains and variations with one line only.

22

I am attaching the original file (blocklist.txt (2.3 KB)). The txt is usually edited under Windows by the teachers. Grap copy its content into regex.list without "#".

Thank you for your time.

25

Try running that file through the dos2unix utility on the Pi-hole device. It looks like there are Windows style line endings with that file.

28

You have done it! :slight_smile: It works now!

29

So I only need to add an extra line to cron :slight_smile:

31

Thank you again! I am happy now, the students won't be tomorrow :-)!

32

Ez van ... :wink: