Is dnsmasq
not started now at boot ?
Can try comment that line eg:
#dns=none
Hobby learning thing yeah.
That will surely be appreciated:
Is dnsmasq
not started now at boot ?
Can try comment that line eg:
#dns=none
Hobby learning thing yeah.
That will surely be appreciated:
Dnsmasq is started at boot. I need to manually kill it and then restart pihold-FTL.
Even then VNC servers are not reachable
Have a pack full of beers on me
The solutions I found on the net were all pointing to that dns=
directive:
http://www.vassox.com/linux-general/ubuntu/disabling-dnsmasq-via-network-manager-on-ubuntu-16-04/
Shame you cant get it to work like it should.
You could script something dirty killing the dnsmasq
PID but thats just rubbish
Umm, mate. it works... out of the blue and for no reason. Pi3B+, buster.
sudo nano /etc/NetworkManager/NetworkManager.conf
[main]
plugins=ifupdown,keyfile
#dns=none
[ifupdown]
managed=false
I then ran:
sudo service network-manager restart
I rebooted and then this:
pi@raspberrypi:~ $ sudo netstat -nltup | grep 'Proto\|:53 \|:67 \|:80 \|:547 \|:471[1-8] '
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1098/lighttpd
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 1117/pihole-FTL
tcp 0 0 127.0.0.1:4711 0.0.0.0:* LISTEN 1117/pihole-FTL
tcp6 0 0 :::80 :::* LISTEN 1098/lighttpd
tcp6 0 0 :::53 :::* LISTEN 1117/pihole-FTL
tcp6 0 0 ::1:4711 :::* LISTEN 1117/pihole-FTL
udp 0 0 0.0.0.0:53 0.0.0.0:* 1117/pihole-FTL
udp6 0 0 :::53 :::* 1117/pihole-FTL
I don't get it. I have commented it out.....
If you first dont succeed, try try again
Cheers!
Loooooooooooooool
So to sum it all up:
sudo netstat -nltup | grep 'Proto|:53 |:67 |:80 |:547 |:471[1-8] '
kill the PID of dnsmasq
sudo systemctl mask dhcpcd
pihole -r
sudo nano /etc/NetworkManager/NetworkManager.conf
and add in the [main] section
dns=none
systemctl restart NetworkManager.service
sudo systemctl restart pihole-FTL
reboot
Nope, I was happy too soon. I rebooted again and dnsmasq is still there upon boot... dammit
You could try break dnsmasq
like below example:
pi@noads:~ $ which dnsmasq
/usr/sbin/dnsmasq
pi@noads:~ $ sudo mv /usr/sbin/dnsmasq /usr/sbin/~dnsmasq
pi@noads:~ $
pi@noads:~ $ sudo service dnsmasq start
Job for dnsmasq.service failed because the control process exited with error code.
See "systemctl status dnsmasq.service" and "journalctl -xe" for details.
To undo:
sudo mv /usr/sbin/~dnsmasq /usr/sbin/dnsmasq
Kinda aggressive
I did but then netstat is not working. I have to manually start pihole-FTL. Why isn't it done on boot?
pi@raspberrypi:~ $ sudo netstat -nltup | grep 'Proto\|:53 \|:67 \|:80 \|:547 \|:471[1-8] '
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
pi@raspberrypi:~ $ sudo systemctl restart pihole-FTL
pi@raspberrypi:~ $ sudo netstat -nltup | grep 'Proto\|:53 \|:67 \|:80 \|:547 \|:471[1-8] '
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1148/lighttpd
tcp 0 0 0.0.0.0:53 0.0.0.0:* LISTEN 1543/pihole-FTL
tcp 0 0 127.0.0.1:4711 0.0.0.0:* LISTEN 1543/pihole-FTL
tcp6 0 0 :::80 :::* LISTEN 1148/lighttpd
tcp6 0 0 :::53 :::* LISTEN 1543/pihole-FTL
tcp6 0 0 ::1:4711 :::* LISTEN 1543/pihole-FTL
udp 0 0 0.0.0.0:53 0.0.0.0:* 1543/pihole-FTL
udp6 0 0 :::53 :::* 1543/pihole-FTL
pi@raspberrypi:~ $
EDIT: Hmmm, not good. after a while I lose my network VNC local connection to pi
Was worth a try.
When I can think of something else, I'll post.
For now nn.
thanks nn
There is no traffic going to the wifi/outside world. However, pihole-FTL can retrieve the DNSs.
The same with chromium. It cannot connect anywhere. So many issues to be fixed...
pi@raspberrypi:~ $ dig realvnc.com
; <<>> DiG 9.11.5-P4-5.1+deb10u1-Raspbian <<>> realvnc.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25849
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;realvnc.com. IN A
;; ANSWER SECTION:
realvnc.com. 3275 IN A 146.101.60.69
;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Tue Jul 21 08:27:07 CEST 2020
;; MSG SIZE rcvd: 56
pi@raspberrypi:~ $ ping realvnc.com
ping: realvnc.com: Name or service not known
I believe we missed some steps believing dnsmasq
is part of NM.
Can you post output for below:
systemctl status dnsmasq
which dnsmasq
dpkg -S /usr/sbin/dnsmasq
apt policy dnsmasq-base
If dnsmasq-base
is installed, you should be able to disable dnsmasq
from starting at boot with below:
sudo systemctl disable dnsmasq
Or:
sudo systemctl mask dnsmasq
I wouldnt purge dnsmasq-base
so to keep the man
pages available:
pi@noads:~ $ dpkg -L dnsmasq-base
[..]
/usr/sbin/dnsmasq
[..]
/usr/share/man
/usr/share/man/es
/usr/share/man/es/man8
/usr/share/man/es/man8/dnsmasq.8.gz
/usr/share/man/fr
/usr/share/man/fr/man8
/usr/share/man/fr/man8/dnsmasq.8.gz
/usr/share/man/man8
/usr/share/man/man8/dnsmasq.8.gz
[..]
They might come in handy if tinkering with pihole-FTL
that shares most settings from dnsmasq
.
Here they are:
pi@raspberrypi:~ $ systemctl status dnsmasq
Unit dnsmasq.service could not be found.
pi@raspberrypi:~ $ which dnsmasq
/usr/sbin/dnsmasq
pi@raspberrypi:~ $ dpkg -S /usr/sbin/dnsmasq
dnsmasq-base: /usr/sbin/dnsmasq
pi@raspberrypi:~ $ apt policy dnsmasq-base
dnsmasq-base:
Installed: 2.80-1+rpt1
Candidate: 2.80-1+rpt1
Version table:
2.81-4 -1
-1 http://raspbian.raspberrypi.org/raspbian bullseye/main armhf Packages
*** 2.80-1+rpt1 500
500 http://archive.raspberrypi.org/debian buster/main armhf Packages
100 /var/lib/dpkg/status
2.80-1 500
500 http://raspbian.raspberrypi.org/raspbian buster/main armhf Packages
I rely on sharing my Wi-Fi connection LAN to the router and then the router distributes it to all of the devices (I am connecting through a EAP TTLS wifi network, hence the need for NM). If I disable dnsmasq, will the sharing of the connection still be handled or even work with NM?
By the way, I have masked it:
pi@raspberrypi:/etc/dnsmasq.d $ sudo systemctl mask dnsmasq
Unit dnsmasq.service does not exist, proceeding anyway.
Created symlink /etc/systemd/system/dnsmasq.service → /dev/null.
This is exactly what I've been trying to do here:
Any chance to get a summary from of what to do from first boot (I likely need to start from scratch), cause I was losing my mind with this. Should be so straight forward to do but somehow I mess up somewhere.
@deHakkelaar My main question actually is how do I copy (or keep a backup, since I guess that NM is not handling sharing connections in pihole-FTL) my current dnsmasq settings to Pihole's FTL?
@EnkiABZ I will try to sum it up once finishing up like I have done so far for in post #48.
@deHakkelaar I believe forwarding rules are kept from NM but the gateway is missing. this is done from the admin page under Settings I assume
Ok so what I am doing now:
put in the admin -> Setting -> DHCP -> gateway the IP of the gateway of the wifi. Check with VNC that it can be forwarded and it is ok.
I am so close. Upon reboot I have to kill dsnmasq by switching off wifi first and then enabling pihole-FTL.
Should I remove dnsmasq-base altogether? I don't get it, I masked dnsmasq, no other process should be able to call it. Not sure though if this is a good idea, since when I do
sudo mv /usr/sbin/dnsmasq /usr/sbin/~dnsmasq
the system hangs after a minute and NM keeps on loading...
The only reason dnsmasq-base
is installed (if it was installed with NM) is to cache DNS queries.
And as pihole-FTL
has the dnsmasq
code embedded into its own code, pihole-FTL
can almost be considered as a drop in replacement for dnsmasq
.
pihole-FTL
even reads the exact same config file /etc/dnsmasq.conf
as dnsmasq
does (if dnsmasq
whas run standalone).
So there is no reason to assume it will break your network setup if substitute dnsmasq
with pihole-FTL
.
Masking wont do if the dnsmasq
binary is called upon directly by NM and not via systemd
.
See my first answer above ^
Not for now.
I made wrong assumption with previous posting of mine ... again
The package dnsmasq-base
contains the /usr/sbin/dnsmasq
binary:
pi@ph5:~ $ apt-file list dnsmasq-base
dnsmasq-base: /etc/dbus-1/system.d/dnsmasq.conf
dnsmasq-base: /usr/sbin/dnsmasq
dnsmasq-base: /usr/share/dnsmasq-base/trust-anchors.conf
dnsmasq-base: /usr/share/doc/dnsmasq-base/DBus-interface.gz
dnsmasq-base: /usr/share/doc/dnsmasq-base/FAQ.gz
dnsmasq-base: /usr/share/doc/dnsmasq-base/README.Debian
dnsmasq-base: /usr/share/doc/dnsmasq-base/changelog.Debian.gz
dnsmasq-base: /usr/share/doc/dnsmasq-base/changelog.archive.gz
dnsmasq-base: /usr/share/doc/dnsmasq-base/changelog.gz
dnsmasq-base: /usr/share/doc/dnsmasq-base/copyright
dnsmasq-base: /usr/share/doc/dnsmasq-base/doc.html
dnsmasq-base: /usr/share/doc/dnsmasq-base/examples/dnsmasq.conf.example
dnsmasq-base: /usr/share/doc/dnsmasq-base/setup.html
dnsmasq-base: /usr/share/locale/de/LC_MESSAGES/dnsmasq.mo
dnsmasq-base: /usr/share/locale/es/LC_MESSAGES/dnsmasq.mo
dnsmasq-base: /usr/share/locale/fi/LC_MESSAGES/dnsmasq.mo
dnsmasq-base: /usr/share/locale/fr/LC_MESSAGES/dnsmasq.mo
dnsmasq-base: /usr/share/locale/id/LC_MESSAGES/dnsmasq.mo
dnsmasq-base: /usr/share/locale/it/LC_MESSAGES/dnsmasq.mo
dnsmasq-base: /usr/share/locale/no/LC_MESSAGES/dnsmasq.mo
dnsmasq-base: /usr/share/locale/pl/LC_MESSAGES/dnsmasq.mo
dnsmasq-base: /usr/share/locale/pt_BR/LC_MESSAGES/dnsmasq.mo
dnsmasq-base: /usr/share/locale/ro/LC_MESSAGES/dnsmasq.mo
dnsmasq-base: /usr/share/man/es/man8/dnsmasq.8.gz
dnsmasq-base: /usr/share/man/fr/man8/dnsmasq.8.gz
dnsmasq-base: /usr/share/man/man8/dnsmasq.8.gz
[..]
And the package dnsmasq
contains the systemd
unit file dnsmasq.service
thats needed to start dnsmasq
via systemd
(systemctl start/stop etc):
pi@ph5:~ $ apt-file list dnsmasq
dnsmasq: /etc/default/dnsmasq
dnsmasq: /etc/dnsmasq.conf
dnsmasq: /etc/dnsmasq.d/README
dnsmasq: /etc/init.d/dnsmasq
dnsmasq: /etc/insserv.conf.d/dnsmasq
dnsmasq: /etc/resolvconf/update.d/dnsmasq
dnsmasq: /lib/systemd/system/dnsmasq.service
dnsmasq: /usr/lib/resolvconf/dpkg-event.d/dnsmasq
dnsmasq: /usr/lib/tmpfiles.d/dnsmasq.conf
dnsmasq: /usr/share/dnsmasq/installed-marker
dnsmasq: /usr/share/doc/dnsmasq
The later seems not installed and isnt needed if NM boots up dnsmasq
.
Can you validate NM being the parent of dnsmasq
with below before digging any deeper ?
Will need to reboot first to get dnsmasq
running again.
pstree -s $(pidof dnsmasq)
Thanks for the long explanation
You are right in your assumption:
pi@raspberrypi:~ $ pstree -s $(pidof dnsmasq)
systemd───NetworkManager───dnsmasq
For some reason I cannot see the queries. Is that ok?
My laptop is also using NM but default doesnt have that dns=
directive:
dehakkelaar@laptop:~$ cat /etc/NetworkManager/NetworkManager.conf
[main]
plugins=ifupdown,keyfile
[ifupdown]
managed=false
dehakkelaar@laptop:~$ sudo grep 'dns=\|dnsmasq' -R /etc/NetworkManager/
dehakkelaar@laptop:~$
dehakkelaar@laptop:~$ sudo netstat -nltup | grep dnsmasq
dehakkelaar@laptop:~$
dehakkelaar@laptop:~$ cat /etc/resolv.conf
# Generated by NetworkManager
search dehakkelaar.nl
nameserver 10.0.0.2
dnsmasq-bas
e was already installed from previous tinkering.
I added that dns=dnsmasq
directive and now have below output after reboot:
dehakkelaar@laptop:~$ cat /etc/NetworkManager/NetworkManager.conf
[main]
plugins=ifupdown,keyfile
dns=dnsmasq
[ifupdown]
managed=false
dehakkelaar@laptop:~$ sudo grep 'dns=\|dnsmasq' -R /etc/NetworkManager/
/etc/NetworkManager/NetworkManager.conf:dns=dnsmasq
dehakkelaar@laptop:~$ sudo netstat -nltup | grep dnsmasq
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1604/dnsmasq
udp 0 0 0.0.0.0:50831 0.0.0.0:* 1604/dnsmasq
udp 0 0 127.0.0.1:53 0.0.0.0:* 1604/dnsmasq
dehakkelaar@laptop:~$ cat /etc/resolv.conf
# Generated by NetworkManager
search dehakkelaar.nl
nameserver 127.0.0.1
dehakkelaar@laptop:~$ pstree -s $(pidof dnsmasq)
systemd───NetworkManager───dnsmasq
If I remove that dns=dnsmasq
directive again and reboot, everything reverts back to as was before without dnsmasq
running.
Are you sure that directive isnt configured somewhere (added sudo
below) and did you reboot in between while trying options ?
sudo grep 'dns=\|dnsmasq' -R /etc/NetworkManager/
No its not.
Try clear browser cache first and reload the page.
If that doesn fix, try run below and select repair:
pihole -r
EDIT: ow ps. do you run a desktop ?
Something might be configured in the pi
user home folder ~
:
sudo grep 'dns=' -R ~