I'm not sure why pihole -q is looking up localhost, nor why it is being called via lighttpd and php during pihole -d, I'm sure that's it's own problem that this may have brought to light...
Rather than do a full pihole -d (takes about 30 minutes), I ran time pihole -q google.com (only takes 11 minutes) after disabling conditional forwarding. It has not improved performance, and I'm still having the same issue. Here's a screenshot:
The CPU usage fluctuates during the process, but RAM stays completely throttled the entire time.
This is not a valid regular expression. The interpretation of (\.|^)* is:
An arbitrary number of dots or line starts
Does "an arbitrary number of line starts" make sense? I guess not and awk might die while trying to reference to the same anchor multiple times. This may very well end up in an infinite loop.
You either want to
Just get rid of the *. This would block metric.gstatic.com and all of its subdomains.
If you want to block anything ending in metric.gstatic.com (so also ABCDEFmetric.gstatic.com), the regex should not have an initial anchor and should look like:
metric\.gstatic\.com$
What do you really want to achieve with this regex? We can fix it together if you like.
I went with the more aggressive approach. The only reason the * slipped in there is because I was totally spaced out when entering it and was just thinking I wanted to block *.metric.gstatic.com with * as the wildcard, then just clicked wild card and moved on with my day.
Thanks for the help sorting this one out! Apologies for my poor regex experience.
As the pihole -q issue seems to have the same cause as written here I will mention the outcome here to save prospective readers almost 100 topic replies.
It came down to different versions of awk: the issue occurred only withmawk but not with gawk. So installing gawk fixed it.
Final solution was to circumvent awk in pihole -q and using shell regex checking.
At the moment one can try it with