Pi-Hole works everywhere except Android Phones


#62

I’ll need to double check this, but my Nexus 5X (running Android 7.1.2) has ads blocked by Pi-hole.


#63

That’ll be another spanner in the works!

My only addition would be the 2 devices that had adverts blocked through pihole are custom ROMs and my newer S6 is not vanilla android, it’s the Samsung ‘version’


#64

I also have a Nexus 7 on Marshmallow, which I think also blocks ads (also will need to check that).


#65

I have Nexus 7 (droid 6.0.1) and HTC (droid 4.1.1) both blocking ads like below one:
http://doubleclick.com/


#66

Both the phone and tablet are blocking ads. Just to check, are you only connected via Wifi (not cellular)?


#67

Yes. Connected only via WiFi with data disabled.


#68

Any update on this matter?


#69

From me, no.

Adverts are still not blocked on android.


#70

Hi,

Apple IOS devices have a feature called Wifi Assist whereas the iphone will automatically establish a cellular connection id Wifi perfomance is poor.

In this Case it is plausible that The phone may send DNS querries via cellular network and therefore bypass PiHole.
Does Android have a similar feature ???

It’s also possible that Android uses hard coded DNS Servers (8.8.8.8 & 8.8.4.4) come to mind.
There’s a method here to “block” access to Google DNS with a popular router (Fritzbox)

If you have a more capable router you can block those Google DNS IP’s alltogether.


#71

Even with cell data disabled on a WiFi network it still let’s adverts through…I have tested this. And disabled the chrome data saver function

As for a solar feature to iOS WiFi assist, the equivalent would be “Smart WiFi Switch”.
I have this disabled.

Looking at the router, I have an ISP provided router, and the option to manually set DNS servers is none existing. A quick Google search tells me it is deliberately stopped by my ISP.


#72

Heres something similar to wifi assist
https://www.verizonwireless.com/support/knowledge-base-97134/


#73

Hi All,

Look I’m a real newbie with this stuff, not that qualified - but I don’t know if this will help.

I had some real issues with Android and Chrome in regards to it not recognising my hosts file on my rooted phone a long time back and I discovered Google run some kind of data compression / caching box as default for all users (seriously)

If you go into Chrome settings and then turn off “data saver” - it might fix the issue (I don’t know, I’m setting up my first Pi-hole this week)

It’s a long shot, perhaps unrelated but some of the posts here felt familiar to the issues I was having.
I hope it helps in some capacity.


#74

Hi,

Thanks for your suggestion about google data saver.

https://support.google.com/chrome/answer/2392284

“When you use Data Saver, most of your web traffic goes through Google servers before being downloaded to your device. Less data gets downloaded to your device, because Google servers will compress it.”

So data saver works on http only (not https)… but I wonder what exactly google does while “traffic goes through google servers” ?

Will google servers use their own DNS to resolve the ads on a site?
… and the send then site in its entirety (incl. ads) to the client in a compressed ‘package’ ?


#75

As far as I can see only Google ads come through on my Moto G4+ with Android 7. And I have the same with Adblock in Lede.

So it might be that Google implemented some kind of bypass for DNS based adblockers. Maybe a VPN for google ads only.


#76

Wondering if this is still an issue for people. I’ve been struggling with this all day and cannot figure out how to defeat the oddball DNS entry. If you do a getprop net.dns1 it gives an external V6 address. If you do a getprop net.dns2 it goes to my pi-hole. Now, what I didn’t see mentioned before was a getprop net.dns3 also returns the pi-hole address. I played around and in the phone, if you manually set your DNS server, dns2 is the first line, dns3 is the second line, and dns1 doesn’t seem to be configurable anywhere. This is on a Galaxy S8 running Android 7.0. With this behavior, Android is pretty much useless with pi-hole and my Netgear router.


#77

Still an issue for me. I have the same setup, GS8+, I’m getting Comcast’s IPv6 DNS servers, they can’t be turned off and even if you enable IPv6 DNS from the pi hole, the Comcast servers take priority.

I haven’t been able to come up with a solution. You used to be able to backup, download, and restore Comcast configs, figured that might be worth looking into, but doesn’t appear that the feature is available anymore.


#78

Just download any DNS_CHANGER APP and enter the dns of your pi-hole in that app it’ll work definitely


#79

resurrection of an old thread!

Yes, this is a possibility, but kind of defeats the purpose of pi-hole…a network wide ad blocking solution, eliminating the need to set DNS on a per device basis.

I actually cant remember how I solved this…seem to think it was something to do with IPV6


#80

Android phones and Google devices (i.e. Chromecast) have their own hardcoded DNS servers, so this issue has to be fixed at a router level. Using FreshTomato firmware (administration > Scripts > Firewall).

If you want a network wide solution, paste these iptables rules to your router. It forces all DNS requests to the pihole, regardless of individual device settings. It then uses masquerade to make the device think that it got the result from the original DNS server it was trying to query. 192.168.1.100 is my pihole’s local IP.

iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
iptables -t nat -I PREROUTING -i br0 -p tcp --dport 53 -j DNAT --to 192.168.1.100:53
iptables -t nat -I PREROUTING -i br0 -p udp --dport 53 -j DNAT --to 192.168.1.100:53
iptables -t nat -I PREROUTING -i br0 -p tcp -s 192.168.1.100 --dport 53 -j ACCEPT
iptables -t nat -I PREROUTING -i br0 -p udp -s 192.168.1.100 --dport 53 -j ACCEPT

Block DNS Change
#81

Not sure on this, but all I can say is I have added no such rules to my pi-hole install and ads are now blocked on my android devices without the use of any DNS changer app.
And I can say for definite that my pi-hole works 100% network wide, with no per device configuration required. at all.