Pihole installed but doesn't block anything

Hello!

I've followed this guide about setting up piehole in docker:

and I was able to install it and set everything up as the guide said but it seems like piehole just doesn't block any ads.

Any ideas what could be the issue? I've attached a debug log from piehole, hopefully that can help resolve the issue.

Also, here's the token the debug gave me:
https://tricorder.pi-hole.net/xLPRi2FW/

This process collects information from your Pi-hole, and optionally uploads it to a unique and random directory on tricorder.pi-hole.net.

The intent of this script is to allow users to self-diagnose their installations.  This is accomplished by running tests against our software and providing the user with links to FAQ articles when a problem is detected.  Since we are a small team and Pi-hole has been growing steadily, it is our hope that this will help us spend more time on development.

NOTE: All log files auto-delete after 48 hours and ONLY the Pi-hole developers can access your data via the given token. We have taken these extra steps to secure your data and will work to further reduce any personal information gathered.

*** [ INITIALIZING ]
[i] 2023-09-30:17:14:01 debug log has been initialized.
[i] System has been running for 0 days, 0 hours, 44 minutes

*** [ INITIALIZING ] Sourcing setup variables
[i] Sourcing /etc/pihole/setupVars.conf...

*** [ DIAGNOSING ]: Core version
[✓] Version: v5.17.1
[i] Remotes: origin	https://github.com/pi-hole/pi-hole.git (fetch)
             origin	https://github.com/pi-hole/pi-hole.git (push)
[i] Branch: master
[i] Commit: v5.17.1-0-g6a45c6a

*** [ DIAGNOSING ]: Web version
[✓] Version: v5.20.1
[i] Remotes: origin	https://github.com/pi-hole/AdminLTE.git (fetch)
             origin	https://github.com/pi-hole/AdminLTE.git (push)
[i] Branch: master
[i] Commit: v5.20.1-0-g3a11976

*** [ DIAGNOSING ]: FTL version
[✓] Version: v5.23
[i] Branch: master
[i] Commit: d201776e

*** [ DIAGNOSING ]: lighttpd version
[i] 1.4.59

*** [ DIAGNOSING ]: php version
[i] 7.4.33

*** [ DIAGNOSING ]: Operating system
[i] Pi-hole Docker Container: 2023.05.2
[✓] Distro:  Debian
[✓] Version: 11
[✓] dig return code: 0
[i] dig response: "Raspbian=10,11 Ubuntu=20,22,23 Debian=10,11,12 Fedora=36,37,38 CentOS=8,9"
[✓] Distro and version supported

*** [ DIAGNOSING ]: SELinux
[i] SELinux not detected

*** [ DIAGNOSING ]: FirewallD
[✓] Firewalld service not detected

*** [ DIAGNOSING ]: Processor
[✓] x86_64

*** [ DIAGNOSING ]: Disk usage
   Filesystem      Size  Used Avail Use% Mounted on
   overlay        1007G  1.7G  954G   1% /
   tmpfs            64M     0   64M   0% /dev
   tmpfs           7.8G     0  7.8G   0% /sys/fs/cgroup
   shm              64M  736K   64M   2% /dev/shm
   /dev/sdd       1007G  1.7G  954G   1% /etc/pihole
   tmpfs           7.8G     0  7.8G   0% /proc/acpi
   tmpfs           7.8G     0  7.8G   0% /sys/firmware

*** [ DIAGNOSING ]: Network interfaces and addresses
   1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
       link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
       inet 127.0.0.1/8 scope host lo
          valid_lft forever preferred_lft forever
   8: eth0@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default 
       link/ether 02:42:ac:11:00:02 brd ff:ff:ff:ff:ff:ff link-netnsid 0
       inet 172.17.0.2/16 brd 172.17.255.255 scope global eth0
          valid_lft forever preferred_lft forever

*** [ DIAGNOSING ]: Network routing table
   default via 172.17.0.1 dev eth0 
   172.17.0.0/16 dev eth0 proto kernel scope link src 172.17.0.2 

*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the eth0 interface:
    172.17.0.2/16

[✗] No IPv6 address(es) found on the eth0 interface.

[i] Default IPv4 gateway(s):
     172.17.0.1
   * Pinging first gateway 172.17.0.1...
[✓] Gateway responded.
[i] Default IPv6 gateway(s):

*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] apps.saintsoporte.com is 0.0.0.0 on lo (127.0.0.1)
[✓] apps.saintsoporte.com is 0.0.0.0 on eth0 (172.17.0.2)
[✓] doubleclick.com is 142.251.208.174 via a remote, public DNS server (8.8.8.8)

*** [ DIAGNOSING ]: Name resolution (IPv6) using a random blocked domain and a known ad-serving domain
[✓] No IPv6 address available on lo
[✓] No IPv6 address available on eth0
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (2001:4860:4860::8888)

*** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
   Scanning all your interfaces for DHCP servers
   Timeout: 10 seconds
   DHCP packets received on interface eth0: 0

*** [ DIAGNOSING ]: Pi-hole processes
[✓] lighttpd daemon is active
[✓] pihole-FTL daemon is active

*** [ DIAGNOSING ]: Pi-hole-FTL full status
[i] systemctl:  command not found

*** [ DIAGNOSING ]: Lighttpd configuration test
[✓] No error in lighttpd configuration

*** [ DIAGNOSING ]: Setup variables
    PIHOLE_INTERFACE=eth0
    IPV4_ADDRESS=0.0.0.0
    IPV6_ADDRESS=0:0:0:0:0:0
    QUERY_LOGGING=true
    INSTALL_WEB_SERVER=true
    INSTALL_WEB_INTERFACE=true
    LIGHTTPD_ENABLED=true
    CACHE_SIZE=10000
    DNS_FQDN_REQUIRED=true
    DNS_BOGUS_PRIV=true
    DNSMASQ_LISTENING=local
    BLOCKING_ENABLED=true
    DNSSEC=false
    REV_SERVER=false
    PIHOLE_DNS_1=1.1.1.1
    PIHOLE_DNS_2=1.0.0.1
    PIHOLE_DNS_3=192.168.1.69

*** [ DIAGNOSING ]: Dashboard headers
[✓] Web interface X-Header: X-Pi-hole: The Pi-hole Web interface is working!

*** [ DIAGNOSING ]: Pi-hole FTL Query Database
-rw-rw-r-- 1 pihole pihole 80K Sep 30 17:14 /etc/pihole/pihole-FTL.db
[i] Checking integrity of /etc/pihole/pihole-FTL.db ... (this can take several minutes)
[✓] Integrity of /etc/pihole/pihole-FTL.db intact
[i] Checking foreign key constraints of /etc/pihole/pihole-FTL.db ... (this can take several minutes)
[✓] No foreign key errors in /etc/pihole/pihole-FTL.db

*** [ DIAGNOSING ]: Gravity Database
-rw-rw-r-- 1 pihole pihole 7.9M Sep 30 17:09 /etc/pihole/gravity.db
[i] Checking integrity of /etc/pihole/gravity.db ... (this can take several minutes)
[✓] Integrity of /etc/pihole/gravity.db intact
[i] Checking foreign key constraints of /etc/pihole/gravity.db ... (this can take several minutes)
[✓] No foreign key errors in /etc/pihole/gravity.db

*** [ DIAGNOSING ]: Info table
   property              value                                   
   --------------------  ----------------------------------------
   version               15                                      
   updated               1696086559                              
   gravity_count         135875                                  
   Last gravity run finished at: Sat Sep 30 17:09:19 CEST 2023

   ----- First 10 Gravity Domains -----
   localhost.localdomain
   ck.getcookiestxt.com
   eu1.clevertap-prod.com
   wizhumpgyros.com
   coccyxwickimp.com
   webmail-who-int.000webhostapp.com
   010sec.com
   01mspmd5yalky8.com
   0byv9mgbn0.com
   ns6.0pendns.org


*** [ DIAGNOSING ]: Groups
   id    enabled  name                                                date_added           date_modified        description                                       
   ----  -------  --------------------------------------------------  -------------------  -------------------  --------------------------------------------------
   0           1  Default                                             2023-05-30 20:51:44  2023-05-30 20:51:44  The default group                                 

*** [ DIAGNOSING ]: Domainlist (0/1 = exact white-/blacklist, 2/3 = regex white-/blacklist)

*** [ DIAGNOSING ]: Clients

*** [ DIAGNOSING ]: Adlists
   id     enabled  group_ids     address                                                                                               date_added           date_modified        comment                                           
   -----  -------  ------------  ----------------------------------------------------------------------------------------------------  -------------------  -------------------  --------------------------------------------------
   1            1  0             https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts                                      2023-05-30 20:51:44  2023-05-30 20:51:44  Migrated from /etc/pihole/adlists.list            

*** [ DIAGNOSING ]: contents of /etc/pihole

-rw-r--r-- 1 root root 0 May 30 20:51 /etc/pihole/custom.list

-rw-r--r-- 1 root root 65 Sep 30 17:09 /etc/pihole/local.list

-rw-r--r-- 1 root root 241 May 30 20:51 /etc/pihole/logrotate
   /var/log/pihole/pihole.log {
   	su root root
   	daily
   	copytruncate
   	rotate 5
   	compress
   	delaycompress
   	notifempty
   	nomail
   }
   /var/log/pihole/FTL.log {
   	su root root
   	weekly
   	copytruncate
   	rotate 3
   	compress
   	delaycompress
   	notifempty
   	nomail
   }

-rw-rw-r-- 1 pihole root 191 Sep 30 17:07 /etc/pihole/pihole-FTL.conf
   PRIVACYLEVEL=0
   MACVENDORDB=/macvendor.db
   LOCAL_IPV4=0.0.0.0
   RATE_LIMIT=1000/60

-rw-r--r-- 1 root root 382 Sep 30 17:01 /etc/pihole/versions
   CORE_VERSION=v5.17.1
   CORE_BRANCH=master
   CORE_HASH=6a45c6a8
   GITHUB_CORE_VERSION=v5.17.1
   GITHUB_CORE_HASH=fef2861e
   WEB_VERSION=v5.20.1
   WEB_BRANCH=master
   WEB_HASH=3a11976e
   GITHUB_WEB_VERSION=v5.20.1
   GITHUB_WEB_HASH=41682f17
   FTL_VERSION=v5.23
   FTL_BRANCH=master
   FTL_HASH=d201776e
   GITHUB_FTL_VERSION=v5.23
   GITHUB_FTL_HASH=1a114133
   DOCKER_VERSION=2023.05.2
   GITHUB_DOCKER_VERSION=2023.05.2

*** [ DIAGNOSING ]: contents of /etc/dnsmasq.d

-rw-r--r-- 1 root root 1.4K Sep 30 17:07 /etc/dnsmasq.d/01-pihole.conf
   addn-hosts=/etc/pihole/local.list
   addn-hosts=/etc/pihole/custom.list
   localise-queries
   no-resolv
   log-queries
   log-facility=/var/log/pihole/pihole.log
   log-async
   cache-size=10000
   server=1.1.1.1
   server=1.0.0.1
   server=192.168.1.69
   domain-needed
   expand-hosts
   bogus-priv
   local-service

-rw-r--r-- 1 root root 2.2K Sep 30 17:00 /etc/dnsmasq.d/06-rfc6761.conf
   server=/test/
   server=/localhost/
   server=/invalid/
   server=/bind/
   server=/onion/

*** [ DIAGNOSING ]: contents of /etc/lighttpd

-rw-r--r-- 1 root root 2.2K Jan 19  2022 /etc/lighttpd/lighttpd.conf
   server.modules = (
   	"mod_indexfile",
   	"mod_access",
   	"mod_alias",
    	"mod_redirect",
   )
   server.document-root        = "/var/www/html"
   server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
   server.errorlog             = "/var/log/lighttpd/error.log"
   server.pid-file             = "/run/lighttpd.pid"
   server.username             = "www-data"
   server.groupname            = "www-data"
   server.port                 = 80
   server.feature-flags       += ("server.h2proto" => "enable")
   server.feature-flags       += ("server.h2c"     => "enable")
   server.feature-flags       += ("server.graceful-shutdown-timeout" => 5)
   server.http-parseopts = (
     "header-strict"           => "enable",# default
     "host-strict"             => "enable",# default
     "host-normalize"          => "enable",# default
     "url-normalize-unreserved"=> "enable",# recommended highly
     "url-normalize-required"  => "enable",# recommended
     "url-ctrls-reject"        => "enable",# recommended
     "url-path-2f-decode"      => "enable",# recommended highly (unless breaks app)
     "url-path-dotseg-remove"  => "enable",# recommended highly (unless breaks app)
   )
   index-file.names            = ( "index.php", "index.html" )
   url.access-deny             = ( "~", ".inc" )
   static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
   include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
   include_shell "/usr/share/lighttpd/create-mime.conf.pl"
   include "/etc/lighttpd/conf-enabled/*.conf"
   server.modules += (
   	"mod_dirlisting",
   	"mod_staticfile",
   )

*** [ DIAGNOSING ]: contents of /etc/lighttpd/conf.d
/etc/lighttpd/conf.d does not exist.

*** [ DIAGNOSING ]: contents of /etc/lighttpd/conf-enabled
total 4.0K
lrwxrwxrwx 1 root root  32 May 30 20:51 05-setenv.conf -> ../conf-available/05-setenv.conf
lrwxrwxrwx 1 root root  35 May 30 20:51 10-accesslog.conf -> ../conf-available/10-accesslog.conf
lrwxrwxrwx 1 root root  33 May 30 20:51 10-fastcgi.conf -> ../conf-available/10-fastcgi.conf
-rw-r--r-- 1 root root 221 Sep 30 17:00 15-pihole-admin-redirect-docker.conf
lrwxrwxrwx 1 root root  38 May 30 20:51 15-pihole-admin.conf -> ../conf-available/15-pihole-admin.conf

lrwxrwxrwx 1 root root 38 May 30 20:51 /etc/lighttpd/conf-enabled/15-pihole-admin.conf -> ../conf-available/15-pihole-admin.conf
   server.errorlog := "/var/log/lighttpd/error-pihole.log"
   $HTTP["url"] =~ "^/admin/" {
       server.document-root = "/var/www/html"
       server.stream-response-body = 1
       accesslog.filename = "/var/log/lighttpd/access-pihole.log"
       accesslog.format = "%{%s}t|%h|%V|%r|%s|%b"
       fastcgi.server = (
           ".php" => (
               "localhost" => (
                   "socket" => "/run/lighttpd/pihole-php-fastcgi.socket",
                   "bin-path" => "/usr/bin/php-cgi",
                   "min-procs" => 1,
                   "max-procs" => 1,
                   "bin-environment" => (
                       "TZ" => "Europe/Budapest",
                       "PIHOLE_DOCKER_TAG" => "",
                       "PHP_ERROR_LOG" => "/var/log/lighttpd/error-pihole.log",
                       "CORS_HOSTS" => "",
                       "VIRTUAL_HOST" => "8cc67383d6c0",
                       "PHP_FCGI_CHILDREN" => "4",
                       "PHP_FCGI_MAX_REQUESTS" => "10000",
                   ),
                   "bin-copy-environment" => (
                       "PATH", "SHELL", "USER"
                   ),
                   "broken-scriptfilename" => "enable",
               )
           )
       )
       setenv.add-response-header = (
           "X-Pi-hole" => "The Pi-hole Web interface is working!",
           "X-Frame-Options" => "DENY",
           "X-XSS-Protection" => "0",
           "X-Content-Type-Options" => "nosniff",
           "Content-Security-Policy" => "default-src 'self' 'unsafe-inline';",
           "X-Permitted-Cross-Domain-Policies" => "none",
           "Referrer-Policy" => "same-origin"
       )
       $HTTP["url"] =~ "^/admin/\." {
           url.access-deny = ("")
       }
       $HTTP["url"] =~ "/(teleporter|api_token)\.php$" {
           $HTTP["referer"] =~ "/admin/settings\.php" {
               setenv.set-response-header = ( "X-Frame-Options" => "SAMEORIGIN" )
           }
       }
   }
   else $HTTP["url"] == "/admin" {
       url.redirect = ("" => "/admin/")
   }
   $HTTP["host"] == "pi.hole" {
       $HTTP["url"] == "/" {
           url.redirect = ("" => "/admin/")
       }
   }
   server.modules += ( "mod_access", "mod_accesslog", "mod_redirect", "mod_fastcgi", "mod_setenv" )

*** [ DIAGNOSING ]: contents of /etc/cron.d

-rw-r--r-- 1 root root 1.7K Sep 30 17:00 /etc/cron.d/pihole
   9 4   * * 7   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updateGravity >/var/log/pihole/pihole_updateGravity.log || cat /var/log/pihole/pihole_updateGravity.log
   00 00   * * *   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole flush once quiet
   @reboot root /usr/sbin/logrotate --state /var/lib/logrotate/pihole /etc/pihole/logrotate
   4 19  * * *   root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker
   @reboot root    PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker reboot

*** [ DIAGNOSING ]: contents of /var/log/lighttpd

-rw-r--r-- 1 www-data www-data 69 Sep 30 17:00 /var/log/lighttpd/error-pihole.log
   -----head of error-pihole.log------
   2023-09-30 17:00:56: server.c.1513) server started (lighttpd/1.4.59)

   -----tail of error-pihole.log------
   2023-09-30 17:00:56: server.c.1513) server started (lighttpd/1.4.59)

*** [ DIAGNOSING ]: contents of /var/log/pihole

-rw-r--r-- 1 pihole pihole 47K Sep 30 17:09 /var/log/pihole/FTL.log
   -----head of FTL.log------
   [2023-09-30 17:00:56.019 264M] Using log file /var/log/pihole/FTL.log
   [2023-09-30 17:00:56.019 264M] ########## FTL started on 8cc67383d6c0! ##########
   [2023-09-30 17:00:56.019 264M] FTL branch: master
   [2023-09-30 17:00:56.019 264M] FTL version: v5.23
   [2023-09-30 17:00:56.019 264M] FTL commit: d201776e
   [2023-09-30 17:00:56.019 264M] FTL date: 2023-05-28 11:55:26 +0100
   [2023-09-30 17:00:56.019 264M] FTL user: pihole
   [2023-09-30 17:00:56.019 264M] Compiled for x86_64 (compiled on CI) using gcc (Debian 8.3.0-6) 8.3.0
   [2023-09-30 17:00:56.019 264M] Starting config file parsing (/etc/pihole/pihole-FTL.conf)
   [2023-09-30 17:00:56.019 264M]    SOCKET_LISTENING: only local
   [2023-09-30 17:00:56.019 264M]    AAAA_QUERY_ANALYSIS: Show AAAA queries
   [2023-09-30 17:00:56.019 264M]    MAXDBDAYS: max age for stored queries is 365 days
   [2023-09-30 17:00:56.019 264M]    RESOLVE_IPV6: Resolve IPv6 addresses
   [2023-09-30 17:00:56.019 264M]    RESOLVE_IPV4: Resolve IPv4 addresses
   [2023-09-30 17:00:56.019 264M]    DBINTERVAL: saving to DB file every minute
   [2023-09-30 17:00:56.019 264M]    DBFILE: Using /etc/pihole/pihole-FTL.db
   [2023-09-30 17:00:56.019 264M]    MAXLOGAGE: Importing up to 24.0 hours of log data
   [2023-09-30 17:00:56.019 264M]    PRIVACYLEVEL: Set to 0
   [2023-09-30 17:00:56.019 264M]    IGNORE_LOCALHOST: Show queries from localhost
   [2023-09-30 17:00:56.019 264M]    BLOCKINGMODE: Null IPs for blocked domains
   [2023-09-30 17:00:56.019 264M]    ANALYZE_ONLY_A_AND_AAAA: Disabled. Analyzing all queries
   [2023-09-30 17:00:56.019 264M]    DBIMPORT: Importing history from database
   [2023-09-30 17:00:56.019 264M]    PIDFILE: Using /run/pihole-FTL.pid
   [2023-09-30 17:00:56.019 264M]    SOCKETFILE: Using /run/pihole/FTL.sock
   [2023-09-30 17:00:56.019 264M]    SETUPVARSFILE: Using /etc/pihole/setupVars.conf
   [2023-09-30 17:00:56.019 264M]    MACVENDORDB: Using /macvendor.db
   [2023-09-30 17:00:56.019 264M]    GRAVITYDB: Using /etc/pihole/gravity.db
   [2023-09-30 17:00:56.019 264M]    PARSE_ARP_CACHE: Active
   [2023-09-30 17:00:56.019 264M]    CNAME_DEEP_INSPECT: Active
   [2023-09-30 17:00:56.019 264M]    DELAY_STARTUP: No delay requested.
   [2023-09-30 17:00:56.019 264M]    BLOCK_ESNI: Enabled, blocking _esni.{blocked domain}
   [2023-09-30 17:00:56.019 264M]    NICE: Cannot change niceness to -10 (permission denied)
   [2023-09-30 17:00:56.019 264M]    MAXNETAGE: Removing IP addresses and host names from network table after 365 days
   [2023-09-30 17:00:56.019 264M]    NAMES_FROM_NETDB: Enabled, trying to get names from network database
   [2023-09-30 17:00:56.019 264M]    EDNS0_ECS: Overwrite client from ECS information

   -----tail of FTL.log------
   [2023-09-30 17:07:55.461 1771M] Resizing "FTL-strings" from 40960 to (81920 * 1) == 81920 (/dev/shm: 712.7KB used, 67.1MB total, FTL uses 700.8KB)
   [2023-09-30 17:07:55.461 1771M] Imported 0 alias-clients
   [2023-09-30 17:07:55.461 1771M] Database successfully initialized
   [2023-09-30 17:07:55.485 1771M] New upstream server: 1.1.1.1:53 (0/512)
   [2023-09-30 17:07:55.485 1771M] New upstream server: 1.0.0.1:53 (1/512)
   [2023-09-30 17:07:55.485 1771M] Imported 15 queries from the long-term database
   [2023-09-30 17:07:55.485 1771M]  -> Total DNS queries: 15
   [2023-09-30 17:07:55.485 1771M]  -> Cached DNS queries: 6
   [2023-09-30 17:07:55.485 1771M]  -> Forwarded DNS queries: 6
   [2023-09-30 17:07:55.485 1771M]  -> Blocked DNS queries: 0
   [2023-09-30 17:07:55.485 1771M]  -> Unknown DNS queries: 0
   [2023-09-30 17:07:55.485 1771M]  -> Unique domains: 5
   [2023-09-30 17:07:55.485 1771M]  -> Unique clients: 2
   [2023-09-30 17:07:55.485 1771M]  -> Known forward destinations: 2
   [2023-09-30 17:07:55.485 1771M] Successfully accessed setupVars.conf
   [2023-09-30 17:07:55.485 1771M] listening on 0.0.0.0 port 53
   [2023-09-30 17:07:55.485 1771M] listening on :: port 53
   [2023-09-30 17:07:55.486 1771M] PID of FTL process: 1771
   [2023-09-30 17:07:55.486 1771M] Listening on port 4711 for incoming IPv4 telnet connections
   [2023-09-30 17:07:55.486 1771M] Error binding to IPv6 telnet socket: Cannot assign requested address (99)
   [2023-09-30 17:07:55.486 1771M] WARN: Cannot bind to IPv6 telnet socket
   [2023-09-30 17:07:55.486 1771M] Listening on port 4711 for incoming socket telnet connections
   [2023-09-30 17:07:55.486 1771M] INFO: FTL is running as user pihole (UID 999)
   [2023-09-30 17:07:55.486 1771M] Reloading DNS cache
   [2023-09-30 17:07:55.587 1771/T1782] Compiled 0 whitelist and 0 blacklist regex filters for 2 clients in 0.1 msec
   [2023-09-30 17:07:55.587 1771/T1782] Blocking status is enabled
   [2023-09-30 17:07:58.503 1771M] New upstream server: 192.168.1.69:53 (2/512)
   [2023-09-30 17:07:59.546 1771M] Reloading DNS cache
   [2023-09-30 17:07:59.592 1771/T1782] SQLite3 message: file renamed while open: /etc/pihole/gravity.db (28)
   [2023-09-30 17:07:59.592 1771/T1782] Compiled 0 whitelist and 0 blacklist regex filters for 2 clients in 0.1 msec
   [2023-09-30 17:07:59.593 1771/T1782] Blocking status is enabled
   [2023-09-30 17:09:19.744 1771M] Reloading DNS cache
   [2023-09-30 17:09:19.790 1771/T1782] SQLite3 message: file renamed while open: /etc/pihole/gravity.db (28)
   [2023-09-30 17:09:19.790 1771/T1782] Compiled 0 whitelist and 0 blacklist regex filters for 3 clients in 0.1 msec
   [2023-09-30 17:09:19.791 1771/T1782] Blocking status is enabled

*** [ DIAGNOSING ]: contents of /dev/shm
total 736K
-rw------- 1 pihole pihole  84K Sep 30 17:07 FTL-clients
-rw------- 1 pihole pihole  248 Sep 30 17:07 FTL-counters
-rw------- 1 pihole pihole 4.0K Sep 30 17:07 FTL-dns-cache
-rw------- 1 pihole pihole  12K Sep 30 17:07 FTL-domains
-rw------- 1 pihole pihole   88 Sep 30 17:07 FTL-lock
-rw------- 1 pihole pihole 8.0K Sep 30 17:07 FTL-overTime
-rw------- 1 pihole pihole 4.0K Sep 30 17:07 FTL-per-client-regex
-rw------- 1 pihole pihole 224K Sep 30 17:07 FTL-queries
-rw------- 1 pihole pihole   16 Sep 30 17:07 FTL-settings
-rw------- 1 pihole pihole  80K Sep 30 17:07 FTL-strings
-rw------- 1 pihole pihole 308K Sep 30 17:07 FTL-upstreams

*** [ DIAGNOSING ]: contents of /etc

-rw-r--r-- 1 root root 37 Sep 30 17:00 /etc/dnsmasq.conf
   conf-dir=/etc/dnsmasq.d
   user=pihole

-rw-r--r-- 1 root root 97 Sep 30 17:00 /etc/resolv.conf
   nameserver 192.168.65.7

*** [ DIAGNOSING ]: Pi-hole diagnosis messages

*** [ DIAGNOSING ]: Locale
    LANG=

*** [ DIAGNOSING ]: Pi-hole log
-rw-r--r-- 1 pihole pihole 17K Sep 30 17:14 /var/log/pihole/pihole.log
   -----head of pihole.log------
   Sep 30 17:00:57 dnsmasq[447]: started, version pi-hole-v2.89-9461807 cachesize 10000
   Sep 30 17:00:57 dnsmasq[447]: DNS service limited to local subnets
   Sep 30 17:00:57 dnsmasq[447]: compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n IDN DHCP DHCPv6 Lua TFTP no-conntrack ipset no-nftset auth cryptohash DNSSEC loop-detect inotify dumpfile
   Sep 30 17:00:57 dnsmasq[447]: using nameserver 8.8.8.8#53
   Sep 30 17:00:57 dnsmasq[447]: using only locally-known addresses for onion
   Sep 30 17:00:57 dnsmasq[447]: using only locally-known addresses for bind
   Sep 30 17:00:57 dnsmasq[447]: using only locally-known addresses for invalid
   Sep 30 17:00:57 dnsmasq[447]: using only locally-known addresses for localhost
   Sep 30 17:00:57 dnsmasq[447]: using only locally-known addresses for test
   Sep 30 17:00:57 dnsmasq[447]: read /etc/hosts - 9 names
   Sep 30 17:00:57 dnsmasq[447]: read /etc/pihole/custom.list - 0 names
   Sep 30 17:00:57 dnsmasq[447]: read /etc/pihole/local.list - 0 names
   Sep 30 17:01:25 dnsmasq[447]: query[A] pi.hole from 127.0.0.1
   Sep 30 17:01:25 dnsmasq[447]: Pi-hole hostname pi.hole is 0.0.0.0
   Sep 30 17:01:55 dnsmasq[447]: query[A] pi.hole from 127.0.0.1
   Sep 30 17:01:55 dnsmasq[447]: Pi-hole hostname pi.hole is 0.0.0.0
   Sep 30 17:02:25 dnsmasq[447]: query[A] pi.hole from 127.0.0.1
   Sep 30 17:02:25 dnsmasq[447]: Pi-hole hostname pi.hole is 0.0.0.0
   Sep 30 17:02:55 dnsmasq[447]: query[A] pi.hole from 127.0.0.1
   Sep 30 17:02:55 dnsmasq[447]: Pi-hole hostname pi.hole is 0.0.0.0

   -----tail of pihole.log------
   Sep 30 17:11:00 dnsmasq[1771]: query[A] www.google.com from 172.17.0.1
   Sep 30 17:11:00 dnsmasq[1771]: cached www.google.com is 142.251.208.100
   Sep 30 17:11:26 dnsmasq[1771]: query[A] www.google.com from 172.17.0.1
   Sep 30 17:11:26 dnsmasq[1771]: cached www.google.com is 142.251.208.100
   Sep 30 17:11:27 dnsmasq[1771]: query[A] pi.hole from 127.0.0.1
   Sep 30 17:11:27 dnsmasq[1771]: Pi-hole hostname pi.hole is 0.0.0.0
   Sep 30 17:11:57 dnsmasq[1771]: query[A] pi.hole from 127.0.0.1
   Sep 30 17:11:57 dnsmasq[1771]: Pi-hole hostname pi.hole is 0.0.0.0
   Sep 30 17:12:27 dnsmasq[1771]: query[A] pi.hole from 127.0.0.1
   Sep 30 17:12:27 dnsmasq[1771]: Pi-hole hostname pi.hole is 0.0.0.0
   Sep 30 17:12:57 dnsmasq[1771]: query[A] pi.hole from 127.0.0.1
   Sep 30 17:12:57 dnsmasq[1771]: Pi-hole hostname pi.hole is 0.0.0.0
   Sep 30 17:13:28 dnsmasq[1771]: query[A] pi.hole from 127.0.0.1
   Sep 30 17:13:28 dnsmasq[1771]: Pi-hole hostname pi.hole is 0.0.0.0
   Sep 30 17:13:58 dnsmasq[1771]: query[A] pi.hole from 127.0.0.1
   Sep 30 17:13:58 dnsmasq[1771]: Pi-hole hostname pi.hole is 0.0.0.0
   Sep 30 17:14:01 dnsmasq[1771]: query[A] apps.saintsoporte.com from 127.0.0.1
   Sep 30 17:14:01 dnsmasq[1771]: gravity blocked apps.saintsoporte.com is 0.0.0.0
   Sep 30 17:14:01 dnsmasq[1771]: query[A] apps.saintsoporte.com from 172.17.0.2
   Sep 30 17:14:01 dnsmasq[1771]: gravity blocked apps.saintsoporte.com is 0.0.0.0

********************************************
********************************************
[✓] ** FINISHED DEBUGGING! **

   * The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only.
[i] Debug script running in automated mode
    * Using curl for transmission.

*****************************************************************
*****************************************************************

[✓] Your debug token is: https://tricorder.pi-hole.net/xLPRi2FW/
[i] Logs are deleted 48 hours after upload.

*****************************************************************
*****************************************************************

   * Provide the token above to the Pi-hole team for assistance at https://discourse.pi-hole.net
   * A local copy of the debug log can be found at: /var/log/pihole/pihole_debug.log

Did you configure your router or devices to use Pi-hole?

Reference:

• Post-Install - Pi-hole documentation
• How do I configure my devices to use Pi-hole as their DNS server?

My router is provided by my isp so I only have one setting for DNS. I did change that during the install.

I also set it up in Windows like so:

I think that's correct, at least I hope so.

How did you start your container?

Please, post the compose file or docker run command used to start it.

I used the example from the guide and edited the parameters.

Here it is:

docker run --name=pihole -e TZ=Europe/Budapest -e WEBPASSWORD=secret -e SERVERIP=192.168.1.69 -v pihole_app:/etc/pihole -v dns_config:/etc/dnsmasq.d -p 81:80 -p 53:53/tcp -p 53:53/udp --restart=unless-stopped pihole/pihole

lose that alternate DNS server!!!

Removed it but seems like it's still not working.
Only had it in there because the guide instructed so.

That guide was not provided by Pi-hole.
It may not have been accurate at the time it was written, but it certainly seems outdated now.

I'm sorry for the frustration it may have caused you, but you may want to contact its author about any issues you have applying it.

That variable has been deprecated quite a while ago.

Also, your debug log suggests that your host machine is using a DNS server at 192.168.65.7.

-rw-r--r-- 1 root root 97 Sep 30 17:00 /etc/resolv.conf
   nameserver 192.168.65.7

Assuming that your router is configured to distribute your Pi-hole host address as local DNS server, it seems unexpected that you would try to use an IP of 192.168.1.69 for your Pi-hole container, as those IPs would be on separate networks (assuming a default /24 netmask).
If your network would indeed be 192.168.65.0/24, your designated 192.168.1.69 may not be reachable from that network.

You could consider to refer to Pi-hole's own documentation for running a dockered Pi-hole, see GitHub - pi-hole/docker-pi-hole: Pi-hole in a docker container. Note that those instructions presuppose that you are reasonably familiar with Docker already.

Hello, thanks for the help!

That is very strange. I'm using a router that was provided by my ISP so that might be what's causing all the issues I'm having.

I guess I can't change the DNS in my router then? I don't really know what I'm doing with all of this, it seemed pretty easy to set up but I guess there's a lot more to do in the background.

What's your router's subnet?

Run from the machine hosting Docker, what's the output of

ip -4 address

I'm running docker from windows 11 and the command doesn't work there but I tried it in wsl and that gave me this:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1492 qdisc mq state UP qlen 1000
    inet 172.20.8.171/20 brd 172.20.15.255 scope global eth0
       valid_lft forever preferred_lft forever

Using IPconfig command in Windows gave me this:

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : home
   IPv6 Address. . . . . . . . . . . : 2001:4c4e:1e48:7d00:913:e94f:a80c:778e
   Temporary IPv6 Address. . . . . . : 2001:4c4e:1e48:7d00:7023:4e00:a8c1:8d24
   Link-local IPv6 Address . . . . . : fe80::269a:bc66:3116:78c4%18
   IPv4 Address. . . . . . . . . . . : 192.168.1.69
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80::d692:5eff:fe0b:9f6f%18
                                       192.168.1.1

Ethernet adapter vEthernet (WSL):

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::9e27:433b:d2a0:fe6d%38
   IPv4 Address. . . . . . . . . . . : 172.20.0.1
   Subnet Mask . . . . . . . . . . . : 255.255.240.0
   Default Gateway . . . . . . . . . :

Right now I have my router set back to normal so the only thing changed in it's settings is static IP for my PC and my phone.

So your router's subnet is 192.168.1.0/24.

From an ipconfig /all output, could you also share the DNS server section?

Here's the output:

   DNS Servers . . . . . . . . . . . : 2001:4c4e:1e71:dc00::1
                                       192.168.1.1

Also, I did a new install of Pi-hole base from docker because the previous one I've deleted.
Here's the token the debug log gave me from that:

https://tricorder.pi-hole.net/lPlJQtiE/

(Also, seems like I can change DNS in my router, just tested it)

Very likely, that is your router's public IPv6 address.

This would mean your router is advertising its own IPv6 address as DNS server, allowing your clients to by-pass Pi-hole.

You'd have to find a way to configure your router to advertise your Pi-hole host machine's IPv6 as DNS server or to stop advertising its own.

You'd have to consult your router's documentation sources on further details for its IPv6 configuration options.

If your router doesn't support configuring IPv6 DNS, you could consider disabling IPv6 altogether.

If your router doesn't support that either, your IPv6-capable clients will always be able to bypass Pi-hole via IPv6.

Seems like it's not gonna happen with this ISP provided router then. Thanks for all the help anyway though!

One last question, if I may. Would getting a Raspberry Pi and installing Pi-Hole onto that make any difference?

Not for that specific issue of your router advertising its own IPv6 as DNS server.
That has to be sorted by configuring the router.

Depending on your knowledge, it may be easier to handle a bare metal Pi-hole at first.

Docker has quite a few extra knobs and gears that may get quite overwhelming to deal with when you are new to it.
To add to that, not all Dockers are alike - Docker for Windows comes with a rather restricted set of functionality when compared to a proper Linux Docker installation.

Personally, I think an RPi would give you an altogether better experience, also from a Docker perspective. But your preferences may differ.

I'm late to the party but I had the same issue when using Chrome. Default Chrome settings bypass pi-hole because secure DNS is enabled. Disable secure DNS in Chrome. Secure DNS may be enabled in other places as well. Android for instance may be using it.

I'm really late to the party but I noticed in your router screenshot. Your router DHCP server appears set to ON.

This needs to be OFF. By being set to ON it means your router is acting as the DHCP instead of the Pihole. At least, this is how it works on Pihole with Raspberry Pi. I assume it should operate the same in a docker instance like a virtual machine. The Pihole becomes the defacto DHCP and assigns the local IP and this how it performs the block of spam to the LAN addresses.

Screenshot_20240129-1329431344×2992 179 KB

For example here is my router settings

Screenshot_20240129-1333491344×2080 359 KB