Pihole not working after installation. PHP error (2): fsockopen(): unable to connect

astrapia · April 27, 2022, 5:52pm

Hi, I'm new to Pi-hole so I apologize if this is a basic issue, but I haven't been able to find a solution by googling or searching through help/FAQ.

Expected Behaviour:
Active connection to internet with adblocking

Actual Behaviour:

In the settings tab, the dashboard reads this message:

PHP error (2): fsockopen(): unable to connect to 127.0.0.1:4711 (Connection refused) in /var/www/html/admin/scripts/pi-hole/php/FTL.php:43

and shows that FTL service is offline

When going to the blacklist tab on the dashboard, I get this message:

DataTables warning: table id=domainsTable - Ajax error. For more information about this error, please see http://datatables.net/tn/

Debug Token:

It will not produce a url for a debug token, which I assume is because it is not connecting properly. But these are the things that show up as unresolved in the debug log.

*** [ DIAGNOSING ]: Ports in use
    udp:0.0.0.0:5353 is in use by avahi-daemon
    udp:0.0.0.0:68 is in use by dhcpcd
    udp:0.0.0.0:36700 is in use by avahi-daemon
    udp:0.0.0.0:631 is in use by cups-browsed
    udp:*:5353 is in use by avahi-daemon
    udp:*:546 is in use by dhcpcd
    udp:*:56868 is in use by avahi-daemon
[✓] tcp:0.0.0.0:80 is in use by lighttpd
    tcp:0.0.0.0:22 is in use by sshd
    tcp:127.0.0.1:631 is in use by cupsd
[✓] tcp:[::]:80 is in use by lighttpd
    tcp:[::]:22 is in use by sshd
    tcp:[::1]:631 is in use by cupsd

*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✗] Failed to resolve api.luckyorange.com on lo (127.0.0.1)
[✗] Failed to resolve api.luckyorange.com on wlan0 (static pi address)
[✓] doubleclick.com is 64.233.177.100 via a remote, public DNS server (8.8.8.8)

*** [ DIAGNOSING ]: Name resolution (IPv6) using a random blocked domain and a known ad-serving domain
[✗] Failed to resolve cms.ads.nrc.adhese.com on lo (::1)
[✗] Failed to resolve cms.ads.nrc.adhese.com on wlan0 (router address)
[✗] Failed to resolve cms.ads.nrc.adhese.com on wlan0 (fe80::7013:ebf2:1a9a:63b)
[✓] doubleclick.com is 2607:f8b0:4002:806::200e via a remote, public DNS server (2001:4860:4860::8888)

*** [ DIAGNOSING ]: Discovering active DHCP servers (takes 10 seconds)
   Scanning all your interfaces for DHCP servers
   Timeout: 10 seconds
   
   * Received 548 bytes from wlan0:192.168.0.1
     Offered IP address: 192.168.0.13
     Server IP address: 192.168.0.1
     Relay-agent IP address: N/A
     BOOTP server: (empty)
     BOOTP file: (empty)
     DHCP options:
      Message type: DHCPOFFER (2)
      server-identifier: 192.168.0.1
      lease-time: 3600 ( 1h )
      netmask: 255.255.255.0
      router: 192.168.0.1
      dns-server: 68.105.28.11
      dns-server: 68.105.29.11
      dns-server: 68.105.28.12
      --- end of options ---
    
   DHCP packets received on interface lo: 0
   DHCP packets received on interface wlan0: 1

*** [ DIAGNOSING ]: Pi-hole processes
[✓] lighttpd daemon is active
[✓] pihole-FTL daemon is active

*** [ DIAGNOSING ]: Pi-hole-FTL full status
   ● pihole-FTL.service - LSB: pihole-FTL daemon
     Loaded: loaded (/etc/init.d/pihole-FTL; generated)
     Active: active (exited) since Wed 2022-04-27 18:13:40 BST; 16min ago
       Docs: man:systemd-sysv-generator(8)
    Process: 28960 ExecStart=/etc/init.d/pihole-FTL start (code=exited, status=0/SUCCESS)
        CPU: 245ms

Apr 27 18:13:36 raspberrypi systemd[1]: Starting LSB: pihole-FTL daemon...
Apr 27 18:13:36 raspberrypi pihole-FTL[28960]: Not running
Apr 27 18:13:36 raspberrypi su[28970]: (to pihole) root on none
Apr 27 18:13:36 raspberrypi su[28970]: pam_unix(su:session): session opened for user pihole(uid=999) by (uid=0)
Apr 27 18:13:40 raspberrypi systemd[1]: Started LSB: pihole-FTL daemon.

*** [ DIAGNOSING ]: Setup variables
    BLOCKING_ENABLED=true
    ADMIN_EMAIL=
    WEBUIBOXEDLAYOUT=boxed
    WEBTHEME=default-dark
    PIHOLE_INTERFACE=wlan0
    IPV4_ADDRESS= (static address of pi)
    IPV6_ADDRESS= (router address)
    PIHOLE_DNS_1=8.8.8.8
    PIHOLE_DNS_2=8.8.4.4
    QUERY_LOGGING=true
    INSTALL_WEB_SERVER=true
    INSTALL_WEB_INTERFACE=true
    LIGHTTPD_ENABLED=true
    CACHE_SIZE=10000
    DNS_FQDN_REQUIRED=true
    DNS_BOGUS_PRIV=true
    DNSMASQ_LISTENING=local

*** [ DIAGNOSING ]: Dashboard and block page
[✗] Block page X-Header: X-Header does not match or could not be retrieved.
HTTP/1.1 200 OK
Content-type: text/html; charset=UTF-8
Expires: Wed, 27 Apr 2022 17:29:43 GMT
Cache-Control: max-age=0
Date: Wed, 27 Apr 2022 17:29:43 GMT
Server: lighttpd/1.4.59

sally · April 27, 2022, 7:06pm

Hi @astrapia,

I am not an expert at troubleshooting but maybe I can try.
I am wondering what is your setup, I see you are running a some kind of Raspberry Pi.
Are you running any other services besides Pihole on that Raspberry Pi?

I assume you are behind a firewall, and using COX DNS? Any firewall or Intrusion Prevention rules could block that port 4711 ?

astrapia · April 28, 2022, 12:44am

Hi sally,

thank you so much for your help. Cox is my service provider. I have an Arris Router that has default settings for security. Firewall enabled, ping blocking, a few pass through settings enabled and DoS attack protection.

Bucking_Horn · April 28, 2022, 7:59pm

Run on your Pi-hole host machine, what's the output of:

pihole-FTL dnsmasq-test

As the machine that your Pi-hole is running on seems to have no DNS connectivity, you should probably start by checking that machine's firewall for Pi-hole's required ports.

And as pihole-FTL is not shown as listening on port 53, it may also be possible that another DNS resolver on your system conflicts with Pi-hole.
What OS are you running your Pi-hole on?

astrapia · May 2, 2022, 5:21pm

It comes back with

syntax check OK.

I am running it on raspbian

PRETTY_NAME="Raspbian GNU/Linux 11 (bullseye)"
NAME="Raspbian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=raspbian
ID_LIKE=debian
HOME_URL="http://www.raspbian.org/"
SUPPORT_URL="http://www.raspbian.org/RaspbianForums"
BUG_REPORT_URL="http://www.raspbian.org/RaspbianBugs"

sally · May 2, 2022, 8:10pm

Does your Raspberry Pi have any other servers running that could conflict with Pihole using port 53?

Another thing I know is that the Arris cable modem/routers that are rented out by ISP these days are locked-down, and don't let you customize DNS server.

I wonder if these ISP routers started to force DNS from ISP providers only, meaning any traffic directed to port 53 has to go to a ISP DNS or will be dropped? Just a thought.

Hope someone else will chime in.

Bucking_Horn · May 3, 2022, 6:17am

Your pihole-FTL configuration comes back as syntactically correct, and your OS wouldn't come with a stub resolver by default.

Run on your Pi-hole host machine, what's the result of the following commands:

dig +short @127.0.0.1 chaos txt version.bind

nslookup flurry.com (static address of pi)

astrapia · May 3, 2022, 3:15pm

pi@raspberrypi:~ $ dig +short @127.0.0.1 chaos txt version.bind
;; connection timed out; no servers could be reached

nslookup flurry.com (static address of pi)
;; connection timed out; no servers could be reached

astrapia · May 3, 2022, 3:20pm

Not that I know of. Would there be another way to check?

I own the modem/router. I initially had a rental but replaced it when I realized it would be an issue. Wish I'd done it a long time ago anyway.

Bucking_Horn · May 4, 2022, 5:10am

Those lookups couldn't reach a DNS server, so either Pi-hole's DNS server wasn't started (unlikely, as it was shown to be running by your previous logs), or the firewall on the Pi-hole host machine is still not allowing required ports.

system · May 25, 2022, 5:10am

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.