I set-up a pi-hole as DHCP server, due to unstopable dns in supplier router (KPN experia box, netherlands) (Routers dhcp = off) Normal add blocking behavior, but adds are still visible.
I see some action in the log, but no adds blocked on webpages.
Please note i'm a beginner in network/linux.
Thanks a lot in advance!
There could be several reasons why you are still seeing ads while you are browsing.
A few things to check:
Make sure your clients are using the Pi-hole IP (as the sole DNS) server.
If your network is set for IPV6 IPs then make sure that the clients use the IPV6 IP of the Pi-hole and not the router (or anything else).
If you don't care about IPV6, you can disable it front he router all the way but keep in mind that if you do that, if a website has an IPV6 address only, you won't be able to access it.
See if analyzing/fixing these issues, resolves your problem.
Thanks for your reply.
I checked IPCONFIG /ALL
It states an another DNS IP 192.168.1.7 than the IP of the PI-HOLE, which is 192.168.2.38.
How to correct this?
My routers DHCP is off, PI-Hole DHCP is on.
Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation. All rights reserved.
C:\Users\Laptop>ipconfig/all
It states an another DNS IP 192.168.1.7 than the IP of the PI-HOLE, which is 192.168.2.38
Windows IP Configuration
Host Name . . . . . . . . . . . . : Laptop-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : lan
Wireless LAN adapter Wireless Network Connection:
Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Intel(R) Centrino(R) Ultimate-N 6300 AGN
Physical Address. . . . . . . . . : 00-24-D7-52-E9-0C
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::11e3:751d:ec79:eb06%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.38(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, August 08, 2018 1:48:23 PM
Lease Expires . . . . . . . . . . : Thursday, August 09, 2018 1:48:24 PM
Default Gateway . . . . . . . . . : 192.168.2.254
DHCP Server . . . . . . . . . . . : 192.168.2.36
DHCPv6 IAID . . . . . . . . . . . : 436217047
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-9C-8E-12-88-AE-1D-B2-4E-B8
DNS Servers . . . . . . . . . . . : 192.168.1.7
8.8.8.8
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : home
Description . . . . . . . . . . . : Intel(R) 82577LM Gigabit Network Connecti
on
Physical Address. . . . . . . . . : *************
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.lan:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : lan
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.home:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
C:\Users\Laptop>
Log from pi-hole
This process collects information from your Pi-hole, and optionally uploads it to a unique and random directory on tricorder.pi-hole.net.
The intent of this script is to allow users to self-diagnose their installations. This is accomplished by running tests against our software and providing the user with links to FAQ articles when a problem is detected. Since we are a small team and Pi-hole has been growing steadily, it is our hope that this will help us spend more time on development.
NOTE: All log files auto-delete after 48 hours and ONLY the Pi-hole developers can access your data via the given token. We have taken these extra steps to secure your data and will work to further reduce any personal information gathered.
*** [ INITIALIZING ]
[i] 2018-08-08:11:58:21 debug log has been initialized.
*** [ INITIALIZING ] Sourcing setup variables
[i] Sourcing /etc/pihole/setupVars.conf...
*** [ DIAGNOSING ]: Core version
[i] Core: v4.0 (https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249)
[i] Branch: master
[i] Commit: v4.0-0-gddbdb51
*** [ DIAGNOSING ]: Web version
[i] Web: v4.0 (https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249)
[i] Branch: master
[i] Commit: v4.0-0-gaf8c926
*** [ DIAGNOSING ]: FTL version
[✓] FTL: vDev-5396fc9 (https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249)
*** [ DIAGNOSING ]: dnsmasq version
[i] 340:
*** [ DIAGNOSING ]: lighttpd version
[i] 1.4.45
*** [ DIAGNOSING ]: php version
[i] 7.0.30
*** [ DIAGNOSING ]: Operating system
[✓] Raspbian GNU/Linux 9 (stretch)
*** [ DIAGNOSING ]: SELinux
[i] SELinux not detected
*** [ DIAGNOSING ]: Processor
[✓] armv6l
*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the eth0 interface:
192.168.2.36/24 matches the IP found in /etc/pihole/setupVars.conf
[✓] IPv6 address(es) bound to the eth0 interface:
fe80::d2cf:41b6:dd40:9585 does not match the IP found in /etc/pihole/setupVars.conf (https://discourse.pi-hole.net/t/use-ipv6-ula-addresses-for-pi-hole/2127)
^ Please note that you may have more than one IP address listed.
As long as one of them is green, and it matches what is in /etc/pihole/setupVars.conf, there is no need for concern.
The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes, which is why we check for it.
[i] Default IPv4 gateway: 192.168.2.254
* Pinging 192.168.2.254...
[✓] Gateway responded.
*** [ DIAGNOSING ]: Ports in use
*:22 sshd (IPv4)
*:22 sshd (IPv6)
*:80 lighttpd (IPv4)
*:80 lighttpd (IPv6)
*:53 pihole-FTL (IPv4)
*:53 pihole-FTL (IPv6)
127.0.0.1:4711 pihole-FTL (IPv4)
[::1]:4711 pihole-FTL (IPv6)
*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] 208.185.87.14.liveadvert.com is 0.0.0.0 via localhost (127.0.0.1)
[✓] 208.185.87.14.liveadvert.com is 0.0.0.0 via Pi-hole (192.168.2.36)
[✓] doubleclick.com is 172.217.17.142 via a remote, public DNS server (8.8.8.8)
*** [ DIAGNOSING ]: Pi-hole processes
[✗] dnsmasq daemon is inactive
[✓] lighttpd daemon is active
[✓] pihole-FTL daemon is active
*** [ DIAGNOSING ]: Setup variables
PIHOLE_INTERFACE=eth0
IPV4_ADDRESS=192.168.2.36/24
IPV6_ADDRESS=
QUERY_LOGGING=true
INSTALL_WEB_SERVER=true
INSTALL_WEB_INTERFACE=true
LIGHTTPD_ENABLED=true
DHCP_ACTIVE=true
DHCP_START=192.168.2.1
DHCP_END=192.168.2.200
DHCP_ROUTER=192.168.2.254
DHCP_LEASETIME=24
PIHOLE_DOMAIN=lan
DHCP_IPv6=true
DNSMASQ_LISTENING=all
PIHOLE_DNS_1=8.8.8.8
PIHOLE_DNS_2=8.8.4.4
DNS_FQDN_REQUIRED=true
DNS_BOGUS_PRIV=true
DNSSEC=false
CONDITIONAL_FORWARDING=false
*** [ DIAGNOSING ]: Dashboard and block page
[✓] Block page X-Header: X-Pi-hole: A black hole for Internet advertisements.
[✓] Web interface X-Header: X-Pi-hole: The Pi-hole Web interface is working!
*** [ DIAGNOSING ]: Gravity list
-rw-r--r-- 1 root root 3039333 Aug 6 19:26 /etc/pihole/gravity.list
-----head of gravity.list------
0.0.0.0
0.r.msn.com
0.start.bz
000.0x1f4b0.com
-----tail of gravity.list------
zzz.clickbank.net
zzzezeroe.fr
zzzpooeaz-france.com
zzzrtrcm2.com
*** [ DIAGNOSING ]: contents of /etc/pihole
-rw-r--r-- 1 root root 381 Aug 5 19:01 /etc/pihole/adlists.list
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
https://mirror1.malwaredomains.com/files/justdomains
http://sysctl.org/cameleon/hosts
https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
https://hosts-file.net/ad_servers.txt
-rw-r--r-- 1 root root 46 Aug 6 19:26 /etc/pihole/local.list
192.168.2.36 raspberrypi
192.168.2.36 pi.hole
-rw-r--r-- 1 root root 234 Aug 5 19:09 /etc/pihole/logrotate
/var/log/pihole.log {
su root root
daily
copytruncate
rotate 5
compress
delaycompress
notifempty
nomail
}
/var/log/pihole-FTL.log {
su root root
weekly
copytruncate
rotate 3
compress
delaycompress
notifempty
nomail
}
*** [ DIAGNOSING ]: contents of /etc/dnsmasq.d
-rw-r--r-- 1 root root 1547 Aug 7 18:51 /etc/dnsmasq.d/01-pihole.conf
addn-hosts=/etc/pihole/gravity.list
addn-hosts=/etc/pihole/black.list
addn-hosts=/etc/pihole/local.list
localise-queries
no-resolv
cache-size=10000
log-queries=extra
log-facility=/var/log/pihole.log
local-ttl=2
log-async
server=8.8.8.8
server=8.8.4.4
domain-needed
bogus-priv
except-interface=nonexisting
-rw-r--r-- 1 root root 618 Aug 6 19:16 /etc/dnsmasq.d/02-pihole-dhcp.conf
dhcp-authoritative
dhcp-range=192.168.2.1,192.168.2.200,24h
dhcp-option=option:router,192.168.2.254
dhcp-leasefile=/etc/pihole/dhcp.leases
domain=lan
dhcp-option=option6:dns-server,[::]
dhcp-range=::100,::1ff,constructor:eth0,ra-names,slaac,24h
ra-param=*,0,0
*** [ DIAGNOSING ]: contents of /etc/lighttpd
-rw-r--r-- 1 root root 3027 Aug 5 19:09 /etc/lighttpd/lighttpd.conf
server.modules = (
"mod_access",
"mod_accesslog",
"mod_auth",
"mod_expire",
"mod_compress",
"mod_redirect",
"mod_setenv",
"mod_rewrite"
)
server.document-root = "/var/www/html"
server.error-handler-404 = "pihole/index.php"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
accesslog.filename = "/var/log/lighttpd/access.log"
accesslog.format = "%{%s}t|%V|%r|%s|%b"
index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny = ( "~", ".inc", ".md", ".yml", ".ini" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
include_shell "find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'letsencrypt.conf' -printf 'include \"%p\"
' 2>/dev/null"
$HTTP["url"] =~ "^/admin/" {
setenv.add-response-header = (
"X-Pi-hole" => "The Pi-hole Web interface is working!",
"X-Frame-Options" => "DENY"
)
$HTTP["url"] =~ ".ttf$" {
setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
}
}
$HTTP["url"] =~ "^/admin/\.(.*)" {
url.access-deny = ("")
}
include_shell "cat external.conf 2>/dev/null"
*** [ DIAGNOSING ]: contents of /etc/cron.d
-rw-r--r-- 1 root root 1496 Aug 5 19:09 /etc/cron.d/pihole
46 4 * * 7 root PATH="$PATH:/usr/local/bin/" pihole updateGravity
00 00 * * * root PATH="$PATH:/usr/local/bin/" pihole flush once quiet
@reboot root /usr/sbin/logrotate /etc/pihole/logrotate
*/10 * * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker local
37 13 * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker remote
@reboot root PATH="$PATH:/usr/local/bin/" pihole updatechecker remote reboot
*** [ DIAGNOSING ]: contents of /var/log/lighttpd
-rw-r--r-- 1 www-data www-data 412 Aug 6 09:53 /var/log/lighttpd/error.log
2018-08-05 19:04:06: (log.c.217) server started
2018-08-05 19:10:52: (server.c.1828) server stopped by UID = 0 PID = 1
2018-08-05 19:10:54: (log.c.217) server started
2018-08-05 19:13:24: (server.c.1828) server stopped by UID = 0 PID = 1
2018-08-05 19:14:03: (log.c.217) server started
2018-08-06 09:53:05: (server.c.1828) server stopped by UID = 0 PID = 1
2018-08-06 09:53:34: (log.c.217) server started
*** [ DIAGNOSING ]: contents of /var/log
-rw-r--r-- 1 pihole pihole 82 Aug 8 04:00 /var/log/pihole-FTL.log
-----head of pihole-FTL.log------
[2018-08-08 04:00:04.193] Notice: Increasing overTime struct size from 200 to 300
-----tail of pihole-FTL.log------
[2018-08-08 04:00:04.193] Notice: Increasing overTime struct size from 200 to 300
*** [ DIAGNOSING ]: Locale
LANG=
*** [ DIAGNOSING ]: Pi-hole log
-rw-r--r-- 1 pihole pihole 3905638 Aug 8 11:58 /var/log/pihole.log
-----head of pihole.log------
Aug 8 00:00:05 dnsmasq[15060]: 6037 192.168.2.35/25148 query[A] reports.crashlytics.com from 192.168.2.35
Aug 8 00:00:05 dnsmasq[15060]: 6037 192.168.2.35/25148 /etc/pihole/gravity.list reports.crashlytics.com is 0.0.0.0
Aug 8 00:00:06 dnsmasq[15060]: 6038 192.168.2.39/55973 query[A] developer.asustor.com from 192.168.2.39
Aug 8 00:00:06 dnsmasq[15060]: 6038 192.168.2.39/55973 cached developer.asustor.com is 107.21.242.130
Aug 8 00:00:06 dnsmasq[15060]: 6039 192.168.2.39/55973 query[AAAA] developer.asustor.com from 192.168.2.39
Aug 8 00:00:06 dnsmasq[15060]: 6039 192.168.2.39/55973 cached developer.asustor.com is NODATA-IPv6
Aug 8 00:00:22 dnsmasq[15060]: 6040 192.168.2.39/56998 query[A] developer.asustor.com from 192.168.2.39
Aug 8 00:00:22 dnsmasq[15060]: 6040 192.168.2.39/56998 cached developer.asustor.com is 107.21.242.130
Aug 8 00:00:22 dnsmasq[15060]: 6041 192.168.2.39/56998 query[AAAA] developer.asustor.com from 192.168.2.39
Aug 8 00:00:22 dnsmasq[15060]: 6041 192.168.2.39/56998 cached developer.asustor.com is NODATA-IPv6
Aug 8 00:00:36 dnsmasq[15060]: 6042 192.168.2.35/10743 query[A] graph.instagram.com from 192.168.2.35
Aug 8 00:00:36 dnsmasq[15060]: 6042 192.168.2.35/10743 /etc/pihole/gravity.list graph.instagram.com is 0.0.0.0
Aug 8 00:00:38 dnsmasq[15060]: 6043 192.168.2.39/38143 query[A] developer.asustor.com from 192.168.2.39
Aug 8 00:00:38 dnsmasq[15060]: 6043 192.168.2.39/38143 cached developer.asustor.com is 107.21.242.130
Aug 8 00:00:38 dnsmasq[15060]: 6044 192.168.2.39/38143 query[AAAA] developer.asustor.com from 192.168.2.39
Aug 8 00:00:38 dnsmasq[15060]: 6044 192.168.2.39/38143 cached developer.asustor.com is NODATA-IPv6
Aug 8 00:00:55 dnsmasq[15060]: 6045 192.168.2.39/43712 query[A] developer.asustor.com from 192.168.2.39
Aug 8 00:00:55 dnsmasq[15060]: 6045 192.168.2.39/43712 forwarded developer.asustor.com to 8.8.4.4
Aug 8 00:00:55 dnsmasq[15060]: 6045 192.168.2.39/43712 forwarded developer.asustor.com to 8.8.8.8
Aug 8 00:00:55 dnsmasq[15060]: 6046 192.168.2.39/43712 query[AAAA] developer.asustor.com from 192.168.2.39
********************************************
********************************************
[✓] ** FINISHED DEBUGGING! **
* The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only.
* For more information, see: https://pi-hole.net/2016/11/07/crack-our-medical-tricorder-win-a-raspberry-pi-3/
* If available, we'll use openssl to upload the log, otherwise it will fall back to netcat.
[i] Debug script running in automated mode
* Using openssl for transmission.
***********************************
***********************************
[✓] Your debug token is: x76c3dio1n
***********************************
***********************************Your DNS servers are specified manually in your IPV4 properties for that Wireless network card.
With the current settings, your DNS request goes to the (assuming) non working IP (192.168.1.7), that one fails to prove resolution and the request fails over to Google's DNS (8.8.8.8), and you have no ads blocked because, no requests are instructed to be resolved by the Pi-hole DNS.
You need to edit the DNS settings for the network card and either set it to automatic, or correct the IP and remove the Google one.
Here's why (as stated above also) you should use Pi-hole as your sole DNS:
The Pi-hole IP (based on the diagnostic you shared) is 192.168.2.36 not .38 (that's the IP of the Laptop).
Thanks for the support.
Checking every option in the chain i see that my internet company supplied router pushes his DNS in between. I can't figure out how to bypass this w/o buying my one.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.