Hi everyone,
Here's a gist of my setup:
- I am running Pihole and Unbound together through docker-compose.
- All of this used to work properly until yesterday.
What's happening right now:
- Pihole is working fine and it says ad-blocking is enabled.
root@4a75d618cd43:/var/log# pihole status
[✓] FTL is listening on port 53
[✓] UDP (IPv4)
[✓] TCP (IPv4)
[✓] UDP (IPv6)
[✓] TCP (IPv6)
[✓] Pi-hole blocking is enabled
- When I go to settings -> "search adlists", I see
google-analytics.com
multiple times. (I am usinggoogle-analytics.com
as an example and this test proves that my adlists have the said domain.)
Match found in https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts:
google-analytics.com
ssl.google-analytics.com
www.google-analytics.com
Match found in https://blocklistproject.github.io/Lists/ads.txt:
google-analytics.com
s-s.www.google-analytics.com.prx.proxywebsite.co.uk
ssl.google-analytics.com
www.google-analytics.com
www.google-analytics.com.domain.name
www.google-analytics.com.prx.proxywebsite.co.uk
Match found in https://blocklistproject.github.io/Lists/tracking.txt:
google-analytics.com
- When I do a
dig google-analytics.com 192.168.1.xyz
ordnslookup google-analytics.com 192.168.1.xyz:53
ordnslookup google-analytics.com 192.168.1.xyz
, the DNS request successfully hits Pihole but it does NOT block it. Here is the log:
Nov 30 18:20:24 dnsmasq[1026]: query[A] google-analytics.com from 192.168.1.3
Nov 30 18:20:24 dnsmasq[1026]: forwarded google-analytics.com to 10.10.10.3
Nov 30 18:20:24 dnsmasq[1026]: validation result is INSECURE
Nov 30 18:20:24 dnsmasq[1026]: reply google-analytics.com is 172.217.14.196
So, my question is: why is Pihole letting the request through even though the domain is present in the ad-lists? And all of this used to work until yesterday!
Already tried but didn't help:
- Restarting containers, throwing/re-creating containers throwing/re-creating the docker volumes. Nothing has worked so far.
- Disabling IPv6 on my router.
Appreciate any help I can get on the matter.
Debug token: https://tricorder.pi-hole.net/wsdGs6N7/