Please ensure that you are running the latest version of the beta code.
Pi-hole version is v4.3.2-391-ge0b3405 (Latest: v4.3.2)
AdminLTE version is v4.3.2-360-g88da85f5 (Latest: v4.3.2)
FTL version is vDev-9889501 (Latest: v4.3.1)
Problem with Beta 5.0:
Can someone please explain what happens here? Is there a difference in blocking A and AAAA requests? That's the only difference I can see now.
I understand your eagerness to be on the absolute bleeding edge but please do not derail topics. It's hard enough to answer all the support questions without having to weed through what is part of the question and what is extra noise.
When I put the CNAME domain (u2.shared.global.fastly.net) on the whitelist there is a different result. Did that at 14:16:43.
Edit: Removing CNAME from withelist again gives result as screenshot in first post.
@Arno We collected enough details in the other thread you referenced above to believe that it is really the same cause. It is a caching issue inside FTL where special whitelisting rules were not applied as they were meant to be. I proposed a fix which you could try with
[i] No results found for brave-browser-apt-release.s3.brave.com within the block lists
it looks like you haven't whitelisted brave-browser-apt-release.s3.brave.com. Is the issue here that the AAAA request is allowed (i.e. are both requests supposed to be blocked)?
Correct. For me the expected result now is the above domain is not blocked (see pihole -q).
What I don't understand is the difference for IPv4/IPv6.
That I blocked the CNAME domain is out of scope of this topic.
I still block it to keep my test the same as when I started the topic.
Well if you blocked the CNAME domain, then brave-browser-apt-release.s3.brave.com should be blocked as well due to deep CNAME inspection unless you whitelist it specifically, no?
But yes, the difference between IPv4/IPv6 confuses me too (and I know that's the bug you're addressing), but I was confused on whether the intended behavior was that both the IPv4/IPv6 were supposed to be allowed or blocked. Unless I'm mistaken, if you blocked the CNAME domain then they should both be blocked, and the IPv6 request is incorrectly allowed?
If that's the case I was thinking it's actually sort of the opposite of my issue where a domain is erroneously allowed.
The IPv4 request is incorectly blocked imo.
Expected result for me with my configuration:
brave-browser-apt-release.s3.brave.com IPv4 and IPv6 allowed. (because it is not on any list)
u2.shared.global.fastly.net (next in chain) IPv4 and IPv6 blocked (as expected because it is blocked by regex. Fix, by design, is to whitelist domain)
pihole checkout ftl release/v5.0
...
Have you read and understood this? [y/N] y
[✓] Branch release/v5.0 exists
[✓] Downloading and Installing FTL
[✓] Restarting pihole-FTL service...
[✓] Enabling pihole-FTL service to start on reboot...
pihole version
Pi-hole version is v4.3.2-391-ge0b3405 (Latest: v4.3.2)
AdminLTE version is v4.3.2-360-g88da85f5 (Latest: v4.3.2)
FTL version is vDev-9a5a941 (Latest: v4.3.1)
How do I request them in reverse order? Is dig -6/dig -4 a good test?.
Before I did apt-get update on the client.