Hi everyone,
I am a linux n00b but I want to use Pihole in combination with OpenVPN to add VPN functionality to my home network, I have done the following:
Using the Pi Hole+ 4.0 documentation in this order:
- Pi-hole and OpenVPN Server
- Installation
- Installed PiHole
- Firewall Configuration
- Optional: Dual operation: LAN & VPN at the same time
- Configuring DNS-Over-HTTPS on Pi-hole
Problem is I presume OpenVPN is listening on 10.8.0.1 but I cant set my router to forward the port to that IP address as its out of range?
Please follow the below template, it will help us to help you!
Expected Behaviour:
A way to forward 10.0.0.5:194 to 10.8.0.1:194
Actual Behaviour:
I have no idea what I am doing.
Debug Token:
This process collects information from your Pi-hole, and optionally uploads it t o a unique and random directory on tricorder.pi-hole.net.
The intent of this script is to allow users to self-diagnose their installations . This is accomplished by running tests against our software and providing the user with links to FAQ articles when a problem is detected. Since we are a smal l team and Pi-hole has been growing steadily, it is our hope that this will help us spend more time on development.
NOTE: All log files auto-delete after 48 hours and ONLY the Pi-hole developers c an access your data via the given token. We have taken these extra steps to secu re your data and will work to further reduce any personal information gathered.
*** [ INITIALIZING ]
[i] 2018-08-04:13:35:38 debug log has been initialized.
*** [ INITIALIZING ] Sourcing setup variables
[i] Sourcing /etc/pihole/setupVars.conf...
*** [ DIAGNOSING ]: Core version
[i] Core: v3.3 (https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249)
[i] Branch: FTLDNS (https://discourse.pi-hole.net/t/the-pihole-command-with-exam ples/738#checkout)
[i] Commit: v3.3-414-g169a428
*** [ DIAGNOSING ]: Web version
[i] Web: v3.2.1 (https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/249)
[i] Branch: FTLDNS (https://discourse.pi-hole.net/t/the-pihole-command-with-exam ples/738#checkout)
[i] Commit: v3.2.1-303-g8c7521f3
*** [ DIAGNOSING ]: FTL version
[✓] FTL: vDev-3e40158 (https://discourse.pi-hole.net/t/how-do-i-update-pi-hole/2 49)
*** [ DIAGNOSING ]: dnsmasq version
[i] 2.76
*** [ DIAGNOSING ]: lighttpd version
[i] 1.4.45
*** [ DIAGNOSING ]: php version
[i] 7.0.30
*** [ DIAGNOSING ]: Operating system
[✓] Debian GNU/Linux 9 (stretch)
*** [ DIAGNOSING ]: SELinux
[i] SELinux not detected
*** [ DIAGNOSING ]: Processor
[✓] armv7l
*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the eth0 interface:
10.0.0.5/24 matches the IP found in /etc/pihole/setupVars.conf
[✓] IPv6 address(es) bound to the eth0 interface:
fe80::42:eeff:fef1:f313 does not match the IP found in /etc/pihole/setupVars. conf (https://discourse.pi-hole.net/t/use-ipv6-ula-addresses-for-pi-hole/2127)
^ Please note that you may have more than one IP address listed.
As long as one of them is green, and it matches what is in /etc/pihole/setupV ars.conf, there is no need for concern.
The link to the FAQ is for an issue that sometimes occurs when the IPv6 addre ss changes, which is why we check for it.
[i] Default IPv4 gateway: 10.0.0.86
* Pinging 10.0.0.86...
[✓] Gateway responded.
*** [ DIAGNOSING ]: Ports in use
*:22 sshd (IPv4)
*:22 sshd (IPv6)
127.0.0.1:5353 unbound (IPv4)
127.0.0.1:8953 unbound (IPv4)
*:53 pihole-FTL (IPv4)
*:53 pihole-FTL (IPv6)
127.0.0.1:4711 pihole-FTL (IPv4)
[::1]:4711 pihole-FTL (IPv6)
*:80 lighttpd (IPv4)
*:80 lighttpd (IPv6)
*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a k nown ad-serving domain
[✓] view.atdmt.com.77622.9661.302br.net is 0.0.0.0 via localhost (127.0.0.1)
[✓] view.atdmt.com.77622.9661.302br.net is 0.0.0.0 via Pi-hole (10.0.0.5)
[✓] doubleclick.com is 216.58.223.46 via a remote, public DNS server (8.8.8.8)
*** [ DIAGNOSING ]: Pi-hole processes
[✗] dnsmasq daemon is inactive
[✓] lighttpd daemon is active
[✓] pihole-FTL daemon is active
*** [ DIAGNOSING ]: Setup variables
PIHOLE_INTERFACE=eth0
IPV4_ADDRESS=10.0.0.5/24
IPV6_ADDRESS=
QUERY_LOGGING=true
INSTALL_WEB_SERVER=true
INSTALL_WEB_INTERFACE=true
LIGHTTPD_ENABLED=true
DNSMASQ_LISTENING=all
PIHOLE_DNS_1=127.0.0.1#5353
DNS_FQDN_REQUIRED=false
DNS_BOGUS_PRIV=false
DNSSEC=false
CONDITIONAL_FORWARDING=false
*** [ DIAGNOSING ]: Dashboard and block page
[✓] Block page X-Header: X-Pi-hole: A black hole for Internet advertisements.
[✓] Web interface X-Header: X-Pi-hole: The Pi-hole Web interface is working!
*** [ DIAGNOSING ]: Gravity list
-rw-r--r-- 1 root root 3039333 Aug 4 12:44 /etc/pihole/gravity.list
-----head of gravity.list------
0.0.0.0
0.r.msn.com
0.start.bz
000.0x1f4b0.com
-----tail of gravity.list------
zzz.clickbank.net
zzzezeroe.fr
zzzpooeaz-france.com
zzzrtrcm2.com
*** [ DIAGNOSING ]: contents of /etc/pihole
-rw-r--r-- 1 root root 633 Aug 4 12:23 /etc/pihole/adlists.list
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
https://mirror1.malwaredomains.com/files/justdomains
http://sysctl.org/cameleon/hosts
https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
https://hosts-file.net/ad_servers.txt
-rw-r--r-- 1 root root 39 Aug 4 12:44 /etc/pihole/local.list
10.0.0.5 orangepizero
10.0.0.5 pi.hole
-rw-r--r-- 1 root root 234 Aug 4 12:43 /etc/pihole/logrotate
/var/log/pihole.log {
su root root
daily
copytruncate
rotate 5
compress
delaycompress
notifempty
nomail
}
/var/log/pihole-FTL.log {
su root root
weekly
copytruncate
rotate 3
compress
delaycompress
notifempty
nomail
}
*** [ DIAGNOSING ]: contents of /etc/dnsmasq.d
-rw-r--r-- 1 root root 1514 Aug 4 12:50 /etc/dnsmasq.d/01-pihole.conf
addn-hosts=/etc/pihole/gravity.list
addn-hosts=/etc/pihole/black.list
addn-hosts=/etc/pihole/local.list
localise-queries
no-resolv
cache-size=10000
log-queries=extra
log-facility=/var/log/pihole.log
local-ttl=2
log-async
server=127.0.0.1
except-interface=nonexisting
*** [ DIAGNOSING ]: contents of /etc/lighttpd
-rw-r--r-- 1 root root 3027 Aug 4 12:43 /etc/lighttpd/lighttpd.conf
server.modules = (
"mod_access",
"mod_accesslog",
"mod_auth",
"mod_expire",
"mod_compress",
"mod_redirect",
"mod_setenv",
"mod_rewrite"
)
server.document-root = "/var/www/html"
server.error-handler-404 = "pihole/index.php"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
accesslog.filename = "/var/log/lighttpd/access.log"
accesslog.format = "%{%s}t|%V|%r|%s|%b"
index-file.names = ( "index.php", "index.html", "index.lighttpd.ht ml" )
url.access-deny = ( "~", ".inc", ".md", ".yml", ".ini" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "application/javascript", "text/css", "text/h tml", "text/plain" )
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
include_shell "find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'let sencrypt.conf' -printf 'include \"%p\"
' 2>/dev/null"
$HTTP["url"] =~ "^/admin/" {
setenv.add-response-header = (
"X-Pi-hole" => "The Pi-hole Web interface is working!",
"X-Frame-Options" => "DENY"
)
$HTTP["url"] =~ ".ttf$" {
setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
}
}
$HTTP["url"] =~ "^/admin/\.(.*)" {
url.access-deny = ("")
}
include_shell "cat external.conf 2>/dev/null"
*** [ DIAGNOSING ]: contents of /etc/cron.d
-rw-r--r-- 1 root root 1496 Aug 4 12:43 /etc/cron.d/pihole
32 4 * * 7 root PATH="$PATH:/usr/local/bin/" pihole updateGravity
00 00 * * * root PATH="$PATH:/usr/local/bin/" pihole flush once quiet
@reboot root /usr/sbin/logrotate /etc/pihole/logrotate
*/10 * * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker loc al
46 16 * * * root PATH="$PATH:/usr/local/bin/" pihole updatechecker remo te
@reboot root PATH="$PATH:/usr/local/bin/" pihole updatechecker remote rebo ot
*** [ DIAGNOSING ]: contents of /var/log/lighttpd
-rw-r--r-- 1 www-data www-data 533 Aug 4 12:59 /var/log/lighttpd/error.log
2018-08-04 12:21:27: (log.c.217) server started
2018-08-04 12:22:55: (server.c.1828) server stopped by UID = 0 PID = 1
2018-08-04 12:22:56: (log.c.217) server started
2018-08-04 12:38:43: (server.c.1828) server stopped by UID = 0 PID = 1
2018-08-04 12:39:12: (log.c.217) server started
2018-08-04 12:44:06: (server.c.1828) server stopped by UID = 0 PID = 1
2018-08-04 12:44:07: (log.c.217) server started
2018-08-04 12:59:31: (server.c.1828) server stopped by UID = 0 PID = 1
2018-08-04 12:59:46: (log.c.217) server started
*** [ DIAGNOSING ]: contents of /var/log
-rw-r--r-- 1 pihole pihole 19542 Aug 4 12:59 /var/log/pihole-FTL.log
-----head of pihole-FTL.log------
[2018-08-04 12:23:00.215] ########## FTL started! ##########
[2018-08-04 12:23:00.215] FTL branch: v3.0
[2018-08-04 12:23:00.215] FTL version: v3.0
[2018-08-04 12:23:00.215] FTL commit: a1b2fa03f8f3e3713b57a26a4e9a062fec0573d 7
[2018-08-04 12:23:00.215] FTL date: 2018-02-14 12:45:47 -0800
[2018-08-04 12:23:00.216] FTL user: pihole
[2018-08-04 12:23:00.216] Notice: Found no readable FTL config file
[2018-08-04 12:23:00.216] Using default settings
[2018-08-04 12:23:00.216] Starting config file parsing (/etc/pihole/pihole-FT L.conf)
[2018-08-04 12:23:00.216] SOCKET_LISTENING: only local
[2018-08-04 12:23:00.216] QUERY_DISPLAY: Show queries
[2018-08-04 12:23:00.216] AAAA_QUERY_ANALYSIS: Show AAAA queries
[2018-08-04 12:23:00.216] MAXDBDAYS: max age for stored queries is 365 day s
[2018-08-04 12:23:00.216] RESOLVE_IPV6: Resolve IPv6 addresses
[2018-08-04 12:23:00.216] RESOLVE_IPV4: Resolve IPv4 addresses
[2018-08-04 12:23:00.216] DBINTERVAL: saving to DB file every minute
[2018-08-04 12:23:00.216] DBFILE: Using /etc/pihole/pihole-FTL.db
[2018-08-04 12:23:00.216] MAXLOGAGE: Importing up to 24.0 hours of log dat a
[2018-08-04 12:23:00.216] Finished config file parsing
[2018-08-04 12:23:00.222] Found no other running pihole-FTL process
[2018-08-04 12:23:00.224] PID of FTL process: 22591
[2018-08-04 12:23:00.225] Error: failed to read /etc/pihole/list.preEventHori zon
[2018-08-04 12:23:00.225] Gravity list entries: -1
[2018-08-04 12:23:00.225] No blacklist present
[2018-08-04 12:23:00.225] No wildcard blocking list present
[2018-08-04 12:23:00.226] db_init() - Cannot open database (14): unable to op en database file
[2018-08-04 12:23:00.226] Creating new (empty) database
[2018-08-04 12:23:00.428] Database initialized
[2018-08-04 12:23:00.429] Imported 0 queries from the long-term database
[2018-08-04 12:23:00.430] Starting initial log file parsing
[2018-08-04 12:23:00.430] Reading from /var/log/pihole.log (rw-r--r--)
[2018-08-04 12:23:00.430] Finished initial log file parsing
[2018-08-04 12:23:00.431] -> Total DNS queries: 0
[2018-08-04 12:23:00.431] -> Cached DNS queries: 0
[2018-08-04 12:23:00.431] -> Forwarded DNS queries: 0
-----tail of pihole-FTL.log------
[2018-08-04 12:59:45.413] MAXLOGAGE: Importing up to 24.0 hours of log dat a
[2018-08-04 12:59:45.413] PRIVACYLEVEL: Set to 0
[2018-08-04 12:59:45.413] IGNORE_LOCALHOST: Show queries from localhost
[2018-08-04 12:59:45.413] BLOCKINGMODE: Null IPs for blocked domains
[2018-08-04 12:59:45.413] REGEX_DEBUGMODE: Inactive
[2018-08-04 12:59:45.413] Finished config file parsing
[2018-08-04 12:59:45.413] INFO: No whitelist file found
[2018-08-04 12:59:45.413] Compiled 0 Regex filters and -1 whitelisted domains in 0.3 msec (0 errors)
[2018-08-04 12:59:45.692] Database successfully initialized
[2018-08-04 12:59:45.711] Notice: Increasing queries struct size from 0 to 10 000
[2018-08-04 12:59:45.712] Notice: Increasing domains struct size from 0 to 10 00
[2018-08-04 12:59:45.712] Notice: Increasing clients struct size from 0 to 10
[2018-08-04 12:59:45.712] New forward server: 8.8.4.4 (0/0)
[2018-08-04 12:59:45.712] Notice: Increasing forwarded struct size from 0 to 4
[2018-08-04 12:59:45.712] Notice: Increasing overTime struct size from 0 to 1 00
[2018-08-04 12:59:45.712] New forward server: 8.8.8.8 (1/4)
[2018-08-04 12:59:45.713] New forward server: 127.0.0.1 (2/4)
[2018-08-04 12:59:45.715] Imported 366 queries from the long-term database
[2018-08-04 12:59:45.715] -> Total DNS queries: 366
[2018-08-04 12:59:45.715] -> Cached DNS queries: 100
[2018-08-04 12:59:45.715] -> Forwarded DNS queries: 229
[2018-08-04 12:59:45.715] -> Exactly blocked DNS queries: 37
[2018-08-04 12:59:45.715] -> Unknown DNS queries: 0
[2018-08-04 12:59:45.715] -> Unique domains: 118
[2018-08-04 12:59:45.715] -> Unique clients: 2
[2018-08-04 12:59:45.715] -> Known forward destinations: 3
[2018-08-04 12:59:45.715] Successfully accessed setupVars.conf
[2018-08-04 12:59:45.843] PID of FTL process: 968
[2018-08-04 12:59:45.843] Listening on port 4711 for incoming IPv4 telnet con nections
[2018-08-04 12:59:45.844] Listening on port 4711 for incoming IPv6 telnet con nections
[2018-08-04 12:59:45.844] Listening on Unix socket
[2018-08-04 12:59:45.846] FATAL: Trying to free NULL pointer in free_whitelis t_domains() (regex.c:73)
[2018-08-04 12:59:45.846] INFO: No whitelist file found
[2018-08-04 12:59:45.846] Compiled 0 Regex filters and -1 whitelisted domains in 0.1 msec (0 errors)
[2018-08-04 12:59:47.323] /etc/pihole/gravity.list: parsed 133608 domains (to ok 1427.4 ms)
*** [ DIAGNOSING ]: Locale
LANG=en_US.UTF-8
*** [ DIAGNOSING ]: Pi-hole log
-rw-r--r-- 1 pihole pihole 335940 Aug 4 13:36 /var/log/pihole.log
-----head of pihole.log------
Aug 4 12:22:53 dnsmasq[22394]: started, version 2.76 cachesize 10000
Aug 4 12:22:53 dnsmasq[22394]: compile time options: IPv6 GNU-getopt DBus i1 8n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth DNSSEC loop-detect inotify
Aug 4 12:22:53 dnsmasq[22394]: warning: ignoring resolv-file flag because no -resolv is set
Aug 4 12:22:53 dnsmasq[22394]: using nameserver 8.8.4.4#53
Aug 4 12:22:53 dnsmasq[22394]: using nameserver 8.8.8.8#53
Aug 4 12:22:53 dnsmasq[22394]: read /etc/hosts - 6 addresses
Aug 4 12:22:53 dnsmasq[22394]: failed to load names from /etc/pihole/local.l ist: No such file or directory
Aug 4 12:22:53 dnsmasq[22394]: failed to load names from /etc/pihole/black.l ist: No such file or directory
Aug 4 12:22:53 dnsmasq[22394]: failed to load names from /etc/pihole/gravity .list: No such file or directory
Aug 4 12:23:03 dnsmasq[22394]: 1 127.0.0.1/51788 query[AAAA] raw.githubuserc ontent.com from 127.0.0.1
Aug 4 12:23:03 dnsmasq[22394]: 1 127.0.0.1/51788 forwarded raw.githubusercon tent.com to 8.8.4.4
Aug 4 12:23:03 dnsmasq[22394]: 1 127.0.0.1/51788 forwarded raw.githubusercon tent.com to 8.8.8.8
Aug 4 12:23:03 dnsmasq[22394]: 1 127.0.0.1/51788 reply raw.githubusercontent .com is <CNAME>
Aug 4 12:23:03 dnsmasq[22394]: 1 127.0.0.1/51788 reply github.map.fastly.net is NODATA-IPv6
Aug 4 12:23:03 dnsmasq[22394]: 2 127.0.0.1/47617 query[A] raw.githubusercont ent.com from 127.0.0.1
Aug 4 12:23:03 dnsmasq[22394]: 2 127.0.0.1/47617 cached raw.githubuserconten t.com is <CNAME>
Aug 4 12:23:03 dnsmasq[22394]: 2 127.0.0.1/47617 forwarded raw.githubusercon tent.com to 8.8.8.8
Aug 4 12:23:03 dnsmasq[22394]: 3 127.0.0.1/58077 query[PTR] 4.4.8.8.in-addr. arpa from 127.0.0.1
Aug 4 12:23:03 dnsmasq[22394]: 3 127.0.0.1/58077 forwarded 4.4.8.8.in-addr.a rpa to 8.8.8.8
Aug 4 12:23:03 dnsmasq[22394]: 2 127.0.0.1/47617 reply raw.githubusercontent .com is <CNAME>
********************************************
********************************************
[✓] ** FINISHED DEBUGGING! **
* The debug log can be uploaded to tricorder.pi-hole.net for sharing with de velopers only.
* For more information, see: https://pi-hole.net/2016/11/07/crack-our-medica l-tricorder-win-a-raspberry-pi-3/
* If available, we'll use openssl to upload the log, otherwise it will fall back to netcat.