sn2411
July 30, 2018, 8:31am
22
This is the result from
dig example.com
; <<>> DiG 9.10.3-P4-Debian <<>> example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6743
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1472
;; QUESTION SECTION:
;example.com. IN A
;; ANSWER SECTION:
example.com. 60605 IN A 93.184.216.34
;; AUTHORITY SECTION:
example.com. 60604 IN NS a.iana-servers.net.
example.com. 60604 IN NS b.iana-servers.net.
;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Jul 30 16:26:39 +08 2018
;; MSG SIZE rcvd: 104
Here are the results from
tail /var/log/pihole-FTL.log
[2018-07-30 16:26:33.334] Listening on Unix socket
[2018-07-30 16:26:33.335] Compiled 3 Regex filters and 144 whitelisted domains in 0.2 msec (0 errors)
[2018-07-30 16:26:33.335] /etc/pihole/black.list: parsed 1 domains (took 0.0 ms)
[2018-07-30 16:26:34.878] /etc/pihole/gravity.list: parsed 855697 domains (took 1542.0 ms)
[2018-07-30 16:26:35.039] Notice: Increasing queries struct size from 0 to 10000
[2018-07-30 16:26:35.039] Notice: Increasing overTime struct size from 0 to 100
[2018-07-30 16:26:35.039] Notice: Increasing domains struct size from 0 to 1000
[2018-07-30 16:26:35.039] Notice: Increasing clients struct size from 0 to 10
[2018-07-30 16:26:39.276] New forward server: 127.0.0.1 (0/0)
[2018-07-30 16:26:39.276] Notice: Increasing forwarded struct size from 0 to 4
And from
tail /var/log/pihole.log
Jul 30 16:26:33 dnsmasq[7207]: DNS service limited to local subnets
Jul 30 16:26:33 dnsmasq[7207]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth DNSSEC loop-detect inotify
Jul 30 16:26:33 dnsmasq[7207]: DNSSEC validation enabled
Jul 30 16:26:33 dnsmasq[7207]: warning: failed to change owner of /var/log/pihole.log: Operation not permitted
Jul 30 16:26:33 dnsmasq-dhcp[7207]: DHCP, IP range 192.168.1.1 -- 192.168.1.240, lease time 1d
Jul 30 16:26:33 dnsmasq[7207]: using nameserver 127.0.0.1#5353
Jul 30 16:26:33 dnsmasq[7207]: read /etc/hosts - 5 addresses
Jul 30 16:26:33 dnsmasq[7207]: read /etc/pihole/local.list - 11 addresses
Jul 30 16:26:33 dnsmasq[7207]: read /etc/pihole/black.list - 2 addresses
Jul 30 16:26:34 dnsmasq[7207]: read /etc/pihole/gravity.list - 1711394 addresses
DL6ER
July 30, 2018, 8:32am
23
Do you have query logging enabled? If not, please do this.
Also, what is the output of
pihole-FTL -v
?
sn2411
July 30, 2018, 8:51am
24
Strange... the wildcard regex works as expected when privacy level is set to 0, i.e. "Show everything and record everything". Setting privacy level to 1, 2 or 3 breaks wildcard regex.
Query logging does not affect the functionality of wildcard regex.
With PRIVACYLEVEL=0 in /etc/pihole/pihole-FTL.conf, and query logging enabled, here are the results for:
dig example.com
; <<>> DiG 9.10.3-P4-Debian <<>> example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26846
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;example.com. IN A
;; ANSWER SECTION:
example.com. 2 IN A 0.0.0.0
;; Query time: 13 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Jul 30 16:47:48 +08 2018
;; MSG SIZE rcvd: 56
From
tail /var/log/pihole-FTL.log
[2018-07-30 16:43:14.734] -> Known forward destinations: 1
[2018-07-30 16:43:14.734] Successfully accessed setupVars.conf
[2018-07-30 16:43:14.737] PID of FTL process: 9046
[2018-07-30 16:43:14.737] Listening on port 4711 for incoming IPv4 telnet connections
[2018-07-30 16:43:14.737] Listening on port 4711 for incoming IPv6 telnet connections
[2018-07-30 16:43:14.737] Listening on Unix socket
[2018-07-30 16:43:14.739] Compiled 3 Regex filters and 144 whitelisted domains in 1.0 msec (0 errors)
[2018-07-30 16:43:14.739] /etc/pihole/black.list: parsed 1 domains (took 0.0 ms)
[2018-07-30 16:43:16.295] /etc/pihole/gravity.list: parsed 855697 domains (took 1556.7 ms)
[2018-07-30 16:47:48.946] DEBUG: Regex in line 2 "((^)|(\.))example\.com$" matches "example.com"
And from
tail /var/log/pihole.log
Jul 30 16:50:01 dnsmasq[9046]: 58 127.0.0.1/34516 cached checkip.dyndns.com is NODATA-IPv6
Jul 30 16:50:02 dnsmasq[9046]: 59 127.0.0.1/55606 query[A] www.duckdns.org from 127.0.0.1
Jul 30 16:50:02 dnsmasq[9046]: 59 127.0.0.1/55606 cached www.duckdns.org is <CNAME>
Jul 30 16:50:02 dnsmasq[9046]: 59 127.0.0.1/55606 cached DuckDNSAppELB-570522007.us-west-2.elb.amazonaws.com is 54.213.176.83
Jul 30 16:50:02 dnsmasq[9046]: 59 127.0.0.1/55606 cached DuckDNSAppELB-570522007.us-west-2.elb.amazonaws.com is 52.89.140.116
Jul 30 16:50:02 dnsmasq[9046]: 60 127.0.0.1/55606 query[AAAA] www.duckdns.org from 127.0.0.1
Jul 30 16:50:02 dnsmasq[9046]: 60 127.0.0.1/55606 cached www.duckdns.org is <CNAME>
Jul 30 16:50:02 dnsmasq[9046]: 60 127.0.0.1/55606 cached DuckDNSAppELB-570522007.us-west-2.elb.amazonaws.com is NODATA-IPv6
Jul 30 16:50:14 dnsmasq[9046]: 61 127.0.0.1/35884 query[A] example.com from 127.0.0.1
Jul 30 16:50:14 dnsmasq[9046]: 61 127.0.0.1/35884 <unknown> example.com is 0.0.0.0
Edit: output from pihole-FTL -v is vDev-8e56b61
DL6ER
July 30, 2018, 9:31am
25
Oh, yes, I remember having seen this before but then forgot about it before I fixed this. For "perfect privacy", we obfuscate the domain early on in FTL's internal processing. This has the drawback that it is already hidden
once we arrive at the regex validation. I will make FTL use a domain buffer for regex validation also with privacy level != 0.
Thanks for reporting this!
DL6ER
July 30, 2018, 9:40am
26
Fix incoming and scheduled to go in before we release Pi-hole v4.0
pi-hole:release/v4.0
← pi-hole:fix/privacy_regex
opened 09:40AM - 30 Jul 18 UTC
**By submitting this pull request, I confirm the following (please check boxes, … eg [X]) _Failure to fill the template will close your PR_:**
***Please submit all pull requests against the `development` branch. Failure to do so will delay or deny your request***
- [X] I have read and understood the [contributors guide](https://github.com/pi-hole/pi-hole/blob/master/CONTRIBUTING.md).
- [X] I have checked that [another pull request](https://github.com/pi-hole/FTL/pulls) for this purpose does not exist.
- [X] I have considered, and confirmed that this submission will be valuable to others.
- [X] I accept that this submission may not be used, and the pull request closed at the will of the maintainer.
- [X] I give this submission freely, and claim no ownership to its content.
**How familiar are you with the codebase?:**
## 10
---
For `privacylevel > 0`, we obfuscate the domain early on by replacing it with `hidden`. Unfortunately, this renders regex validation useless as it can only compare the filters against this `hidden` domain. This commit adds a buffer which keeps the domain in unobfuscated form.
_This template was created based on the work of [`udemy-dl`](https://github.com/nishad/udemy-dl/blob/master/LICENSE)._
sn2411
July 30, 2018, 10:03am
27
Good to know! Thanks so much for all the hard work!
system
Closed
August 20, 2018, 11:02am
29
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.