Request: show regex, responsible for blocking

No, because of

It simply doesn't know if any other filter matches as well (unnecessary amounts of work).

Pushed this to the known branch.

1 Like

Nice! Looks neat and clean.

This has been merged:

However, you'll not yet see it in the beta as it is still awaiting review and merge of some necessary background changes:

but I don't see CNAME details in the query log and miss the link icon since all components running on release/v5.0 now.
pihole -v shows

Pi-hole version is v4.3.2-397-g0a70bbd (Latest: v4.3.2)
AdminLTE version is v4.3.2-393-g843e46d (Latest: v4.3.2)
FTL version is vDev-fb01e09 (Latest: v4.3.1)

and is up to date (it says). What happend this time?

ran pihole -up

pihole now crashes regulary. tried to remove old database and logs, restarted, same result:
The log (partial):

[2020-02-10 15:18:11.865 22402] ERROR: Encountered serious memory error in findForwardID()
[2020-02-10 15:18:14.597 22402] New forward server: fdaa:bbcc:ddee:2::5552 (-1/1024)
[2020-02-10 15:18:14.597 22402] FATAL: Trying to access forward ID -1, but maximum is 1024
[2020-02-10 15:18:14.598 22402]        found in findForwardID() (src/datastructure.c:54)
[2020-02-10 15:18:14.598 22402] ERROR: Encountered serious memory error in findForwardID()
[2020-02-10 15:18:14.599 22402] New forward server: fdaa:bbcc:ddee:2::5552 (-1/1024)
[2020-02-10 15:18:14.599 22402] FATAL: Trying to access forward ID -1, but maximum is 1024
[2020-02-10 15:18:14.599 22402]        found in findForwardID() (src/datastructure.c:54)
[2020-02-10 15:18:14.599 22402] ERROR: Encountered serious memory error in findForwardID()
[2020-02-10 15:18:25.022 22402] !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[2020-02-10 15:18:25.022 22402] ---------------------------->  FTL crashed!  <----------------------------
[2020-02-10 15:18:25.022 22402] !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
[2020-02-10 15:18:25.022 22402] Please report a bug at https://github.com/pi-hole/FTL/issues
[2020-02-10 15:18:25.022 22402] and include in your report already the following details:
[2020-02-10 15:18:25.022 22402] FTL has been running for 711 seconds
[2020-02-10 15:18:25.022 22402] FTL branch: release/v5.0
[2020-02-10 15:18:25.023 22402] FTL version: vDev-fb01e09
[2020-02-10 15:18:25.023 22402] FTL commit: fb01e09
[2020-02-10 15:18:25.023 22402] FTL date: 2020-02-10 10:20:26 +0100
[2020-02-10 15:18:25.023 22402] FTL user: started as pihole, ended as pihole
[2020-02-10 15:18:25.023 22402] Compiled for armhf (compiled on CI) using arm-linux-gnueabihf-gcc (Debian 6.3.0-18) 6.3.0 20170516
[2020-02-10 15:18:25.023 22402] Received signal: Segmentation fault
[2020-02-10 15:18:25.023 22402]      at address: 0xf3afe99c
[2020-02-10 15:18:25.023 22402]      with code: SEGV_MAPERR (Address not mapped to object)

edit
see also here.
/edit

Just pointing out for possible future readers that this has been addresses in the linked thread.

1 Like

The FTL PR has been merged as well so this feature is now fully available in the Pi-hole v5.0 beta.

ran pihole -up
Pi-hole version is v4.3.2-399-ge528903 (Latest: v4.3.2)
AdminLTE version is v4.3.2-393-g843e46d (Latest: v4.3.2)
FTL version is vDev-7ca81e3 (Latest: v4.3.1)
I see the link icon:


clicking the link item takes me to http://192.168.2.57/admin/groups-domains.php?domainid=0

In the test branch, the regex had a yellow background, the beta5 version takes me to the same view, however, there is no yellow background or any other indication, as to which regex is the cause of blocking.

edit
another test does succeed:


result the link is http://192.168.2.57/admin/groups-domains.php?domainid=39:

I assume the first failure is related to domainid=0, meaning no regex match. Does this have anything to do with localdomain in the first dns domainname (isatap.localdomain)?
/edit

edit2
I was able to stop queries to localdomain with the following windows config:


/edit2

edit3
the cname lookup and display also appears to work as expected:

Thanks for this great improvement.
/edit3

Works beautifully, great job.

1 Like

domainid=0 may be a thing, not found anything would be -1 and should be ignored.

Do you have a filter with id=0 in your database?
Check with

sqlite3 /etc/pihole/gravity.db "SELECT id,domain FROM domainlist;

You're welcome.

id=0 not in domainlist, first entry is 1

edit
anything I need to provide?
/edit

found another entry in the query log, not covered by the solution:

in the query log:

pihole -q says:

pi@raspberrypi:~ $ pihole -q platform.instagram.com
  [i] No results found for platform.instagram.com within the block lists
pi@raspberrypi:~ $ pihole -q instagram.c10r.facebook.com
 Match found in regex blacklist
   ^(.+\.)??(facebook|.*fb.+)\.(com|net)$

I would expect to see the link (regex match) in the status column, but it isn't there.

edit
cosmetic, something to consider, eye candy...
when mouseover on the domain entry, it shows a tooltip: click to show only queries with domain …
it might be more consistent to change the link sign (behind the regex match in the status column) with a tooltip on the word regex, that says click to show the regex match, only visible when mouseover.
/edit

Yes, this is the right diagnosis. I somehow missed that.

Here you go, please try if my simply copy-pasta worked. I'm not in the position to test this right now (no Pi-hole within reach):

pihole checkout web tweak/show_cname_regex_link

There may be more work needed for this, but, for now, I just hope I did the necessary work already in the backend.

edit Eye candy included + domainid=0 issue identified and fixed as well (this was from a query imported from the database!)

I assume you mean (only the web interface?):

pihole checkout web tweak/show_cname_regex_link

stopped pihole-FTL, removed database and logs, cleared browser cache.
Sorry, but I don't see any change (no link, no tooltip):

did you mean my suggestion to change the link sign into tooltip? if so, the entire text, including the link sign, is now a link, but the tooltip only appears if the mouse is on the link sign (which is now obsolete - the tooltip says it all...).
edit
the other fields (domain and client) turn blue on mouseover and show the tooltip (greenshot cannot capture tooltips).



/edit

also noticed a new query entry that I've never seen before, please explain (NXRA).
image

I had a typo in my command, maybe that was your issue? It is fixed now.

edit Okay, so more work is needed inside FTL, todo for another day.

edit 2 The reason for the absence of the regex link is that we record the responsible regex ID for the domain that was blocked within the CNAME inspection but do not propagate this information up to the parent domain. WIP.

means reply was NXDOMAIN with DNS RA bit set. This is commonly used by Quad9 to signal that a domain was blocked by them, hence "external".

@anon55913113 @jpgpi250 Please try

pihole checkout ftl fix/db_regexlink_id

to get the expected CNAME links. There is a bit of additional bookkeeping FTL needs to do here for this to work.

I also updated the web code slightly for an overall more uniform experience.

do we need to?:
pihole checkout web tweak/show_cname_regex_link
and
pihole checkout ftl fix/db_regexlink_id

Yes, exactly that.

YOU NAILED IT... GREAT WORK



and

I'll keep this running until after the weekend, to ensure there are no side effects or unexpected FTL crashes, but I'm confident! Hope to see this in beta5 soon.

Thanks again for your time, dedication, effort, persistence, …

edit
If somebody is going to write a manual on how to use this great new feature, you should emphasize CTRL clicking the link will open the group management page in a new tab, which makes life even easier.
/edit