I use pi-hole in the very latest version on a Pi4, GB with the very latest Raspberry Pi OS (previously called Raspbian).
Pi-holes blocking works on the other devices on the network, but not on the Pi4 itself, where pi-hole is installed.
What am I doing wrong?
Greetings
Karl
Debug Token:This process collects information from your Pi-hole, and optionally uploads it to a unique and random directory on tricorder.pi-hole.net.
The intent of this script is to allow users to self-diagnose their installations. This is accomplished by running tests against our software and providing the user with links to FAQ articles when a problem is detected. Since we are a small team and Pi-hole has been growing steadily, it is our hope that this will help us spend more time on development.
NOTE: All log files auto-delete after 48 hours and ONLY the Pi-hole developers can access your data via the given token. We have taken these extra steps to secure your data and will work to further reduce any personal information gathered.
*** [ INITIALIZING ]
[i] 2020-10-04:18:20:18 debug log has been initialized.
*** [ INITIALIZING ] Sourcing setup variables
[i] Sourcing /etc/pihole/setupVars.conf...
*** [ DIAGNOSING ]: Core version
[i] Core: v5.1.2 (How do I update Pi-hole?)
[i] Remotes: origin https://github.com/pi-hole/pi-hole.git (fetch)
origin https://github.com/pi-hole/pi-hole.git (push)
[i] Branch: master
[i] Commit: v5.1.2-0-g6b536b7
*** [ DIAGNOSING ]: Web version
[i] Web: v5.1.1 (How do I update Pi-hole?)
[i] Remotes: origin https://github.com/pi-hole/AdminLTE.git (fetch)
origin https://github.com/pi-hole/AdminLTE.git (push)
[i] Branch: master
[i] Commit: v5.1.1-0-ga03d1bd
*** [ DIAGNOSING ]: FTL version
[✓] FTL: v5.2
*** [ DIAGNOSING ]: lighttpd version
[i] 1.4.53
*** [ DIAGNOSING ]: php version
[i] 7.3.19
*** [ DIAGNOSING ]: Operating system
[✓] Distro: Raspbian
[✓] Version: 10
*** [ DIAGNOSING ]: SELinux
[i] SELinux not detected
*** [ DIAGNOSING ]: Processor
[✓] armv7l
*** [ DIAGNOSING ]: Networking
[✓] IPv4 address(es) bound to the eth0 interface:
192.168.178.20/24 matches the IP found in /etc/pihole/setupVars.conf
[✓] IPv6 address(es) bound to the eth0 interface:
fd00::acf6:d445:ee09:392b does not match the IP found in /etc/pihole/setupVars.conf (Use IPv6 ULA addresses for Pi-hole)
fe80::1226:e7c5:dba9:179b does not match the IP found in /etc/pihole/setupVars.conf (Use IPv6 ULA addresses for Pi-hole)
^ Please note that you may have more than one IP address listed.
As long as one of them is green, and it matches what is in /etc/pihole/setupVars.conf, there is no need for concern.
The link to the FAQ is for an issue that sometimes occurs when the IPv6 address changes, which is why we check for it.
[i] Default IPv4 gateway: 192.168.178.1
- Pinging 192.168.178.1...
[✓] Gateway responded.
*** [ DIAGNOSING ]: Ports in use
[80] is in use by lighttpd
[80] is in use by lighttpd
[53] is in use by pihole-FTL
[53] is in use by pihole-FTL
[4711] is in use by pihole-FTL
[4711] is in use by pihole-FTL
*** [ DIAGNOSING ]: Name resolution (IPv4) using a random blocked domain and a known ad-serving domain
[✓] adecn-w.atdmt.com is 0.0.0.0 via localhost (127.0.0.1)
[✓] adecn-w.atdmt.com is 0.0.0.0 via Pi-hole (192.168.178.20)
[✓] doubleclick.com is 172.217.168.238 via a remote, public DNS server (8.8.8.8)
*** [ DIAGNOSING ]: Name resolution (IPv6) using a random blocked domain and a known ad-serving domain
[✓] amazon.de.session-id-click.com is :: via localhost (::1)
[✗] Failed to resolve amazon.de.session-id-click.com via Pi-hole (fd00::826a:7d68:27bb:9d91)
[✗] Failed to resolve doubleclick.com via a remote, public DNS server (2001:4860:4860::8888)
*** [ DIAGNOSING ]: Pi-hole processes
[✓] lighttpd daemon is active
[✓] pihole-FTL daemon is active
*** [ DIAGNOSING ]: Setup variables
PIHOLE_INTERFACE=eth0
IPV4_ADDRESS=192.168.178.20/24
IPV6_ADDRESS=fd00::826a:7d68:27bb:9d91
PIHOLE_DNS_1=9.9.9.9
PIHOLE_DNS_2=149.112.112.112
QUERY_LOGGING=true
INSTALL_WEB_SERVER=true
INSTALL_WEB_INTERFACE=true
LIGHTTPD_ENABLED=true
BLOCKING_ENABLED=true
*** [ DIAGNOSING ]: Dashboard and block page
[✓] Block page X-Header: X-Pi-hole: A black hole for Internet advertisements.
[✓] Web interface X-Header: X-Pi-hole: The Pi-hole Web interface is working!
*** [ DIAGNOSING ]: Gravity List and Database
-rw-rw-r-- 1 pihole pihole 5042176 Okt 4 16:21 /etc/pihole/gravity.db
*** [ DIAGNOSING ]: Info table
property value
version 12
updated 1601821310
gravity_count 83811
Last gravity run finished at: So 4. Okt 16:21:50 CEST 2020
----- First 10 Gravity Domains -----
localhost.localdomain
n2019cov.000webhostapp.com
webmail-who-int.000webhostapp.com
010sec.com
01mspmd5yalky8.com
0byv9mgbn0.com
ns6.0pendns.org
dns.0pengl.com
ios.0pengl.com
0x4fc271.tk
*** [ DIAGNOSING ]: Groups
id enabled name date_added date_modified description
0 1 Default 2020-09-30 22:03:18 2020-09-30 22:03:18 The default group
*** [ DIAGNOSING ]: Domainlist (0/1 = exact white-/blacklist, 2/3 = regex white-/blacklist)
*** [ DIAGNOSING ]: Clients
*** [ DIAGNOSING ]: Adlists
id enabled group_ids address date_added date_modified comment
1 1 0 https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts 2020-09-30 22:03:18 2020-09-30 22:03:18 Migrated from /etc/pihole/adlists.list
2 1 0 https://mirror1.malwaredomains.com/files/justdomains 2020-09-30 22:03:18 2020-09-30 22:03:18 Migrated from /etc/pihole/adlists.list
*** [ DIAGNOSING ]: contents of /etc/pihole
-rw-r--r-- 1 root root 122 Okt 4 16:21 /etc/pihole/local.list
192.168.178.20 raspberrypi
fd00::826a:7d68:27bb:9d91 raspberrypi
192.168.178.20 pi.hole
fd00::826a:7d68:27bb:9d91 pi.hole
-rw-r--r-- 1 root root 234 Sep 30 22:03 /etc/pihole/logrotate
/var/log/pihole.log {
su root root
daily
copytruncate
rotate 5
compress
delaycompress
notifempty
nomail
}
/var/log/pihole-FTL.log {
su root root
weekly
copytruncate
rotate 3
compress
delaycompress
notifempty
nomail
}
-rw-rw-r-- 1 pihole root 15 Sep 30 22:03 /etc/pihole/pihole-FTL.conf
PRIVACYLEVEL=0
*** [ DIAGNOSING ]: contents of /etc/dnsmasq.d
-rw-r--r-- 1 root root 1393 Sep 30 22:03 /etc/dnsmasq.d/01-pihole.conf
addn-hosts=/etc/pihole/local.list
addn-hosts=/etc/pihole/custom.list
localise-queries
no-resolv
cache-size=10000
log-queries
log-facility=/var/log/pihole.log
local-ttl=2
log-async
server=9.9.9.9
server=149.112.112.112
interface=eth0
server=/use-application-dns.net/
*** [ DIAGNOSING ]: contents of /etc/lighttpd
-rw-r--r-- 1 root root 0 Sep 30 22:03 /etc/lighttpd/external.conf
-rw-r--r-- 1 root root 4066 Sep 30 22:03 /etc/lighttpd/lighttpd.conf
server.modules = (
"mod_access",
"mod_accesslog",
"mod_auth",
"mod_expire",
"mod_compress",
"mod_redirect",
"mod_setenv",
"mod_rewrite"
)
server.document-root = "/var/www/html"
server.error-handler-404 = "/pihole/index.php"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
accesslog.filename = "/var/log/lighttpd/access.log"
accesslog.format = "%{%s}t|%V|%r|%s|%b"
index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny = ( "~", ".inc", ".md", ".yml", ".ini" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = (
"application/json",
"application/vnd.ms-fontobject",
"application/xml",
"font/eot",
"font/opentype",
"font/otf",
"font/ttf",
"image/bmp",
"image/svg+xml",
"image/vnd.microsoft.icon",
"image/x-icon",
"text/css",
"text/html",
"text/javascript",
"text/plain",
"text/xml"
)
mimetype.assign = (
".ico" => "image/x-icon",
".jpeg" => "image/jpeg",
".jpg" => "image/jpeg",
".png" => "image/png",
".svg" => "image/svg+xml",
".css" => "text/css; charset=utf-8",
".html" => "text/html; charset=utf-8",
".js" => "text/javascript; charset=utf-8",
".json" => "application/json; charset=utf-8",
".map" => "application/json; charset=utf-8",
".txt" => "text/plain; charset=utf-8",
".eot" => "application/vnd.ms-fontobject",
".otf" => "font/otf",
".ttc" => "font/collection",
".ttf" => "font/ttf",
".woff" => "font/woff",
".woff2" => "font/woff2"
)
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "find /etc/lighttpd/conf-enabled -name '*.conf' -a ! -name 'letsencrypt.conf' -printf 'include "%p"
' 2>/dev/null"
$HTTP["url"] =~ "^/admin/" {
setenv.add-response-header = (
"X-Pi-hole" => "The Pi-hole Web interface is working!",
"X-Frame-Options" => "DENY"
)
$HTTP["url"] =~ "\.(eot|otf|tt[cf]|woff2?)$" {
setenv.add-response-header = ( "Access-Control-Allow-Origin" => "*" )
}
}
$HTTP["url"] =~ "^/admin/.(.*)" {
url.access-deny = ("")
}
expire.url = ( "" => "access plus 0 seconds" )
include_shell "cat external.conf 2>/dev/null"
*** [ DIAGNOSING ]: contents of /etc/cron.d
-rw-r--r-- 1 root root 1755 Sep 30 22:03 /etc/cron.d/pihole
36 3 * * 7 root PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updateGravity >/var/log/pihole_updateGravity.log || cat /var/log/pihole_updateGravity.log
00 00 * * * root PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole flush once quiet
@reboot root /usr/sbin/logrotate /etc/pihole/logrotate
*/10 * * * * root PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker local
16 17 * * * root PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker remote
@reboot root PATH="$PATH:/usr/sbin:/usr/local/bin/" pihole updatechecker remote reboot
*** [ DIAGNOSING ]: contents of /var/log/lighttpd
-rw-r--r-- 1 www-data www-data 304 Okt 4 17:13 /var/log/lighttpd/error.log
2020-10-04 00:00:01: (server.c.1759) logfiles cycled UID = 0 PID = 23544
2020-10-04 17:12:56: (server.c.2059) server stopped by UID = 0 PID = 1
2020-10-04 17:13:03: (server.c.1464) server started (lighttpd/1.4.53)
2020-10-04 17:13:03: (server.c.1493) WARNING: unknown config-key: alias.url (ignored)
*** [ DIAGNOSING ]: contents of /var/log
-rw-r--r-- 1 pihole pihole 4335 Okt 4 17:27 /var/log/pihole-FTL.log
-----head of pihole-FTL.log------
[2020-10-04 17:13:03.711 608M] Using log file /var/log/pihole-FTL.log
[2020-10-04 17:13:03.711 608M] ########## FTL started! ##########
[2020-10-04 17:13:03.711 608M] FTL branch: master
[2020-10-04 17:13:03.711 608M] FTL version: v5.2
[2020-10-04 17:13:03.711 608M] FTL commit: dbd4a69
[2020-10-04 17:13:03.711 608M] FTL date: 2020-08-09 22:09:43 +0100
[2020-10-04 17:13:03.711 608M] FTL user: pihole
[2020-10-04 17:13:03.711 608M] Compiled for armhf (compiled on CI) using arm-linux-gnueabihf-gcc (Debian 6.3.0-18) 6.3.0 20170516
[2020-10-04 17:13:03.711 608M] Starting config file parsing (/etc/pihole/pihole-FTL.conf)
[2020-10-04 17:13:03.711 608M] SOCKET_LISTENING: only local
[2020-10-04 17:13:03.711 608M] AAAA_QUERY_ANALYSIS: Show AAAA queries
[2020-10-04 17:13:03.711 608M] MAXDBDAYS: max age for stored queries is 365 days
[2020-10-04 17:13:03.711 608M] RESOLVE_IPV6: Resolve IPv6 addresses
[2020-10-04 17:13:03.711 608M] RESOLVE_IPV4: Resolve IPv4 addresses
[2020-10-04 17:13:03.711 608M] DBINTERVAL: saving to DB file every minute
[2020-10-04 17:13:03.711 608M] DBFILE: Using /etc/pihole/pihole-FTL.db
[2020-10-04 17:13:03.711 608M] MAXLOGAGE: Importing up to 24.0 hours of log data
[2020-10-04 17:13:03.711 608M] PRIVACYLEVEL: Set to 0
[2020-10-04 17:13:03.711 608M] IGNORE_LOCALHOST: Show queries from localhost
[2020-10-04 17:13:03.711 608M] BLOCKINGMODE: Null IPs for blocked domains
[2020-10-04 17:13:03.711 608M] ANALYZE_ONLY_A_AND_AAAA: Disabled. Analyzing all queries
[2020-10-04 17:13:03.711 608M] DBIMPORT: Importing history from database
[2020-10-04 17:13:03.711 608M] PIDFILE: Using /run/pihole-FTL.pid
[2020-10-04 17:13:03.711 608M] PORTFILE: Using /run/pihole-FTL.port
[2020-10-04 17:13:03.711 608M] SOCKETFILE: Using /run/pihole/FTL.sock
[2020-10-04 17:13:03.711 608M] SETUPVARSFILE: Using /etc/pihole/setupVars.conf
[2020-10-04 17:13:03.711 608M] MACVENDORDB: Using /etc/pihole/macvendor.db
[2020-10-04 17:13:03.711 608M] GRAVITYDB: Using /etc/pihole/gravity.db
[2020-10-04 17:13:03.711 608M] PARSE_ARP_CACHE: Active
[2020-10-04 17:13:03.711 608M] CNAME_DEEP_INSPECT: Active
[2020-10-04 17:13:03.712 608M] DELAY_STARTUP: No delay requested.
[2020-10-04 17:13:03.712 608M] NICE: Set process niceness to -10 (default)
[2020-10-04 17:13:03.712 608M] BLOCK_ESNI: Enabled, blocking _esni.{blocked domain}
[2020-10-04 17:13:03.712 608M] NAMES_FROM_NETDB: Enabled, trying to get names from network database
[2020-10-04 17:13:03.712 608M] Finished config file parsing
-----tail of pihole-FTL.log------
[2020-10-04 17:13:03.711 608M] MACVENDORDB: Using /etc/pihole/macvendor.db
[2020-10-04 17:13:03.711 608M] GRAVITYDB: Using /etc/pihole/gravity.db
[2020-10-04 17:13:03.711 608M] PARSE_ARP_CACHE: Active
[2020-10-04 17:13:03.711 608M] CNAME_DEEP_INSPECT: Active
[2020-10-04 17:13:03.712 608M] DELAY_STARTUP: No delay requested.
[2020-10-04 17:13:03.712 608M] NICE: Set process niceness to -10 (default)
[2020-10-04 17:13:03.712 608M] BLOCK_ESNI: Enabled, blocking _esni.{blocked domain}
[2020-10-04 17:13:03.712 608M] NAMES_FROM_NETDB: Enabled, trying to get names from network database
[2020-10-04 17:13:03.712 608M] Finished config file parsing
[2020-10-04 17:13:03.722 608M] Database version is 7
[2020-10-04 17:13:03.722 608M] Database successfully initialized
[2020-10-04 17:13:03.745 608M] New upstream server: 9.9.9.9 (0/1024)
[2020-10-04 17:13:03.752 608M] New upstream server: 149.112.112.112 (1/1024)
[2020-10-04 17:13:03.793 608M] Resizing "/FTL-strings" from 4096 to 8192
[2020-10-04 17:13:03.801 608M] Resizing "/FTL-queries" from 229376 to 458752
[2020-10-04 17:13:03.813 608M] Imported 5289 queries from the long-term database
[2020-10-04 17:13:03.813 608M] -> Total DNS queries: 5289
[2020-10-04 17:13:03.813 608M] -> Cached DNS queries: 1440
[2020-10-04 17:13:03.813 608M] -> Forwarded DNS queries: 2691
[2020-10-04 17:13:03.813 608M] -> Blocked DNS queries: 1158
[2020-10-04 17:13:03.813 608M] -> Unknown DNS queries: 0
[2020-10-04 17:13:03.813 608M] -> Unique domains: 350
[2020-10-04 17:13:03.813 608M] -> Unique clients: 2
[2020-10-04 17:13:03.813 608M] -> Known forward destinations: 2
[2020-10-04 17:13:03.813 608M] Successfully accessed setupVars.conf
[2020-10-04 17:13:03.829 610M] PID of FTL process: 610
[2020-10-04 17:13:03.829 610/T611] Listening on port 4711 for incoming IPv4 telnet connections
[2020-10-04 17:13:03.829 610/T613] Listening on Unix socket
[2020-10-04 17:13:03.831 610/T612] Listening on port 4711 for incoming IPv6 telnet connections
[2020-10-04 17:13:03.831 610M] Reloading DNS cache
[2020-10-04 17:13:03.832 610M] Blocking status is enabled
[2020-10-04 17:13:03.910 610M] INFO: No regex blacklist entries found
[2020-10-04 17:13:03.910 610M] INFO: No regex whitelist entries found
[2020-10-04 17:13:03.915 610M] Compiled 0 whitelist and 0 blacklist regex filters for 2 clients in 9.7 msec
[2020-10-04 17:27:56.951 610M] Resizing "/FTL-strings" from 8192 to 12288
*** [ DIAGNOSING ]: contents of /dev/shm
-rw------- 1 pihole pihole 323584 Okt 4 17:13 /dev/shm/FTL-clients
-rw------- 1 pihole pihole 144 Okt 4 17:13 /dev/shm/FTL-counters
-rw------- 1 pihole pihole 4096 Okt 4 17:13 /dev/shm/FTL-dns-cache
-rw------- 1 pihole pihole 65536 Okt 4 17:13 /dev/shm/FTL-domains
-rw------- 1 pihole pihole 28 Okt 4 17:13 /dev/shm/FTL-lock
-rw------- 1 pihole pihole 77824 Okt 4 17:13 /dev/shm/FTL-overTime
-rw------- 1 pihole pihole 4096 Okt 4 17:13 /dev/shm/FTL-per-client-regex
-rw------- 1 pihole pihole 458752 Okt 4 17:59 /dev/shm/FTL-queries
-rw------- 1 pihole pihole 12 Okt 4 17:13 /dev/shm/FTL-settings
-rw------- 1 pihole pihole 12288 Okt 4 17:27 /dev/shm/FTL-strings
-rw------- 1 pihole pihole 20480 Okt 4 17:13 /dev/shm/FTL-upstreams
*** [ DIAGNOSING ]: Locale
LANG=de_DE.UTF-8
*** [ DIAGNOSING ]: Pi-hole log
-rw-r--r-- 1 pihole pihole 95472 Okt 4 18:20 /var/log/pihole.log
-----head of pihole.log------
Oct 4 17:13:03 dnsmasq[610]: started, version pi-hole-2.81 cachesize 10000
Oct 4 17:13:03 dnsmasq[610]: compile time options: IPv6 GNU-getopt no-DBus no-UBus no-i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth DNSSEC loop-detect inotify dumpfile
Oct 4 17:13:03 dnsmasq[610]: warning: interface eth0 does not currently exist
Oct 4 17:13:03 dnsmasq[610]: using only locally-known addresses for domain use-application-dns.net
Oct 4 17:13:03 dnsmasq[610]: using nameserver 149.112.112.112#53
Oct 4 17:13:03 dnsmasq[610]: using nameserver 9.9.9.9#53
Oct 4 17:13:03 dnsmasq[610]: read /etc/hosts - 5 addresses
Oct 4 17:13:03 dnsmasq[610]: failed to load names from /etc/pihole/custom.list: No such file or directory
Oct 4 17:13:03 dnsmasq[610]: read /etc/pihole/local.list - 4 addresses
Oct 4 17:13:23 dnsmasq[610]: query[A] www.youtube.com from 192.168.178.23
Oct 4 17:13:23 dnsmasq[610]: forwarded www.youtube.com to 149.112.112.112
Oct 4 17:13:23 dnsmasq[610]: forwarded www.youtube.com to 9.9.9.9
Oct 4 17:13:23 dnsmasq[610]: reply www.youtube.com is
Oct 4 17:13:23 dnsmasq[610]: reply youtube-ui.l.google.com is 216.58.207.78
Oct 4 17:13:23 dnsmasq[610]: reply youtube-ui.l.google.com is 172.217.22.78
Oct 4 17:13:23 dnsmasq[610]: reply youtube-ui.l.google.com is 172.217.22.110
Oct 4 17:13:23 dnsmasq[610]: reply youtube-ui.l.google.com is 172.217.23.110
Oct 4 17:13:23 dnsmasq[610]: reply youtube-ui.l.google.com is 216.58.212.142
Oct 4 17:13:23 dnsmasq[610]: reply youtube-ui.l.google.com is 172.217.22.46
Oct 4 17:13:23 dnsmasq[610]: reply youtube-ui.l.google.com is 172.217.21.238
[✓] ** FINISHED DEBUGGING! **
* The debug log can be uploaded to tricorder.pi-hole.net for sharing with developers only.
* For more information, see: https://pi-hole.net/2016/11/07/crack-our-medical-tricorder-win-a-raspberry-pi-3/
* If available, we'll use openssl to upload the log, otherwise it will fall back to netcat.
[?] Would you like to upload the log? [y/N]