Sporadic Behavior in Adlist

Expected Behavior:

Full blocking of all DNS entries in AdLists and Blacklist

Actual Behavior:

Pihole seems to block sites on my Blacklist and an Adlist I added from a third-party source, but it's sporadic for the list of malware sites included in the default install (https://mirror1.malwaredomains.com/files/justdomains). I test the blocking behavior by typing URLs directly into the address bar of Firefox and/or Chrome. Every time I go to one of these sites, the admin dashboard shows it as blocked whether the site gets through or not.

Also, it may block "site.com" on the list, but fail to block "www.site.com."

Thanks in advance for the help!

Pihole 5.1.2 installed on Raspberry Pi Zero W. Browsing on Windows 10 64-bit. Pihole is configured as my DCHP server, and DCHP is disabled in my router. I have tried flushing the DNS caches for Windows and Chrome and repeating tests. DNS caching and DoH disabled in Firefox.

Debug Token:


No errors in your debug log.

These are different domains. If you want to block both, they have to be both on an adlist or blacklist.

This would indicate that the client uses another DNS server next to pihole.

From one of your clients please run

nslookup pi.hole

nslookup flurry.com

Sorry for the delay, but thanks for replying! Here are the results of nslookup:

nslookup pi.hole
Server: raspi-zero-pihole
Name: pi.hole

nslookup flurry.com
Server: raspi-zero-pihole
Non-authoritative answer:
Name: flurry.com

Please post a new debug token.

New debug token: unnngd8vv7

This shows that the client is using your pihole for DNS resolution but does resolve a well known ad-serving domain. Expected result would be (blocking).

Your're debug log does not show any errors, blocking is enabled and you have some adlists which contain flurry.com

[80] is in use by lighttpd
[80] is in use by lighttpd
[53] is in use by pihole-FTL
[53] is in use by pihole-FTL
[4711] is in use by pihole-FTL
[4711] is in use by pihole-FTL



  3           1  0             https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts                                      2020-10-03 02:49:59  2020-10-03 02:49:59  Default adlist that ships with pihole             

I'm out of ideas why it fails to block :man_shrugging:

Actually, ignore that result. I believe I enabled the adlist containing flurry after I performed that nslookup, but before generating the new debug token.

Now an nslookup of flurry.com does indeed return However, there is still an issue from the browser side of things- Firefox will resolve flurry.com and show me the website. However, I believe Firefox is automatically adding the www prefix when it doesn't find the requested site- Chrome blocks flurry.com, but explicitly typing www.flurry.com will show the site.

This is probably fine for blocking ads, but part of my use case is filtering NSFW sites from my home network. Allowing the simple workaround of adding www won't fly. Is there an off-the-shelf method for doing regex-based blocks with adlists, like the feature of blacklists? If not, I suppose I could write a script for it or branch the source, but I'd rather avoid that

Yeah, that might be true. www.flurry.com and flurry.com are different domains and both need to be on an adlist if you want to filter both.

No, regex-based list are not supportet ATM (Load regexps from "host file"). You have to import them manually (or script something). Keep in mind that you might not block all www.* for domains on your adlists - as written above they are different domains and might serve different content.

That certainly makes sense. And as suspected, the behavior I was seeing was more a result of Firefox than Pihole

Thanks for stepping through that with me. I have a better understanding of pihole's features and limitations. I'll keep an eye out for a regex-based lists to possibly be implemented in the future

Before closing the topic, I do want to say that the whole Pihole community seems really helpful and constructive. Thanks for what you guys do, and keep up the good work!

1 Like

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.