Tailing the log now longer highlights blocked queries

Blocked queries used to show up red, this stopped happening with the latest beta (pihole -t).

Pi-hole vDev (release/v5.4, v5.3.1-49-ga52a5e7e)
Web Interface vDev (release/v5.6, v5.5-44-g4e1f7c2)
FTL vDev (release/v5.9, vDev-c5f4931)

1 Like

Mine are showing in color:

  Pi-hole version is release/v5.4 v5.3.1-49-ga52a5e7e (Latest: v5.3.1)
  AdminLTE version is release/v5.6 v5.5-44-g4e1f7c2 (Latest: v5.5)
  FTL version is release/v5.9 vDev-c5f4931 (Latest: v5.8.1)

What is the blocking mode you use?
Using NODATA I also get nothing in red, but using NULL I get the red colored output.



By setting it to NULL I get the red text again.

Can you please post the output of

dig flurry.com

from a client device?

With blocking mode set to BLOCKINGMODE=IP-NODATA-AAAA:

$ dig @ flurry.com

; <<>> DiG 9.16.1-Ubuntu <<>> @ flurry.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47714
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 4096
;flurry.com.                    IN      A

flurry.com.             2       IN      A

;; Query time: 4 msec
;; WHEN: Thu Jul 15 19:12:51 EDT 2021
;; MSG SIZE  rcvd: 55
Jul 15 19:13:38: query[A] flurry.com from
Jul 15 19:13:38: gravity blocked flurry.com is

Output was not red.

And if I set blocking mode to NULL I get in the output as expected and it's coloured red.

With IP-NODATA-AAAA Pi.hole will return it's own IP on A requests for blocked domains. In your case the code that colors the output red does only look for certain strings in the logs and colors them red

There was a certain change which removed the IP which was "hard coded" in setupVars.conf from this line.

Unintended side effect of:

1 Like

Why do we need to differentiate based on the returned address at all? It may be everything with IP blocking modes.

If the string contains (blacklisted |gravity blocked ) isn't this sufficient to add red color? Regardless of what the blocking mode is? Why would we check for any address in addition to these unique strings?

It should... but it's not working (anymore). I set it toIP-NODATA-AAAA and got the second line grey colored

Bildschirmfoto zu 2021-07-16 21-39-33

Oh yes, I meant we should change the filter to be less strict as a suggestion.


--e "s,(.*(blacklisted |gravity blocked ).* is (|::|NXDOMAIN).*),${COL_RED}&${COL_NC}," \
+-e "s,(.*(blacklisted |gravity blocked ).*),${COL_RED}&${COL_NC}," \

(without having tested this myself)

Works like charm

Bildschirmfoto zu 2021-07-16 21-47-49

1 Like


The beta has been updated.

1 Like

Confirming functionality has returned in the latest beta.

1 Like