First off all, thanks to all the developers, testers and people who make the blocklists - I know what a bum job that can be.
Pi-Hole is working on my network using DHCP and it runs like a dream... except on Windows.
I've sat here for hours refreshing a single site, checking which domains were getting through, blacklisting (more and more) expecting a different result, but no, Taboola - in this case - is dug in like a tick.
So I tried blocking a entire site and to my surprise, it loaded without so much as a creak... WTF!
So I tried it on the iPhone: Pi-Holed.
Back on the PC - loads right up.
Refresh the cache... Same.
Check the iPhone? Pi-holed.
Check the Android tablet? Pi-Holed.
Rinse and repeat. Thought it might be Firefox (no reason why it should be, but hey...) Microsoft Edge - same result.
There's something very odd going on with Windows 10 - and I'm a loss to know why it would be. I first suspected something was off when I was able to browse last night shortly after I hosed the DietPi installation (to my shame).
I know Daniel makes a few changes but since Pi Hole is working as advertised on other devices. Something is going on and my poor brain can't handle it!
Did you do ipconfig /flushdns ?
I hadn't but I've done that now and I can't see any change. Good idea to try that first though.
This is really quite odd.
Browsers cache too.
Have you tried clearing that cache ?
Or reboot ?
Yeah - browser cache was the first thing I tried. This was the first thing I thought of so I watched the stuff downloading in the console... damnable thing. Just tried a reboot (takes a good 5 minutes to come back up ... ugh, let's not go there. This is why I prefer GNU+Linux or BSD).
I'm going to unplug the network cable from the Pi tomorrow and see what falls off (so to speak). 
When on the windows machine, you execute below one, do you see the Pi-hole IP address displayed as the only DNS server ?
ipconfig /all
Yeah.
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.100
DHCPv6 IAID . . . . . . . . . . . : 192169632
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-20-AA-CB-2E-74-46 ********
DNS Servers . . . . . . . . . . . : 192.168.0.100
NetBIOS over Tcpip. . . . . . . . : Enabled
IPv6 is a bit of a strange voodoo for me right now still (I'm too old to easily absorb new stuff) so there could be something there that I can't see.
Would you be so kind/share to tell all which blocklists you are using?
1 Like
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
https://mirror1.malwaredomains.com/files/justdomains
http://sysctl.org/cameleon/hosts
https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist
https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt
https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt
https://hosts-file.net/ad_servers.txt
https://smokingwheels.github.io/Pi-hole/allhosts
Pi-Hole itself seems to be working as it should (everything is blocked on the other devices) so this isn't a problem that's been caused by Pi-Hole but rather by Windows somehow managing to bypass the DNS. Quite infuriating but this seems to be the case with Windows - every time I have to boot this ***ing thing, it eats my boot sector so I have to repair that so I can get back to my GUN+Linux box (currently Ubutntu Budgie).
What's really curious is this: I can see the test domain reported as Pi-Holed on both PIv4 and IPv6 and from the Windows machine and yet, the page loads without missing a beat. I looks as if Windows has some way to bypass the DNS if it doens't get the result it's expecting?! Unless something I'm running (Avast, for example) could be doing that?
1 Like
Have you run recently on the Pi?
sudo apt-get update
sudo apt-get upgrade
https://twitter.com/BleepinComputer/status/920261785290268672
It maybe a WIFI bug.
Have you tried isolating the block lists?
You have one I have not used.
Yeah, all up to date.
PC is wired (can you imagine!) 
Not that I'm old school (although I am) it's because this machine has two gigabit ports and the WiFi is on USB so it's a bit pointless.
I have no real reason to suspect the Pi or PiHole since all the other machines (all wireless to be fair) are working as advertised. I'll hook up the spare Pi3 to a wired outlet just to isolate that.
EDIT: tried on the Pi 3 (Firefox ESR) and sure enough - PiHoled.
Tried a domain I never heard of (blacklisted it first) completely unaffected. D*** you Windows... Or something.
S.O.B!
Found it everyone. It's not Pi-Hole it's (trumpets at the ready) AVAST Anti-Virus, so it's indirectly Windows.
Shows I have a route to a DNS (which isn't reported by Windows using ifconfig) controlled by Avast - which they call "Realsite"
I'm going to turn it off and see what happens because it's effectively bypassing all the protection I'm used to from PiHole (which is a lot, thanks to you folks). Ironically, I just got hammered by one of those phone hijack systems that pretends to be a "safe" site but connects you through their automated system and charges you a boatload.
So a lot of use that was! I'll let Avast know about this "bug" but I thought you folks would find this interesting. I don't know how safe "whatsmydnsserver" is but it didn't ask for anything special from me.
1 Like
If you have the time. Could you please share a screen dump of the settings?
https://www.facebook.com/groups/BIRRR/permalink/754926484716041/
1 Like
I would if I could but Windows hoses my GNU+Linux box every time I have to boot into Windows and getting it back is quit tiresome (I have to boot from a DVD because my machine can't boot a UFEI installed from USB... go figure).
I've spent most of the afternoon trying (and failing) to get my USB sticks to boot EFI so I can save myself an hour every time I need to drop back to Windows. (The odd bits of software I use on Windows don't work on virtual machines nor WINE/Crossover so I'm rather stuck in that regard.)
I think the guys over on the FB group have noted the same thing I did - disabling JUST that component rather than the entire anti-virus. Pi-Hole is fairly effective at blocking these malware and hijacked domains anyway.
In fact, the one thing I had expected Avast might have blocked (a telephone re-direction service) was wide open and I feel right into it. These are those scamming services that charge you a bundle to make a call that would normally be free or at least very low-cost. It's just another legal scam that the regulators haven't caught up on yet.
1 Like
Have you heard of virtualbox?
https://www.virtualbox.org/wiki/Downloads
I use it to Drop in to Windows and do stuff. 30 day or 180 day editions.