I really want to like Pihole but the whitelisting functionality really is horrible and hardly ever works. I would think it's one of the core features that should work properly...
Today, im fighting to get the following 3 subdomains whitelisted:js.slickdealscdn.com css.slickdealscdn.com static.slickdealscdn.com
The domains don't even show up in any blocklists, not sure why they are blocked in the first place.
The domains are whitelisted according to the UI.
According to the Pihole query log, the queries are green and being resolved correctly.
This picture shows the query log 'approving' the resolution of the domains above:https://i.imgur.com/zqNe32r.png
Yet this picture clearly shows Chrome not resolving the DNS correct (this happens at the OS level not just Chrome).
I have also cleared the DNS cache on my local computers - OSX and Windows 10. Same behavior.
I know the problem is clearly with Pihole because as soon as I disable it, the site loads properly. I've tried restarting Gravity, restarting the entire VM, still gets blocked.
Running pihole on a VM under ubuntu on esxi 6.5
[Replace this text with the debug token provided from running pihole -d (or running the debug script through the web interface]
jfb
November 26, 2018, 5:33am
2
Please generate a debug log, upload and post the token. Plus the output of this command:
cat /etc/pihole/regex.list
output of pihole -d
output of regex filter:
root@pihole:~# cat /etc/pihole/regex.list
((^)|(\.))barebones\.com$
jfb
November 26, 2018, 5:54am
4
Is this behavior limited to the Chrome browser or have you tried other browsers?
What is the output of the following commands (one will check today's log, since it's early morning at your location), and the other will check yesterday's log.
sudo grep slickdealscdn /var/log/pihole.log
sudo grep slickdealscdn /var/log/pihole.log.1
From either of the two clients, run the following (substitute nslookup for dig where required) and post the output:
dig js.slickdealscdn.com
dig css.slickdealscdn.com
dig static.slickdealscdn.com
jfb
November 26, 2018, 6:02am
6
What software generated that table and on which client or router?
It happens at the OS level - nslookup gets the same 0.0.0.0 with pihole on. Windows, OSX, I even spun up an Ubuntu VM for testing.
https://pastebin.com/4pzWhNNs
MacBook-Pro:~ user$ dig js.slickdealscdn.com
; <<>> DiG 9.10.6 <<>> js.slickdealscdn.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40423
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;js.slickdealscdn.com. IN A
;; ANSWER SECTION:
js.slickdealscdn.com. 9 IN CNAME js.slickdealscdn.com.inscname.net.
js.slickdealscdn.com.inscname.net. 283 IN CNAME ins-078.inscname.net.
ins-078.inscname.net. 937 IN CNAME a-sg02sl05.insnw.net.
a-sg02sl05.insnw.net. 2 IN A 0.0.0.0
;; Query time: 5 msec
;; SERVER: 172.16.1.1#53(172.16.1.1)
;; WHEN: Mon Nov 26 00:58:40 EST 2018
;; MSG SIZE rcvd: 154
MacBook-Pro:~ user$ dig css.slickdealscdn.com
; <<>> DiG 9.10.6 <<>> css.slickdealscdn.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26367
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;css.slickdealscdn.com. IN A
;; ANSWER SECTION:
css.slickdealscdn.com. 20 IN CNAME css.slickdealscdn.com.inscname.net.
css.slickdealscdn.com.inscname.net. 430 IN CNAME ins-078.inscname.net.
ins-078.inscname.net. 795 IN CNAME a-sg02sl05.insnw.net.
a-sg02sl05.insnw.net. 2 IN A 0.0.0.0
;; Query time: 14 msec
;; SERVER: 172.16.1.1#53(172.16.1.1)
;; WHEN: Mon Nov 26 01:01:02 EST 2018
;; MSG SIZE rcvd: 156
MacBook-Pro:~ user$ dig static.slickdealscdn.com
; <<>> DiG 9.10.6 <<>> static.slickdealscdn.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53320
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;static.slickdealscdn.com. IN A
;; ANSWER SECTION:
static.slickdealscdn.com. 8 IN CNAME static.slickdealscdn.com.inscname.net.
static.slickdealscdn.com.inscname.net. 515 IN CNAME ins-078.inscname.net.
ins-078.inscname.net. 750 IN CNAME a-sg02sl05.insnw.net.
a-sg02sl05.insnw.net. 2 IN A 0.0.0.0
;; Query time: 12 msec
;; SERVER: 172.16.1.1#53(172.16.1.1)
;; WHEN: Mon Nov 26 01:01:47 EST 2018
;; MSG SIZE rcvd: 162
jfb
November 26, 2018, 6:07am
8
Run dig for the domain that those domains resolve to via CNAME:
dig a-sg02sl05.insnw.net
jfb
November 26, 2018, 6:09am
9
It should return NULL; if so run this command to see which list has it blocked:
pihole -q a-sg02sl05.insnw.net -adlist
jfb:
dig a-sg02sl05.insnw.net
MacBook-Pro:~ user$ dig a-sg02sl05.insnw.net
; <<>> DiG 9.10.6 <<>> a-sg02sl05.insnw.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 49407
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;a-sg02sl05.insnw.net. IN A
;; ANSWER SECTION:
a-sg02sl05.insnw.net. 2 IN A 0.0.0.0
;; Query time: 3 msec
;; SERVER: 172.16.1.1#53(172.16.1.1)
;; WHEN: Mon Nov 26 01:09:50 EST 2018
;; MSG SIZE rcvd: 54
root@pihole:~# pihole -q a-sg02sl05.insnw.net -adlisthttps://raw.githubusercontent.com/StevenBlack/hosts/master/hosts:
jfb
November 26, 2018, 6:12am
11
ochompsky:
a-sg02sl05.insnw.net
Whitelist this domain and update gravity. Then see if the behavior changes.
That did the trick, thanks so much!
jfb
November 26, 2018, 6:16am
13
Did this problem start today (Sunday)? The reason I ask is that the gravity update cron script ran at 0441 your time Sunday and if that block list changed to include that domain, it would have been added to your gravity list then.
system
December 17, 2018, 6:28am
15
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.
