Setting up Pi-hole

the-evaluator · 17 Aug 2018 at 13:20

It might be worth looking in the Pi-Hole log for the IP address of your mobile at the time you try to watch BT Sport and see what's getting blocked.

Not that it's much help but I can watch BT Sport fine on my iPad with Pi-Hole running.

BigBoy · 19 Sep 2018 at 23:32

Moved my pihole over to a docker VM, and now my white list does not populate, if I import the settings and white/black list from my old pihole it tells me the whitelisted domains don't exist

Whitelisted are the following

feedads.googleadservices.com
googleadservices.com
m4.afs.googleadservices.com
mimageads1.googleadservices.com
mimageads2.googleadservices.com
mimageads3.googleadservices.com
mimageads4.googleadservices.com
mimageads5.googleadservices.com
mimageads6.googleadservices.com
mimageads7.googleadservices.com
mimageads8.googleadservices.com
mimageads9.googleadservices.com
mimageads.googleadservices.com
mpartner.googleadservices.com
pagead2.googleadservices.com
partner.googleadservices.com
www.googleadservices.com
www.partner.googleadservices.com

none of them work.

the-evaluator · 20 Sep 2018 at 08:37

It's probably failing because the FQDN it specifically mentions, feedads.googleadservices.com hasn't got an IP address:

Code:

root@pihole2:~:$ dig feedads.googleadservices.com @8.8.8.8

; <<>> DiG 9.10.3-P4-Ubuntu <<>> feedads.googleadservices.com @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 60618
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;feedads.googleadservices.com.  IN      A

;; AUTHORITY SECTION:
googleadservices.com.   59      IN      SOA     ns1.google.com. dns-admin.google.com. 213741682 900 900 1800 60

;; Query time: 29 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Sep 20 08:34:34 BST 2018
;; MSG SIZE  rcvd: 114

root@pihole2:~:$

Maybe try manually adding the others (assuming they're all valid) and see what happens.

It's interesting that the versions of everything are listed as N/A in the bottom right hand corner. That doesn't look right.

BigBoy · 20 Sep 2018 at 08:59

the-evaluator said:
It's interesting that the versions of everything are listed as N/A in the bottom right hand corner. That doesn't look right.

Thats a known Docker Debian base distro Bug.

Jony27 · 10 Oct 2018 at 10:00

Finally set this up again on the new apartment. Bought a new router as well to use along side the SH3 so DHCP is handled by router and DNS points towards Pihole.
I had the Pi handle DHCP last time as couldn't configure DNS on the SH3. Now need to setup OpenVPN to get pihole on the go and maybe DNSCrypt if I can be bothered.

Jon20 · 13 Nov 2018 at 17:07

Just set this up on a Pi 3B. Seems to work well. Couple of questions though:

I've put the Pi-hole IP (IPv4 and IPv6) as the DNS address in Pfsense, along with 8.8.8.8. Should I then manually add the Pi-hole IP to the DNS address on my iPhone, PC's etc? I think this then shows individual clients in the web interface rather than everything coming under the router?

Are the whitelist and blacklists meant to be displaying anything on the web interface?

the-evaluator · 14 Nov 2018 at 08:31

If all the queries are showing as coming from the router then I guess the DHCP server is set to serve the IP address of the router as the DNS server? Yeah, if you replace that with the IP address of the Pi-Hole then the interface should show individual clients.

Personally I wouldn't add 8.8.8.8 into Pfsense, you'll probably find that the DNS queries get shared between Pi-Hole and 8.8.8.8. Ideally you want everything going through Pi-Hole.

Whitelists and blacklists will show if you've added something to them. By default they're empty as they're user defined lists.

Armageus · 14 Nov 2018 at 08:36

@Jon20 your pi-hole address (and only that - no secondary, or set the secondary to the pi-hole address as well) should be added to pfsense's dhcp settings so that devices get given the dns server address when they request an ip address via dhcp.
Other DNS settings on pfsense (e.g. on WAN side) should stay as they were

Jon20 · 14 Nov 2018 at 13:40

Armageus said:
@Jon20 your pi-hole address (and only that - no secondary, or set the secondary to the pi-hole address as well) should be added to pfsense's dhcp settings so that devices get given the dns server address when they request an ip address via dhcp.
Other DNS settings on pfsense (e.g. on WAN side) should stay as they were

Thanks, just done that. If the Pi happened to lose power/go faulty etc., would pfsense then fall back to the DNS servers that are set for WAN?

Armageus · 14 Nov 2018 at 14:12

Jon20 said:
Thanks, just done that. If the Pi happened to lose power/go faulty etc., would pfsense then fall back to the DNS servers that are set for WAN?

Other devices wouldn't be able communicate until the pi is restored or dhcp settings changed (or dns settings manually changed on the devices where possible).

skyripper · 20 Nov 2018 at 11:29

Any recommendations for a lightweight linux base to install PiHole on? (I don't own a Pi, I run it as a VM on an vmware box, and havent dragged myself into this decade and got anywhere I can install Docker).

Last time I used an Ubuntu server distro, and its a bit bloated... so looking for the smallest footprint possible.

Buffalo2102 · 20 Nov 2018 at 11:42

Just install from the Debian netinst.iso. This is the base image and gets you up and running. You can then install any additional packages you require afterwards.

Rabtech · 20 Nov 2018 at 15:44

I run Pi-hole on an Ubuntu 16.04 LTS server VM with no GUI, uses generally around 67% of the 256MB of ram assigned to it.

skyripper · 20 Nov 2018 at 15:50

Yeah, I think I must have overprovisioned the disk space at the install time. I'm going to do a fresh install soon in as small a footprint as I can.
Thanks.

Armageus · 20 Nov 2018 at 15:51

You could always use the x86 version of Raspbian?

skyripper · 21 Nov 2018 at 12:45

Downloaded the netinst version of Debian 9, set this up last night in a 512MB, 8GB footprint.
Ran into a few headaches but got there in the end

Code:

su
password: *********
apt-get install open-vm-tools
apt-get install curl
curl -sSL http://install.pi-hole.net > pihole.sh   (for whatever reason VMWare 6.7 wouldnt pass a pipe character across to the terminal!)
bash < pihole.sh
pihole -a -d
password: *********

Then scratched my head about why I could access the Admin webpage using http://192.168.1.whatever/admin, but not from http://pihole.lan/admin - even though my own machine could resolve pihole.lan correctly. Turned out it was the local hosts file inside Debian (not strictly a pihole problem).

Code:

su
vi /etc/hosts  (I hate vi with a passion)

change the
127.0.0.1 pihole.lan pihole
to
192.168.1.whatever pihole.lan pihole
:w
:q

Reboot. Job done.
PiHole running in a tiny footprint.

Buffalo2102 · 21 Nov 2018 at 12:46

Nice one. I too hate vi and much prefer nano.

DampCat · 30 Nov 2018 at 22:51

Got PiHole up and running on my Pi 1B this afternoon, had to have it host DHCP as using BT homehub. I know literally 0 about linux and home networking, and it took an hour to get it all done.

Working great though!

Feek · 10 Dec 2018 at 08:16

Pihole 4.1 is available - Run pihole -up to update automatically.

shine · 10 Dec 2018 at 08:34

Updated, thanks for the heads up.