New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Troubleshooting Questions #127
Comments
Run through this FAQ. I have noticed that more and more ads are coming through https and/or IPv6, which isn't supported well yet. I'm working as hard as I can on this, and @dschaper has been helping a ton, but it's getting to be a big project that is getting difficult to manage alone. Let me know if the above link helps you. Also, more ads can be blocked by adding the mahakala list, but you will need to whitelist a bunch of legitimate domains, but it might be worth it. |
Yeah, I've noticed a lot of the big ad networks are serving through IPv6, but the good news is that dnsmasq does a good job (and by proxy PiHole) when I set my IPv6 resolver to the address that my Pi is using. (A quick |
|
Thank you both for such prompt and detailed replies. I am far from an expert on Debian, and know just enough about IPv6 to be utterly dangerous. I have the installation of my PiHole on a static, public IPv4 address (to avoid any potential NAT issues) and I thought (perhaps mistakenly) it would be advantageous to create an IPv6 tunnel for it, so I did so using Hurricane Electric's service. Knowing these details, what can I do now in an effort to improve the effectiveness of my installation? Could you please give me specific steps/add them to the FAQ on what I should change in my configuration? Lastly, any idea why I can't pull up the web interface of my PiHole? THANK YOU for your time and dedication to this project. I plan to donate shortly! |
Even within one year of making the Pi-hole, I have noticed a big spike in IPv6 ads coming through. I don't think an IPv6 tunnel would help block them but rather help, since the ads can be delivered via IPv6. We need the Pi-hole to listen/respond to IPv6 queries. I have been successful blocking IPv6 ads, but don't have any of it documented (or fully-functioning yet). |
So @dschaper when you say you set your IPv6 resolver, what do you mean? And it blocks IPv6 without any additional config on the Pi-hole? P.S. I also use osxdaily.com as a test site. |
With Windows 10, when you manually set the IPv4 DNS server, you can go into the IPv6 properties and set the DNS server for IPv6 queries. I'm trying to set up a Hackintosh so I can see how to configure Yosemite (plus I need to be able to test on a Mac platform and the only Mac i have is a 512Ke.) And yes, it does work without any further configuration on the PiHole, dnsmasq serves the right resource records without needing to do anything. |
So when you set the IPv6 DNS server, you point it to the Pi's IPv4 address? |
You need the IPv6 address of the pi. The way I did it was to run Then set the IPv6 DNS server to that address and that's all the configuration needed. |
I think this one can be closed, too, based on the conversation. See #144 |
What about modifying your script to add ::1 to all the of the ipv4 host Thanks, Rob
|
That would just add a loopback to each address for IPv6 and wouldn't send the requests to the web server for advert replacement. Since the webserver sends a small gif (or what ever the user has configured) to keep the sites from breaking and possibly timing out, it's necessary to send the address of the pihole server that is running the web server. |
I'll readily admit I am not fully up to snuff on ipv6, but I saw the option
|
It works for AdAway because that application runs it's own webserver, so sending a loopback address is fine. It looks like this latest release of PiHole has IPv6 all tied up, give it a try and see if it works for you. (And let us know if you run into any problems!) |
It's a good idea though, and that's the address I used when testing a working solution for PiHole #71 (comment). The released version gets the actual address of the PiHole server and uses that instead. |
Thanks! You guys are great! Can I somehow also run a webserver on my Pi and Also, I took my PiHole offline for a while because it wasn't blocking well, I obviously want to to use it on my LAN, but I'd like to use it for my Thanks again! -Rob
|
I'm not familiar with AdAway, so someone else might be able to answer that. As for the remote access to the Pi-hole, port forwarding comes to mind, but maybe that's how you were already using it and why they were getting upset with you. |
AdAway runs on Android and is similar to the Pi-Hole, it intercepts DNS requests via hosts file and optionally runs a small webserver. Since it's self-contained it just serves up loopback addresses to point back to itself. So for @robroy90, if there is a way to have AdAway forward it's requests to the Pi-Hole DNS server then you'd have double layer protection. I don't know if thats possible though. As for a public DNS, if you have port 53 open and accessible to the public then you are probably violating the TOS of your provider in regards to running a server on a non-commercial account. If they can portscan you and get a response then they are going to ding you for it. If you want to use a VPS, I can suggest Hostus.US as a good and cheap provider. You can do a Sky-Hole type setup that way. And we've tested the code so it works on an OpenVZ based provider, thanks to the help of another PiHole user who let me in to his setup to test the code. |
Thank you very much, I sent some bitcoin your way as a donation. I -Rob On Sun, Jan 3, 2016 at 1:32 PM, Dan Schaper notifications@github.com
|
I was curious to know how I can determine the effectiveness of my installation? I have pi-hole up and running, but lately it doesn't seem to be blocking ads very effectively. Further, the web interface at http://ip.address/admin/index.php does not load, I just get a blank browser window with no errors. If anyone could please give me some things to look at, I would appreciate it. I can ssh into the installation and run the gravity update script without issue.
Thanks!
-Rob
The text was updated successfully, but these errors were encountered: