Commit Graph

33 Commits

Author SHA1 Message Date
DL6ER b755330f4c
Remove local-ttl from set of default dnsmasq options.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2021-09-24 11:34:05 +02:00
DL6ER 0711f4d63a
Revert "Enable DNS forwarding loop detection" 2020-11-28 18:29:32 +01:00
deHakkelaar ad39ba30bd
Enable DNS forwarding loop detection
Found below by accident:
```
pi@ph5:~ $ man dnsmasq
[..]
       --dns-loop-detect
              Enable code to detect DNS forwarding loops; ie the  situa‐
              tion  where  a  query  sent  to one of the upstream server
              eventually returns as a new query to the dnsmasq instance.
              The  process  works  by generating TXT queries of the form
              <hex>.test and sending them to each upstream  server.  The
              hex is a UID which encodes the instance of dnsmasq sending
              the query and the upstream server to which it was sent. If
              the  query  returns  to the server which sent it, then the
              upstream server through which it was sent is disabled  and
              this  event  is  logged.  Each  time  the  set of upstream
              servers changes, the test is re-run on all  of  them,  in‐
              cluding ones which were previously disabled.
```
Seems to work just fine if I point my router 10.0.0.1 back to Pi-hole in the WAN DNS settings:
```
pi@ph5:~ $ grep server= -R /etc/dnsmasq.*
/etc/dnsmasq.d/01-pihole.conf:server=9.9.9.10
/etc/dnsmasq.d/01-pihole.conf:server=149.112.112.10
/etc/dnsmasq.d/01-pihole.conf:server=10.0.0.1
/etc/dnsmasq.d/01-pihole.conf:rev-server=10.0.0.0/24,10.0.0.2
/etc/dnsmasq.d/01-pihole.conf:server=/dehakkelaar.nl/10.0.0.2
/etc/dnsmasq.d/01-pihole.conf:server=/use-application-dns.net/
```
```
pi@ph5:~ $ sudo tee /etc/dnsmasq.d/99-my-settings.conf <<< $'dns-loop-detect'
dns-loop-detect
```
```
pi@ph5:~ $ pihole restartdns
  [✓] Restarting DNS server
```
```
pi@ph5:~ $ tail -F /var/log/pihole.log
[..]
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 10.0.0.2#53 for domain dehakkelaar.nl
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 10.0.0.2#53 for domain 0.0.10.in-addr.arpa
Oct 22 18:17:41 dnsmasq[17301]: NOT using nameserver 10.0.0.1#53 - query loop detected
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 149.112.112.10#53
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 9.9.9.10#53
```
2020-10-22 18:54:04 +02:00
DirkJanIT b88510d89a
Add CACHE_SIZE to setupVars (#3170)
* Update 01-pihole.conf

Signed-off-by: DoubleOhmSeven <57564379+DoubleOhmSeven@users.noreply.github.com>

* Update basic-install.sh

Signed-off-by: DoubleOhmSeven <57564379+DoubleOhmSeven@users.noreply.github.com>

Co-authored-by: DoubleOhmSeven <57564379+DoubleOhmSeven@users.noreply.github.com>
2020-09-17 23:13:40 +02:00
Mograine b93628acb3 Merge branch 'development' of https://github.com/Mograine/pi-hole into patch-1 2019-11-13 09:44:48 +01:00
Pierre Ghiot bb8dbe9da5 Update 01-pihole.conf
Signed-off-by: Mograine <ghiot.pierre@gmail.com>
2019-10-27 16:55:54 +01:00
DL6ER 1f36ec48e3
Add use-application-dns.net = NXDOMAIN in ProcessDNSSettings rather than in the template so we can ensure that it will survive config-renewals.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2019-09-07 23:11:20 +02:00
DL6ER 525ec8cd01
Signal to Firefox that the local network is unsuitable for DNS-over-HTTPS
Signed-off-by: DL6ER <dl6er@dl6er.de>
2019-09-07 08:44:03 +02:00
DL6ER d8eee47ca4
Add dhcp-ignore-names option when enabling DHCP service. We currently remove anything that starts with "dhcp-" to have a clean configuration and removed these lines without noticing when enabling the DHCP server.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2019-08-28 22:10:26 -07:00
DL6ER c5df104a66
Add dhcp-ignore-names option when enabling DHCP service. We currently remove anything that starts with "dhcp-" to have a clean configuration and removed these lines without noticing when enabling the DHCP server.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2019-05-30 16:41:37 +02:00
DL6ER de44563301
Remove addn-hosts from 01-pihole.conf
Signed-off-by: DL6ER <dl6er@dl6er.de>
2019-04-24 18:51:38 +02:00
Mcat12 7a19d24058
Remove user/group from dnsmasq config
In the case that FTL is started under root, dnsmasq changes the user to
pihole due to this setting. The shared memory is created before this
switch, and may cause issues such as failing to delete or reallocate
the shared memory.

These config lines were necessary before dnsmasq became part of FTL, but
now since dnsmasq runs under FTL, we can configure the user/group
through FTL.

Signed-off-by: Mcat12 <newtoncat12@yahoo.com>
2019-02-03 10:55:18 -08:00
DL6ER 04fd296ffe
Add wpad vulnerability fix as suggested by dnsmasq.conf.example
Signed-off-by: DL6ER <dl6er@dl6er.de>
2019-01-01 17:13:43 +01:00
Mark Drobnak f87f3b9199
Merge pull request #2467 from pi-hole/fix/dnsmasq-license
Update dnsmasq config license
2018-10-17 11:56:41 -04:00
WaLLy3K 7f92671765
Update dnsmasq config license
* Also updated "separate config" text

Signed-off-by: WaLLy3K <wally3k@pi-hole.net>
2018-10-17 11:01:28 +11:00
DL6ER 45bf4b02e7
Ensure that when pihole-FTL is launched as user root, it will drop permissions as soon as this is possible. We tell pihole-FTL to change UID/GID to pihole:pihole instead of the default nobody:nogroup. This default causes conflicts with our SQLite3 database. See that corresponding pull request for further details.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2018-08-27 16:51:33 +02:00
DL6ER 1dca1efbc6
Don't use extra query logging
Signed-off-by: DL6ER <dl6er@dl6er.de>
2018-08-20 23:11:23 +02:00
DL6ER 5c2dcb5e74
Enable dnsmasq's extra logging feature
Signed-off-by: DL6ER <dl6er@dl6er.de>
2017-12-21 16:42:55 +01:00
WaLLy3K 11282aaca3 Decrease `local-ttl` to 2
* Decreasing value should benefit clients when whitelisting blocked sites, [as per this discussion](https://github.com/pi-hole/pi-hole/pull/1698#issuecomment-331134576).
2017-09-21 23:11:44 +10:00
Mcat12 bc46694ea7 Move local.list after the ad blocking lists
Fixes the bug found by [Reddit](https://www.reddit.com/r/pihole/comments/6j3az9/urls_in_my_blacklist_are_showing_up_as_my_default/)
2017-06-25 12:18:09 -04:00
DL6ER 0283a1ab74
Introduce new file black.list for blacklist content 2017-06-17 13:50:10 +02:00
DL6ER 19e688effb
Add localise-queries flag to 01-pihole.conf 2017-04-30 13:47:07 +02:00
DL6ER f626406685
Revert #1273 2017-03-03 23:14:12 +01:00
DL6ER ec7e75a6e3
Don't save `interface=` line to `dnsmasq`s config file 2017-02-24 16:02:24 +01:00
Promofaux 684ac98c8e Remove hostname and pi.hole entries, move to /etc/pihole/local.list 2016-12-14 19:28:01 +00:00
Dan Schaper 300001e766 Remove `listen-address` directive
Since we declare an `interface` `dnsmasq` should ignore the `listen-address` directive thus making redundant. Removed.
2016-10-27 11:56:16 -07:00
Adam Warner 18005ceee8 add hostname lines in 01-pihole.conf 2016-10-25 15:03:49 +01:00
Adam Warner eb52f81a5c add pi.hole entries to 01-pihole.conf 2016-10-25 14:54:10 +01:00
Adam Warner 97a013b2b7 Add direction to change upstream servers in setupVars.conf 2016-10-18 10:35:22 +01:00
Adam Warner 77808223dc remove stock comments from 01-pihole.conf and add warning to the top 2016-10-18 10:05:10 +01:00
Promofaux 70e4104c17 Merge remote-tracking branch 'origin/development' 2016-01-31 20:47:10 +00:00
Chad Howell abef758ff6 Get ready for user selected DNSs
Prep for using sed to insert user selected DNSs into 01-pihole.conf.
Selections will come from dialog during install script containing the
following choices: Google, DynDNS, and eventually 2 custom DNS servers.
2016-01-25 00:05:17 -05:00
Chad Howell ff5ed561cc Rename dnsmasq.conf to 01-pihole.conf
Rename dnsmasq.conf to 01-pihole.conf to prepare for move to
/etc/dnsmasq.d/ per the normal way of modding configs on Debian based
systems.
2016-01-24 23:54:00 -05:00