Merge branch 'development' into webUIprivacymode

2025-04-18 13:20:13 +00:00 · 2016-12-27 21:27:11 +01:00 · 2016-12-27 21:27:11 +01:00 · 321ea8a3a9
commit 321ea8a3a9
parent 7a243f890e fcdd58ac94
16 changed files with 1179 additions and 972 deletions
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@ -6,16 +6,7 @@
 **How familiar are you with the codebase?:**
- [] 1 (very unfamiliar)
+_{replace this text with a number from 1 to 10, with 1 being not familiar, and 10 being very familiar}_
 - [] 2
 - [] 3
 - [] 4
 - [] 5
 - [] 6
 - [] 7
 - [] 8
 - [] 9
 - [] 10 (very familiar)
 ---
 **[FEATURE REQUEST | QUESTION | OTHER]:**
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@ -10,16 +10,7 @@
 **How familiar are you with the codebase?:**
- [] 1 (very unfamiliar)
+_{replace this text with a number from 1 to 10, with 1 being not familiar, and 10 being very familiar}_
 - [] 2
 - [] 3
 - [] 4
 - [] 5
 - [] 6
 - [] 7
 - [] 8
 - [] 9
 - [] 10 (very familiar)
 ---
 _{replace this line with your pull request content}_
--- a/README.md
+++ b/README.md
@ -10,7 +10,7 @@
 ## The multi-platform, network-wide ad blocker
-Block ads for **all** your devices _without_ the need to install client-side software.  The Pi-hole blocks ads the DNS-level, so all your devices are protected.
+Block ads for **all** your devices _without_ the need to install client-side software.  The Pi-hole blocks ads at the DNS-level, so all your devices are protected.
 - Web Browsers
 - Cell Phones
@ -53,7 +53,7 @@ wget -O basic-install.sh https://install.pi-hole.net
 bash basic-install.sh
 ```
-Once installed, [configure your router to have **DHCP clients use the Pi as their DNS server**](http://pi-hole.net/faq/can-i-set-the-pi-hole-to-be-the-dns-server-at-my-router-so-i-dont-have-to-change-settings-for-my-devices/) and then any device that connects to your network will have ads blocked without any further configuration. Alternatively, you can manually set each device to [use the Raspberry Pi as its DNS server](http://pi-hole.net/faq/how-do-i-use-the-pi-hole-as-my-dns-server/).
+Once installed, [configure your router to have **DHCP clients use the Pi as their DNS server**](https://discourse.pi-hole.net/t/how-do-i-configure-my-devices-to-use-pi-hole-as-their-dns-server/245) and then any device that connects to your network will have ads blocked without any further configuration. Alternatively, you can manually set each device to [use the Raspberry Pi as its DNS server](http://pi-hole.net/faq/how-do-i-use-the-pi-hole-as-my-dns-server/).
 ## Installing the Pi-hole (Click to Watch!)
 <p align="center">
--- a/advanced/Scripts/chronometer.sh
+++ b/advanced/Scripts/chronometer.sh
@ -15,8 +15,6 @@
 piLog="/var/log/pihole.log"
 gravity="/etc/pihole/gravity.list"
 today=$(date "+%b %e")
 . /etc/pihole/setupVars.conf
 CalcBlockedDomains() {
@ -35,7 +33,7 @@ CalcBlockedDomains() {
 CalcQueriesToday() {
 	if [ -e "${piLog}" ]; then
-		queriesToday=$(cat "${piLog}" | grep "${today}" | awk '/query/ {print $6}' | wc -l)
+		queriesToday=$(awk '/query\[/ {print $6}' < "${piLog}" | wc -l)
 	else
 		queriesToday="Err."
 	fi
@ -43,7 +41,7 @@ CalcQueriesToday() {
 CalcblockedToday() {
 	if [ -e "${piLog}" ] && [ -e "${gravity}" ];then
-		blockedToday=$(cat ${piLog} | awk '/\/etc\/pihole\/gravity.list/ && !/address/ {print $6}' | wc -l)
+		blockedToday=$(awk '/\/etc\/pihole\/gravity.list/ && !/address/ {print $6}' < "${piLog}" | wc -l)
 	else
 		blockedToday="Err."
 	fi
--- a/advanced/Scripts/update.sh
+++ b/advanced/Scripts/update.sh
@ -22,9 +22,15 @@ readonly PI_HOLE_FILES_DIR="/etc/.pihole"
 is_repo() {
  # Use git to check if directory is currently under VCS, return the value
  local directory="${1}"
  local curdir
  local rc
-  git -C "${directory}" status --short &> /dev/null
+  curdir="${PWD}"
-  return
+  cd "${directory}" &> /dev/null || return 1
  git status --short &> /dev/null
  rc=$?
  cd "${curdir}" &> /dev/null || return 1
  return "${rc}"
 }
 prep_repo() {
@ -40,22 +46,24 @@ make_repo() {
  local remoteRepo="${2}"
  local directory="${1}"
-  (prep_repo "${directory}" && git clone -q --depth 1 "${remoteRepo}" "${directory}" > /dev/null)
+  (prep_repo "${directory}" && git clone -q --depth 1 "${remoteRepo}" "${directory}")
     return
 }
 update_repo() {
  local directory="${1}"
-  local retVal=0
+  local curdir
  # Pull the latest commits
  curdir="${PWD}"
  cd "${directory}" &> /dev/null || return 1
  # Pull the latest commits
  # Stash all files not tracked for later retrieval
-  git -C "${directory}" stash --all --quiet &> /dev/null || ${retVal}=1
+  git stash --all --quiet
  # Force a clean working directory for cloning
-  git -C "${directory}" clean --force -d &> /dev/null || ${retVal}=1
+  git clean --force -d
  # Fetch latest changes and apply
-  git -C "${directory}" pull --quiet &> /dev/null || ${retVal}=1
+  git pull --quiet
-  return ${retVal}
+  cd "${curdir}" &> /dev/null || return 1
 }
 getGitFiles() {
@ -76,33 +84,59 @@ getGitFiles() {
  fi
 }
 GitCheckUpdateAvail() {
  local directory="${1}"
  curdir=$PWD;
  cd "${directory}"
  # Fetch latest changes in this repo
  git fetch --quiet origin
  status="$(git status -sb)"
  # Change back to original directory
  cd "${curdir}"
  if [[ $status == *"behind"* ]]; then
    # Local branch is behind remote branch -> Update
    return 0
  else
    # Local branch is up-to-date or in a situation
    # where this updater cannot be used (like on a
    # branch that exists only locally)
    return 1
  fi
 }
 main() {
  local pihole_version_current
  local pihole_version_latest
  local web_version_current
  local web_version_latest
-  if ! is_repo "${PI_HOLE_FILES_DIR}" || ! is_repo "${ADMIN_INTERFACE_DIR}" ; then #This is unlikely
+  #This is unlikely
  if ! is_repo "${PI_HOLE_FILES_DIR}" || ! is_repo "${ADMIN_INTERFACE_DIR}" ; then
    echo "::: Critical Error: One or more Pi-Hole repos are missing from system!"
    echo "::: Please re-run install script from https://github.com/pi-hole/pi-hole"
    exit 1;
  fi
  echo "::: Checking for updates..."
  # Checks Pi-hole version string in format vX.X.X
  pihole_version_current="$(/usr/local/bin/pihole version --pihole --current)"
  pihole_version_latest="$(/usr/local/bin/pihole version --pihole --latest)"
  web_version_current="$(/usr/local/bin/pihole version --admin --current)"
  web_version_latest="$(/usr/local/bin/pihole version --admin --latest)"
-  if [[ "${pihole_version_latest}" == "-1" || "${web_version_latest}" == "-1" ]]; then
+  if GitCheckUpdateAvail "${PI_HOLE_FILES_DIR}" ; then
-    echo "*** Unable to contact GitHub for latest version. Please try again later, contact support if this continues."
+    core_update=true
-    exit 1
+    echo "::: Pi-hole Core:   update available"
  else
    core_update=false
    echo "::: Pi-hole Core:   up to date"
  fi
  if GitCheckUpdateAvail "${ADMIN_INTERFACE_DIR}" ; then
    web_update=true
    echo "::: Web Interface:  update available"
  else
    web_update=false
    echo "::: Web Interface:  up to date"
  fi
  # Logic
  # If latest versions are blank - we've probably hit Github rate limit (stop running `pihole -up so often!):
  #            Update anyway
  # If Core up to date AND web up to date:
  #            Do nothing
  # If Core up to date AND web NOT up to date:
@ -112,46 +146,40 @@ main() {
  # if Core NOT up to date AND web NOT up to date:
  #            pull pihole repo run install --unattended
-  if [[ "${pihole_version_current}" == "${pihole_version_latest}" ]] && [[ "${web_version_current}" == "${web_version_latest}" ]]; then
+  if ! ${core_update} && ! ${web_update} ; then
    echo ":::"
    echo "::: Pi-hole version is $pihole_version_current"
    echo "::: Web Admin version is $web_version_current"
    echo ":::"
    echo "::: Everything is up to date!"
    exit 0
-  elif [[ "${pihole_version_current}" == "${pihole_version_latest}" ]] && [[ "${web_version_current}" < "${web_version_latest}" ]]; then
+  elif ! ${core_update} && ${web_update} ; then
    echo ":::"
    echo "::: Pi-hole Web Admin files out of date"
    getGitFiles "${ADMIN_INTERFACE_DIR}" "${ADMIN_INTERFACE_GIT_URL}"
-    web_updated=true
+  elif ${core_update} && ! ${web_update} ; then
-
+    echo ":::"
  elif [[ "${pihole_version_current}" < "${pihole_version_latest}" ]] && [[ "${web_version_current}" == "${web_version_latest}" ]]; then
    echo "::: Pi-hole core files out of date"
    getGitFiles "${PI_HOLE_FILES_DIR}" "${PI_HOLE_GIT_URL}"
    /etc/.pihole/automated\ install/basic-install.sh --reconfigure --unattended || echo "Unable to complete update, contact Pi-hole" && exit 1
    core_updated=true
-  elif [[ "${pihole_version_current}" < "${pihole_version_latest}" ]] && [[ "${web_version_current}" < "${web_version_latest}" ]]; then
+  elif ${core_update} && ${web_update} ; then
    echo ":::"
    echo "::: Updating Everything"
    getGitFiles "${PI_HOLE_FILES_DIR}" "${PI_HOLE_GIT_URL}"
    /etc/.pihole/automated\ install/basic-install.sh --unattended || echo "Unable to complete update, contact Pi-hole" && exit 1
    web_updated=true
    core_updated=true
  else
    echo "*** Update script has malfunctioned, fallthrough reached. Please contact support"
    exit 1
  fi
-  if [[ "${web_updated}" == true ]]; then
+  if [[ "${web_update}" == true ]]; then
    web_version_current="$(/usr/local/bin/pihole version --admin --current)"
    echo ":::"
    echo "::: Web Admin version is now at ${web_version_current}"
    echo "::: If you had made any changes in '/var/www/html/admin/', they have been stashed using 'git stash'"
  fi
-  if [[ "${core_updated}" == true ]]; then
+  if [[ "${core_update}" == true ]]; then
    pihole_version_current="$(/usr/local/bin/pihole version --pihole --current)"
    echo ":::"
    echo "::: Pi-hole version is now at ${pihole_version_current}"
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@ -19,8 +19,9 @@ helpFunc() {
 :::
 ::: Options:
 :::  -p, password		Set web interface password, an empty input will remove any previously set password
-:::  -c, celsius		Set Celcius temperature unit
+:::  -c, celsius		Set Celsius temperature unit
 :::  -f, fahrenheit		Set Fahrenheit temperature unit
 :::  -k, kelvin			Set Kelvin temperature unit
 :::  -h, --help			Show this help dialog
 EOM
 	exit 0
@ -31,11 +32,7 @@ SetTemperatureUnit(){
 	# Remove setting from file (create backup setupVars.conf.bak)
 	sed -i.bak '/TEMPERATUREUNIT/d' /etc/pihole/setupVars.conf
 	# Save setting to file
-	if [[ $unit == "F" ]] ; then
+	echo "TEMPERATUREUNIT=${unit}" >> /etc/pihole/setupVars.conf
 		echo "TEMPERATUREUNIT=F" >> /etc/pihole/setupVars.conf
 	else
 		echo "TEMPERATUREUNIT=C" >> /etc/pihole/setupVars.conf
 	fi
 }
@ -64,6 +61,7 @@ SetWebPassword(){
 		echo "WEBPASSWORD=${hash}" >> /etc/pihole/setupVars.conf
 		echo "New password set"
 	else
 		echo "WEBPASSWORD=" >> /etc/pihole/setupVars.conf
 		echo "Password removed"
 	fi
@ -72,15 +70,21 @@ SetWebPassword(){
 SetDNSServers(){
 	# Remove setting from file (create backup setupVars.conf.bak)
-	sed -i.bak '/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/DNS_FQDN_REQUIRED/d;' /etc/pihole/setupVars.conf
+	sed -i.bak '/PIHOLE_DNS_1/d;/PIHOLE_DNS_2/d;/DNS_FQDN_REQUIRED/d;/DNS_BOGUS_PRIV/d;' /etc/pihole/setupVars.conf
 	# Save setting to file
 	echo "PIHOLE_DNS_1=${args[2]}" >> /etc/pihole/setupVars.conf
 	if [[ "${args[3]}" != "none" ]]; then
 		echo "PIHOLE_DNS_2=${args[3]}" >> /etc/pihole/setupVars.conf
 	else
 		echo "PIHOLE_DNS_2=" >> /etc/pihole/setupVars.conf
 	fi
 	# Replace within actual dnsmasq config file
 	sed -i '/server=/d;' /etc/dnsmasq.d/01-pihole.conf
 	echo "server=${args[2]}" >> /etc/dnsmasq.d/01-pihole.conf
 	if [[ "${args[3]}" != "none" ]]; then
 		echo "server=${args[3]}" >> /etc/dnsmasq.d/01-pihole.conf
 	fi
 	# Remove domain-needed entry
 	sed -i '/domain-needed/d;' /etc/dnsmasq.d/01-pihole.conf
@ -222,13 +226,27 @@ SetPrivacyMode(){
 	else
 		echo "API_PRIVACY_MODE=false" >> /etc/pihole/setupVars.conf
 	fi
 }
 ResolutionSettings() {
 	typ=${args[2]}
 	state=${args[3]}
 	if [[ "${typ}" == "forward" ]]; then
 		sed -i.bak '/API_GET_UPSTREAM_DNS_HOSTNAME/d;' /etc/pihole/setupVars.conf
 		echo "API_GET_UPSTREAM_DNS_HOSTNAME=${state}" >> /etc/pihole/setupVars.conf
 	elif [[ "${typ}" == "clients" ]]; then
 		sed -i.bak '/API_GET_CLIENT_HOSTNAME/d;' /etc/pihole/setupVars.conf
 		echo "API_GET_CLIENT_HOSTNAME=${state}" >> /etc/pihole/setupVars.conf
 	fi
 }
 case "${args[1]}" in
 	"-p" | "password"   ) SetWebPassword;;
 	"-c" | "celsius"    ) unit="C"; SetTemperatureUnit;;
 	"-f" | "fahrenheit" ) unit="F"; SetTemperatureUnit;;
 	"-k" | "kelvin"     ) unit="K"; SetTemperatureUnit;;
 	"setdns"            ) SetDNSServers;;
 	"setexcludedomains" ) SetExcludeDomains;;
 	"setexcludeclients" ) SetExcludeClients;;
@ -241,6 +259,7 @@ case "${args[1]}" in
 	"-h" | "--help"     ) helpFunc;;
 	"domainname"        ) SetDNSDomainName;;
 	"privacymode"       ) SetPrivacyMode;;
 	"resolve"           ) ResolutionSettings;;
 	*                   ) helpFunc;;
 esac
--- a/advanced/blockingpage.css
+++ b/advanced/blockingpage.css
@ -0,0 +1,133 @@
 /* CSS Reset */
 html, body, div, span, applet, object, iframe, h1, h2, h3, h4, h5, h6, p, blockquote, pre, a, abbr, acronym, address, big, cite, code, del, dfn, em, img, ins, kbd, q, s, samp, small, strike, strong, sub, sup, tt, var, b, u, i, center, dl, dt, dd, ol, ul, li, fieldset, form, label, legend, table, caption, tbody, tfoot, thead, tr, th, td, article, aside, canvas, details, embed, figure, figcaption, footer, header, hgroup, menu, nav, output, ruby, section, summary, time, mark, audio, video { margin: 0; padding: 0; border: 0; font-size: 100%; font: inherit; vertical-align: baseline; }
 article, aside, details, figcaption, figure, footer, header, hgroup, menu, nav, section { display: block; }
 body { line-height: 1; }
 ol, ul { list-style: none; }
 blockquote, q { quotes: none; }
 blockquote:before, blockquote:after, q:before, q:after { content: ''; content: none; }
 table { border-collapse: collapse; border-spacing: 0; }
 html { height: 100%; overflow-x: hidden; }
 /* General Style */
 a	{ color: rgba(0,60,120,0.95); text-decoration: none; } /* 1E3C5A */
 a:hover { color: rgba(210,120,0,0.95); transition-duration: .2s; } /* 255, 128, 0 */
 divs a		{ border-bottom: 1px dashed rgba(30,60,90,0.3); }
 b	{ font-weight: bold; }
 i	{ font-style: italic; }
 footer, pre, td { font-family: monospace; padding-left: 15px; }
 /*body, header { background: #E1E1E1; }*/
 body {
 	background-image: -webkit-linear-gradient(top, rgba(240,240,240,0.95), rgba(190,190,190,0.95));
 	background-image: linear-gradient(to bottom, rgba(240,240,240,0.95), rgba(190,190,190,0.95));
 	background-attachment: fixed;
 	color: rgba(64,64,64,0.95);
 	font: 14px, sans-serif;
 	line-height: 1em;
 }
 header {
 	min-width: 320px;
 	width: 100%;
 	text-shadow: 0 1px rgba(255,255,255,0.6);
 	display: table;
 	table-layout: fixed;
 	border: 1px solid rgba(0,0,0,0.25);
 	border-top-color: rgba(255,255,255,0.85);
 	border-style: solid none;
 	background-image: -webkit-linear-gradient(top, rgba(240,240,240,0.95), rgba(220,220,220,0.95));
 	background-image: linear-gradient(to bottom, rgba(240,240,240,0.95), rgba(220,220,220,0.95));
 	box-shadow:  0 0 1px 1px rgba(0,0,0,0.04);
 }
 header h1, header div {
 	display: table-cell;
 	color: inherit;
 	font-weight: bold;
 	vertical-align: middle;
 	white-space: nowrap;
 	overflow: hidden;
 	box-sizing: border-box;
 }
 header h1 {
 	font-size: 22px;
 	font-weight: bold;
 	width: 100%;
 	padding: 8px 0;
 	text-indent: 32px;
 	background: url("http://pi.hole/admin/img/logo.svg") left no-repeat;
 	background-size: 30px 22px;
 }
 header h1 a, h1 a:hover { color: inherit; }
 header .alt { width: 85px; font-size: 0.8em; padding-right: 4px; text-align: right; line-height: 1.25em; }
 .active { color: green; }
 .inactive { color: red; }
 main {
 	display: block;
 	width: 80%;
 	padding: 10px;
 	font-size: 1em;
 	background-color: rgba(255,255,255,0.85);
 	margin: 8px auto;
 	box-sizing: border-box;
 	border: 1px solid rgba(0,0,0,0.25);
 	box-shadow:  4px 4px rgba(0,0,0,0.1);
 	line-height: 1.2em;
 	border-radius: 8px;
 }
 h2 { /* Rgba is shared with .transparent th */
 	font: 1.15em sans-serif;
 	background-color: rgba(255,0,0,0.4);
 	text-shadow: none;
 	line-height: 1.1em;
 	padding-bottom: 1px;
 	margin-top: 8px;
 	margin-bottom: 4px;
 	background: -webkit-linear-gradient(left, rgba(0,0,0,0.25), transparent 80%) no-repeat;
 	background: linear-gradient(to right, rgba(0,0,0,0.25), transparent 80%) no-repeat;
 	background-size: 100% 1px;
 	background-position: 0 17px;
 }
 h2:first-child { margin-top: 0; }
 h2 ~ *:not(h2) { margin-left: 4px; }
 li { padding: 2px 0; }
 li::before { content: "\00BB\00a0"; }
 li a { position: relative; top: 1px; } /* Center bullet-point arrows */
 /* Button Style */
 .buttons a, input, .transparent th a { /* Swapped rgba is shared with input[type='url'] */
 	display: inline-block;
 	color: rgba(32,32,32,0.9);
 	font-weight: bold;
 	text-align: center;
 	cursor: pointer;
 	text-shadow: 0 1px rgba(255,255,255,0.2);
 	line-height: 0.86em;
 	font-size: 1em;
 	padding: 4px 8px;
 	background: #FAFAFA;
 	background-image: -webkit-linear-gradient(top, rgba(255,255,255,0.05), rgba(0,0,0,0.05));
 	background-image: linear-gradient(to bottom, rgba(255,255,255,0.05), rgba(0,0,0,0.05));
 	border: 1px solid rgba(0,0,0,0.25);
 	border-radius: 4px;
 	box-shadow: 0 1px 0 rgba(0,0,0,0.04);
 }
 .buttons { white-space: nowrap; width: 100%; display: table; }
 .mini a { width: 50%; }
 a.safe { background-color: rgba(0,220,0,0.5); }
 a.warn { background-color: rgba(220,0,0,0.5); }
 .blocked a, .mini a { display: table-cell; }
 .blocked a.safe { width: 100%; }
 /* Types of text */
 .msg { white-space: pre; overflow: auto; -webkit-overflow-scrolling: touch; display: block; line-height: 1.2em; font-weight: bold; font-size: 1.15em; margin: 4px 8px 8px 8px; white-space: pre-line; }
 footer { font-size: 0.8em; text-align: center; width: 87%; margin: 4px auto; }
--- a/advanced/index.html
+++ b/advanced/index.html
@ -1,7 +0,0 @@
 <html>
 <head>
 <script>window.close();</script>
 </head>
 <body>
 </body>
 </html>
--- a/advanced/index.php
+++ b/advanced/index.php
@ -0,0 +1,103 @@
 <?php
 /* Detailed Pi-Hole Block Page: Show "Website Blocked" if user browses to site, but not to image/file requests based on the work of WaLLy3K for DietPi & Pi-Hole */
 $uri = escapeshellcmd($_SERVER['REQUEST_URI']);
 $serverName = escapeshellcmd($_SERVER['SERVER_NAME']);
 // Retrieve server URI extension (EG: jpg, exe, php)
 $uriExt = pathinfo($uri, PATHINFO_EXTENSION);
 // Define which URL extensions get rendered as "Website Blocked"
 $webExt = array('asp', 'htm', 'html', 'php', 'rss', 'xml');
 if(in_array($uriExt, $webExt) || empty($uriExt))
 {
 	// Requested resource has an extension listed in $webExt
 	// or no extension (index access to some folder incl. the root dir)
 	$showPage = true;
 }
 else
 {
 	// Something else
 	$showPage = false;
 }
 // Handle incoming URI types
 if (!$showPage)
 {
 ?>
 <html>
 <head>
 <script>window.close();</script></head>
 <body>
 <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7">
 </body>
 </html>
 <?php
 	die();
 }
 // Get Pi-Hole version
 $piHoleVersion = exec('cd /etc/.pihole/ && git describe --tags --abbrev=0');
 // Don't show the URI if it is the root directory
 if($uri == "/")
 {
 	$uri = "";
 }
 ?>
 <!DOCTYPE html>
 <head>
 	<meta charset='UTF-8'/>
 	<title>Website Blocked</title>
 	<link rel='stylesheet' href='http://<?php echo $_SERVER['SERVER_ADDR']; ?>/admin/blockingpage.css'/>
 	<link rel='shortcut icon' href='http://<?php echo $_SERVER['SERVER_ADDR']; ?>/admin/img/favicon.png' type='image/png'/>
 	<meta name='viewport' content='width=device-width,initial-scale=1.0,maximum-scale=1.0, user-scalable=no'/>
 	<meta name='robots' content='noindex,nofollow'/>
 </head>
 <body id="body">
 <header>
 	<h1><a href='/'>Website Blocked</a></h1>
 </header>
 <main>
 	<div>Access to the following site has been blocked:<br/>
 	<span class='pre msg'><?php echo $serverName.$uri; ?></span></div>
 	<div>If you have an ongoing use for this website, please ask the owner of the Pi-hole in your network to have it whitelisted.</div>
 	<input id="domain" type="hidden" value="<?php echo $serverName; ?>">
 	<input id="quiet" type="hidden" value="yes">
 	<button id="btnSearch" class="buttons blocked" type="button" style="visibility: hidden;"></button>
 	This page is blocked because it is explicitly contained within the following block list(s):
 	<pre id="output" style="width: 100%; height: 100%;" hidden="true"></pre><br/>
 	<div class='buttons blocked'><a class='safe' href='javascript:history.back()'>Go back</a>
 </main>
 <footer>Generated <?php echo date('D g:i A, M d'); ?> by Pi-hole <?php echo $piHoleVersion; ?></footer>
 <script src="http://<?php echo $_SERVER['SERVER_ADDR']; ?>/admin/js/other/jquery.min.js"></script>
 <script src="http://<?php echo $_SERVER['SERVER_ADDR']; ?>/admin/js/pihole/queryads.js"></script>
 <script>
 	function inIframe () {
 		try {
 			return window.self !== window.top;
 		} catch (e) {
 			return true;
 		}
 	}
 	// Try to detect if page is loaded within iframe
 	if(inIframe())
 	{
 		// Within iframe
 		// hide content of page
 		$('#body').hide();
 		// remove background
 		document.body.style.backgroundImage = "none";
 	}
 	else
 	{
 		// Query adlists
 		$( "#btnSearch" ).click();
 	}
 // }
 </script>
 </body>
 </html>
--- a/advanced/lighttpd.conf.debian
+++ b/advanced/lighttpd.conf.debian
@ -21,7 +21,7 @@ server.modules = (
 )
 server.document-root        = "/var/www/html"
-server.error-handler-404	= "pihole/index.html"
+server.error-handler-404	= "pihole/index.php"
 server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
 server.errorlog             = "/var/log/lighttpd/error.log"
 server.pid-file             = "/var/run/lighttpd.pid"
--- a/advanced/lighttpd.conf.fedora
+++ b/advanced/lighttpd.conf.fedora
@ -22,7 +22,7 @@ server.modules = (
 )
 server.document-root        = "/var/www/html"
-server.error-handler-404	= "pihole/index.html"
+server.error-handler-404	= "pihole/index.php"
 server.upload-dirs          = ( "/var/cache/lighttpd/uploads" )
 server.errorlog             = "/var/log/lighttpd/error.log"
 server.pid-file             = "/var/run/lighttpd.pid"
--- a/advanced/pihole.sudo
+++ b/advanced/pihole.sudo
@ -9,4 +9,3 @@
 # the Free Software Foundation, either version 2 of the License, or
 # (at your option) any later version.
 www-data ALL=NOPASSWD: /usr/local/bin/pihole
--- a/advanced/selinux/pihole.te
+++ b/advanced/selinux/pihole.te
@ -1,87 +0,0 @@
 module pihole 1.0;
 require {
        type var_log_t;
        type unconfined_t;
        type init_t;
        type auditd_t;
        type syslogd_t;
        type NetworkManager_t;
        type mdadm_t;
        type tuned_t;
        type avahi_t;
        type irqbalance_t;
        type system_dbusd_t;
        type kernel_t;
        type httpd_sys_script_t;
        type systemd_logind_t;
        type httpd_t;
        type policykit_t;
        type dnsmasq_t;
        type udev_t;
        type postfix_pickup_t;
        type sshd_t;
        type crond_t;
        type getty_t;
        type lvm_t;
        type postfix_qmgr_t;
        type postfix_master_t;
        class dir { getattr search };
        class file { read open setattr };
 }
 #============= dnsmasq_t ==============
 allow dnsmasq_t var_log_t:file { open setattr };
 #============= httpd_t ==============
 allow httpd_t var_log_t:file { read open };
 #============= httpd_sys_script_t (class: dir) ==============
 allow httpd_sys_script_t NetworkManager_t:dir { getattr search };
 allow httpd_sys_script_t auditd_t:dir { getattr search };
 allow httpd_sys_script_t avahi_t:dir { getattr search };
 allow httpd_sys_script_t crond_t:dir { getattr search };
 allow httpd_sys_script_t dnsmasq_t:dir { getattr search };
 allow httpd_sys_script_t getty_t:dir { getattr search };
 allow httpd_sys_script_t httpd_t:dir { getattr search };
 allow httpd_sys_script_t init_t:dir { getattr search };
 allow httpd_sys_script_t irqbalance_t:dir { getattr search };
 allow httpd_sys_script_t kernel_t:dir { getattr search };
 allow httpd_sys_script_t lvm_t:dir { getattr search };
 allow httpd_sys_script_t mdadm_t:dir { getattr search };
 allow httpd_sys_script_t policykit_t:dir { getattr search };
 allow httpd_sys_script_t postfix_master_t:dir { getattr search };
 allow httpd_sys_script_t postfix_pickup_t:dir { getattr search };
 allow httpd_sys_script_t postfix_qmgr_t:dir { getattr search };
 allow httpd_sys_script_t sshd_t:dir { getattr search };
 allow httpd_sys_script_t syslogd_t:dir { getattr search };
 allow httpd_sys_script_t system_dbusd_t:dir { getattr search };
 allow httpd_sys_script_t systemd_logind_t:dir { getattr search };
 allow httpd_sys_script_t tuned_t:dir { getattr search };
 allow httpd_sys_script_t udev_t:dir { getattr search };
 allow httpd_sys_script_t unconfined_t:dir { getattr search };
 #============= httpd_sys_script_t (class: file) ==============
 allow httpd_sys_script_t NetworkManager_t:file { read open };
 allow httpd_sys_script_t auditd_t:file { read open };
 allow httpd_sys_script_t avahi_t:file { read open };
 allow httpd_sys_script_t crond_t:file { read open };
 allow httpd_sys_script_t dnsmasq_t:file { read open };
 allow httpd_sys_script_t getty_t:file { read open };
 allow httpd_sys_script_t httpd_t:file { read open };
 allow httpd_sys_script_t init_t:file { read open };
 allow httpd_sys_script_t irqbalance_t:file { read open };
 allow httpd_sys_script_t kernel_t:file { read open };
 allow httpd_sys_script_t lvm_t:file { read open };
 allow httpd_sys_script_t mdadm_t:file { read open };
 allow httpd_sys_script_t policykit_t:file { read open };
 allow httpd_sys_script_t postfix_master_t:file { read open };
 allow httpd_sys_script_t postfix_pickup_t:file { read open };
 allow httpd_sys_script_t postfix_qmgr_t:file { read open };
 allow httpd_sys_script_t sshd_t:file { read open };
 allow httpd_sys_script_t syslogd_t:file { read open };
 allow httpd_sys_script_t system_dbusd_t:file { read open };
 allow httpd_sys_script_t systemd_logind_t:file { read open };
 allow httpd_sys_script_t tuned_t:file { read open };
 allow httpd_sys_script_t udev_t:file { read open };
 allow httpd_sys_script_t unconfined_t:file { read open };
--- a/install/basic-install.sh
+++ b/install/basic-install.sh
@ -21,6 +21,7 @@ set -e
 tmpLog=/tmp/pihole-install.log
 instalLogLoc=/etc/pihole/install.log
 setupVars=/etc/pihole/setupVars.conf
 lighttpdConfig=/etc/lighttpd/lighttpd.conf
 webInterfaceGitUrl="https://github.com/pi-hole/AdminLTE.git"
 webInterfaceDir="/var/www/html/admin"
@ -78,10 +79,8 @@ if [[ $(command -v apt-get) ]]; then
  #Debian Family
  #############################################
  PKG_MANAGER="apt-get"
  PKG_CACHE="/var/lib/apt/lists/"
  UPDATE_PKG_CACHE="${PKG_MANAGER} update"
-  PKG_UPDATE="${PKG_MANAGER} upgrade"
+  PKG_INSTALL="${PKG_MANAGER} --yes --no-install-recommends install"
  PKG_INSTALL="${PKG_MANAGER} --yes --fix-missing install"
  # grep -c will return 1 retVal on 0 matches, block this throwing the set -e with an OR TRUE
  PKG_COUNT="${PKG_MANAGER} -s -o Debug::NoLocking=true upgrade | grep -c ^Inst || true"
  # #########################################
@ -91,8 +90,8 @@ if [[ $(command -v apt-get) ]]; then
  # Prefer the php metapackage if it's there, fall back on the php5 pacakges
  ${PKG_MANAGER} install --dry-run php > /dev/null 2>&1 && phpVer="php" || phpVer="php5"
  # #########################################
-  INSTALLER_DEPS=( apt-utils whiptail git dhcpcd5)
+  INSTALLER_DEPS=(apt-utils debconf dhcpcd5 git whiptail)
-  PIHOLE_DEPS=( iputils-ping lsof dnsutils bc dnsmasq lighttpd ${phpVer}-common ${phpVer}-cgi curl unzip wget sudo netcat cron ${IPROUTE_PKG} )
+  PIHOLE_DEPS=(bc cron curl dnsmasq dnsutils ${IPROUTE_PKG} iputils-ping lighttpd lsof netcat ${phpVer}-common ${phpVer}-cgi sudo unzip wget)
  LIGHTTPD_USER="www-data"
  LIGHTTPD_GROUP="www-data"
  LIGHTTPD_CFG="lighttpd.conf.debian"
@ -108,13 +107,12 @@ elif [ $(command -v rpm) ]; then
  else
    PKG_MANAGER="yum"
  fi
-  PKG_CACHE="/var/cache/${PKG_MANAGER}"
+  # Fedora and family update cache on every PKG_INSTALL call, no need for a separate update.
-  UPDATE_PKG_CACHE="${PKG_MANAGER} check-update"
+  UPDATE_PKG_CACHE=":"
  PKG_UPDATE="${PKG_MANAGER} update -y"
  PKG_INSTALL="${PKG_MANAGER} install -y"
  PKG_COUNT="${PKG_MANAGER} check-update | egrep '(.i686|.x86|.noarch|.arm|.src)' | wc -l"
-  INSTALLER_DEPS=( iproute net-tools procps-ng newt git )
+  INSTALLER_DEPS=(git iproute net-tools newt procps-ng)
-  PIHOLE_DEPS=( epel-release bind-utils bc dnsmasq lighttpd lighttpd-fastcgi php-common php-cli php curl unzip wget findutils cronie sudo nmap-ncat )
+  PIHOLE_DEPS=(bc bind-utils cronie curl dnsmasq epel-release findutils lighttpd lighttpd-fastcgi nmap-ncat php php-common php-cli sudo unzip wget)
  if grep -q 'Fedora' /etc/redhat-release; then
    remove_deps=(epel-release);
@ -134,26 +132,17 @@ else
 fi
 ####### FUNCTIONS ##########
 spinner() {
  local pid=$1
  local delay=0.50
  local spinstr='/-\|'
  while [ "$(ps a | awk '{print $1}' | grep "${pid}")" ]; do
    local temp=${spinstr#?}
    printf " [%c]  " "${spinstr}"
    local spinstr=${temp}${spinstr%"$temp"}
    sleep ${delay}
    printf "\b\b\b\b\b\b"
  done
  printf "    \b\b\b\b"
 }
 is_repo() {
  # Use git to check if directory is currently under VCS, return the value
  local directory="${1}"
-  git -C "${directory}" status --short &> /dev/null
+  if [ -d $directory ]; then
-  return
+    # git -C is not used here to support git versions older than 1.8.4
    curdir=$PWD; cd $directory; git status --short &> /dev/null; rc=$?; cd $curdir
    return $rc
  else
    # non-zero return code if directory does not exist OR is not a valid git repository
    return 1
  fi
 }
 make_repo() {
@ -162,7 +151,7 @@ make_repo() {
  # Remove the non-repod interface and clone the interface
  echo -n ":::    Cloning $remoteRepo into $directory..."
  rm -rf "${directory}"
-	git clone -q --depth 1 "${remoteRepo}" "${directory}" > /dev/null & spinner $!
+  git clone -q --depth 1 "${remoteRepo}" "${directory}" &> /dev/null
  echo " done!"
 }
@ -171,8 +160,8 @@ update_repo() {
  # Pull the latest commits
  echo -n ":::    Updating repo in $1..."
  cd "${directory}" || exit 1
-	git stash -q > /dev/null & spinner $!
+  git stash -q &> /dev/null
-	git pull -q > /dev/null & spinner $!
+  git pull -q &> /dev/null
  echo " done!"
 }
@ -193,13 +182,13 @@ getGitFiles() {
 find_IPv4_information() {
  # Find IP used to route to outside world
  IPv4dev=$(ip route get 8.8.8.8 | awk '{for(i=1;i<=NF;i++)if($i~/dev/)print $(i+1)}')
-	IPV4_ADDRESS=$(ip -o -f inet addr show dev "$IPv4dev" | awk '{print $4}' | awk 'END {print}')
+  IPV4_ADDRESS=$(ip route get 8.8.8.8| awk '{print $7}')
  IPv4gw=$(ip route get 8.8.8.8 | awk '{print $3}')
 }
 get_available_interfaces() {
-	# Get available interfaces. Consider only getting UP interfaces in the future, and leaving DOWN interfaces out of list.
+  # Get available UP interfaces.
-	availableInterfaces=$(ip -o link | awk '{print $2}' | grep -v "lo" | cut -d':' -f1 | cut -d'@' -f1)
+  availableInterfaces=$(ip -o link | grep "state UP" | awk '{print $2}' | cut -d':' -f1 | cut -d'@' -f1)
 }
 welcomeDialogs() {
@ -242,9 +231,7 @@ verifyFreeDiskSpace() {
    echo "Insufficient free space, exiting..."
    exit 1
  fi
 }
@ -260,6 +247,11 @@ chooseInterface() {
  # Loop sentinel variable
  local firstLoop=1
  if [[ $(echo ${availableInterfaces} | wc -l) -eq 1 ]]; then
      PIHOLE_INTERFACE=${availableInterfaces}
      return
  fi
  while read -r line; do
    mode="OFF"
    if [[ ${firstLoop} -eq 1 ]]; then
@ -286,8 +278,11 @@ chooseInterface() {
 useIPv6dialog() {
  # Show the IPv6 address used for blocking
-	IPV6_ADDRESS=$(ip -6 route get 2001:4860:4860::8888 | awk -F " " '{ for(i=1;i<=NF;i++) if ($i == "src") print $(i+1) }')
+  IPV6_ADDRESS=$(ip -6 route get 2001:4860:4860::8888 | grep -v "unreachable" | awk -F " " '{ for(i=1;i<=NF;i++) if ($i == "src") print $(i+1) }')
  if [[ ! -z "${IPV6_ADDRESS}" ]]; then
    whiptail --msgbox --backtitle "IPv6..." --title "IPv6 Supported" "$IPV6_ADDRESS will be used to block ads." ${r} ${c}
  fi
 }
@ -623,16 +618,6 @@ version_check_dnsmasq() {
    fi
 }
 remove_legacy_scripts() {
 	#Tidy up /usr/local/bin directory if installing over previous install.
 	oldFiles=( gravity chronometer whitelist blacklist piholeLogFlush updateDashboard uninstall setupLCD piholeDebug)
 	for i in "${oldFiles[@]}"; do
 		if [ -f "/usr/local/bin/$i.sh" ]; then
 			rm /usr/local/bin/"$i".sh
 		fi
 	done
 }
 clean_existing() {
  # Clean an exiting installation to prepare for upgrade/reinstall
  # ${1} Directory to clean; ${2} Array of files to remove
@ -642,7 +627,6 @@ clean_existing() {
  for script in "${old_files[@]}"; do
    rm -f "${clean_directory}${script}.sh"
  done
 }
 installScripts() {
@ -658,6 +642,7 @@ installScripts() {
  # Install files from local core repository
  if is_repo "${PI_HOLE_LOCAL_REPO}"; then
    cd "${PI_HOLE_LOCAL_REPO}"
    install -o "${USER}" -Dm755 -d /opt/pihole
    install -o "${USER}" -Dm755 -t /opt/pihole/ gravity.sh
    install -o "${USER}" -Dm755 -t /opt/pihole/ ./advanced/Scripts/*.sh
    install -o "${USER}" -Dm755 -t /opt/pihole/ ./automated\ install/uninstall.sh
@ -696,9 +681,9 @@ stop_service() {
  echo ":::"
  echo -n "::: Stopping ${1} service..."
  if [ -x "$(command -v systemctl)" ]; then
-		systemctl stop "${1}" &> /dev/null & spinner $! || true
+    systemctl stop "${1}" &> /dev/null || true
  else
-		service "${1}" stop &> /dev/null & spinner $! || true
+    service "${1}" stop &> /dev/null || true
  fi
  echo " done."
 }
@ -709,9 +694,9 @@ start_service() {
  echo ":::"
  echo -n "::: Starting ${1} service..."
  if [ -x "$(command -v systemctl)" ]; then
-		systemctl restart "${1}" &> /dev/null & spinner $!
+    systemctl restart "${1}" &> /dev/null
  else
-		service "${1}" restart &> /dev/null  & spinner $!
+    service "${1}" restart &> /dev/null
  fi
  echo " done."
 }
@ -721,9 +706,9 @@ enable_service() {
  echo ":::"
  echo -n "::: Enabling ${1} service to start on reboot..."
  if [ -x "$(command -v systemctl)" ]; then
-		systemctl enable "${1}" &> /dev/null & spinner $!
+    systemctl enable "${1}" &> /dev/null
  else
-		update-rc.d "${1}" defaults &> /dev/null  & spinner $!
+    update-rc.d "${1}" defaults &> /dev/null
  fi
  echo " done."
 }
@ -732,19 +717,13 @@ update_pacakge_cache() {
  #Running apt-get update/upgrade with minimal output can cause some issues with
  #requiring user input (e.g password for phpmyadmin see #218)
-	#Check to see if apt-get update has already been run today
+  #Update package cache on apt based OSes. Do this every time since
-	#it needs to have been run at least once on new installs!
+  #it's quick and packages can be updated at any time.
 	timestamp=$(stat -c %Y ${PKG_CACHE})
 	timestampAsDate=$(date -d @"${timestamp}" "+%b %e")
 	today=$(date "+%b %e")
 	if [ ! "${today}" == "${timestampAsDate}" ]; then
 		#update package lists
  echo ":::"
-		echo -n "::: ${PKG_MANAGER} update has not been run today. Running now..."
+  echo -n "::: Updating local cache of available packages..."
-		${UPDATE_PKG_CACHE} &> /dev/null & spinner $!
+  ${UPDATE_PKG_CACHE} &> /dev/null
  echo " done!"
 	fi
 }
 notify_package_updates_available() {
@ -759,7 +738,7 @@ notify_package_updates_available() {
    echo "::: Your system is up to date! Continuing with Pi-hole installation..."
  else
    echo "::: There are ${updatesToInstall} updates available for your system!"
-		echo "::: We recommend you run '${PKG_UPDATE}' after installing Pi-Hole! "
+    echo "::: We recommend you update your OS after installing Pi-Hole! "
    echo ":::"
  fi
 }
@ -769,11 +748,15 @@ install_dependent_packages() {
  # No spinner - conflicts with set -e
  declare -a argArray1=("${!1}")
  if command -v debconf-apt-progress &> /dev/null; then
    debconf-apt-progress -- ${PKG_INSTALL} "${argArray1[@]}"
  else
    for i in "${argArray1[@]}"; do
      echo -n ":::    Checking for $i..."
      package_check_install "${i}" &> /dev/null
      echo " installed!"
    done
  fi
 }
 CreateLogFile() {
@ -795,11 +778,11 @@ installPiholeWeb() {
  echo ":::"
  echo "::: Installing pihole custom index page..."
  if [ -d "/var/www/html/pihole" ]; then
-	  if [ -f "/var/www/html/pihole/index.html" ]; then
+    if [ -f "/var/www/html/pihole/index.php" ]; then
-	    echo ":::     Existing index.html detected, not overwriting"
+      echo ":::     Existing index.php detected, not overwriting"
    else
-	    echo -n ":::     index.html missing, replacing... "
+      echo -n ":::     index.php missing, replacing... "
-	    cp /etc/.pihole/advanced/index.html /var/www/html/pihole/
+      cp /etc/.pihole/advanced/index.php /var/www/html/pihole/
      echo " done!"
    fi
@ -811,6 +794,14 @@ installPiholeWeb() {
      echo " done!"
    fi
    if [ -f "/var/www/html/admin/blockingpage.css" ]; then
      echo ":::     Existing blockingpage.css detected, not overwriting"
    else
      echo -n ":::     index.css missing, replacing... "
      cp /etc/.pihole/advanced/blockingpage.css /var/www/html/admin
      echo " done!"
    fi
  else
    mkdir /var/www/html/pihole
    if [ -f /var/www/html/index.lighttpd.html ]; then
@ -826,6 +817,15 @@ installPiholeWeb() {
  echo -n "::: Installing sudoer file..."
  mkdir -p /etc/sudoers.d/
  cp /etc/.pihole/advanced/pihole.sudo /etc/sudoers.d/pihole
  # Add lighttpd user (OS dependent) to sudoers file
  echo "${LIGHTTPD_USER} ALL=NOPASSWD: /usr/local/bin/pihole" >> /etc/sudoers.d/pihole
  if [[ "$LIGHTTPD_USER" == "lighttpd" ]]; then
    # Allow executing pihole via sudo with Fedora
    # Usually /usr/local/bin is not permitted as directory for sudoable programms
    echo "Defaults secure_path = /sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin" >> /etc/sudoers.d/pihole
  fi
  chmod 0440 /etc/sudoers.d/pihole
  echo " done!"
 }
@ -846,8 +846,12 @@ runGravity() {
    echo "::: Cleaning up previous install (preserving whitelist/blacklist)"
    rm /etc/pihole/list.*
  fi
  # Test if /etc/pihole/adlists.default exists
  if [[ ! -e /etc/pihole/adlists.default ]]; then
    cp /etc/.pihole/adlists.default /etc/pihole/adlists.default
  fi
  echo "::: Running gravity.sh"
-	/opt/pihole/gravity.sh
+  { /opt/pihole/gravity.sh; }
 }
 create_pihole_user() {
@ -903,7 +907,6 @@ installPihole() {
  installScripts
  installConfigs
  CreateLogFile
 	configureSelinux
  installPiholeWeb
  installCron
  configureFirewall
@ -915,13 +918,12 @@ accountForRefactor() {
  # At some point in the future this list can be pruned, for now we'll need it to ensure updates don't break.
  # Refactoring of install script has changed the name of a couple of variables. Sort them out here.
 	sed -i 's/IPv4addr/IPv4_address/g' ${setupVars}
 	sed -i 's/piholeIPv6/IPv6_address/g' ${setupVars}
 	# Account for renaming of global variables.
  sed -i 's/piholeInterface/PIHOLE_INTERFACE/g' ${setupVars}
  sed -i 's/IPv4_address/IPV4_ADDRESS/g' ${setupVars}
  sed -i 's/IPv4addr/IPV4_ADDRESS/g' ${setupVars}
  sed -i 's/IPv6_address/IPV6_ADDRESS/g' ${setupVars}
  sed -i 's/piholeIPv6/IPV6_ADDRESS/g' ${setupVars}
  sed -i 's/piholeDNS1/PIHOLE_DNS_1/g' ${setupVars}
  sed -i 's/piholeDNS2/PIHOLE_DNS_2/g' ${setupVars}
@ -935,7 +937,6 @@ updatePihole() {
  installScripts
  installConfigs
  CreateLogFile
  configureSelinux
  installPiholeWeb
  installCron
  configureFirewall
@ -943,23 +944,25 @@ updatePihole() {
  runGravity
 }
-configureSelinux() {
+
 checkSelinux() {
  if [ -x "$(command -v getenforce)" ]; then
-		printf "\n::: SELinux Detected\n"
+    echo ":::"
-		printf ":::\tChecking for SELinux policy development packages..."
+    echo -n "::: SELinux Support Detected... Mode: "
-		package_check_install "selinux-policy-devel" > /dev/null
+    enforceMode=$(getenforce)
-		echo " installed!"
+    echo "${enforceMode}"
-		printf ":::\tEnabling httpd server side includes (SSI).. "
+    if [[ "${enforceMode}" == "Enforcing" ]]; then
-		setsebool -P httpd_ssi_exec on &> /dev/null && echo "Success" || echo "SELinux not enabled"
+      if (whiptail --title "SELinux Enforcing Detected" --yesno "SELinux is being Enforced on your system!\n\nPi-hole currently does not support SELinux, but you may still continue with the installation.\n\nNote: Admin UI Will not function fully without setting your policies correctly\n\nContinue installing Pi-hole?" ${r} ${c}); then
-		printf "\n:::\tCompiling Pi-Hole SELinux policy..\n"
+          echo ":::"
-		if ! [ -x "$(command -v systemctl)" ]; then
+          echo "::: Continuing installation with SELinux Enforcing."
-			sed -i.bak '/systemd/d' /etc/.pihole/advanced/selinux/pihole.te
+          echo "::: Please refer to official SELinux documentation to create a custom policy."
      else
          echo ":::"
          echo "::: Not continuing install after SELinux Enforcing detected."
          exit 1
      fi
    fi
 		checkmodule -M -m -o /etc/pihole/pihole.mod /etc/.pihole/advanced/selinux/pihole.te
 		semodule_package -o /etc/pihole/pihole.pp -m /etc/pihole/pihole.mod
 		semodule -i /etc/pihole/pihole.pp
 		rm -f /etc/pihole/pihole.mod
 		semodule -l | grep pihole &> /dev/null && echo "::: Installed Pi-Hole SELinux policy" || echo "::: Warning: Pi-Hole SELinux policy did not install."
  fi
 }
@ -1022,10 +1025,10 @@ update_dialogs() {
    echo "::: Cancel selected. Exiting..."
    exit 1
  fi
 }
 main() {
  # Check arguments for the undocumented flags
  for var in "$@"; do
    case "$var" in
@ -1061,6 +1064,9 @@ main() {
  # Install packages used by this installation script
  install_dependent_packages INSTALLER_DEPS[@]
   # Check if SELinux is Enforcing
  checkSelinux
  if [[ "${reconfigure}" == true ]]; then
    echo "::: --reconfigure passed to install script. Not downloading/updating local repos"
  else
@ -1074,8 +1080,6 @@ main() {
    welcomeDialogs
    # Create directory for Pi-hole storage
    mkdir -p /etc/pihole/
 		# Remove legacy scripts from previous storage location
 		remove_legacy_scripts
    # Stop resolver and webserver while installing proceses
    stop_service dnsmasq
    stop_service lighttpd
@ -1083,10 +1087,10 @@ main() {
    get_available_interfaces
    # Find interfaces and let the user choose one
    chooseInterface
 		# Let the user decide if they want to block ads over IPv4 and/or IPv6
 		use4andor6
    # Decide what upstream DNS Servers to use
    setDNS
    # Let the user decide if they want to block ads over IPv4 and/or IPv6
    use4andor6
    # Let the user decide if they want query logging enabled...
    setLogging
--- a/gravity.sh
+++ b/gravity.sh
@ -104,16 +104,30 @@ gravity_collapse() {
 # patternCheck - check to see if curl downloaded any new files.
 gravity_patternCheck() {
 	patternBuffer=$1
 	success=$2
 	error=$3
 	if [ $success = true ]; then
 		# check if download was successful but list has not been modified
 		if [ "${error}" == "304" ]; then
 			echo ":::   No changes detected, transport skipped!"
 		# check if the patternbuffer is a non-zero length file
-	if [[ -s "${patternBuffer}" ]]; then
+		elif [[ -s "${patternBuffer}" ]]; then
 			# Some of the blocklists are copyright, they need to be downloaded
 			# and stored as is. They can be processed for content after they
 			# have been saved.
 			mv "${patternBuffer}" "${saveLocation}"
-		echo " List updated, transport successful!"
+			echo ":::   List updated, transport successful!"
 		else
-		# curl didn't download any host files, probably because of the date check
+			# Empty file -> use previously downloaded list
-		echo " No changes detected, transport skipped!"
+			echo ":::   Received empty file, using cached one (list not updated!)"
 		fi
 	else
 		# check if cached list exists
 		if [[ -r "${saveLocation}" ]]; then
 			echo ":::   List download failed, using cached list (list not updated!)"
 		else
 			echo ":::   Download failed and no cached list available (list will not be considered)"
 		fi
 	fi
 }
@ -132,9 +146,27 @@ gravity_transport() {
 	fi
 	# Silently curl url
-	curl -s -L ${cmd_ext} ${heisenbergCompensator} -A "${agent}" ${url} > ${patternBuffer}
+	err=$(curl -s -L ${cmd_ext} ${heisenbergCompensator} -w %{http_code} -A "${agent}" ${url} -o ${patternBuffer})
-	# Check for list updates
+
-	gravity_patternCheck "${patternBuffer}"
+	echo " done"
 	# Analyze http response
 	echo -n ":::   Status: "
 	case "$err" in
 		"200"  ) echo "Success (OK)"; success=true;;
 		"304"  ) echo "Not modified"; success=true;;
 		"403"  ) echo "Forbidden"; success=false;;
 		"404"  ) echo "Not found"; success=false;;
 		"408"  ) echo "Time-out"; success=false;;
 		"451"  ) echo "Unavailable For Legal Reasons"; success=false;;
 		"521"  ) echo "Web Server Is Down (Cloudflare)"; success=false;;
 		"522"  ) echo "Connection Timed Out (Cloudflare)"; success=false;;
 		"500"  ) echo "Internal Server Error"; success=false;;
 		*      ) echo "Status $err"; success=false;;
 	esac
 	# Process result
 	gravity_patternCheck "${patternBuffer}" ${success} "${err}"
 }
 # spinup - main gravity function
@ -181,7 +213,10 @@ gravity_Schwarzchild() {
 	echo -n "::: Aggregating list of domains..."
 	truncate -s 0 ${piholeDir}/${matterAndLight}
 	for i in "${activeDomains[@]}"; do
 		# Only assimilate list if it is available (download might have faild permanently)
 		if [[ -r "${i}" ]]; then
 			cat "${i}" | tr -d '\r' >> ${piholeDir}/${matterAndLight}
 		fi
 	done
 	echo " done!"
 }
@ -353,7 +388,7 @@ if [[ "${forceGrav}" == true ]]; then
 fi
 #Overwrite adlists.default from /etc/.pihole in case any changes have been made. Changes should be saved in /etc/adlists.list
-cp /etc/.pihole/adlists.default /etc/pihole/adlists.default
+#cp /etc/.pihole/adlists.default /etc/pihole/adlists.default
 gravity_collapse
 gravity_spinup
 if [[ "${skipDownload}" == false ]]; then
--- a/4
+++ b/4
@ -72,9 +72,9 @@ scanList(){
  list="${2}"
  method="${3}"
  if [[ ${method} == "-exact" ]] ; then
-    grep -E "(^|\s)${domain}($|\s)" "${list}"
+    grep -i -E "(^|\s)${domain}($|\s)" "${list}"
  else
-    grep "${domain}" "${list}"
+    grep -i "${domain}" "${list}"
  fi
 }