From 963eacfe0537a7abddf30441c754c67ca1e40965 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Sun, 11 Oct 2015 09:28:11 -0500 Subject: [PATCH 01/20] commenting out mahakala list Due to so many users having issues with this list blocking legitimate domains such as microsoft.com, apple.com, xkcd.com and more, I am turning it off by default. While this drastically reduces the amount of domains blocked, ad-blocking performance still seems to function quite well. Long-time users can simply uncomment the list, but this will make it so new users have a more pleasant experience. If you already have the mahakala list, you will need to remove it first with this command: sudo rm /etc/pihole/list.2.adblock.mahakala.is.domains There are a few other lists I am looking at including, but this will provide an immediate fix. --- gravity.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gravity.sh b/gravity.sh index 1f5e3fb6..12c8b0fd 100755 --- a/gravity.sh +++ b/gravity.sh @@ -8,7 +8,7 @@ piholeIP=$(hostname -I) # Ad-list sources--one per line in single quotes sources=('https://adaway.org/hosts.txt' 'http://adblock.gjtech.net/?format=unix-hosts' -'http://adblock.mahakala.is/' +#'http://adblock.mahakala.is/' 'http://hosts-file.net/.%5Cad_servers.txt' 'http://www.malwaredomainlist.com/hostslist/hosts.txt' 'http://pgl.yoyo.org/adservers/serverlist.php?' From bf397db73e254d72b45cd6abf2bccbb42701005f Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Thu, 15 Oct 2015 18:58:12 -0500 Subject: [PATCH 02/20] adding crontab file I plan to use this to be deployed with the automatic installer. Just pushing the file for now so I can test download it. --- advanced/pihole.cron | 1 + 1 file changed, 1 insertion(+) create mode 100644 advanced/pihole.cron diff --git a/advanced/pihole.cron b/advanced/pihole.cron new file mode 100644 index 00000000..a707607e --- /dev/null +++ b/advanced/pihole.cron @@ -0,0 +1 @@ +@weekly sudo /usr/local/bin/gravity.sh From 28dd956449bb2eef268846ef77d2d4db50e24a3f Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Sat, 17 Oct 2015 12:04:49 -0500 Subject: [PATCH 03/20] changing web server root folder Since the version of lighted in Jessie moved the default folder to /var/www/html, I am going to make it the same for wheezy for better compatibility. Also removed spaces --- advanced/lighttpd.conf | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/advanced/lighttpd.conf b/advanced/lighttpd.conf index 1c3ed076..a103c3ee 100644 --- a/advanced/lighttpd.conf +++ b/advanced/lighttpd.conf @@ -4,35 +4,35 @@ server.modules = ( "mod_redirect", "mod_rewrite" ) - -server.document-root = "/var/www" + +server.document-root = "/var/www/html" server.upload-dirs = ( "/var/cache/lighttpd/uploads" ) server.errorlog = "/var/log/lighttpd/error.log" server.pid-file = "/var/run/lighttpd.pid" server.username = "www-data" server.groupname = "www-data" server.port = 80 - - + + index-file.names = ( "index.php", "index.html", "index.lighttpd.html" ) url.access-deny = ( "~", ".inc" ) static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" ) - + compress.cache-dir = "/var/cache/lighttpd/compress/" compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" ) - + # default listening port for IPv6 falls back to the IPv4 port include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port include_shell "/usr/share/lighttpd/create-mime.assign.pl" include_shell "/usr/share/lighttpd/include-conf-enabled.pl" - + # Set access to 1 day for better query performance when the list gets so large # http://jacobsalmela.com/raspberry-pi-block-ads-adtrap/#comment-2013820434 $HTTP["url"] =~ "^/pihole/" { expire.url = ("" => "access plus 1 days") } - + # Rewrites all URLs to the /var/www/pihole/index.html $HTTP["host"] =~ ".*" { url.rewrite = (".*" => "pihole/index.html") -} \ No newline at end of file +} From 7b16a42f311e87532d9bc8cf13d4d6adccab419b Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Sat, 17 Oct 2015 12:11:03 -0500 Subject: [PATCH 04/20] conditionals for accessing the web interface This adds in some back end improvements for better debugging. It also allows you to access the Web interface, while you are connected to the Pi-hole, which resolves #31 --- advanced/lighttpd.conf | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/advanced/lighttpd.conf b/advanced/lighttpd.conf index a103c3ee..37763f97 100644 --- a/advanced/lighttpd.conf +++ b/advanced/lighttpd.conf @@ -2,6 +2,7 @@ server.modules = ( "mod_expire", "mod_compress", "mod_redirect", + "mod_setenv", "mod_rewrite" ) @@ -26,13 +27,20 @@ include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port include_shell "/usr/share/lighttpd/create-mime.assign.pl" include_shell "/usr/share/lighttpd/include-conf-enabled.pl" -# Set access to 1 day for better query performance when the list gets so large -# http://jacobsalmela.com/raspberry-pi-block-ads-adtrap/#comment-2013820434 -$HTTP["url"] =~ "^/pihole/" { - expire.url = ("" => "access plus 1 days") +# If the URL starts with /admin, it is the Web interface +$HTTP["url"] =~ "^/admin/" { + # Create a response header for debugging using curl -I + setenv.add-response-header = ( "X-Pi-hole" => "The Pi-hole Web interface is working!" ) } -# Rewrites all URLs to the /var/www/pihole/index.html -$HTTP["host"] =~ ".*" { - url.rewrite = (".*" => "pihole/index.html") +# If the URL does not start with /admin, then it is a query for an ad domain +$HTTP["url"] =~ "^(?!/admin)/.*" { + # Create a response header for debugging using curl -I + setenv.add-response-header = ( "X-Pi-hole" => "A black hole for Internet advertisements." ) + + # Set the cache to 1 day for better performance + expire.url = ("" => "access plus 1 days") + + # Send the query into the black hole + url.rewrite = (".*" => "pihole/index.html" ) } From 17904b31063931adc2d0a79a3a1b78424b6ec1c2 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Sat, 17 Oct 2015 12:12:51 -0500 Subject: [PATCH 05/20] ads still get blocked when a 404 happens --- advanced/lighttpd.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/advanced/lighttpd.conf b/advanced/lighttpd.conf index 37763f97..a4253a0e 100644 --- a/advanced/lighttpd.conf +++ b/advanced/lighttpd.conf @@ -7,6 +7,7 @@ server.modules = ( ) server.document-root = "/var/www/html" +server.error-handler-404 = "pihole/index.html" server.upload-dirs = ( "/var/cache/lighttpd/uploads" ) server.errorlog = "/var/log/lighttpd/error.log" server.pid-file = "/var/run/lighttpd.pid" From d5ffec64f25847197c082e37f18e78a194923523 Mon Sep 17 00:00:00 2001 From: Sven Giermann Date: Thu, 22 Oct 2015 15:17:44 +0200 Subject: [PATCH 06/20] add whitespace after $piholeIP In my case there had been no whitespace in piholeIP (I configured it statically because 'hostname -I' returns multiple IP addresses, which ends in errornous hosts file), so it's more safe to add one between IP and hostname. Further, I removed the obsolete latentBlacklist variable. --- gravity.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/gravity.sh b/gravity.sh index 12c8b0fd..d8c81809 100755 --- a/gravity.sh +++ b/gravity.sh @@ -27,7 +27,6 @@ eventHorizon=pihole.3.eventHorizon.txt accretionDisc=pihole.4.accretionDisc.txt eyeOfTheNeedle=pihole.5.wormhole.txt blacklist=$piholeDir/blacklist.txt -latentBlacklist=$origin/latentBlacklist.txt whitelist=$piholeDir/whitelist.txt latentWhitelist=$origin/latentWhitelist.txt @@ -136,7 +135,7 @@ function gravity_advanced() echo "** $numberOf unique domains trapped in the event horizon." # Format domain list as "192.168.x.x domain.com" echo "** Formatting domains into a HOSTS file..." - cat $origin/$eventHorizon | awk '{sub(/\r$/,""); print "'"$piholeIP"'" $0}' > $origin/$accretionDisc + cat $origin/$eventHorizon | awk '{sub(/\r$/,""); print "'"$piholeIP"' " $0}' > $origin/$accretionDisc # Copy the file over as /etc/pihole/gravity.list so dnsmasq can use it sudo cp $origin/$accretionDisc $adList kill -HUP $(pidof dnsmasq) From ced96905e9883561d9ad50b0ed665a6a327fb922 Mon Sep 17 00:00:00 2001 From: Emmanuel CHARETTE Date: Sat, 24 Oct 2015 21:55:31 +0200 Subject: [PATCH 07/20] Update basic-install.sh change `shutdown -r now` to reboot for ssh users --- automated install/basic-install.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 80bb7543..9b5ed24b 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -79,4 +79,4 @@ echo "Entering the event horizon..." sudo /usr/local/bin/gravity.sh echo "Restarting..." -sudo shutdown -r now +sudo reboot From deb48c124fca132cbd81bd3b17eacd3f51c4ec44 Mon Sep 17 00:00:00 2001 From: Nathan Jones Date: Sun, 25 Oct 2015 16:53:20 -0700 Subject: [PATCH 08/20] Improve whitelisting script Match domain exactly instead of partially. Gather list of domains to minimize number of times that hosts file must be enumerated. Only add domain to whitelist if it isn't already present. --- advanced/Scripts/whitelist.sh | 47 +++++++++++++++++++++++++++++------ 1 file changed, 39 insertions(+), 8 deletions(-) diff --git a/advanced/Scripts/whitelist.sh b/advanced/Scripts/whitelist.sh index aed6bd0f..d610d0a5 100755 --- a/advanced/Scripts/whitelist.sh +++ b/advanced/Scripts/whitelist.sh @@ -1,13 +1,44 @@ #!/bin/bash + +if [ $# = 0 ]; then + echo "Immediately whitelists one or more domains." + echo "Usage: whitelist.sh domain1 [domain2 ...]" +fi + +combopattern="" + # For each argument passed to this script for var in "$@" do - echo "Whitelisting $var..." - # Use sed to search for the domain in /etc/pihole/gravity.list and remove it using an in-place edit - sed -i "/$var/d" /etc/pihole/gravity.list - # Also add the domain to the whitelist.txt in /etc/pihole - echo "$var" >> /etc/pihole/whitelist.txt + echo "Whitelisting $var..." + + # Construct basic pattern to match domain name. + basicpattern=$(echo $var | awk -F '[# \t]' 'NF>0&&$1!="" {print ""$1""}' | sed 's/\./\\./g') + + if [ "$basicpattern" != "" ]; then + # Add to the combination pattern that will be used below + if [ "$combopattern" != "" ]; then combopattern="$combopattern|"; fi + combopattern="$combopattern$basicpattern" + + # Also add the domain to the whitelist but only if it's not already present + grep -E -q "^$basicpattern$" /etc/pihole/whitelist.txt \ + || echo "$var" >> /etc/pihole/whitelist.txt + fi done -echo "** $# domain(s) whitelisted." -# Force dnsmasq to reload /etc/pihole/gravity.list -kill -HUP $(pidof dnsmasq) \ No newline at end of file + +# Now report on and remove matched domains +if [ "$combopattern" != "" ]; then + echo "Modifying hosts file..." + + # Construct pattern to match entry in hosts file. + # This consists of one or more IP addresses followed by the domain name. + pattern=$(echo $combopattern | awk -F '[# \t]' '{printf "%s", "^(([0-9]+\.){3}[0-9]+ +)+("$1")$"}') + + # Output what will be removed and then actually remove + sed -r -n 's/'"$pattern"'/ Removed: \3/p' /etc/pihole/gravity.list + sed -r -i '/'"$pattern"'/d' /etc/pihole/gravity.list + + echo "** $# domain(s) whitelisted." + # Force dnsmasq to reload /etc/pihole/gravity.list + kill -HUP $(pidof dnsmasq) +fi From 6d0c67af9abc6732702a86b677bb10c8f55d0fa0 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Tue, 27 Oct 2015 16:16:22 -0500 Subject: [PATCH 09/20] Install and enable PHP Needed to view the admin web interface --- automated install/basic-install.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 9b5ed24b..358cf8ea 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -51,7 +51,7 @@ sudo apt-get -y install dnsmasq sudo update-rc.d dnsmasq enable echo "Installing a Web server" -sudo apt-get -y install lighttpd +sudo apt-get -y install lighttpd php5-common php5-cgi php5 sudo chown www-data:www-data /var/www sudo chmod 775 /var/www sudo usermod -a -G www-data pi @@ -66,6 +66,7 @@ sudo mv /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.orig sudo mv /var/www/index.lighttpd.html /var/www/index.lighttpd.orig sudo curl -o /etc/dnsmasq.conf "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/advanced/dnsmasq.conf" sudo curl -o /etc/lighttpd/lighttpd.conf "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/advanced/lighttpd.conf" +sudo lighty-enable-mod fastcgi fastcgi-php sudo mkdir /var/www/pihole sudo curl -o /var/www/pihole/index.html "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/advanced/index.html" From bc3ece778d6d834ba1b2829d8b672b0d710ca2ac Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Tue, 27 Oct 2015 16:19:01 -0500 Subject: [PATCH 10/20] /var/www/html instead of /var/www lighttpd in Jessie uses /var/www/html for the root folder, so in order to only edit one lightpd.conf file, the installer will create the correct directory even if not being run on Jessie. --- automated install/basic-install.sh | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 358cf8ea..0249be78 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -52,8 +52,9 @@ sudo update-rc.d dnsmasq enable echo "Installing a Web server" sudo apt-get -y install lighttpd php5-common php5-cgi php5 -sudo chown www-data:www-data /var/www -sudo chmod 775 /var/www +sudo mkdir /var/www/html +sudo chown www-data:www-data /var/www/html +sudo chmod 775 /var/www/html sudo usermod -a -G www-data pi echo "Stopping services to modify them..." @@ -67,8 +68,8 @@ sudo mv /var/www/index.lighttpd.html /var/www/index.lighttpd.orig sudo curl -o /etc/dnsmasq.conf "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/advanced/dnsmasq.conf" sudo curl -o /etc/lighttpd/lighttpd.conf "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/advanced/lighttpd.conf" sudo lighty-enable-mod fastcgi fastcgi-php -sudo mkdir /var/www/pihole -sudo curl -o /var/www/pihole/index.html "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/advanced/index.html" +sudo mkdir /var/www/html/pihole +sudo curl -o /var/www/html/pihole/index.html "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/advanced/index.html" echo "Locating the Pi-hole..." sudo curl -o /usr/local/bin/gravity.sh "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/gravity.sh" From cfc469723634293d9b7154dd5005cca23a6c3bc4 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Tue, 27 Oct 2015 16:21:20 -0500 Subject: [PATCH 11/20] Download and install the Web interface dnsmasq also needs to be able to read the log file to properly display the statistics --- automated install/basic-install.sh | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 0249be78..9f4892a6 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -71,6 +71,15 @@ sudo lighty-enable-mod fastcgi fastcgi-php sudo mkdir /var/www/html/pihole sudo curl -o /var/www/html/pihole/index.html "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/advanced/index.html" +echo "Installing the Web interface..." +sudo wget https://github.com/jacobsalmela/AdminLTE/archive/master.zip -O /var/www/master.zip +sudo unzip /var/www/master.zip -d /var/www/html/ +sudo mv /var/www/AdminLTE-master /var/www/html/admin +sudo rm /var/www/master.zip 2>/dev/null +sudo touch /var/log/pihole.log +sudo chmod 644 /var/log/pihole.log +sudo chown dnsmasq:root /var/log/pihole.log + echo "Locating the Pi-hole..." sudo curl -o /usr/local/bin/gravity.sh "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/gravity.sh" sudo curl -o /usr/local/bin/chronometer.sh "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/advanced/Scripts/chronometer.sh" From 7a0b92d2c1c38043274d0b945e22df82626e5765 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Tue, 27 Oct 2015 17:03:48 -0500 Subject: [PATCH 12/20] missed a few file paths --- automated install/basic-install.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh index 9f4892a6..7c48fdba 100755 --- a/automated install/basic-install.sh +++ b/automated install/basic-install.sh @@ -64,7 +64,7 @@ sudo service lighttpd stop echo "Backing up original config files and downloading Pi-hole ones..." sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig sudo mv /etc/lighttpd/lighttpd.conf /etc/lighttpd/lighttpd.conf.orig -sudo mv /var/www/index.lighttpd.html /var/www/index.lighttpd.orig +sudo mv /var/www/html/index.lighttpd.html /var/www/html/index.lighttpd.orig sudo curl -o /etc/dnsmasq.conf "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/advanced/dnsmasq.conf" sudo curl -o /etc/lighttpd/lighttpd.conf "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/advanced/lighttpd.conf" sudo lighty-enable-mod fastcgi fastcgi-php @@ -74,7 +74,7 @@ sudo curl -o /var/www/html/pihole/index.html "https://raw.githubusercontent.com/ echo "Installing the Web interface..." sudo wget https://github.com/jacobsalmela/AdminLTE/archive/master.zip -O /var/www/master.zip sudo unzip /var/www/master.zip -d /var/www/html/ -sudo mv /var/www/AdminLTE-master /var/www/html/admin +sudo mv /var/www/html/AdminLTE-master /var/www/html/admin sudo rm /var/www/master.zip 2>/dev/null sudo touch /var/log/pihole.log sudo chmod 644 /var/log/pihole.log From 4ad2b68ee18923ddda438fad4e5d016b71eecce0 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Tue, 27 Oct 2015 17:16:17 -0500 Subject: [PATCH 13/20] reverting IPv6 so I can merge lighttpd.conf --- gravity.sh | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/gravity.sh b/gravity.sh index 9ca3394b..f1b7aea0 100755 --- a/gravity.sh +++ b/gravity.sh @@ -3,13 +3,12 @@ # Compiles a list of ad-serving domains by downloading them from multiple sources # This script should only be run after you have a static IP address set on the Pi -piholeIPv4=$(ip addr show | awk '{match($0,/[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/); ip = substr($0,RSTART,RLENGTH); print ip}' | sed '/^\s*$/d' | grep -v "127.0.0.1") -piholeIPv6=$(ip addr show | awk '/scope\ global/ && /ff:fe/ {print $2}' | cut -d'/' -f1) +piholeIP=$(hostname -I) # Ad-list sources--one per line in single quotes sources=('https://adaway.org/hosts.txt' 'http://adblock.gjtech.net/?format=unix-hosts' -'http://adblock.mahakala.is/' +#'http://adblock.mahakala.is/' 'http://hosts-file.net/.%5Cad_servers.txt' 'http://www.malwaredomainlist.com/hostslist/hosts.txt' 'http://pgl.yoyo.org/adservers/serverlist.php?' @@ -137,7 +136,7 @@ function gravity_advanced() echo "** $numberOf unique domains trapped in the event horizon." # Format domain list as "192.168.x.x domain.com" echo "** Formatting domains into a HOSTS file..." - cat $origin/$eventHorizon | awk '{sub(/\r$/,""); print "'"$piholeIPv4 "'" $0"\n""'"$piholeIPv6 "'" $0}' > $origin/$accretionDisc + cat $origin/$eventHorizon | awk '{sub(/\r$/,""); print "'"$piholeIP"'" $0}' > $origin/$accretionDisc # Copy the file over as /etc/pihole/gravity.list so dnsmasq can use it sudo cp $origin/$accretionDisc $adList kill -HUP $(pidof dnsmasq) From 58e4fbd0fba3c032bc2fa40b2f7397fc1df82b0f Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Tue, 27 Oct 2015 17:59:01 -0500 Subject: [PATCH 14/20] New, easier-to-remember installation command Also a picture of the Web interface and how to access it since it is now included in the automated installer. --- README.md | 30 +++++++++++++++++------------- 1 file changed, 17 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index be0d4369..2c8a756e 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,15 @@ +# Automated Install + +1. Install Raspbian +2. Set a **static** IP address +3. Run the command below + +```curl -L install.pi-hole.net | bash``` + +Once installed, **configure any device to use the Raspberry Pi as its DNS server and the ads will be blocked**. You can also configure your router's DHCP options to assign the Pi as clients DNS server so they do not need to do it manually. + +[![Donate](https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif "AdminLTE Presentation")](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=3J2L3Z4DHW9UY "Donate") + # Raspberry Pi Ad Blocker **A black hole for ads, hence Pi-hole** @@ -8,20 +20,8 @@ The Pi-hole is a DNS/Web server that will **block ads for any device on your net ## Coverage Featured on [MakeUseOf](http://www.makeuseof.com/tag/adblock-everywhere-raspberry-pi-hole-way/) and [Lifehacker](http://lifehacker.com/turn-a-raspberry-pi-into-an-ad-blocker-with-a-single-co-1686093533)! -## Automated Install - -1. Install Raspbian -2. Set a **static** IP address -3. Run the command below - -```curl -s "https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/automated%20install/basic-install.sh" | bash``` - -Once installed, **configure any device to use the Raspberry Pi as its DNS server and the ads will be blocked**. You can also configure your router's DHCP options to assign the Pi as clients DNS server so they do not need to do it manually. - A more detailed explanation of the installation can be found [here](http://jacobsalmela.com/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0). -[![Donate](https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif "AdminLTE Presentation")](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=3J2L3Z4DHW9UY "Donate") - ## Gravity The [gravity.sh](https://github.com/jacobsalmela/pi-hole/blob/master/gravity.sh) does most of the magic. The script pulls in ad domains from many sources and compiles them into a single list of [over 1.6 million entries](http://jacobsalmela.com/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0). @@ -29,7 +29,11 @@ The [gravity.sh](https://github.com/jacobsalmela/pi-hole/blob/master/gravity.sh) You can add a `whitelist.txt` or `blacklist.txt` in `/etc/pihole/` and the script will apply those files automatically. ## Web Interface -I am also working on a [Web interface](https://github.com/jacobsalmela/AdminLTE#pi-hole-admin-dashboard) so you can view stats and change settings. +The [Web interface](https://github.com/jacobsalmela/AdminLTE#pi-hole-admin-dashboard) will be installed automatically so you can view stats and change settings. You can find it at: + +`http://192.168.1.x/admin/index.php` + +![Web](http://i.imgur.com/m114SCn.png) ## Custom Config File If you want to use your own variables for the gravity script (i.e. storing the files in a different location) and don't want to have to change them every time there is an update to the script, create a file called `/etc/pihole/pihole.conf`. In it, you should add your own variables in a similar fashion as shown below: From d9aa19d2cdfd9254904f1017ae8b954431cfd159 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Tue, 27 Oct 2015 18:22:54 -0500 Subject: [PATCH 15/20] Link to Security Now! mention --- README.md | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/README.md b/README.md index 2c8a756e..ca6b5286 100644 --- a/README.md +++ b/README.md @@ -18,8 +18,17 @@ Once installed, **configure any device to use the Raspberry Pi as its DNS server The Pi-hole is a DNS/Web server that will **block ads for any device on your network**. ## Coverage + +### Security Now! Podcast +Pi-hole is mentioned at 100 minutes and 26 seconds (the link brings you right there) +[![Pi-hole on Security Now!](http://img.youtube.com/vi/p7-osq_y8i8/0.jpg)](http://www.youtube.com/watch?v=p7-osq_y8i8&t=100m26s) + +### Tech Blogs + Featured on [MakeUseOf](http://www.makeuseof.com/tag/adblock-everywhere-raspberry-pi-hole-way/) and [Lifehacker](http://lifehacker.com/turn-a-raspberry-pi-into-an-ad-blocker-with-a-single-co-1686093533)! +## Technical Details + A more detailed explanation of the installation can be found [here](http://jacobsalmela.com/block-millions-ads-network-wide-with-a-raspberry-pi-hole-2-0). ## Gravity From 3290dbbe486460dd582fc4f5d7695008fdbd9719 Mon Sep 17 00:00:00 2001 From: Jacob Salmela Date: Sat, 31 Oct 2015 17:09:21 -0500 Subject: [PATCH 16/20] link to Sky-Hole fork Pi-hole in the cloud with Sky-Hole. --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index ca6b5286..09b88524 100644 --- a/README.md +++ b/README.md @@ -60,4 +60,7 @@ A technical and detailed description can be found [here](http://jacobsalmela.com ## Other Operating Systems This script will work for other UNIX-like systems with some slight **modifications**. As long as you can install `dnsmasq` and a Webserver, it should work OK. The automated install only works for a clean install of Raspiban right now since that is how the project originated. +### Examples Of The Pi-hole On Other Operating Systems +- [Sky-Hole](http://dlaa.me/blog/post/skyhole) + [![Donate](https://www.paypalobjects.com/en_US/i/btn/btn_donateCC_LG.gif "AdminLTE Presentation")](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=3J2L3Z4DHW9UY "Donate") From 23eece944308e75ca340b709d259cb15aabc28ad Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 5 Nov 2015 18:11:34 -0800 Subject: [PATCH 17/20] Upstream Branch pseudo-rebase --- gravity.sh | 100 ++++++++++++++++++++++++++++++++--------------------- 1 file changed, 61 insertions(+), 39 deletions(-) diff --git a/gravity.sh b/gravity.sh index f5bf6e8d..8e8da8e2 100755 --- a/gravity.sh +++ b/gravity.sh @@ -1,6 +1,6 @@ #!/bin/bash # http://pi-hole.net -# Compiles a list of ad-serving domains by downloading them from multiple sources +# Compiles a list of ad-serving domains by downloading them from multiple sources # This script should only be run after you have a static IP address set on the Pi piholeIP=$(hostname -I) @@ -8,7 +8,7 @@ piholeIP=$(hostname -I) # Ad-list sources--one per line in single quotes sources=('https://adaway.org/hosts.txt' 'http://adblock.gjtech.net/?format=unix-hosts' -#'http://adblock.mahakala.is/' +'http://adblock.mahakala.is/' 'http://hosts-file.net/.%5Cad_servers.txt' 'http://www.malwaredomainlist.com/hostslist/hosts.txt' 'http://pgl.yoyo.org/adservers/serverlist.php?' @@ -19,6 +19,9 @@ sources=('https://adaway.org/hosts.txt' adList=/etc/pihole/gravity.list origin=/etc/pihole piholeDir=/etc/pihole +if [[ -f $piholeDir/pihole.conf ]];then + . $piholeDir/pihole.conf +fi justDomainsExtension=domains matter=pihole.0.matter.txt andLight=pihole.1.andLight.txt @@ -27,16 +30,10 @@ eventHorizon=pihole.3.eventHorizon.txt accretionDisc=pihole.4.accretionDisc.txt eyeOfTheNeedle=pihole.5.wormhole.txt blacklist=$piholeDir/blacklist.txt +latentBlacklist=$origin/latentBlacklist.txt whitelist=$piholeDir/whitelist.txt latentWhitelist=$origin/latentWhitelist.txt -# After setting defaults, check if there's local overrides -if [[ -r $piholeDir/pihole.conf ]];then - echo "** Local calibration requested..." - . $piholeDir/pihole.conf -fi - - echo "** Neutrino emissions detected..." # Create the pihole resource directory if it doesn't exist. Future files will be stored here @@ -57,12 +54,8 @@ function createSwapFile() sudo dphys-swapfile setup sudo dphys-swapfile swapon } - - -if [[ -n "$noSwap" ]]; then - # if $noSwap is set, don't do anything - : -elif [[ -f /etc/dphys-swapfile ]];then + +if [[ -f /etc/dphys-swapfile ]];then swapSize=$(cat /etc/dphys-swapfile | grep -m1 CONF_SWAPSIZE | cut -d'=' -f2) if [[ $swapSize != 500 ]];then mv /etc/dphys-swapfile /etc/dphys-swapfile.orig @@ -82,31 +75,55 @@ do url=${sources[$i]} # Get just the domain from the URL domain=$(echo "$url" | cut -d'/' -f3) - + # Save the file as list.#.domain saveLocation=$origin/list.$i.$domain.$justDomainsExtension - echo -n "Getting $domain list... " - # Use a case statement to download lists that need special cURL commands to complete properly + agent="Mozilla/10.0" + + echo -n "Getting $domain list... " + + # Use a case statement to download lists that need special cURL commands + # to complete properly and reset the user agent when required case "$domain" in - "adblock.mahakala.is") data=$(curl -s -A 'Mozilla/5.0 (X11; Linux x86_64; rv:30.0) Gecko/20100101 Firefox/30.0' -e http://forum.xda-developers.com/ -z $saveLocation $url);; + "adblock.mahakala.is") + agent='Mozilla/5.0 (X11; Linux x86_64; rv:30.0) Gecko/20100101 Firefox/30.0' + cmd="curl -e http://forum.xda-developers.com/" + ;; + + "pgl.yoyo.org") + cmd="curl -d mimetype=plaintext -d hostformat=hosts" + ;; - "pgl.yoyo.org") data=$(curl -s -d mimetype=plaintext -d hostformat=hosts -z $saveLocation $url);; - - *) data=$(curl -s -z $saveLocation -A "Mozilla/10.0" $url);; + # Default is a simple curl request + *) cmd="curl" esac - if [[ -n "$data" ]];then + # tmp file, so we don't have to store the (long!) lists in RAM + tmpfile=`mktemp` + timeCheck="" + if [ -r $saveLocation ]; then + timeCheck="-z $saveLocation" + fi + CMD="$cmd -s $timeCheck -A '$agent' $url > $tmpfile" + echo "running [$CMD]" + $cmd -s $timeCheck -A "$agent" $url > $tmpfile + + + if [[ -s "$tmpfile" ]];then # Remove comments and print only the domain name # Most of the lists downloaded are already in hosts file format but the spacing/formating is not contigious # This helps with that and makes it easier to read # It also helps with debugging so each stage of the script can be researched more in depth - echo "$data" | awk 'NF {if ($1 !~ "#") { if (NF>1) {print $2} else {print $1}}}' | \ - sed -e 's/^[. \t]*//' -e 's/\.\.\+/./g' -e 's/[. \t]*$//' | grep "\." > $saveLocation + awk '($1 !~ /^#/) { if (NF>1) {print $2} else {print $1}}' $tmpfile | \ + sed -nr -e 's/\.{2,}/./g' -e '/\./p' > $saveLocation echo "Done." else echo "Skipping list because it does not have any new entries." fi + + # cleanup + rm -f $tmpfile done # Find all files with the .domains extension and compile them into one file and remove CRs @@ -114,39 +131,43 @@ echo "** Aggregating list of domains..." find $origin/ -type f -name "*.$justDomainsExtension" -exec cat {} \; | tr -d '\r' > $origin/$matter # Append blacklist entries if they exist -if [[ -f $blacklist ]];then +if [[ -r $blacklist ]];then numberOf=$(cat $blacklist | sed '/^\s*$/d' | wc -l) echo "** Blacklisting $numberOf domain(s)..." cat $blacklist >> $origin/$matter -else - : fi -function gravity_advanced() ########################### - { - numberOf=$(cat $origin/$andLight | sed '/^\s*$/d' | wc -l) - echo "** $numberOf domains being pulled in by gravity..." +function gravity_advanced() { + + numberOf=$(wc -l $origin/$andLight) + echo "** $numberOf domains being pulled in by gravity..." + # Remove carriage returns and preceding whitespace - cat $origin/$andLight | sed $'s/\r$//' | sed '/^\s*$/d' > $origin/$supernova + # not really needed anymore? + cp $origin/$andLight $origin/$supernova + # Sort and remove duplicates - cat $origin/$supernova | sort | uniq > $origin/$eventHorizon - numberOf=$(cat $origin/$eventHorizon | sed '/^\s*$/d' | wc -l) + sort -u $origin/$supernova > $origin/$eventHorizon + numberOf=$(wc -l $origin/$eventHorizon) echo "** $numberOf unique domains trapped in the event horizon." + # Format domain list as "192.168.x.x domain.com" echo "** Formatting domains into a HOSTS file..." - cat $origin/$eventHorizon | awk '{sub(/\r$/,""); print "'"$piholeIP"' " $0}' > $origin/$accretionDisc + awk '{print "'"$piholeIP"'" $1}' $origin/$eventHorizon > $origin/$accretionDisc + # Copy the file over as /etc/pihole/gravity.list so dnsmasq can use it sudo cp $origin/$accretionDisc $adList kill -HUP $(pidof dnsmasq) - } - +} + # Whitelist (if applicable) then remove duplicates and format for dnsmasq -if [[ -f $whitelist ]];then +if [[ -r $whitelist ]];then # Remove whitelist entries numberOf=$(cat $whitelist | sed '/^\s*$/d' | wc -l) plural=; [[ "$numberOf" != "1" ]] && plural=s echo "** Whitelisting $numberOf domain${plural}..." + # Append a "$" to the end, prepend a "^" to the beginning, and # replace "." with "\." of each line to turn each entry into a # regexp so it can be parsed out with grep -x @@ -163,6 +184,7 @@ do echo "$url" | awk -F '/' '{print "^"$3"$"}' | sed 's/\./\\./g' >> $latentWhitelist done +# Remove whitelist entries from deduped list grep -vxf $latentWhitelist $origin/$matter > $origin/$andLight gravity_advanced From 8e21488542c2bbe32d6663243248b6d0f6ef56fe Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 5 Nov 2015 18:22:17 -0800 Subject: [PATCH 18/20] hawson memory reductions --- gravity.sh | 47 +++++++++++------------------------------------ 1 file changed, 11 insertions(+), 36 deletions(-) diff --git a/gravity.sh b/gravity.sh index 8e8da8e2..8ca34bb9 100755 --- a/gravity.sh +++ b/gravity.sh @@ -44,31 +44,6 @@ else sudo mkdir $piholeDir fi -# Add additional swap to prevent the "Error fork: unable to allocate memory" message: https://github.com/jacobsalmela/pi-hole/issues/37 -function createSwapFile() -######################### - { - echo "** Creating more swap space to accomodate large solar masses..." - sudo dphys-swapfile swapoff - sudo curl -s -o /etc/dphys-swapfile https://raw.githubusercontent.com/jacobsalmela/pi-hole/master/advanced/dphys-swapfile - sudo dphys-swapfile setup - sudo dphys-swapfile swapon - } - -if [[ -f /etc/dphys-swapfile ]];then - swapSize=$(cat /etc/dphys-swapfile | grep -m1 CONF_SWAPSIZE | cut -d'=' -f2) - if [[ $swapSize != 500 ]];then - mv /etc/dphys-swapfile /etc/dphys-swapfile.orig - echo "** Current swap size is $swapSize" - createSwapFile - else - : - fi -else - echo "** No swap file found. Creating one..." - createSwapFile -fi - # Loop through domain list. Download each one and remove commented lines (lines beginning with '# 'or '/') and blank lines for ((i = 0; i < "${#sources[@]}"; i++)) do @@ -100,22 +75,22 @@ do esac # tmp file, so we don't have to store the (long!) lists in RAM - tmpfile=`mktemp` - timeCheck="" + patternBuffer=`mktemp` + heisenbergCompensator="" if [ -r $saveLocation ]; then - timeCheck="-z $saveLocation" + heisenbergCompensator="-z $saveLocation" fi - CMD="$cmd -s $timeCheck -A '$agent' $url > $tmpfile" - echo "running [$CMD]" - $cmd -s $timeCheck -A "$agent" $url > $tmpfile + CMD="$cmd -s $heisenbergCompensator -A '$agent' $url > $patternBuffer" + echo "** Engaging pattern transference..." + $cmd -s $heisenbergCompensator -A "$agent" $url > $patternBuffer - if [[ -s "$tmpfile" ]];then + if [[ -s "$patternBuffer" ]];then # Remove comments and print only the domain name # Most of the lists downloaded are already in hosts file format but the spacing/formating is not contigious # This helps with that and makes it easier to read # It also helps with debugging so each stage of the script can be researched more in depth - awk '($1 !~ /^#/) { if (NF>1) {print $2} else {print $1}}' $tmpfile | \ + awk '($1 !~ /^#/) { if (NF>1) {print $2} else {print $1}}' $patternBuffer | \ sed -nr -e 's/\.{2,}/./g' -e '/\./p' > $saveLocation echo "Done." else @@ -123,7 +98,7 @@ do fi # cleanup - rm -f $tmpfile + rm -f $patternBuffer done # Find all files with the .domains extension and compile them into one file and remove CRs @@ -141,7 +116,7 @@ fi function gravity_advanced() { numberOf=$(wc -l $origin/$andLight) - echo "** $numberOf domains being pulled in by gravity..." + echo "** $numberOf $origin/$andLight domains being pulled in by gravity..." # Remove carriage returns and preceding whitespace # not really needed anymore? @@ -166,7 +141,7 @@ if [[ -r $whitelist ]];then # Remove whitelist entries numberOf=$(cat $whitelist | sed '/^\s*$/d' | wc -l) plural=; [[ "$numberOf" != "1" ]] && plural=s - echo "** Whitelisting $numberOf domain${plural}..." + echo "** Whitelisting $numberOf $whitelist domain${plural}..." # Append a "$" to the end, prepend a "^" to the beginning, and # replace "." with "\." of each line to turn each entry into a From 642c31c361acc6d3e433409322e018909ce51035 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Thu, 5 Nov 2015 18:33:05 -0800 Subject: [PATCH 19/20] Theme changes --- gravity.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gravity.sh b/gravity.sh index 8ca34bb9..e8c0acb7 100755 --- a/gravity.sh +++ b/gravity.sh @@ -94,7 +94,7 @@ do sed -nr -e 's/\.{2,}/./g' -e '/\./p' > $saveLocation echo "Done." else - echo "Skipping list because it does not have any new entries." + echo "Skipping pattern because transporter logic detected no changes..." fi # cleanup @@ -116,7 +116,7 @@ fi function gravity_advanced() { numberOf=$(wc -l $origin/$andLight) - echo "** $numberOf $origin/$andLight domains being pulled in by gravity..." + echo "** $numberOf domains being pulled in by gravity..." # Remove carriage returns and preceding whitespace # not really needed anymore? From 15b9fb68d7e86dcbc091a204ff862cabca02e312 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Fri, 6 Nov 2015 10:24:12 -0800 Subject: [PATCH 20/20] Remove filename from wc Line 118 and Line 127 changed wc to remove filename from output. --- gravity.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gravity.sh b/gravity.sh index e8c0acb7..a4400a50 100755 --- a/gravity.sh +++ b/gravity.sh @@ -115,7 +115,7 @@ fi ########################### function gravity_advanced() { - numberOf=$(wc -l $origin/$andLight) + numberOf=$(wc -l < $origin/$andLight) echo "** $numberOf domains being pulled in by gravity..." # Remove carriage returns and preceding whitespace @@ -124,7 +124,7 @@ function gravity_advanced() { # Sort and remove duplicates sort -u $origin/$supernova > $origin/$eventHorizon - numberOf=$(wc -l $origin/$eventHorizon) + numberOf=$(wc -l < $origin/$eventHorizon) echo "** $numberOf unique domains trapped in the event horizon." # Format domain list as "192.168.x.x domain.com"