From 6cd4ff6d68ba6f45b8582a878e2c751c819d178e Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Sat, 4 Mar 2017 11:34:34 -0800 Subject: [PATCH 1/6] Organize functions and function calls. Signed-off-by: Dan Schaper --- advanced/Scripts/piholeDebug.sh | 141 ++++++++++++++++---------------- 1 file changed, 72 insertions(+), 69 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index a671a49f..9ee226ac 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -266,39 +266,42 @@ daemon_check() { testResolver() { header_write "Resolver Functions Check" - # Find a blocked url that has not been whitelisted. - TESTURL="doubleclick.com" - if [ -s "${WHITELISTMATCHES}" ]; then - while read -r line; do - CUTURL=${line#*" "} - if [ "${CUTURL}" != "Pi-Hole.IsWorking.OK" ]; then - while read -r line2; do - CUTURL2=${line2#*" "} - if [ "${CUTURL}" != "${CUTURL2}" ]; then - TESTURL="${CUTURL}" - break 2 - fi - done < "${WHITELISTMATCHES}" - fi - done < "${GRAVITYFILE}" - fi + local url + local testurl + local localdig + local piholedig - log_write "Resolution of ${TESTURL} from Pi-hole:" - LOCALDIG=$(dig "${TESTURL}" @127.0.0.1) - if [[ $? = 0 ]]; then - log_write "${LOCALDIG}" + # Find a blocked url that has not been whitelisted. + url=$(shuf -n 1 "${GRAVITYFILE}" | awk -F ' ' '{ print $2 }') + + testurl="${url:-doubleclick.com}" + + + log_write "Resolution of ${testurl} from Pi-hole (localhost):" + + if localdig=$(dig "${testurl}" @localhost +short); then + log_write "${localdig}" else - log_write "Failed to resolve ${TESTURL} on Pi-hole" + log_write "Failed to resolve ${testurl} on Pi-hole" + fi + log_write "" + + log_write "Resolution of ${testurl} from Pi-hole (direct IP):" + + if piholedig=$(dig "${testurl}" @"${IPV4_ADDRESS%/*}" +short); then + log_write "${piholedig}" + else + log_write "Failed to resolve ${testurl} on Pi-hole" fi log_write "" - log_write "Resolution of ${TESTURL} from 8.8.8.8:" - REMOTEDIG=$(dig "${TESTURL}" @8.8.8.8) + log_write "Resolution of ${testurl} from 8.8.8.8:" + remotedig=$(dig "${testurl}" @8.8.8.8 +short) if [[ $? = 0 ]]; then - log_write "${REMOTEDIG}" + log_write "${remotedig:-NXDOMAIN}" else - log_write "Failed to resolve ${TESTURL} on 8.8.8.8" + log_write "Failed to resolve ${testurl} on 8.8.8.8" fi log_write "" @@ -347,50 +350,6 @@ countdown() { tuvix=$(( tuvix - 5 )) done } -### END FUNCTIONS ### - -# Gather version of required packages / repositories -version_check || echo "REQUIRED FILES MISSING" -# Check for newer setupVars storage file -source_file "/etc/pihole/setupVars.conf" -# Gather information about the running distribution -distro_check || echo "Distro Check soft fail" -# Gather processor type -processor_check || echo "Processor Check soft fail" - -ip_check 6 ${IPV6_ADDRESS} -ip_check 4 ${IPV4_ADDRESS} - -daemon_check lighttpd http -daemon_check dnsmasq domain -daemon_check pihole-FTL 4711 -checkProcesses -testResolver -debugLighttpd - -files_check "${DNSMASQFILE}" -dir_check "${DNSMASQCONFDIR}" -files_check "${WHITELISTFILE}" -files_check "${BLACKLISTFILE}" -files_check "${ADLISTFILE}" - - -header_write "Analyzing gravity.list" - - gravity_length=$(grep -c ^ "${GRAVITYFILE}") \ - && log_write "${GRAVITYFILE} is ${gravity_length} lines long." \ - || log_echo "Warning: No gravity.list file found!" - -header_write "Analyzing pihole.log" - - pihole_length=$(grep -c ^ "${PIHOLELOG}") \ - && log_write "${PIHOLELOG} is ${pihole_length} lines long." \ - || log_echo "Warning: No pihole.log file found!" - - pihole_size=$(du -h "${PIHOLELOG}" | awk '{ print $1 }') \ - && log_write "${PIHOLELOG} is ${pihole_size}." \ - || log_echo "Warning: No pihole.log file found!" - # Continuously append the pihole.log file to the pihole_debug.log file dumpPiHoleLog() { @@ -440,6 +399,50 @@ finalWork() { echo "::: A local copy of the Debug log can be found at : /var/log/pihole_debug.log" } +### END FUNCTIONS ### + +# Gather version of required packages / repositories +version_check || echo "REQUIRED FILES MISSING" +# Check for newer setupVars storage file +source_file "/etc/pihole/setupVars.conf" +# Gather information about the running distribution +distro_check || echo "Distro Check soft fail" +# Gather processor type +processor_check || echo "Processor Check soft fail" + +ip_check 6 ${IPV6_ADDRESS} +ip_check 4 ${IPV4_ADDRESS} + +daemon_check lighttpd http +daemon_check dnsmasq domain +daemon_check pihole-FTL 4711 +checkProcesses +testResolver +debugLighttpd + +files_check "${DNSMASQFILE}" +dir_check "${DNSMASQCONFDIR}" +files_check "${WHITELISTFILE}" +files_check "${BLACKLISTFILE}" +files_check "${ADLISTFILE}" + + +header_write "Analyzing gravity.list" + + gravity_length=$(grep -c ^ "${GRAVITYFILE}") \ + && log_write "${GRAVITYFILE} is ${gravity_length} lines long." \ + || log_echo "Warning: No gravity.list file found!" + +header_write "Analyzing pihole.log" + + pihole_length=$(grep -c ^ "${PIHOLELOG}") \ + && log_write "${PIHOLELOG} is ${pihole_length} lines long." \ + || log_echo "Warning: No pihole.log file found!" + + pihole_size=$(du -h "${PIHOLELOG}" | awk '{ print $1 }') \ + && log_write "${PIHOLELOG} is ${pihole_size}." \ + || log_echo "Warning: No pihole.log file found!" + trap finalWork EXIT ### Method calls for additional logging ### From 709b44f7365717a58136d4140954b212dd830051 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Sat, 4 Mar 2017 12:16:16 -0800 Subject: [PATCH 2/6] IPv4 DNS tests Signed-off-by: Dan Schaper --- advanced/Scripts/piholeDebug.sh | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 9ee226ac..484cb737 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -265,11 +265,13 @@ daemon_check() { testResolver() { header_write "Resolver Functions Check" - + local protocol="${1}" + local IP="${2}" local url local testurl local localdig local piholedig + local remotedig # Find a blocked url that has not been whitelisted. url=$(shuf -n 1 "${GRAVITYFILE}" | awk -F ' ' '{ print $2 }') @@ -278,8 +280,7 @@ testResolver() { log_write "Resolution of ${testurl} from Pi-hole (localhost):" - - if localdig=$(dig "${testurl}" @localhost +short); then + if localdig=$(dig -"${protocol}" "${testurl}" @localhost +short); then log_write "${localdig}" else log_write "Failed to resolve ${testurl} on Pi-hole" @@ -287,8 +288,7 @@ testResolver() { log_write "" log_write "Resolution of ${testurl} from Pi-hole (direct IP):" - - if piholedig=$(dig "${testurl}" @"${IPV4_ADDRESS%/*}" +short); then + if piholedig=$(dig -"${protocol}" "${testurl}" @"${IP}" +short); then log_write "${piholedig}" else log_write "Failed to resolve ${testurl} on Pi-hole" @@ -297,8 +297,7 @@ testResolver() { log_write "Resolution of ${testurl} from 8.8.8.8:" - remotedig=$(dig "${testurl}" @8.8.8.8 +short) - if [[ $? = 0 ]]; then + if remotedig=$(dig -"${protocol}" "${testurl}" @8.8.8.8 +short); then log_write "${remotedig:-NXDOMAIN}" else log_write "Failed to resolve ${testurl} on 8.8.8.8" @@ -417,7 +416,7 @@ daemon_check lighttpd http daemon_check dnsmasq domain daemon_check pihole-FTL 4711 checkProcesses -testResolver +testResolver 4 "${IPV4_ADDRESS%/*}" debugLighttpd files_check "${DNSMASQFILE}" From 086f0790fc90ac1e1953b6507e3db0d1dd46c051 Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 4 Mar 2017 22:31:18 +0100 Subject: [PATCH 3/6] Add Google's IPv6 address for potential IPv6 resolver tests --- advanced/Scripts/piholeDebug.sh | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index 484cb737..df03da56 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -273,6 +273,12 @@ testResolver() { local piholedig local remotedig + if [[ ${protocol} == "6" ]]; then + g_addr="2001:4860:4860::8888" + else + g_addr="8.8.8.8" + fi + # Find a blocked url that has not been whitelisted. url=$(shuf -n 1 "${GRAVITYFILE}" | awk -F ' ' '{ print $2 }') @@ -296,11 +302,11 @@ testResolver() { log_write "" - log_write "Resolution of ${testurl} from 8.8.8.8:" - if remotedig=$(dig -"${protocol}" "${testurl}" @8.8.8.8 +short); then + log_write "Resolution of ${testurl} from ${g_addr}:" + if remotedig=$(dig -"${protocol}" "${testurl}" @${g_addr} +short); then log_write "${remotedig:-NXDOMAIN}" else - log_write "Failed to resolve ${testurl} on 8.8.8.8" + log_write "Failed to resolve ${testurl} on ${g_addr}" fi log_write "" From 9f4ef66f416495ecafa1480b70a853dccccab98b Mon Sep 17 00:00:00 2001 From: DL6ER Date: Sat, 4 Mar 2017 22:38:52 +0100 Subject: [PATCH 4/6] Add IPv6 resolver test --- advanced/Scripts/piholeDebug.sh | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index df03da56..e45debab 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -264,9 +264,11 @@ daemon_check() { } testResolver() { - header_write "Resolver Functions Check" local protocol="${1}" + header_write "Resolver Functions Check (IPv${protocol})" local IP="${2}" + local g_addr + local l_addr local url local testurl local localdig @@ -275,8 +277,10 @@ testResolver() { if [[ ${protocol} == "6" ]]; then g_addr="2001:4860:4860::8888" + l_addr="::1" else g_addr="8.8.8.8" + l_addr="127.0.0.1" fi # Find a blocked url that has not been whitelisted. @@ -285,19 +289,19 @@ testResolver() { testurl="${url:-doubleclick.com}" - log_write "Resolution of ${testurl} from Pi-hole (localhost):" - if localdig=$(dig -"${protocol}" "${testurl}" @localhost +short); then + log_write "Resolution of ${testurl} from Pi-hole (${l_addr}):" + if localdig=$(dig -"${protocol}" "${testurl}" @${l_addr} +short); then log_write "${localdig}" else - log_write "Failed to resolve ${testurl} on Pi-hole" + log_write "Failed to resolve ${testurl} on Pi-hole (${l_addr})" fi log_write "" - log_write "Resolution of ${testurl} from Pi-hole (direct IP):" + log_write "Resolution of ${testurl} from Pi-hole (${IP}):" if piholedig=$(dig -"${protocol}" "${testurl}" @"${IP}" +short); then log_write "${piholedig}" else - log_write "Failed to resolve ${testurl} on Pi-hole" + log_write "Failed to resolve ${testurl} on Pi-hole (${IP})" fi log_write "" @@ -306,7 +310,7 @@ testResolver() { if remotedig=$(dig -"${protocol}" "${testurl}" @${g_addr} +short); then log_write "${remotedig:-NXDOMAIN}" else - log_write "Failed to resolve ${testurl} on ${g_addr}" + log_write "Failed to resolve ${testurl} on upstream server ${g_addr}" fi log_write "" @@ -423,6 +427,7 @@ daemon_check dnsmasq domain daemon_check pihole-FTL 4711 checkProcesses testResolver 4 "${IPV4_ADDRESS%/*}" +testResolver 6 "${IPV6_ADDRESS%/*}" debugLighttpd files_check "${DNSMASQFILE}" From 2547cc4c8d7e13982722acbc7bcf8181585bdd9a Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Sat, 4 Mar 2017 15:06:34 -0800 Subject: [PATCH 5/6] Only run IPv6 if enabled, split out Chaos TXT checks. Signed-off-by: Dan Schaper --- advanced/Scripts/piholeDebug.sh | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index e45debab..e76c5f93 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -313,6 +313,10 @@ testResolver() { log_write "Failed to resolve ${testurl} on upstream server ${g_addr}" fi log_write "" +} + +testChaos(){ + # Check Pi-hole specific records log_write "Pi-hole dnsmasq specific records lookups" log_write "Cache Size:" @@ -320,8 +324,8 @@ testResolver() { log_write "Upstream Servers:" dig +short chaos txt servers.bind >> ${DEBUG_LOG} log_write "" -} +} checkProcesses() { header_write "Processes Check" @@ -426,8 +430,16 @@ daemon_check lighttpd http daemon_check dnsmasq domain daemon_check pihole-FTL 4711 checkProcesses + +# Check local/IP/Google for IPv4 Resolution testResolver 4 "${IPV4_ADDRESS%/*}" -testResolver 6 "${IPV6_ADDRESS%/*}" +# If IPv6 enabled, check resolution +if [[ "${IPV6_ADDRESS}" ]]; then + testResolver 6 "${IPV6_ADDRESS%/*}" +fi +# Poll dnsmasq Pi-hole specific queries +testChaos + debugLighttpd files_check "${DNSMASQFILE}" From 6f2fb57c08e45046d16d2249ace69c6716b308b5 Mon Sep 17 00:00:00 2001 From: Dan Schaper Date: Sat, 4 Mar 2017 15:16:33 -0800 Subject: [PATCH 6/6] Protocol specific records checks. Signed-off-by: Dan Schaper --- advanced/Scripts/piholeDebug.sh | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/advanced/Scripts/piholeDebug.sh b/advanced/Scripts/piholeDebug.sh index e76c5f93..32f48e87 100755 --- a/advanced/Scripts/piholeDebug.sh +++ b/advanced/Scripts/piholeDebug.sh @@ -278,9 +278,11 @@ testResolver() { if [[ ${protocol} == "6" ]]; then g_addr="2001:4860:4860::8888" l_addr="::1" + r_type="AAAA" else g_addr="8.8.8.8" l_addr="127.0.0.1" + r_type="A" fi # Find a blocked url that has not been whitelisted. @@ -290,7 +292,7 @@ testResolver() { log_write "Resolution of ${testurl} from Pi-hole (${l_addr}):" - if localdig=$(dig -"${protocol}" "${testurl}" @${l_addr} +short); then + if localdig=$(dig -"${protocol}" "${testurl}" @${l_addr} +short "${r_type}"); then log_write "${localdig}" else log_write "Failed to resolve ${testurl} on Pi-hole (${l_addr})" @@ -298,7 +300,7 @@ testResolver() { log_write "" log_write "Resolution of ${testurl} from Pi-hole (${IP}):" - if piholedig=$(dig -"${protocol}" "${testurl}" @"${IP}" +short); then + if piholedig=$(dig -"${protocol}" "${testurl}" @"${IP}" +short "${r_type}"); then log_write "${piholedig}" else log_write "Failed to resolve ${testurl} on Pi-hole (${IP})" @@ -307,7 +309,7 @@ testResolver() { log_write "Resolution of ${testurl} from ${g_addr}:" - if remotedig=$(dig -"${protocol}" "${testurl}" @${g_addr} +short); then + if remotedig=$(dig -"${protocol}" "${testurl}" @${g_addr} +short "${r_type}"); then log_write "${remotedig:-NXDOMAIN}" else log_write "Failed to resolve ${testurl} on upstream server ${g_addr}"