Commit graph

1563 commits

Author SHA1 Message Date
Adam Warner
1c2c10c4a5
Merge pull request #3761 from BastiG/development
read REV_SERVER_CIDR from environment
2020-11-18 21:56:08 +00:00
Adam Warner
e03585e0bb
Merge pull request #3810 from deHakkelaar/patch-5
Enable DNS forwarding loop detection
2020-11-18 21:54:30 +00:00
Adam Warner
cd8120d33f
Add some output to the --nuke command
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-11-16 23:31:35 +00:00
Adam Warner
4abd8196ae
Merge pull request #3349 from Forceflow/development
Fix for pihole -w --nuke displaying help info even if command is exec…
2020-11-08 16:10:47 +00:00
Craig Mayhew
95a28ae125 unset() now also occurs for $splashPage
After some email discussion with Adam, there is a preference to also prevent $splashPage from using variables

Signed-off-by: craigmayhew <craig@mayhew.io>
2020-10-28 18:32:46 +00:00
Craig Mayhew
e5c7549f8f Fixed potential security issue with $landPage receiving variables
Signed-off-by: craigmayhew <craig@mayhew.io>
2020-10-27 14:49:46 +00:00
deHakkelaar
ad39ba30bd
Enable DNS forwarding loop detection
Found below by accident:
```
pi@ph5:~ $ man dnsmasq
[..]
       --dns-loop-detect
              Enable code to detect DNS forwarding loops; ie the  situa‐
              tion  where  a  query  sent  to one of the upstream server
              eventually returns as a new query to the dnsmasq instance.
              The  process  works  by generating TXT queries of the form
              <hex>.test and sending them to each upstream  server.  The
              hex is a UID which encodes the instance of dnsmasq sending
              the query and the upstream server to which it was sent. If
              the  query  returns  to the server which sent it, then the
              upstream server through which it was sent is disabled  and
              this  event  is  logged.  Each  time  the  set of upstream
              servers changes, the test is re-run on all  of  them,  in‐
              cluding ones which were previously disabled.
```
Seems to work just fine if I point my router 10.0.0.1 back to Pi-hole in the WAN DNS settings:
```
pi@ph5:~ $ grep server= -R /etc/dnsmasq.*
/etc/dnsmasq.d/01-pihole.conf:server=9.9.9.10
/etc/dnsmasq.d/01-pihole.conf:server=149.112.112.10
/etc/dnsmasq.d/01-pihole.conf:server=10.0.0.1
/etc/dnsmasq.d/01-pihole.conf:rev-server=10.0.0.0/24,10.0.0.2
/etc/dnsmasq.d/01-pihole.conf:server=/dehakkelaar.nl/10.0.0.2
/etc/dnsmasq.d/01-pihole.conf:server=/use-application-dns.net/
```
```
pi@ph5:~ $ sudo tee /etc/dnsmasq.d/99-my-settings.conf <<< $'dns-loop-detect'
dns-loop-detect
```
```
pi@ph5:~ $ pihole restartdns
  [✓] Restarting DNS server
```
```
pi@ph5:~ $ tail -F /var/log/pihole.log
[..]
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 10.0.0.2#53 for domain dehakkelaar.nl
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 10.0.0.2#53 for domain 0.0.10.in-addr.arpa
Oct 22 18:17:41 dnsmasq[17301]: NOT using nameserver 10.0.0.1#53 - query loop detected
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 149.112.112.10#53
Oct 22 18:17:41 dnsmasq[17301]: using nameserver 9.9.9.10#53
```
2020-10-22 18:54:04 +02:00
DL6ER
50100017a5
Merge pull request #3794 from pi-hole/security/non_FQDNs_locality
Security enhancement for the "never forward non-FQDNs" feature
2020-10-21 21:09:05 +02:00
Adam Warner
59b0a6af6f
Remove references to privacy level 4 (no longer functional)
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-10-13 23:53:23 +01:00
bcambl
47aa1644a8 add debug checking for firewalld
Signed-off-by: bcambl <blayne@blaynecampbell.com>
2020-10-11 22:20:31 -06:00
DL6ER
08a84e51d6
Only add local=/<domain>/ when the "only forward FQDN queries" function is enabled to prevent unintended side-effects of this change
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-10-10 11:23:55 +02:00
DL6ER
d631cd8b04
Security enhancement for the "never forward non-FQDNs" feature. This should prevent all local queries from being forwarded (will show up as blocked by regex) as well as any hostname without a domain (for example one word searches from the address bar in browsers). This fixes #3303
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-10-10 11:01:01 +02:00
Adam Warner
0445559610
Accidentally a number (#3788)
Co-authored-by: MichaIng <micha@dietpi.com>
Signed-off-by: Adam Warner <me@adamwarner.co.uk>

Co-authored-by: MichaIng <micha@dietpi.com>
2020-10-09 17:24:42 +02:00
Adam Warner
948337dd8e
Merge pull request #3740 from pi-hole/new/adlist_date_updated
Add date_updated field to adlist table
2020-10-09 14:04:13 +01:00
Adam Warner
fe463f15b3
Merge pull request #3741 from pi-hole/new/debug_scan_dhcp
Discover active DHCP servers during debugger run
2020-10-09 14:00:57 +01:00
Christian König
568ebd67ca Update comment
Signed-off-by: Christian König <ckoenig@posteo.de>
2020-10-03 16:17:37 +02:00
Christian König
c628c970ae Print tail of logs in /var/log/lighttpd in debug run as well
Signed-off-by: Christian König <ckoenig@posteo.de>
2020-10-02 21:04:27 +02:00
Sebastian Gmeiner
8041bbf443 read REV_SERVER_CIDR from environment
Signed-off-by: Sebastian Gmeiner <sebastian@gmeiners.net>
2020-09-25 15:26:43 +02:00
DirkJanIT
b88510d89a
Add CACHE_SIZE to setupVars (#3170)
* Update 01-pihole.conf

Signed-off-by: DoubleOhmSeven <57564379+DoubleOhmSeven@users.noreply.github.com>

* Update basic-install.sh

Signed-off-by: DoubleOhmSeven <57564379+DoubleOhmSeven@users.noreply.github.com>

Co-authored-by: DoubleOhmSeven <57564379+DoubleOhmSeven@users.noreply.github.com>
2020-09-17 23:13:40 +02:00
DL6ER
41e899260f
Discover active DHCP servers during debugger run
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-09-07 23:17:50 +02:00
DL6ER
12b9748c43
Fine-tune adlist:adte_modified trigger and don't default new date_updated column to now but use NULL instead
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-09-07 21:11:57 +02:00
DL6ER
4fd412d7c3
Add date_updated field in adlist table set when a list changes.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-09-07 20:59:23 +02:00
Michael Paul Killian
5eabf4255b
Sign-off for DCO
Signed-off-by: Michael Paul Killian <spammyreset-github@gmail.com>
2020-09-06 13:53:03 +02:00
Michael Paul Killian
538827397c
Update index.php
See #3736
2020-09-06 11:51:33 +02:00
Adam Warner
b8cd238fa1
Update advanced/Scripts/piholeDebug.sh
Co-authored-by: DL6ER <DL6ER@users.noreply.github.com>
2020-08-23 14:35:02 +01:00
Adam Warner
8e219cb799
Make output more meaningful in case of dig failure.
Include dig return code and response in debug run

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-08-23 10:48:15 +01:00
Dan Schaper
ebdb68a47a
display_warning fixes
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
2020-08-15 10:54:31 -07:00
Dan Schaper
623ce1fe18
Tabs and debug.sh
Signed-off-by: Dan Schaper <dan.schaper@pi-hole.net>
2020-08-14 14:37:58 -07:00
Adam Warner
bb1a6243d6
Merge pull request #3669 from pi-hole/release/v5.1.2
Release/v5.1.2 to development
2020-08-14 16:28:53 +01:00
Samuel Boucher
d4dd446ba3 Update advanced/Scripts/chronometer.sh
Co-authored-by: Dan Schaper <dan.schaper@pi-hole.net>
Signed-off-by: Samuel Boucher <scboucher@users.noreply.github.com>
2020-08-09 17:12:20 -04:00
Samuel Boucher
8b4921405a Upercase the temp_unit
Signed-off-by: Samuel Boucher <scboucher@users.noreply.github.com>
2020-08-09 15:09:49 -04:00
Nathan Friend
5a48478196
Update "About Pi-hole" link
Signed-off-by: Nathan Friend <nathan@gitlab.com>
2020-08-01 20:00:49 -05:00
Aiden Mitchell
7c53b97004
Updating FAQ_HARDWARE_REQUIREMENTS and FAQ_HARDWARE_REQUIREMENTS_PORTS (#3632)
Signed-off-by: Aiden Mitchell <aiden@bcyouthcouncil.ca>

Co-authored-by: Adam Warner <me@adamwarner.co.uk>
2020-07-30 12:57:19 -07:00
DL6ER
8f7f0881c6
Add /usr/sbin to cronjob PATH
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-07-21 21:21:24 +02:00
DL6ER
17aabf26f7
Also use pkill/pgrep in the FTL service script
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-07-21 21:21:17 +02:00
Adam Warner
f50cff54de
*innocent whistling*
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-07-15 23:49:17 +01:00
Adam Warner
849139176e
fallback to NC if curl fails on uploadgit checkout
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-07-15 21:54:45 +01:00
Adam Warner
b8bba7951f
Just one more newline, give it to me.
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-07-15 20:49:18 +01:00
Adam Warner
76ce5ec66b
Add additional information about local debug log location
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-07-15 20:45:02 +01:00
Adam Warner
7b41b99549
Merge pull request #2887 from tlk/fix/reenable
Prevent "pihole disable $timeout" from messing up future state changes
2020-07-15 20:23:33 +01:00
XhmikosR
d8822b70cf Fix minor typo
Signed-off-by: XhmikosR <xhmikosr@gmail.com>
2020-07-05 15:12:02 +03:00
XhmikosR
cf1c1e2e7e Tweak lighttpd configs
* Compress more types
* Add charset=utf-8 in more text types
* Use proper media types
* Add default expire header
* Use consistent indentation

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
2020-07-02 12:28:26 +03:00
Adam Warner
f5a5f68a1a
Merge pull request #3403 from XhmikosR/XhmikosR-patch-1
Fix/tweak blocking page
2020-07-02 10:27:16 +01:00
Adam Warner
3205606fc3
Also validate IPV6 in the setdns function
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-06-23 20:38:18 +01:00
Dan Schaper
3aaf9d89b3
Merge pull request #3260 from pi-hole/new/rev-server
Improve conditional forwarding
2020-06-21 13:26:07 -07:00
DL6ER
2c3aa9ab00
Merge pull request #3491 from pi-hole/fix_ip_address_section
Fix fresh install on dev branch not working
2020-06-21 21:58:36 +02:00
DL6ER
9bf0f2a161
Reduce handholding when trying to foresee the intentions of the user. The code does now preserve legacy behavior and users can open up the subnet manually if they like.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-06-21 21:47:30 +02:00
Adam Warner
7ea6d7b92b
remove ; so IFS changes don't stick
Co-authored-by: Dan Schaper <dan.schaper@pi-hole.net>
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-06-14 00:17:51 +01:00
Adam Warner
011fa8c6ea
fix sticklr complaint
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-06-13 21:47:00 +01:00
Adam Warner
0320d85028
Additionally source the install script in webpage.sh to validate IP entered on pihole -a setdns
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-06-13 20:57:57 +01:00
Dan Schaper
5f9dac8d2b
Merge pull request #3434 from pi-hole/new/os_detect
Change OS Detection in debug script
2020-06-05 13:38:50 -07:00
Adam Warner
03a8cff55e
read > mapfile as suggested by @dschaper
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-06-05 21:01:53 +01:00
DL6ER
2b1bc6a46e
Replace possible "\#" by "#". This fixes AdminLTE#1427
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-06-04 09:32:40 +02:00
DL6ER
6160eb6894
This regex is too complex for bash's own replacement. Add ignore for the shellcheck rule.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-06-04 09:22:40 +02:00
DL6ER
318ca75269
Merge branch 'development' into new/rev-server 2020-06-04 08:56:08 +02:00
Adam Warner
58724a38a9
Improve detection and display of supported/unsupported OS in debug script
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-06-03 17:57:22 +01:00
DL6ER
202ba055ea
Change UNIQUEness constraint from (domain) to (domain, type) in the domainlist table. This will allow duplicates which can be associated to different groups.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-06-02 10:49:35 +02:00
XhmikosR
d90313fe4d Fix/tweak blocking page
* fix favicon
* add meta charset
* add html lang
* add a page title
* remove unneeded html end tags
* fix viewport tag to allow zooming
* compress the "blocked by Pi-hole" SVG
* remove trailing spaces
* switch to double colon pseudo elements (works from IE9 and newer)
* add missing vendor prefixes
* other minor tweaks
* add `Access-Control-Allow-Origin` header to all font types

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
2020-05-31 15:54:11 +03:00
XhmikosR
7579ab178a Update links
* use https when possible
* replace coverage with a link to the docs page in README.md
* remove obsolete affiliate link in README.md

Signed-off-by: XhmikosR <xhmikosr@gmail.com>
2020-05-30 21:50:16 +03:00
Thomas L. Kjeldsen
903808a477 Improved explanation of why this script is needed
Signed-off-by: Thomas L. Kjeldsen <tlk@closureconsulting.com>
2020-05-30 03:14:03 +02:00
Thomas L. Kjeldsen
005da06b3d Use PI_HOLE_BIN_DIR as introduced in PR #2886
Signed-off-by: Thomas L. Kjeldsen <tlk@closureconsulting.com>
2020-05-30 03:13:51 +02:00
Thomas L. Kjeldsen
852f6b95f5 Prevent "pihole disable $timeout" from messing up future state changes
Signed-off-by: Thomas L. Kjeldsen <tlk@closureconsulting.com>
2020-05-30 02:58:27 +02:00
DL6ER
de8976da7a
Add CAP_SYS_NICE to FTL's capabilities so it can control its own niceness.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-05-28 21:18:31 +02:00
DL6ER
b60ec8a48f
Merge pull request #3248 from MichaIng/patch-8
Start pihole-FTL after network
2020-05-25 21:27:27 +02:00
DL6ER
27f0fd2372
Merge pull request #3415 from fhriley/reload_privacy
Reload the lists, which will cause the cached privacy level to be upd…
2020-05-25 18:47:44 +02:00
Adam Warner
d0e250a616
Ensure pihole-FTL.conf is parsed, as well as external.conf for lighttpd, to rule out any custom modifications.
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-05-21 22:25:00 +01:00
Adam Warner
b2ba55c27b
Show details of any remotes on the git repositories
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-05-21 21:23:26 +01:00
Frank Riley
9d04c517e6 Reload the lists, which will cause the cached privacy level to be updated.
Signed-off-by: Frank Riley <fhriley@gmail.com>
2020-05-20 15:47:53 -07:00
DL6ER
b421e422c2
Merge pull request #3351 from marank/development
Added support for CNAME record add/remove
2020-05-20 09:13:54 +02:00
MichaIng
5c17e41cf1 Start pihole-FTL after network
"$network" on a systemd-driven OS leads to "After=network-online.target" in the generated systemd unit.
This target is no guarantee that all network interfaces have been fully configured, as it depends on the related network services types, but at least it reduces the risk that those have not fully finished their job when pihole-FTL starts. If this is the case, certain issues can occur:
- https://github.com/pi-hole/pi-hole/issues/2924
- https://discourse.pi-hole.net/t/have-to-pihole-restartdns-after-reboot/28772

Runtime files are now consistently created in "/run" instead of "/var/run". The second is a symlink to the first for backwards compatibility but on none-ancient distro versions one should use "/run", systemd even prints a warnings if service files use "/var/run". The service file used "/run" and "/var/run" both, in cases for the same files/directories before, which does not directly cause issues currently, due to the symlink, but is inconsistent at best.

Signed-off-by: MichaIng <micha@dietpi.com>
2020-05-16 13:38:18 +02:00
Dan Schaper
10addc5923
Merge pull request #3218 from JulienOrain/patch-1
fix typo
2020-05-14 09:48:59 -07:00
Dan Schaper
c76435883b
Merge pull request #3360 from dnicolson/fix-github-capitalisation
Fix GitHub capitalisation
2020-05-13 16:56:36 -07:00
Dave Nicolson
ab753e88a2 Fix GitHub capitalisation
Signed-off-by: Dave Nicolson <david.nicolson@gmail.com>
2020-05-13 12:55:00 +02:00
Adam Warner
be25b4d9c4
Merge pull request #3352 from pi-hole/merge-master-dev
Merge master dev
2020-05-12 22:27:24 +01:00
Adam Warner
9e96ff37de
Fix merge conflicts
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-05-12 22:16:43 +01:00
DL6ER
a9c66c7b45
Implement pihole -a theme option
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-05-12 23:03:49 +02:00
Matthias Rank
2b9898e9ca Fixed indentation
Signed-off-by: Matthias Rank <development@m-rank.de>
2020-05-12 21:04:30 +02:00
Matthias Rank
0add5eb291 Added support for CNAME record add/remvoe
Signed-off-by: Matthias Rank <development@m-rank.de>
2020-05-12 21:02:29 +02:00
Jeroen Baert
4cf241b42b Fix for pihole -w --nuke displaying help info even if command is executed correctly
Signed-off-by: Jeroen Baert <3607063+Forceflow@users.noreply.github.com>
2020-05-12 19:59:19 +02:00
DL6ER
7cc35d3b04
Add update to gravity database version 12, renaming the Unassociated group to Default group.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-05-07 18:01:37 +02:00
DL6ER
78469ee58d
Merge pull request #3255 from pi-hole/tweak/emailregex
Enhanced email validation regex
2020-05-06 09:48:26 +02:00
Adam Warner
369288cc48
Update advanced/Scripts/webpage.sh
Co-authored-by: DL6ER <DL6ER@users.noreply.github.com>
2020-05-06 08:40:54 +01:00
Dan Schaper
742d802940
Merge pull request #3027 from XhmikosR/patch-1
Serve JS files with utf-8 charset too
2020-05-05 12:29:27 -07:00
Dan Schaper
017d405b28
Merge pull request #3307 from pi-hole/tweak/debugger_type_display
Improve debugger database table printing
2020-04-29 11:48:47 -07:00
DL6ER
ddb354f78b
Add enable indentation for the domainlist
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-04-29 06:23:29 +02:00
DL6ER
20ef5e0264
Show associated group IDs in domains/clients/adlists listing. We get the data through a LEFT JOIN followed by a GROUPing by the left list ID and finialized through a GROUP_CONCATenation.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-04-24 10:33:46 +02:00
DL6ER
ad5802715e
enabled field: Center 0, right-align 1
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-04-23 15:16:48 +02:00
DL6ER
989bbad37e
Remove pihole -a hostrecord
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-04-23 13:20:15 +02:00
DL6ER
63f6c6a894
Add indentation for enabled and type fields
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-04-23 10:01:22 +02:00
Adam Warner
d42785a3bf
Merge pull request #3271 from pi-hole/tweak/version
Add branch name to pihole -v
2020-04-21 16:07:27 +01:00
DL6ER
401c029dc4
Improve else condition of branch determination
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-04-21 16:08:32 +02:00
DL6ER
0343171703
Add correct displaying for detached HEAD state.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-04-21 08:54:28 +02:00
DL6ER
176fbaf83b
Ask pihole-FTL for the branch it was compiled from instead of trusting the checkout file to be present.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-04-21 08:51:17 +02:00
Adam Warner
471006676c
Merge pull request #3227 from pi-hole/new/CLI_domain_comments
Add option --comment "whatever" for adding comments for new domains through the CLI interface.
2020-04-19 14:39:05 +01:00
Adam Warner
3cc9ba4ee8
stickler Signed-off-by: Adam Warner <me@adamwarner.co.uk> 2020-04-18 12:57:06 +01:00
Adam Warner
6dc85c3527
Don't display branch name if it is on master.
Prefer cached remote version over github API

Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-04-18 12:51:04 +01:00
Adam Warner
851947bbf2
Add branch name to version output
Signed-off-by: Adam Warner <me@adamwarner.co.uk>
2020-04-13 20:58:46 +01:00
Matthias Schoettle
308eb5eda5 Fixes broken blocking page and landing page when changing server port and/or hostname.
See issues #2195 and #2720.

Signed-off-by: Matthias Schoettle <git@mattsch.com>
2020-04-10 12:29:01 -04:00
DL6ER
093054a1eb
Automatically convert legacy IP range to Class C network
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-04-09 09:49:07 +02:00
DL6ER
4130af0aab
Retain rev-server settings when the feature gets disabled.
Signed-off-by: DL6ER <dl6er@dl6er.de>
2020-04-09 09:05:50 +02:00