Thursday, August 1, 2019

Pi-hole Notes

Below are some notes concerning the installation and configuration of the Pi-hole application on a Raspberry PI.

Etcher can be used to create a boot-able Micro SD card.  The commands to install the application within Linux can be found at https://www.fossmint.com/etcher-usb-sd-card-bootable-image-creator-for-linux/.

Raspbian can be downloaded via https://www.raspberrypi.org/downloads/raspbian/.  The minimal version (Lite) can be used.

The default credentials for Raspbian is pi for the user name, and raspberry for the password.  Once logged in, use the command sudo raspi-config to load the configuration utility.  Use option 1 to enter a new password, and option 5 (Interfacing options) and then 2 (SSH) to enable the SSH daemon.

Use the command sudo nano /etc/dhcpcd.conf and remove the comments from the static IP section.

# Example static IP configuration:
interface eth0
static ip_address=192.168.1.200/24
#static ip6_address=fd51:42f8:caae:d92e::ff/64
static routers=192.168.0.1
static domain_name_servers=8.8.8.8 fd51:42f8:caae:d92e::1

Use the commands sudo apt-get update and sudo apt-get upgrade to verify all current patches are installed.  Via https://pi-hole.net/, use the following command to install the PI Hole application:

sudo curl -sSL https://install.pi-hole.net | bash

During the setup wizard, a password will be displayed.  The web interface can be accessed via http://IP Address/admin.  To log in remotely to the device, use the command ssh IP Address -l pi.  To set a new password for the web interface, use the command sudo pihole -a -p.

Within the web interface, blocked sites can be viewed within the logs via Tools -> Tail pihole.log

Jun 22 21:44:36 dnsmasq[651]: query[A] aol.com from 192.168.1.10
Jun 22 21:44:36 dnsmasq[651]: /etc/pihole/black.list aol.com is 0.0.0.0

The log can be viewed via an SSH session via the command sudo tail -F /var/log/pihole.log or pihole -t.  Certain domains can be searched for by using the command such as grep aol.com /var/log/pihole.log.

The command pihole -up can be used to update the Pi-hole application itself.

pi@raspberrypi:/ $ pihole -up
  [i] Checking for updates...
  [i] Pi-hole Core:     up to date
  [i] Web Interface:    up to date
  [i] FTL:              up to date

  [✓] Everything is up to date!

Regex examples can be found at https://github.com/mmotti/pihole-regex/blob/master/regex.list and https://www.reddit.com/r/pihole/comments/b3fj60/regex_megathread/.

The domain lists can be updated using the pihole -g command.

pi@raspberrypi:~ $ pihole -g
  [i] Pi-hole blocking is enabled
  [i] Neutrino emissions detected...
  [✓] Pulling blocklist source list into range

  [i] Target: raw.githubusercontent.com (hosts)
  [✓] Status: Retrieval successful

  [i] Target: mirror1.malwaredomains.com (justdomains)
  [✓] Status: Retrieval successful

  [i] Target: sysctl.org (hosts)
  [✓] Status: No changes detected

  [i] Target: zeustracker.abuse.ch (blocklist.php?download=domainblocklist)
  [✓] Status: No changes detected

  [i] Target: s3.amazonaws.com (simple_tracking.txt)
  [✓] Status: No changes detected

  [i] Target: s3.amazonaws.com (simple_ad.txt)
  [✓] Status: No changes detected

  [i] Target: hosts-file.net (ad_servers.txt)
  [✓] Status: No changes detected

  [✓] Consolidating blocklists
  [✓] Extracting domains from blocklists
  [i] Number of domains being pulled in by gravity: 137133
  [✓] Removing duplicate domains
  [i] Number of unique domains trapped in the Event Horizon: 114873
  [i] Number of whitelisted domains: 0
  [i] Number of blacklisted domains: 0
  [i] Number of regex filters: 17
  [✓] Parsing domains into hosts format
  [✓] Cleaning up stray matter

  [✓] Force-reloading DNS service
  [✓] DNS service is running
  [✓] Pi-hole blocking is Enabled

The command pihole -t tails the real-time log:

pi@raspberrypi:~ $ pihole -t
  [i] Press Ctrl-C to exit
23:49:59 dnsmasq[651]: forwarded spectrum.s3.amazonaws.com to 8.8.8.8
23:49:59 dnsmasq[651]: reply spectrum.s3.amazonaws.com is
23:49:59 dnsmasq[651]: reply s3-directional-w.amazonaws.com is
23:49:59 dnsmasq[651]: reply s3-1-w.amazonaws.com is 52.216.9.139

Additional lists such as https://raw.githubusercontent.com/chadmayfield/pihole-blocklists/master/lists/pi_blocklist_porn_top1m.list can be added via the web interface under Settings -> Blocklists tab.  A web site with details on additional lists can be found at https://firebog.net.

Parameters can be backed up to a single file under Settings -> Teleporter.  A restore option is available if migrating the service to new hardware.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.