# Pi-hole

## mustang01

Hello, I need to install pi-hole on gentoo.

RPI 4 1024MB RAM freezes, ddns stops working, and that's not acceptable. I don't want to install the ubuntu virtual machine from pihole.

Can anyone help install Pi-hole on gentoo?

At this link -> https://discourse.pi-hole.net/t/add-gentoo-as-a-supported-os/2011 ,

somebody added support for gentoo. Unfortunately, the patches are not up to date.  Please help.

----------

## r7l

There is no Pi-Hole ebuild in portage or in any of the listed overlays. What is it you're aiming for? I have pretty much the same with a script in a cron job and dnsmasq. 

What my script does is pulling in a host list from here: https://github.com/StevenBlack/hosts

Then i use a number of sed lines to remove stuff i don't want to be blocked (there is some MS stuff and image boards blocked there).

In the end it adds a few other domains that i miss.

So this runs once every few days and apart from the shiny interface, it should be exactly the same.

It might also be possible to use Unbound for this.

----------

## ali3nx

there's one way that does work well to install pi-hole on gentoo and that's using docker. There's an official docker image for pi-hole. I've been attempting to set it up on my own server today but i'm still a docker novice.  

1GB of ram may be a limiting factor but it may just work.

```
# docker search pihole

NAME                           DESCRIPTION                                     STARS               OFFICIAL            AUTOMATED

pihole/pihole                  The official Pi-hole Docker image from pi-ho…   550

```

Docker github page has a docker-compose yaml template to aid with setup

https://github.com/pi-hole/docker-pi-hole

----------

## mustang01

 *r7l wrote:*   

> There is no Pi-Hole ebuild in portage or in any of the listed overlays. What is it you're aiming for? I have pretty much the same with a script in a cron job and dnsmasq. 
> 
> What my script does is pulling in a host list from here: https://github.com/StevenBlack/hosts
> 
> Then i use a number of sed lines to remove stuff i don't want to be blocked (there is some MS stuff and image boards blocked there).
> ...

 

The price for it is that it shows me which websites were blocked because sometimes it needs to be unlocked. A cool feature is also the temporary deactivation of the lock. I also need the wildcard function.

"StevenBlack" lists are not enough for me, I have + 7 own hosts:

```
   https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/hostfile.txt   

   https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/easylist_host.txt   

   https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/easy_privacy_host.txt   

   https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/gambling-hosts.txt   

   https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/hosts.txt   

   https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/adguard_host.txt   

   https://raw.githubusercontent.com/ZeroDot1/CoinBlockerLists/master/hosts   

   https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/Ad_filter_list_by_Disconnect.txt   

   https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/Peter_Lowe_ADS.txt   

   https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/adguard_crypto_host.txt   

   https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/adguard_mobile_host.txt   

   https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/ads-and-tracking-extended.txt   

   https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/ads-and-tracking.txt   

   https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/adservers.txt   

   https://www.tranzystor.pl/pliki/phishing.txt   

   https://www.tranzystor.pl/pliki/malware.txt   

   https://www.tranzystor.pl/pliki/black_list_porno.txt   

   https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts   

   https://mirror1.malwaredomains.com/files/justdomains   

   http://sysctl.org/cameleon/hosts   

   https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist   

   https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt   

   https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt   

   https://hosts-file.net/ad_servers.txt   

   https://gitlab.com/ookangzheng/dbl-oisd-nl/raw/master/dbl.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/adaway.org/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/adblock-nocoin-list/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/adguard-simplified/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/anudeepnd-adservers/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/disconnect.me-ad/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/disconnect.me-malvertising/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/disconnect.me-malware/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/disconnect.me-tracking/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/easylist/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/easyprivacy/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/eth-phishing-detect/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/fademind-add.2o7net/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/fademind-add.dead/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/fademind-add.risk/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/fademind-add.spam/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/kadhosts/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/malwaredomainlist.com/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/malwaredomains.com-immortaldomains/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/malwaredomains.com-justdomains/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/matomo.org-spammers/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/mitchellkrogza-badd-boyz-hosts/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/pgl.yoyo.org/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/ransomwaretracker.abuse.ch/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/someonewhocares.org/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/spam404.com/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/stevenblack/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/winhelp2002.mvps.org/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/zerodot1-coinblockerlists-browser/list.txt   

   https://raw.githubusercontent.com/hectorm/hmirror/master/data/zeustracker.abuse.ch/list.txt   

   https://raw.githubusercontent.com/CHEF-KOCH/Audio-fingerprint-pages/master/AudioFp.txt   

   https://raw.githubusercontent.com/CHEF-KOCH/Canvas-fingerprinting-pages/master/Canvas.txt   

   https://raw.githubusercontent.com/CHEF-KOCH/WebRTC-tracking/master/WebRTC.txt   

   https://raw.githubusercontent.com/CHEF-KOCH/CKs-FilterList/master/Anti-Corp/hosts/NSABlocklist.txt   

   https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-blocklist.txt   

   https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-malware.txt   

   https://www.stopforumspam.com/downloads/toxic_domains_whole.txt
```

----------

## mustang01

 *ali3nx wrote:*   

> there's one way that does work well to install pi-hole on gentoo and that's using docker. There's an official docker image for pi-hole. I've been attempting to set it up on my own server today but i'm still a docker novice.  
> 
> 1GB of ram may be a limiting factor but it may just work.
> 
> ```
> ...

 

I am surprised that I did not know that Docker is a more efficient environment than a virtual machine. I don't want to lose the processor core or 1 GB RAM on the virtual machine.

I got an error during installation.

```
>>> Jobs: 1 of 10 complete, 1 failed                Load avg: 1.00, 1.04, 0.60

 * Package:    app-emulation/docker-proxy-0.8.0_p20190513

 * Repository: gentoo

 * Maintainer: tianon@dockerproject.org mrueg@gentoo.org,williamh@gentoo.org

 * USE:        abi_x86_64 amd64 elibc_glibc kernel_linux userland_GNU

 * FEATURES:   network-sandbox preserve-libs sandbox selinux sesandbox userpriv usersandbox

!!! Failed to set new SELinux execution context. Is your current SELinux context allowed to run Portage?

>>> Unpacking source...

>>> Source unpacked in /var/tmp/portage/app-emulation/docker-proxy-0.8.0_p20190513/work

!!! Failed to set new SELinux execution context. Is your current SELinux context allowed to run Portage?

>>> Preparing source in /var/tmp/portage/app-emulation/docker-proxy-0.8.0_p20190513/work/docker-proxy-0.8.0_p20190513/src/github.com/docker/libnetwork ...

>>> Source prepared.

!!! Failed to set new SELinux execution context. Is your current SELinux context allowed to run Portage?

>>> Configuring source in /var/tmp/portage/app-emulation/docker-proxy-0.8.0_p20190513/work/docker-proxy-0.8.0_p20190513/src/github.com/docker/libnetwork ...

>>> Source configured.

!!! Failed to set new SELinux execution context. Is your current SELinux context allowed to run Portage?

>>> Compiling source in /var/tmp/portage/app-emulation/docker-proxy-0.8.0_p20190513/work/docker-proxy-0.8.0_p20190513/src/github.com/docker/libnetwork ...

failed to initialize build cache at /tmp/mustang01/.cache/go-build: mkdir /tmp/mustang01/.cache/go-build: permission denied

 * ERROR: app-emulation/docker-proxy-0.8.0_p20190513::gentoo failed (compile phase):

 *   (no error message)

 *

 * Call stack:

 *     ebuild.sh, line 125:  Called src_compile

 *   environment, line 463:  Called die

 * The specific snippet of code:

 *       GOPATH="${WORKDIR}/${P}" go build -o "bin/docker-proxy" ./cmd/proxy || die

 *

 * If you need support, post the output of `emerge --info '=app-emulation/docker-proxy-0.8.0_p20190513::gentoo'`,

 * the complete build log and the output of `emerge -pqv '=app-emulation/docker-proxy-0.8.0_p20190513::gentoo'`.

 * The complete build log is located at '/var/tmp/portage/app-emulation/docker-proxy-0.8.0_p20190513/temp/build.log'.

 * The ebuild environment file is located at '/var/tmp/portage/app-emulation/docker-proxy-0.8.0_p20190513/temp/environment'.

 * Working directory: '/var/tmp/portage/app-emulation/docker-proxy-0.8.0_p20190513/work/docker-proxy-0.8.0_p20190513/src/github.com/docker/libnetwork'

 * S: '/var/tmp/portage/app-emulation/docker-proxy-0.8.0_p20190513/work/docker-proxy-0.8.0_p20190513/src/github.com/docker/libnetwork'

 * Messages for package app-emulation/docker-proxy-0.8.0_p20190513:

 * ERROR: app-emulation/docker-proxy-0.8.0_p20190513::gentoo failed (compile phase):

 *   (no error message)

 *

 * Call stack:

 *     ebuild.sh, line 125:  Called src_compile

 *   environment, line 463:  Called die

 * The specific snippet of code:

 *       GOPATH="${WORKDIR}/${P}" go build -o "bin/docker-proxy" ./cmd/proxy || die

 *

 * If you need support, post the output of `emerge --info '=app-emulation/docker-proxy-0.8.0_p20190513::gentoo'`,

 * the complete build log and the output of `emerge -pqv '=app-emulation/docker-proxy-0.8.0_p20190513::gentoo'`.

 * The complete build log is located at '/var/tmp/portage/app-emulation/docker-proxy-0.8.0_p20190513/temp/build.log'.

 * The ebuild environment file is located at '/var/tmp/portage/app-emulation/docker-proxy-0.8.0_p20190513/temp/environment'.

 * Working directory: '/var/tmp/portage/app-emulation/docker-proxy-0.8.0_p20190513/work/docker-proxy-0.8.0_p20190513/src/github.com/docker/libnetwork'

 * S: '/var/tmp/portage/app-emulation/docker-proxy-0.8.0_p20190513/work/docker-proxy-0.8.0_p20190513/src/github.com/docker/libnetwork'

 * GNU info directory index is up-to-date.

```

----------

## fedeliallalinea

Can help this?

----------

## ali3nx

 *fedeliallalinea wrote:*   

> Can help this?

 

That definitely could be positive direction.

This stands out for possible added complications.

```
Failed to set new SELinux execution context. Is your current SELinux context allowed to run Portage?
```

I try to avoid enabling or supporting selinux if it's unnecessary. general uses for hardened gentoo would be a necessary benefit otherwise if not then avoid if you have no need of selinux.

Given the selinux errors which portage profile are you using?

----------

## mustang01

default/linux/amd64/17.1/hardened/selinux (stable) *

I use my gentoo as a home router and server. I have xfce4 graphical environment installed in it. Do you recommend turning off selinux?

I thought selinux was configured incorrectly. I use this gentoo profile for the first time, I have been working on desktop more often.

----------

## ali3nx

 *mustang01 wrote:*   

> default/linux/amd64/17.1/hardened/selinux (stable) *
> 
> I use my gentoo as a home router and server. I have xfce4 graphical environment installed in it. Do you recommend turning off selinux?
> 
> I thought selinux was configured incorrectly. I use this gentoo profile for the first time, I have been working on desktop more often.

 

There's may be some additional config for selinux rbac profiles for portage that's necessary based on the errors but i'm not that familiar with selinux tuning. you might try asking on irc in#hardened-gentoo on freenode or perhaps fedeliallalinea has a suggestion. usually a very knowledgable fellow that one. hardened gentoo irc channel someone will have some recommendations for certain

given your using the selinux hardened profile i'm not keen to recommend disabling selinux purely based on my lack of recent experience with hardened gentoo or selinux. Years ago i used to use grsecurity and hardened but that was many years ago  :Smile: 

----------

## mustang01

I entered in the console:

```

#FEATURES="-selinux -sesandbox" emerge -av app-emulation/docker

#emerge -av docker-compose

#docker pull pihole/pihole

#docker run -e ServerIP=192.168.0.1 -e TZ=Europe/Warsaw -e WEBPASSWORD=***** -p 8180:80 -p 53:53/tcp -p 53:53/udp  --dns=194.204.159.1 --dns=185.89.185.1 -v /dir/for/pihole:/etc/pihole -v /dir/for/dnsmasq.d:/etc/dnsmasq.d pihole/pihole

```

Pihole started with an error:

```

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.

[s6-init] ensuring user provided files have correct perms...exited 0.

[fix-attrs.d] applying ownership & permissions fixes...

[fix-attrs.d] 01-resolver-resolv: applying... 

[fix-attrs.d] 01-resolver-resolv: exited 0.

[fix-attrs.d] done.

[cont-init.d] executing container initialization scripts...

[cont-init.d] 20-start.sh: executing... 

 ::: Starting docker specific checks & setup for docker pihole/pihole

WARNING Misconfigured DNS in /etc/resolv.conf: Primary DNS should be 127.0.0.1 (found 194.204.159.1)

nameserver 194.204.159.1

nameserver 185.89.185.1

  [i] Existing PHP installation detected : PHP version 7.0.33-0+deb9u5

  [i] Installing configs from /etc/.pihole...

  [i] Existing dnsmasq.conf found... it is not a Pi-hole file, leaving alone!

  [✓] Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf

chown: cannot access '/etc/pihole/dhcp.leases': No such file or directory

::: Pre existing WEBPASSWORD found

Using default DNS servers: 8.8.8.8 & 8.8.4.4

DNSMasq binding to default interface: eth0

Added ENV to php:

         "PHP_ERROR_LOG" => "/var/log/lighttpd/error.log",

         "ServerIP" => "192.168.0.1",

         "VIRTUAL_HOST" => "192.168.0.1",

Using IPv4 and IPv6

::: Preexisting ad list /etc/pihole/adlists.list detected ((exiting setup_blocklists early))

https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts

https://mirror1.malwaredomains.com/files/justdomains

http://sysctl.org/cameleon/hosts

https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt

https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt

https://hosts-file.net/ad_servers.txt

::: Testing pihole-FTL DNS: FTL started!

::: Testing lighttpd config: Syntax OK

::: All config checks passed, cleared for startup ...

 ::: Docker start setup complete

  [i] Pi-hole blocking is enabled

  [i] Neutrino emissions detected...

  [✓] Pulling blocklist source list into range

  [i] Target: raw.githubusercontent.com (hosts)

  [✓] Status: Retrieval successful

  [i] Target: mirror1.malwaredomains.com (justdomains)

  [✓] Status: No changes detected

  [i] Target: sysctl.org (hosts)

  [✓] Status: No changes detected

  [i] Target: s3.amazonaws.com (simple_tracking.txt)

  [✓] Status: No changes detected

  [i] Target: s3.amazonaws.com (simple_ad.txt)

  [✓] Status: No changes detected

  [i] Target: hosts-file.net (ad_servers.txt)

  [✓] Status: No changes detected

  [✓] Consolidating blocklists

  [✓] Extracting domains from blocklists

  [i] Number of domains being pulled in by gravity: 138911

  [✓] Removing duplicate domains

  [i] Number of unique domains trapped in the Event Horizon: 116701

  [i] Nothing to whitelist!

  [i] Number of regex filters: 0

  [✓] Parsing domains into hosts format

  [✓] Cleaning up stray matter

  [✓] DNS service is running

  [✓] Pi-hole blocking is Enabled

[cont-init.d] 20-start.sh: exited 0.

[cont-init.d] done.

[services.d] starting services

Starting crond

Starting pihole-FTL (no-daemon) as root

Starting lighttpd

Cannot make/remove an entry for the specified session

Cannot make/remove an entry for the specified session

[services.d] done.

Stopping pihole-FTL

Starting pihole-FTL (no-daemon) as root

Cannot make/remove an entry for the specified session

Cannot make/remove an entry for the specified session

Cannot make/remove an entry for the specified session

Cannot make/remove an entry for the specified session

Cannot make/remove an entry for the specified session

Stopping pihole-FTL

Starting pihole-FTL (no-daemon) as root

^Z^X^CStopping pihole-FTL

Stopping cron

[cont-finish.d] executing container finish scripts...

Stopping lighttpd

[cont-finish.d] done.

[s6-finish] syncing disks.

[s6-finish] sending all processes the TERM signal.

[s6-finish] sending all processes the KILL signal and exiting.

serwo /home/mustang01/docker-pi-hole # docker run -e ServerIP=192.168.0.1 -e TZ=Europe/Warsaw -e WEBPASSWORD=***** -p 8180:80 -p 53:53/tcp -p 53:53/udp --dns=194.204.159.1 --dns=185.89.185.1 -v /dir/for/pihole:/etc/pihole:z -v /dir/for/dnsmasq.d:/etc/dnsmasq.d:z pihole/pihole

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.

[s6-init] ensuring user provided files have correct perms...exited 0.

[fix-attrs.d] applying ownership & permissions fixes...

[fix-attrs.d] 01-resolver-resolv: applying... 

[fix-attrs.d] 01-resolver-resolv: exited 0.

[fix-attrs.d] done.

[cont-init.d] executing container initialization scripts...

[cont-init.d] 20-start.sh: executing... 

 ::: Starting docker specific checks & setup for docker pihole/pihole

WARNING Misconfigured DNS in /etc/resolv.conf: Primary DNS should be 127.0.0.1 (found 194.204.159.1)

nameserver 194.204.159.1

nameserver 185.89.185.1

  [i] Existing PHP installation detected : PHP version 7.0.33-0+deb9u5

  [i] Installing configs from /etc/.pihole...

  [i] Existing dnsmasq.conf found... it is not a Pi-hole file, leaving alone!

  [✓] Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf

chown: cannot access '/etc/pihole/dhcp.leases': No such file or directory

::: Pre existing WEBPASSWORD found

Using default DNS servers: 8.8.8.8 & 8.8.4.4

DNSMasq binding to default interface: eth0

Added ENV to php:

         "PHP_ERROR_LOG" => "/var/log/lighttpd/error.log",

         "ServerIP" => "192.168.0.1",

         "VIRTUAL_HOST" => "192.168.0.1",

Using IPv4 and IPv6

::: Preexisting ad list /etc/pihole/adlists.list detected ((exiting setup_blocklists early))

https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts

https://mirror1.malwaredomains.com/files/justdomains

http://sysctl.org/cameleon/hosts

https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt

https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt

https://hosts-file.net/ad_servers.txt

::: Testing pihole-FTL DNS: FTL started!

::: Testing lighttpd config: Syntax OK

::: All config checks passed, cleared for startup ...

 ::: Docker start setup complete

  [i] Pi-hole blocking is enabled

  [i] Neutrino emissions detected...

  [✓] Pulling blocklist source list into range

  [i] Target: raw.githubusercontent.com (hosts)

  [✓] Status: Retrieval successful

  [i] Target: mirror1.malwaredomains.com (justdomains)

  [✓] Status: No changes detected

  [i] Target: sysctl.org (hosts)

  [✓] Status: No changes detected

  [i] Target: s3.amazonaws.com (simple_tracking.txt)

  [✓] Status: No changes detected

  [i] Target: s3.amazonaws.com (simple_ad.txt)

  [✓] Status: No changes detected

  [i] Target: hosts-file.net (ad_servers.txt)

  [✓] Status: No changes detected

  [✓] Consolidating blocklists

  [✓] Extracting domains from blocklists

  [i] Number of domains being pulled in by gravity: 138911

  [✓] Removing duplicate domains

  [i] Number of unique domains trapped in the Event Horizon: 116701

  [i] Nothing to whitelist!

  [i] Number of regex filters: 0

  [✓] Parsing domains into hosts format

  [✓] Cleaning up stray matter

  [✓] DNS service is running

  [✓] Pi-hole blocking is Enabled

[cont-init.d] 20-start.sh: exited 0.

[cont-init.d] done.

[services.d] starting services

Starting lighttpd

Starting crond

Starting pihole-FTL (no-daemon) as root

Cannot make/remove an entry for the specified session

[services.d] done.

Cannot make/remove an entry for the specified session

Cannot make/remove an entry for the specified session

Cannot make/remove an entry for the specified session

```

Web UI works at http://192.168.0.1:8180/admin/. Dnsmasq does not work, so the dns server does not work.

When I execute the script from https://github.com/pi-hole/docker-pi-hole/blob/master/docker_run.sh I get the error:

```
# sh docker_run.sh

docker: invalid publish opts format (should be name=value but got '53:53/tcp').

See 'docker run --help'.

Starting up pihole container Error: No such object: pihole

.Error: No such object: pihole

.Error: No such object: pihole

.Error: No such object: pihole

.Error: No such object: pihole

.Error: No such object: pihole

```

Last edited by mustang01 on Tue Nov 12, 2019 6:54 pm; edited 1 time in total

----------

## axl

isn't the entire project just a blacklist of hosts.conf? i never actually took a look at this, but I will. tomorrow. too much request.

----------

## ali3nx

pi hole's dnsmasq service cannot start if there's a dns service or listener active on the host system. Just learning docker this appears to be one of the flaws of using docker but i'm still learning.

I used  *Quote:*   

> netstat -l -n -p

 

to view the services bound to any active network ports which revealed systemd-resolv was responsible in my case. You must run netstat with root privileges to see the service names.

the pi-hole docker documentation mentions something regarding this. When i attempted to start pi-hole on my server that runs systemd and used systemd-resolv active pi-hole docker container fails to initialize due to a dns port bind allocation failure because systemd-resolv is listening already on port 53.  

```
Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name

tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      3683/systemd-resolv

```

```
docker-compose up

Starting pihole ... error

ERROR: for pihole  Cannot start service pihole: driver failed programming external connectivity on endpoint pihole (cb8fcd65a6e56312074e55f3b1e84603a2e3ab5cb3f197c578018b29b721010f): Error starting userland proxy: listen tcp 0.0.0.0:53: bind: address already in use

ERROR: for pihole  Cannot start service pihole: driver failed programming external connectivity on endpoint pihole (cb8fcd65a6e56312074e55f3b1e84603a2e3ab5cb3f197c578018b29b721010f): Error starting userland proxy: listen tcp 0.0.0.0:53: bind: address already in use

ERROR: Encountered errors while bringing up the project.
```

This also stood out among the console text. 

```
::: Starting docker specific checks & setup for docker pihole/pihole

WARNING Misconfigured DNS in /etc/resolv.conf: Primary DNS should be 127.0.0.1 (found 194.204.159.1)
```

Here's the docker-compose.yml template i was using.

```
$ cat docker-compose.yml

version: "3"

# More info at https://github.com/pi-hole/docker-pi-hole/ and https://docs.pi-hole.net/

services:

  pihole:

    container_name: pihole

    image: pihole/pihole:latest

    ports:

      - "53:53/tcp"

      - "53:53/udp"

      - "67:67/udp"

      - "8080:80/tcp"

      - "4443:443/tcp"

    environment:

      TZ: 'America/Winnipeg'

      WEBPASSWORD: '123456789'

    # Volumes store your data between container upgrades

    volumes:

       - './etc-pihole/:/etc/pihole/'

       - './etc-dnsmasq.d/:/etc/dnsmasq.d/'

    dns:

      - 127.0.0.1

      - 1.1.1.1

#    IPv6:

#      - True

    # Recommended but not required (DHCP needs NET_ADMIN)

    #   https://github.com/pi-hole/docker-pi-hole#note-on-capabilities

    cap_add:

      - NET_ADMIN

    restart: unless-stopped
```

The primary dns server must be localhost. This script can be executed using 

```
docker-compose up
```

 with the script file residing in the same directory. The correct docker compose syntax for enabling IPv6 to test i've not figured out quite yet.

----------

## ali3nx

I did find this guide that could be useful reference perspective.

https://www.smarthomebeginner.com/run-pihole-in-docker-on-ubuntu-with-reverse-proxy/#Step_2b_PiHole_on_Docker_without_Reverse_Proxy

----------

## mustang01

```
 $docker-compose up

Creating pihole ... done

Attaching to pihole

pihole    | [s6-init] making user provided files available at /var/run/s6/etc...exited 0.

pihole    | [s6-init] ensuring user provided files have correct perms...exited 0.

pihole    | [fix-attrs.d] applying ownership & permissions fixes...

pihole    | [fix-attrs.d] 01-resolver-resolv: applying...

pihole    | [fix-attrs.d] 01-resolver-resolv: exited 0.

pihole    | [fix-attrs.d] done.

pihole    | [cont-init.d] executing container initialization scripts...

pihole    | [cont-init.d] 20-start.sh: executing...

pihole    |  ::: Starting docker specific checks & setup for docker pihole/pihole

pihole    | WARNING Misconfigured DNS in /etc/resolv.conf: Two DNS servers are recommended, 127.0.0.1 and any backup server

pihole    | WARNING Misconfigured DNS in /etc/resolv.conf: Primary DNS should be 127.0.0.1 (found 127.0.0.11)

pihole    |

pihole    | nameserver 127.0.0.11

pihole    | options ndots:0

pihole    | Assigning random password: J9PJ6EZC

pihole    |   [i] Existing PHP installation detected : PHP version 7.0.33-0+deb9u5

pihole    |

pihole    |   [i] Installing configs from /etc/.pihole...

pihole    |   [i] Existing dnsmasq.conf found... it is not a Pi-hole file, leaving alone!

  [✓] Copying 01-pihole.conf to /etc/dnsmasq.d/01-pihole.conf

pihole    | ::: Pre existing WEBPASSWORD found

pihole    | Using default DNS servers: 8.8.8.8 & 8.8.4.4

pihole    | DNSMasq binding to default interface: eth0

pihole    | Added ENV to php:

pihole    |                     "PHP_ERROR_LOG" => "/var/log/lighttpd/error.log",

pihole    |                     "ServerIP" => "0.0.0.0",

pihole    |                     "VIRTUAL_HOST" => "0.0.0.0",

pihole    | Using IPv4 and IPv6

pihole    | ::: Preexisting ad list /etc/pihole/adlists.list detected ((exiting setup_blocklists early))

pihole    | https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts

pihole    | https://mirror1.malwaredomains.com/files/justdomains

pihole    | http://sysctl.org/cameleon/hosts

pihole    | https://s3.amazonaws.com/lists.disconnect.me/simple_tracking.txt

pihole    | https://s3.amazonaws.com/lists.disconnect.me/simple_ad.txt

pihole    | https://hosts-file.net/ad_servers.txt

pihole    | https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/hostfile.txt

pihole    | https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/easylist_host.txt

pihole    | https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/easy_privacy_host.txt

pihole    | https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/gambling-hosts.txt

pihole    | https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/hosts.txt

pihole    | https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/adguard_host.txt

pihole    | https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/Ad_filter_list_by_Disconnect.txt

pihole    | https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/Peter_Lowe_ADS.txt

pihole    | https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/adguard_crypto_host.txt

pihole    | https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/adguard_mobile_host.txt

pihole    | https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/ads-and-tracking-extended.txt

pihole    | https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/ads-and-tracking.txt

pihole    | https://raw.githubusercontent.com/MajkiIT/polish-ads-filter/master/polish-pihole-filters/adservers.txt

pihole    | https://www.tranzystor.pl/pliki/phishing.txt

pihole    | https://www.tranzystor.pl/pliki/malware.txt

pihole    | https://www.tranzystor.pl/pliki/black_list_porno.txt

pihole    | https://zeustracker.abuse.ch/blocklist.php?download=domainblocklist

pihole    | https://gitlab.com/ookangzheng/dbl-oisd-nl/raw/master/dbl.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/adaway.org/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/adblock-nocoin-list/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/adguard-simplified/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/anudeepnd-adservers/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/disconnect.me-ad/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/disconnect.me-malvertising/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/disconnect.me-malware/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/disconnect.me-tracking/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/easylist/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/easyprivacy/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/eth-phishing-detect/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/fademind-add.2o7net/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/fademind-add.dead/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/fademind-add.risk/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/fademind-add.spam/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/kadhosts/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/malwaredomainlist.com/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/malwaredomains.com-immortaldomains/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/malwaredomains.com-justdomains/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/matomo.org-spammers/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/mitchellkrogza-badd-boyz-hosts/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/pgl.yoyo.org/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/ransomwaretracker.abuse.ch/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/someonewhocares.org/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/spam404.com/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/stevenblack/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/winhelp2002.mvps.org/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/zerodot1-coinblockerlists-browser/list.txt

pihole    | https://raw.githubusercontent.com/hectorm/hmirror/master/data/zeustracker.abuse.ch/list.txt

pihole    | https://raw.githubusercontent.com/CHEF-KOCH/Audio-fingerprint-pages/master/AudioFp.txt

pihole    | https://raw.githubusercontent.com/CHEF-KOCH/Canvas-fingerprinting-pages/master/Canvas.txt

pihole    | https://raw.githubusercontent.com/CHEF-KOCH/WebRTC-tracking/master/WebRTC.txt

pihole    | https://raw.githubusercontent.com/CHEF-KOCH/CKs-FilterList/master/Anti-Corp/hosts/NSABlocklist.txt

pihole    | https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-blocklist.txt

pihole    | https://gitlab.com/quidsup/notrack-blocklists/raw/master/notrack-malware.txt

pihole    | https://www.stopforumspam.com/downloads/toxic_domains_whole.txt

pihole    | ::: Testing pihole-FTL DNS: FTL started!

pihole    | ::: Testing lighttpd config: Syntax OK

pihole    | ::: All config checks passed, cleared for startup ...

pihole    |  ::: Docker start setup complete

pihole    |   [i] Pi-hole blocking is enabled

pihole    |   [✗] DNS resolution is currently unavailable

  [✓] DNS resolution is now available

pihole    |

pihole    |   [i] Neutrino emissions detected...

  [✓] Pulling blocklist source list into range

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (hosts)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: mirror1.malwaredomains.com (justdomains)

  [✓] Status: No changes detected

pihole    |

pihole    |   [i] Target: sysctl.org (hosts)

  [✓] Status: No changes detected

pihole    |

pihole    |   [i] Target: s3.amazonaws.com (simple_tracking.txt)

  [✓] Status: No changes detected

pihole    |

pihole    |   [i] Target: s3.amazonaws.com (simple_ad.txt)

  [✓] Status: No changes detected

pihole    |

pihole    |   [i] Target: hosts-file.net (ad_servers.txt)

  [✓] Status: No changes detected

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (hostfile.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (easylist_host.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (easy_privacy_host.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (gambling-hosts.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (hosts.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (adguard_host.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (Ad_filter_list_by_Disconnect.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (Peter_Lowe_ADS.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (adguard_crypto_host.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (adguard_mobile_host.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (ads-and-tracking-extended.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (ads-and-tracking.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (adservers.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: www.tranzystor.pl (phishing.txt)

  [✓] Status: No changes detected

pihole    |

pihole    |   [i] Target: www.tranzystor.pl (malware.txt)

  [✓] Status: No changes detected

pihole    |

pihole    |   [i] Target: www.tranzystor.pl (black_list_porno.txt)

  [✓] Status: No changes detected

pihole    |

pihole    |   [i] Target: zeustracker.abuse.ch (blocklist.php?download=domainblocklist)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: gitlab.com (dbl.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (list.txt)

  [✓] Status: Retrieval successful

pihole    |   [i] Received empty file: using previously cached list

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (AudioFp.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (Canvas.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (WebRTC.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: raw.githubusercontent.com (NSABlocklist.txt)

  [✗] Status: Not found

pihole    |   [✗] List download failed: using previously cached list

pihole    |

pihole    |   [i] Target: gitlab.com (notrack-blocklist.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: gitlab.com (notrack-malware.txt)

  [✓] Status: Retrieval successful

pihole    |

pihole    |   [i] Target: www.stopforumspam.com (toxic_domains_whole.txt)

  [✓] Status: No changes detected

pihole    |

  [✓] Consolidating blocklists

  [✓] Extracting domains from blocklists

pihole    |   [i] Number of domains being pulled in by gravity: 2494363

  [✓] Removing duplicate domains

pihole    |   [i] Number of unique domains trapped in the Event Horizon: 1488019

  [i] Number of whitelisted domains: 67

pihole    |   [i] Number of blacklisted domains: 7

pihole    |   [i] Number of regex filters: 3

  [✓] Parsing domains into hosts format

  [✓] Cleaning up stray matter

pihole    |

pihole    |   [✓] DNS service is running

pihole    |   [✓] Pi-hole blocking is Enabled

pihole    | [cont-init.d] 20-start.sh: exited 0.

pihole    | [cont-init.d] done.

pihole    | [services.d] starting services

pihole    | Starting crond

pihole    | Starting pihole-FTL (no-daemon) as root

pihole    | Starting lighttpd

pihole    |

pihole    | Cannot make/remove an entry for the specified session

pihole    |

pihole    | Cannot make/remove an entry for the specified session

pihole    | [services.d] done.

```

```
 $ cat docker-compose.yml

version: "3"

# https://github.com/pi-hole/docker-pi-hole/blob/master/README.md

services:

  pihole:

    container_name: pihole

    image: pihole/pihole:latest

    # For DHCP it is recommended to remove these ports and instead add: network_mode: "host"

#    network_mode: "host"

    ports:

      - "53:53/tcp"

      - "53:53/udp"

      - "67:67/udp"

      - "980:80/tcp"

      - "9443:443/tcp"

    environment:

      TZ: 'Europe/Warsaw'

      # WEBPASSWORD: 'set a secure password here or it will be random'

    # Volumes store your data between container upgrades

    volumes:

       - './etc-pihole/:/etc/pihole/'

       - './etc-dnsmasq.d/:/etc/dnsmasq.d/'

    # run `touch ./var-log/pihole.log` first unless you like errors

    # - './var-log/pihole.log:/var/log/pihole.log'

    dns:

      - 127.0.0.1

      - 1.1.1.1

    # Recommended but not required (DHCP needs NET_ADMIN)

    #   https://github.com/pi-hole/docker-pi-hole#note-on-capabilities

    cap_add:

      - NET_ADMIN

    restart: unless-stopped

```

Now the DNS server is running. Pihole turns on very slowly, downloads a list of blocked hosts every time it starts. The DHCP server is down.

Do you need to use a dhcp server outside the docker? So far this built-in DHCP in Pihole does not work.

----------

## mustang01

How to properly launch the docker and pihole container in autostart after restarting the system?

I tried the script https://github.com/0x17de/dockerservice-openrc and the docker start -a pihole command after rebooting from the file https://github.com/pi-hole/docker-pi-hole/blob/master/pihole.service but it didn't work.

Only the manual "docker-compose up" in "docker-compose down" command works.

It crashed. I turned off the docker and I'm using pihole on rpi4. I have reduced the list of blocked hosts.

----------

## axl

Yeah. It's basically like 5-6 lists of blocked domains and a nice gui. it uses dnsmasq and lighttpd for these tasks. Shouldn't be too hard to port to gentoo. I ended up using a debian VM for it and i'm pretty happy with it. 

Especially for mobile devices. Those pesky annoying ads that you see in both apple and android devices are just gone. Meanwhile it uses next to zero resources to block around 10-20% of all stuff which turns out to be ads.

----------

## axl

adblock plus, I took a look at it; it's also a list. but not domains, but urls. and not only urls, even div ids and other stuff. pretty smart actually. short but powerful lists. in some sense, adblock plus operates as a text parser/filter. it sees some links/strings and basically neutralize them. turns them to nothing. that is, before the browser renders the page. same thing can or could theoretically be done with a web proxy. squid has a thing very similar. I don't know if you could use the same lists.

pihole on the other hand, operates as a dns server. it is a dns server. it doesn't host anything, no domains, but answers dns queries. also has lists, of domains where only ads are hosted. a query comes, if it's ads on the list, send to 127.0.0.1, if not, forward query to the real dns. that's all it does. doesn't sniff traffic, doesn't look at traffic. or content. if someone is bad, then pihole will say he is 127.0.0.1. if not... forward.

----------

## meitnerium

I know this post is 2 year old, but now an ebuild is available in the tatsh-overlay. However, I was not able to make it run using this overlay. I'm able to make it run using docker, but I'm a newbie using docker, and I have to configure it each time I start it. Does other gentooer are interrested by using pihole on gentoo? Maybe we can share our tips and config.

----------

