What's new

Pihole vs. Absolution

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

The HOWTO is posted on Reddit.

See if we could get more pixelserv-tls users or get flamed. LOL
pixelserv-tls appears to be blocking access to Reddit?? :eek: I white listed in Diversion and Skynet. When I disable pixelserv-tls, I can access the site.

upload_2018-9-2_15-13-57.png
 
Last edited:
pixelserv-tls appears to be blocking access to Reddit?? :eek: I white listed in Diversion and Skynet. When I disable pixelserv-tls, I can access the site.

View attachment 14289

No issue on my end.

The error shown above looks interesting though. Do you have a list of blocked domains that result in the above error?

If u enable log=4 and visit reddit, then you’ll get the domains in pixelserv-tls log per your visit.
 
With Microsoft owning Github these days...

Gogs looks pretty good

Why? This ain't your Bill Gates/Steve Balmer Microsoft anymore... Microsoft even develops Android apps these days (and I'm not just talking about Office).
 
Why? This ain't your Bill Gates/Steve Balmer Microsoft anymore... Microsoft even develops Android apps these days (and I'm not just talking about Office).

there's a lot of different levels of discussion on Microsoft and the GitHub purchase (or the LinkedIn purchase as well) - there are people that have legit concerns about Microsoft these days.

"we come in peace, we seek only to coexist"

Much like the era of European Expansion into the Americas - things didn't go very well for the natives/First Nations did it?
 
First time I've seen it and it does look good. I prefer the self hosting bit.

I do find Gogs a bit interesting at the moment - it's a git, issue tracker, and wiki - they've done a good job and at the moment, one can get everything... it's odd though that they don't self host their repo - source is on github...

Gitlab - they've pivoted a bit, but a few months back (ok, more than a year ago), I did a private hosted version there for a science project, and it was fine...

With Github - it's good, but concerns about Microsoft - and projects there are hosted in the github cloud - one can do private projects, and it's a good platform.
 
No issue on my end.

The error shown above looks interesting though. Do you have a list of blocked domains that result in the above error?

If u enable log=4 and visit reddit, then you’ll get the domains in pixelserv-tls log per your visit.
I logged in this morning and was able to duplicate the error. I first disabled pixelserv-tls. This time, the site failed on not being able up the domain rather than the cert error. I turned off pixelserv-tls, reprocessed the white list, and restarted pixelserv-tls and stopped/started bounced Diversion. I can access the site now!
 
I logged in this morning and was able to duplicate the error. I first disabled pixelserv-tls. This time, the site failed on not being able up the domain rather than the cert error. I turned off pixelserv-tls, reprocessed the white list, and restarted pixelserv-tls and stopped/started bounced Diversion. I can access the site now!

The explanation of such seemingly weird phenomenon is same as in this post:
To the original post, I'm little suprised that newcomers had not asked a follow up question. Long time pixelserv-tls perhaps could recall that pixelserv-tls actually increase the chance of ppl winning this game of Russian roulette!

In general, I won't recommend people to use a large blocklist. It's simply asking for trouble with zero additional benefit. A few years ago I saw someone posted a mother of all blacklist that includes over one million entries. It's going to do much bad than good. LOL

On your issue, seems a few extra domains are still blocked that you could get away without pixelserv-tls but not once it's enabled. So when you have time, I want to hear what's the blocked domains in pixelserv-tls log. From there you could whitelist them but for me I want to understand how it caused the first error which looks interesting to me.
 
The explanation of such seemingly weird phenomenon is same as in this post:
To the original post, I'm little suprised that newcomers had not asked a follow up question. Long time pixelserv-tls perhaps could recall that pixelserv-tls actually increase the chance of ppl winning this game of Russian roulette!

In general, I won't recommend people to use a large blocklist. It's simply asking for trouble with zero additional benefit. A few years ago I saw someone posted a mother of all blacklist that includes over one million entries. It's going to do much bad than good. LOL

On your issue, seems a few extra domains are still blocked that you could get away without pixelserv-tls but not once it's enabled. So when you have time, I want to hear what's the blocked domains in pixelserv-tls log. From there you could whitelist them but for me I want to understand how it caused the first error which looks interesting to me.
Okay, I got it to fail again in all of the browsers. I probably got a false postive due to the page being cached in the browser while Diversion was disabled. Not getting the cert error though. Just a message that it can't connect to reddit.com. I turned on the -u 4 switch and restarted pixelserv-tls. I can't locate the pixelserv log file in /opt/var/log. My http://mypixelservip/servstats.txt or /servstats page no longer loads. Eeek.

Diversion appears to be blocking reddit even though it's in the white list. Eeek!
Code:
Sep  3 12:53:19 dnsmasq[32317]: query[A] www.reddit.com from 192.168.22.152
Sep  3 12:53:19 dnsmasq[32317]: blocked by blockinglist www.reddit.com is 192.168.22.2
Perhaps I need to take this over to the Diversion support thread.
 
It's very likely that you've included some "social website" blocklists...

pixelserv-tls outputs logging to syslog. On most users routers, it could be found in /tmp/syslog.txt
 
It's very likely that you've included some "social website" blocklists...

pixelserv-tls outputs logging to syslog. On most users routers, it could be found in /tmp/syslog.txt
I looked in syslog searching for pixelserv and only saw the log messages when I bounced it. I have another issue with the script used to generate the cert for the Web GUI. I'll post in the pixelserv-tls thread.
 
I looked in syslog searching for pixelserv and only saw the log messages when I bounced it. I have another issue with the script used to generate the cert for the Web GUI. I'll post in the pixelserv-tls thread.

Regarding syslog issue, it seems like a common problem on newer firmware. There is perhaps a delay in firmware's syslog. @bengalih also experience it on his router:
I'll recommend you to use syslog-ng from Entware instead. It's way better and more powerful. Before that perhaps you would be able to troubleshoot the issue and help the firmware maintainers a bit :)
 
With the release of pi-hole v4, it is using null blocking (you have the option of the old method or NXDOMAIN, but null is the default). There doesn't appear to be any problem with HTTPS, any need for extra iptables rules, and the blockpage is no longer used.
 
Last edited:
Regarding syslog issue, it seems like a common problem on newer firmware. There is perhaps a delay in firmware's syslog. @bengalih also experience it on his router:
I'll recommend you to use syslog-ng from Entware instead. It's way better and more powerful. Before that perhaps you would be able to troubleshoot the issue and help the firmware maintainers a bit :)
This is working very well so far. It helped me to debug my current pixelserv-tls issues after migrating to Diversion. I like how I can have a separate syslog file for pixelserv-tls. No more need to do a search on the browser to mine pixelserv-tls messages in the syslog or run a script to grep pixelserv-tls messages. Thank your for recommending!
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top