Pihole vs. Absolution
- Thread starter Swistheater
- Start date
sfx2000
Part of the Furniture
thelonelycoder
Part of the Furniture
First time I've seen it and it does look good. I prefer the self hosting bit.Gogs looks pretty good
Xentrk
Part of the Furniture
pixelserv-tls appears to be blocking access to Reddit??
I white listed in Diversion and Skynet. When I disable pixelserv-tls, I can access the site.
Last edited:
pixelserv-tls appears to be blocking access to Reddit??
View attachment 14289
No issue on my end.
The error shown above looks interesting though. Do you have a list of blocked domains that result in the above error?
If u enable log=4 and visit reddit, then you’ll get the domains in pixelserv-tls log per your visit.
Why? This ain't your Bill Gates/Steve Balmer Microsoft anymore... Microsoft even develops Android apps these days (and I'm not just talking about Office).
sfx2000
Part of the Furniture
there's a lot of different levels of discussion on Microsoft and the GitHub purchase (or the LinkedIn purchase as well) - there are people that have legit concerns about Microsoft these days.
"we come in peace, we seek only to coexist"
Much like the era of European Expansion into the Americas - things didn't go very well for the natives/First Nations did it?
sfx2000
Part of the Furniture
I do find Gogs a bit interesting at the moment - it's a git, issue tracker, and wiki - they've done a good job and at the moment, one can get everything... it's odd though that they don't self host their repo - source is on github...
Gitlab - they've pivoted a bit, but a few months back (ok, more than a year ago), I did a private hosted version there for a science project, and it was fine...
With Github - it's good, but concerns about Microsoft - and projects there are hosted in the github cloud - one can do private projects, and it's a good platform.
Xentrk
Part of the Furniture
I logged in this morning and was able to duplicate the error. I first disabled pixelserv-tls. This time, the site failed on not being able up the domain rather than the cert error. I turned off pixelserv-tls, reprocessed the white list, and restarted pixelserv-tls and stopped/started bounced Diversion. I can access the site now!
The explanation of such seemingly weird phenomenon is same as in this post:
To the original post, I'm little suprised that newcomers had not asked a follow up question. Long time pixelserv-tls perhaps could recall that pixelserv-tls actually increase the chance of ppl winning this game of Russian roulette!
In general, I won't recommend people to use a large blocklist. It's simply asking for trouble with zero additional benefit. A few years ago I saw someone posted a mother of all blacklist that includes over one million entries. It's going to do much bad than good. LOL
On your issue, seems a few extra domains are still blocked that you could get away without pixelserv-tls but not once it's enabled. So when you have time, I want to hear what's the blocked domains in pixelserv-tls log. From there you could whitelist them but for me I want to understand how it caused the first error which looks interesting to me.
Xentrk
Part of the Furniture
Okay, I got it to fail again in all of the browsers. I probably got a false postive due to the page being cached in the browser while Diversion was disabled. Not getting the cert error though. Just a message that it can't connect to reddit.com. I turned on the -u 4 switch and restarted pixelserv-tls. I can't locate the pixelserv log file in /opt/var/log. My http://mypixelservip/servstats.txt or /servstats page no longer loads. Eeek.
Diversion appears to be blocking reddit even though it's in the white list. Eeek!
Code:
Sep 3 12:53:19 dnsmasq[32317]: query[A] www.reddit.com from 192.168.22.152
Sep 3 12:53:19 dnsmasq[32317]: blocked by blockinglist www.reddit.com is 192.168.22.2Xentrk
Part of the Furniture
I looked in syslog searching for pixelserv and only saw the log messages when I bounced it. I have another issue with the script used to generate the cert for the Web GUI. I'll post in the pixelserv-tls thread.
Regarding syslog issue, it seems like a common problem on newer firmware. There is perhaps a delay in firmware's syslog. @bengalih also experience it on his router:
I'll recommend you to use syslog-ng from Entware instead. It's way better and more powerful. Before that perhaps you would be able to troubleshoot the issue and help the firmware maintainers a bit
With the release of pi-hole v4, it is using null blocking (you have the option of the old method or NXDOMAIN, but null is the default). There doesn't appear to be any problem with HTTPS, any need for extra iptables rules, and the blockpage is no longer used.
Last edited:
Xentrk
Part of the Furniture
This is working very well so far. It helped me to debug my current pixelserv-tls issues after migrating to Diversion. I like how I can have a separate syslog file for pixelserv-tls. No more need to do a search on the browser to mine pixelserv-tls messages in the syslog or run a script to grep pixelserv-tls messages. Thank your for recommending!Regarding syslog issue, it seems like a common problem on newer firmware. There is perhaps a delay in firmware's syslog. @bengalih also experience it on his router:
I'll recommend you to use syslog-ng from Entware instead. It's way better and more powerful. Before that perhaps you would be able to troubleshoot the issue and help the firmware maintainers a bit
Similar threads
Similar threads
Similar threads
-
DNS - passing on source IP address to pihole in the cloud
- Started by R3dbvll
- Replies: 7
-
DNS Leak due to Wireguard DNS and PiHole Upstream DNS
- Started by mehravishay
- Replies: 8
-
Running dnsmasq with a huge config file like pihole - possible/sensible?
- Started by chrisisbd
- Replies: 10
-
Latest threads
-
USB Wifi 7 adapter - USB-BE92 Nano- Started by RMerlin
- Replies: 1
-
-
-
-
Support SNBForums w/ Amazon
If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!
Sign Up For SNBForums Daily Digest
Get an update of what's new every day delivered to your mailbox. Sign up here!