Remove pi hole

[Col8eral]

I dont have that file in the scripts folder. My pihole was a Rpi installation, not on the router. All I have in there is wan-event, init-start, wan0-connected, wan1-connected, vpup, vpndown.

 

[ColinTaylor]

I dont have that file in the scripts folder. My pihole was a Rpi installation, not on the router. All I have in there is wan-event, init-start, wan0-connected, wan1-connected, vpup, vpndown.

I see. In which case I suggest you follow Dave's other suggestion which is to remove the router's LAN DNS settings and reboot your client (which recreates the problem). Then look to see what DNS server IP addresses are being picked up by the client. e.g. what's the output of the Windows ipconfig /all command?

It might also be useful if you could post the contents of those scripts.

 

[Col8eral]

Thanks Colin. I'll have a go at that when I get home tonight from Work. Everything gets impacted, Android Phones, Smart TVs etc. I have a tower Windows Machine that I can run the ipconfig from. Can I do that from an Android device? Ive never tried that before.

 

[ColinTaylor]

Thanks Colin. I'll have a go at that when I get home tonight from Work. Everything gets impacted, Android Phones, Smart TVs etc. I have a tower Windows Machine that I can run the ipconfig from. Can I do that from an Android device? Ive never tried that before.

No, that's a Windows command. I don't know how you'd get the same information from an Android command line. You could probably use the free Network Analyzer app from the Play Store to give you that information.

 

[Col8eral]

OK, so i removed dns from lan dchp and used defult dns on wan. here the Ipconfig/all for one of the windows machine that stopped being able to access the internet:

Ethernet adapter Ethernet:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) Ethernet Connection I217-LM
Physical Address. . . . . . . . . : 98-90-96-B2-0F-53
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::ae6f:3c4d:3d4c:f23e%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.90(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 31 March 2025 21:55:43
Lease Expires . . . . . . . . . . : 01 April 2025 21:55:43
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 211325078
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-25-7D-07-B8-98-90-96-B2-0F-53
DNS Servers . . . . . . . . . . . : 192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

When I include the DNS in LAN DCHP and the same machine can access the internet, this is the resultant ipconfig/all:

Ethernet adapter Ethernet:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) Ethernet Connection I217-LM
Physical Address. . . . . . . . . : 98-90-96-B2-0F-53
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::ae6f:3c4d:3d4c:f23e%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.90(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : 31 March 2025 21:55:43
Lease Expires . . . . . . . . . . : 01 April 2025 22:11:24
Default Gateway . . . . . . . . . : 192.168.1.1
DHCP Server . . . . . . . . . . . : 192.168.1.1
DHCPv6 IAID . . . . . . . . . . . : 211325078
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-25-7D-07-B8-98-90-96-B2-0F-53
DNS Servers . . . . . . . . . . . : 1.1.1.1
1.0.0.1
192.168.1.1
NetBIOS over Tcpip. . . . . . . . : Enabled

 

[ColinTaylor]

Thanks. That suggests that the router's DNS server is not working. Which is strange because DHCP apparently is.

Can you SSH into the router and post the output of these commands:

cat /jffs/configs/dnsmasq.conf.add
netstat -nlp | grep dns
grep "dnsmasq\[" /tmp/syslog.log*

 

[Col8eral]

Got this on the first one:
can't open '/jffs/configs/dnsmasq.conf.add': No such file or directory
The config directory is there but no files within it

I have reset the router to lan dchp DNS entry. Is that OK for this ssh commands?

got this for the second one:
admin@RT-AX88U-37E8:/tmp/home/root# netstat -nlp | grep dns
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 2287/dnsmasq
tcp 0 0 192.168.1.1:53 0.0.0.0:* LISTEN 2287/dnsmasq
tcp 0 0 10.16.0.1:53 0.0.0.0:* LISTEN 2287/dnsmasq
udp 0 0 127.0.0.1:53 0.0.0.0:* 2287/dnsmasq
udp 0 0 192.168.1.1:53 0.0.0.0:* 2287/dnsmasq
udp 0 0 10.16.0.1:53 0.0.0.0:* 2287/dnsmasq
udp 0 0 0.0.0.0:67 0.0.0.0:* 2287/dnsmasq


Nothing echod to screen on the third one.

 

[ColinTaylor]

I have reset the router to lan dchp DNS entry. Is that OK for this ssh commands?

That's fine.

Everything looks correct although I'm not sure why you didn't get any output from the last command. Might just be the loglevel setting. Are you running any addon scripts, like Scribe for example?

You could try this instead:

grep "dnsmasq\[" /jffs/syslog.log*

I think we'll have to look at the output of these commands:

cat /etc/dnsmasq.conf
cat /tmp/resolv.dnsmasq

 

[bennor]

Just a thought. As much time as one is spending on checking things and running commands, it might be easier not to mention faster to just perform a hard factory reset and reconfigure and see if the affected devices that cannot access the internet can access the internet.

 

[Col8eral]

nothing from this: grep "dnsmasq\[" /jffs/syslog.log*
Next one:
admin@RT-AX88U-37E8:/jffs/configs# cat /etc/dnsmasq.conf
pid-file=/var/run/dnsmasq.pid
user=nobody
bind-dynamic
interface=br0
interface=pptp*
no-dhcp-interface=pptp*
no-resolv
servers-file=/tmp/resolv.dnsmasq
no-poll
no-negcache
cache-size=1500
min-port=4096
dns-forward-max=1500
bogus-priv
domain-needed
dhcp-range=lan,192.168.1.2,192.168.1.254,255.255.255.0,86400s
dhcp-option=lan,3,192.168.1.1
dhcp-option=lan,6,1.1.1.1,1.0.0.1,0.0.0.0
dhcp-option=lan,252,"\n"
dhcp-authoritative
interface=tun22
interface=br1
dhcp-range=br1,192.168.101.2,192.168.101.254,255.255.255.0,86400s
dhcp-option=br1,3,192.168.101.1
interface=br2
dhcp-range=br2,192.168.102.2,192.168.102.254,255.255.255.0,86400s
dhcp-option=br2,3,192.168.102.1
dhcp-host=BC:32:5F:35:29:36,set:BC:32:5F:35:29:36,192.168.1.91
dhcp-host=30:CD:A7:EB:EC:A7,set:30:CD:A7:EB:EC:A7,192.168.1.167
dhcp-host=00:0B:82:8E:2A:84,set:00:0B:82:8E:2A:84,192.168.1.50
dhcp-host=D0:17:C2:C6:E2:68,set0:17:C2:C6:E2:68,192.168.1.2
dhcp-host=38:37:8B:C8:5F:5A,set:38:37:8B:C8:5F:5A,192.168.1.63
dhcp-host=38:2D:E8:AB:ED:A1,set:38:2D:E8:AB:ED:A1,192.168.1.82
dhcp-host=58:FD:B1:21:0C:15,set:58:FD:B1:21:0C:15,192.168.1.118
dhcp-host=34:2E:B6:E21:A0,set:34:2E:B6:E21:A0,192.168.1.37
dhcp-host=B4:E6:2A:AC:3C:C6,set:B4:E6:2A:AC:3C:C6,192.168.1.139
dhcp-host=00:71:478:17:E8,set:00:71:478:17:E8,192.168.1.125
dhcp-host=98:90:96:B2:0F:53,set:98:90:96:B2:0F:53,192.168.1.90
dhcp-host=6A:5E:B7:94:A3:1B,set:6A:5E:B7:94:A3:1B,192.168.1.8
dhcp-host=DC:A6:32:E5:29:2C,setC:A6:32:E5:29:2C,192.168.1.40
dhcp-host=24:A1:60:1B:25:6A,set:24:A1:60:1B:25:6A,192.168.1.211
dhcp-host=24:A1:60:1A9:9E,set:24:A1:60:1A9:9E,192.168.1.210
dhcp-host=40:F5:20:FB:46:0C,set:40:F5:20:FB:46:0C,192.168.1.150
dhcp-host=C4D:57:0F:A4:AD,set:C4D:57:0F:A4:AD,192.168.1.151
dhcp-host=24:A1:60:1B:7A:C2,set:24:A1:60:1B:7A:C2,192.168.1.152
dhcp-host=40:F5:20:FE:1B:A6,set:40:F5:20:FE:1B:A6,192.168.1.120
dhcp-host=BC:32:5F:4B:0A:45,set:BC:32:5F:4B:0A:45,192.168.1.92
dhcp-host=84:FD1:E7:5C:FC,set:84:FD1:E7:5C:FC,192.168.1.12
dhcp-host=C0:EE:FB75:14,set:C0:EE:FB75:14,192.168.1.62
dhcp-host=F4:CF:A2:20:C4:88,set:F4:CF:A2:20:C4:88,192.168.1.153
dhcp-host=C8:2B:96:E6:09:71,set:C8:2B:96:E6:09:71,192.168.1.70
dhcp-host=C8:2B:96:E6:09:3A,set:C8:2B:96:E6:09:3A,192.168.1.15
dhcp-host=74:9D:798:7E:A4,set:74:9D:798:7E:A4,192.168.1.111
dhcp-host=A4:E5:7C:BA:EC:01,set:A4:E5:7C:BA:EC:01,192.168.1.247
dhcp-host=DC:A6:32:E2:AB:4F,setC:A6:32:E2:AB:4F,Plex,192.168.1.25
dhcp-host=BC:76:5E:B4:08:1D,set:BC:76:5E:B4:08:1D,192.168.1.248
dhcp-host=08:B6:1F:6E:CE:64,set:08:B6:1F:6E:CE:64,192.168.1.246
dhcp-host=14:7F:67:34:68:76,set:14:7F:67:34:68:76,192.168.1.30
dhcp-host=00:24:8D:10:45:C1,set:00:24:8D:10:45:C1,192.168.1.193
dhcp-host=D8:BC:38:9E:97:33,set8:BC:38:9E:97:33,192.168.1.127
dhcp-host=12:71:32:B2:76:83,set:12:71:32:B2:76:83,192.168.1.104
dhcp-host=AE:CA:58:9F:0C:BC,set:AE:CA:58:9F:0C:BC,192.168.1.29
dhcp-name-match=set:wpad-ignore,wpad
dhcp-ignore-names=tag:wpad-ignore
dhcp-script=/sbin/dhcpc_lease
script-arp
edns-packet-max=1232

and the last one:
admin@RT-AX88U-37E8:/jffs/configs# cat /tmp/resolv.dnsmasq
server=188.215.74.252

 

[ColinTaylor]

Just a thought. As much time as one is spending on checking things and running commands, it might be easier not to mention faster to just perform a hard factory reset and reconfigure and see if the affected devices that cannot access the internet can access the internet.

I was beginning to think the same thing.

and the last one:
admin@RT-AX88U-37E8:/jffs/configs# cat /tmp/resolv.dnsmasq
server=188.215.74.252

Presumably 188.215.74.252 is the IP address of your ISP's DNS server? Community Fibre?

If you change the WAN DNS server to be Google or Cloudflare and remove the LAN DNS entry you added, do you still have the problem?

Are you running a VPN client on the router? What firmware version are you using?

 

[Col8eral]

im running: :3004.388.8_4
Yes, im running OpenVPN servers
I tried 1.1.1.1 and 1.0.0.1 in custom on the WAN DNS entry and that didnt work. I can try one of the pre-defined ones.
I'm not sure on that 188.215.74.252 IP. I'll check.
I assume hard factory reset means completely configuring the router from scratch as if it was new out the box?

 

[ColinTaylor]

Yes, im running OpenVPN servers

I was more interested in whether you were running a VPN client, although I doubt that would be the problem.

I tried 1.1.1.1 and 1.0.0.1 in custom on the WAN DNS entry and that didnt work. I can try one of the pre-defined ones.
I'm not sure on that 188.215.74.252 IP. I'll check.

OK. It was worth a shot.

I assume hard factory reset means completely configuring the router from scratch as if it was new out the box?

Yep.

Can you try this from the router:

cat /etc/resolv.conf
nslookup google.com
nslookup google.com 8.8.8.8
nslookup google.com 188.215.74.252

 

[Col8eral]

I tried google dns on the WAN page and deleted entries on LAN DCHP. But no internet. I have re-instated the DCHP cloudfair so i can answer back here

admin@RT-AX88U-37E8:/tmp/home/root# cat /etc/resolv.conf
nameserver 8.8.8.8
nameserver 8.8.4.4
admin@RT-AX88U-37E8:/tmp/home/root#

admin@RT-AX88U-37E8:/tmp/home/root# nslookup google.com
Server: 8.8.8.8
Address 1: 8.8.8.8 dns.google

Name: google.com
Address 1: 142.250.187.238 lhr25s34-in-f14.1e100.net
Address 2: 2a00:1450:4009:819::200e lhr48s09-in-x0e.1e100.net
admin@RT-AX88U-37E8:/tmp/home/root#

admin@RT-AX88U-37E8:/tmp/home/root# nslookup google.com 8.8.8.8
Server: 8.8.8.8
Address 1: 8.8.8.8 dns.google

Name: google.com
Address 1: 172.217.169.78 lhr48s09-in-f14.1e100.net
Address 2: 2a00:1450:4009:819::200e lhr48s09-in-x0e.1e100.net
admin@RT-AX88U-37E8:/tmp/home/root#

admin@RT-AX88U-37E8:/tmp/home/root# nslookup google.com 188.215.74.252
Server: 188.215.74.252
Address 1: 188.215.74.252 dns.as201838.net

Name: google.com
Address 1: 142.250.178.14 lhr48s27-in-f14.1e100.net
Address 2: 2a00:1450:4009:815::200e lhr48s27-in-x0e.1e100.net
admin@RT-AX88U-37E8:/tmp/home/root#

 

[ColinTaylor]

Well I'm completely stumped.

Just as a final sanity check please remove the LAN DNS entries again then issue the following command from the router (which should fail like it did on your PC):

nslookup google.com 127.0.0.1

 

[Col8eral]

admin@RT-AX88U-37E8:/tmp/home/root# nslookup google.com 127.0.0.1
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost.localdomain

Name: google.com
Address 1: 172.217.16.238 mad08s04-in-f14.1e100.net
Address 2: 2a00:1450:4009:819::200e lhr48s09-in-x0e.1e100.net
admin@RT-AX88U-37E8:/tmp/home/root#

 

[ColinTaylor]

admin@RT-AX88U-37E8:/tmp/home/root# nslookup google.com 127.0.0.1
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost.localdomain

Name: google.com
Address 1: 172.217.16.238 mad08s04-in-f14.1e100.net
Address 2: 2a00:1450:4009:819::200e lhr48s09-in-x0e.1e100.net
admin@RT-AX88U-37E8:/tmp/home/root#

And that's after you've removed the LAN DNS entries? That's unexpected!

Can you do the test again (with LAN DNS removed) using the br0 address

nslookup google.com 192.168.1.1

and also do the same test from your Windows PC:

nslookup google.com 192.168.1.1

 

[dave14305]

Can you run this command?

iptables-save -c | grep "port 53"

 

[Col8eral]

what did you mean by Br0 address. My ISP?

Here's the results:

admin@RT-AX88U-37E8:/tmp/home/root# nslookup google.com 192.168.1.1
Server: 192.168.1.1
Address 1: 192.168.1.1 RT-AX88U-37E8.

Name: google.com
Address 1: 142.250.178.14 lhr48s27-in-f14.1e100.net
Address 2: 2a00:1450:4009:826::200e lhr48s48-in-x0e.1e100.net

From the windows machine:
C:\Windows\system32>nslookup google.com 192.168.1.1
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 192.168.1.1

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out

C:\Windows\system32>

admin@RT-AX88U-37E8:/tmp/home/root# iptables-save -c | grep "port 53"
[0:0] -A INPUT -i br0 -p udp -m udp --dport 53 -m string --string "github" --algo bm --to 65535 --icase -j ACCEPT
[0:0] -A INPUT -i br0 -p udp -m udp --dport 53 -m string --hex-string "|046173757303636f6d00|" --algo bm --to 65535 --icase -j ACCEPT
[3953:272221] -A INPUT -i br0 -p udp -m udp --dport 53 -j DROP
[0:0] -A FORWARD -i br0 -p udp -m udp --dport 53 -m string --string "github" --algo bm --to 65535 --icase -j ACCEPT
[0:0] -A FORWARD -i br0 -p udp -m udp --dport 53 -m string --hex-string "|046173757303636f6d00|" --algo bm --to 65535 --icase -j ACCEPT
[0:0] -A FORWARD -i br0 -p udp -m udp --dport 53 -j DROP
[300:18460] -A OUTPUT -p udp -m udp --dport 53 -m u32 --u32 "0x0>>0x16&0x3c@0x8>>0xf&0x1=0x0" -j OUTPUT_DNS
[91:9115] -A OUTPUT -p tcp -m tcp --dport 53 -m u32 --u32 "0x0>>0x16&0x3c@0xc>>0x1a&0x3c@0x8>>0xf&0x1=0x0" -j OUTPUT_DNS
admin@RT-AX88U-37E8:/tmp/home/root#

 

[ColinTaylor]

I think Dave's onto something.

Are/were you using Skynet or some other firewall script?

Firewall - URL Filter perhaps?

cat /jffs/scripts/firewall-start