Tag: PiHole

Posted on

ASUS calling Microsoft

Back Story

I’ll try to keep this post short as I’m behind on many other posts I have to finish. hahah :S

Anyway, I was thinking it’s time to update my pihole, when I checked the admin web interface to check for clients to see who’d still be using it for DNS, and then I’d make a list and be prepared to change them as required (any outside of DHCP of course, as I’d simply change the IP there). Now you might be wondering, why change the IP address? Which is a fair question, I could just update the one in question, but I had bigger plans to move it to another server, I didn’t want to give the other server multiple IPs, so I figured it be easier to spin up the new service on that server and simply change the DNS on the DHCP server/service. Anyway… where was I, oh right, checking the web admin I noticed the top client was my new ASUS RT-AX88U. I was hoping to get a model that supported Tomato like the old RT-N16 I had for so many years which I recently broke and so replaced it with this unit. It currently can’t run Tomato like I managed to do with the RT-N16. So, I just had configured it for AP mode. Figured it doesn’t need to do much else for now besides serve unreal good WiFi.

Yet it’s calling home to “dns.msftncsi.com”, when I looked up this domain it seems to be used mostly by windows machines to check to make sure they are online.

Fix This

Looking a bit further into it I managed to find this magical Reddit post (I really love reddit, I’ve found so many helpful posts there). Anyway let’s see if we can follow the steps on this router.

Step 1 – Enable Access

The source uses telnet, but I’m not a fan of transferring creds in cleartext, unless I know for certain it’s a completely isolated network. Since the router supports SSH, I enabled that instead and logged in. *note* I had to remove the fingerprint from the old RT-N16 I used to SSH into.

Step 2 – Gain Shell Access to your Router

login & password is the same as the web interface.

K, with that done, let’s see if we can edit the nvram, but let’s take a look as the OP suggests.

Step 3 – Look deep into NVRAM

nvram show | sort | less

I used the less command instead, as my old linux instructor once said “less is more” using less you can use the up and down arrow keys to scroll through the results, and look-e-here: (Press Q to exit less)

Step 4 – Finding the Droids

The droids I was after. Time to eliminate them.

Step 5 – Kill the Probe Content Droid

nvram set dns_probe_content=127.0.0.1

Step 6 – Kill the Probe Host Droid

nvram set dns_probe_host=""

Step 7 – Prevent Droid Resurrection

nvram commit

Step 8 – Fully Enforce Your New Empire

reboot

Verify:

Noice!

Posted on

Adding a static host record to PiHole

Adding a record:

pihole -a hostrecord home.consto.com 192.168.1.10

Removing a record:

pihole -a hostrecord

*UPDATE* This only adds one record, and doing this command a second time removes the old record. For multiple records hosting on a PiHole, here’s the main deets as provided by llauren:

With a little configuration, you can use your pi-hole as the DNS server for your LAN, if, for example, your router isn’t doing a very good job serving local names. Here’s how:

Create a second dnsmasq configuration file:

% echo "addn-hosts=/etc/pihole/lan.list" | sudo tee /etc/dnsmasq.d/02-lan.conf

(that % is for whatever your system prompt is; don’t type it out :wink: )

After this, create a “hosts file” for your network /etc/pihole/lan.list with the format ipaddress fqdn hostname, eg

192.168.1.40     marvin.your.lan  marvin
192.168.1.41     eddie.your.lan   eddie
192.168.1.42     hactar.your.lan  hactar

…substituting “your.lan” for whatever you want your domain name to be.

On your DHCP server (most likely your router, though pi-hole indeed can be configured into one), you’ll also need to set your search domain to whatever “your.lan” corresponds to.

Finally, restart your name server:

% sudo pihole restartdns

Additional thoughts

  • If all this domain name stuff confuses you, you can leave it out and live a domain-less life on your LAN.
  • While you certainly can serve any name, also of hosts outside of your LAN, you probably can’t outsmart Netflix to play shows from outside your geographical area :slight_smile: . Drop that thought. It’s probably against their TOS and you might end up losing your Netflix account.
  • The dnsmasq manual page 765 suggests the configuration option hostsdir, but this didn’t work on my raspi. Possibly i was just incompetent.”
Proudly powered by WordPress