Benutzer-Werkzeuge

Webseiten-Werkzeuge


en:howtos:pi-hole
Übersetzungen dieser Seite:

Pi-Hole installation and configuration

Who does not know that, clicked on a link on Google and ended up with a seller, called up a website and waited what felt like minutes until all the advertising banners were finally loaded. It doesn't have to be like that, you don't have to endure advertising.
The possibilities are many and start with installing ad blockers in the browser, with black lists in the router. You can make it easy on yourself…. The advertising has to come from somewhere, it doesn't happen like it used to, where I placed an ad in a newspaper and they then published it. Back then, advertising was part of the newspaper and websites look like advertising was part of it too. Fortunately, this is not the case, because the advertising is only downloaded from external sources, so-called advertising networks, when you view the website. This is what makes „personalized“ advertising possible. And so that the operator of a website does not have to worry about the traffic generated by the advertising, the browser is persuaded to take over this part.
And this is exactly where the starting point is to ban about 80% of all advertising. The idea is to not load any ads that are not part of the website itself. Not only the loading times of the websites are reduced, in combination with PiVPN the mobile data volume is also used for content instead of advertising. In addition, it is a central solution that does not require on every use an ad blocker on each device.

Installation

curl -sSL https://install.pi-hole.net | bash

As with PiVPN, this one command is enough to install Pi-Hole. In the following configuration dialog, which follows the automatic installation of the necessary packages, you will be asked for some settings, including which DNS (Domain Name Service) should be used. Here you have the choice of either your home router (if it offers DNS as a service, like the Fritz Box), the DNS of the Internet provider or, to prevent tracking, one of the free, non-logging DNS server. I have decided to enter my Fritz Box here. For the settings that you should make well-considered, I give my selection here:

  • Select Upstream DNS Provider - 192.168.178.1 (my Fritz Box)
  • Select Protocols - I deselected IPv6 here, but only because my provider doesn't offer me IPv6.
  • Do you want to use your current network settings as a static address? -
    • Ip Address: 192.168.178.30 (IP of the Raspberry Pi in the home network)
    • Gateway: 192.168.178.1 (IP of the Fritz Box in the home network
  • Do you want to log queries? - Yes to be able to see statistics. If you want to do without it to protect the Pi's SD card, you can also select „No“ here, this has no effect on the functions.

In the course of the installation, the URL of the Web Interface is displayed, as well as the password of the admin user, which you should keep safe.

At this point Pi-Hole is fully functional and ready to use. The corresponding services are started when the Raspberry Pi is started, the daily automatic update of the block lists is activated. Now all clients have to be persuaded to use the Raspberry Pi as DNS. The easiest way to ensure this is to adjust the DHCP settings on the home router so that it propagates the Raspberry Pi as DNS. In the Fritz Box you will find the point under

Home network -> Network -> Tab: Network settings -> IPv4 addresses -> Field: Local DNS server

If you don't succeed, or you only want to use the ad blocker for individual devices, you have to adjust the DNS settings on each individual device.

Configuration

There is nothing else to configure for blocking ads, but if you want to change something, you can either change the /etc/pihole/setupVars.conf file or do a new installation. If the /etc/pihole/setupVars.conf file is changed manually, the corresponding services must be restarted.

sudo service dnsmasq restart
sudo service pihole-FTL restart

Für Experten

Ihr wollt mehr, z.B. weil er heimische Router keinen DNS Service bietet oder ihr eigenen Adressen umleiten wollt? Natürlich ist dies kein Problem, denn Pi-Hole benutzt für seinen Funktionen den Dienst dnsmasq, einen kleinen, einfachen DNS Server. Die Konfiguration des DNS Servers findet man unter /etc/dnsmasq.d/01-pihole.conf . In dieser Datei stehen alle Informationen, die Pi-Hole benötigt. dsnmasq liest alle Dateien in diesem Verzeichnis, die auf .conf enden. Ich beschreibe nun mal, wie einfach man

  • heimische IPs mit einem Namen versieht
  • externe Adressen auf interne Adressen umleitet. Wozu? Ihr betreibt sicherlich eine eigene Cloud im Heimnetz, um Daten auf allen Geräten zur Verfügung zu haben. Diese Cloud muss natürlich auch aus dem Internet zu erreichen sein, was dazu führt das ihr zwei Namen für die Cloud verwenden müsst. Der Name im internen Netz unterscheidet sich also von dem Namen, der aus dem Internet verwendet werden muss. Um dies zu vermeiden kann dnsmasq den externen Namen im Heimnetz auf die interne Adressse umleiten.

Als erstes legen wir eine eigene Konfigurationsdatei /etc/dnsmasq.d/02-lan.conf an, deren Inhalt wie folgt aussieht:

addn-hosts=/etc/pihole/lan.list

Damit teilen wir dnsmasq freundlich mit, das eine Datei /etc/pihole/lan.list ebenfalls zu berücksichtigen ist. Der Inhalt dieser Datei, die wir ebenfalls anlegen müssen, entspricht im Aufbau exakt einer /etc/hosts Datei. Hier ein Beispiel:

192.168.178.30 raspberrypi raspberrypi.fritz.box # PI fuer PiHole
192.168.178.40 pi3 pi3.fritz.box onkelhartwig.myfirewall.org onkelhartwig.myfirewall.org # PI fuer owncloud und OpenVPN Client

Wie man sieht, habe ich hier zwei Raspberry Pi eingetragen, für die dnsmasq die Namen in IP Adressen (und umgekehrt) übersetzt. Wenn ich im Internet bin wird „onkelhartwig.myfirewall.org“ zu meiner externen IP aufgelöst, während zu Hause die interne IP (192.168.178.40) benutzt wird.
Apropos: in einer /etc/hosts Datei wird alles, was hinter dem Zeichen „#“ steht als Kommentar interpretiert.

For experts

You want more, e.g. because your home router does not offer DNS service or you want to redirect your own addresses? Of course, this is not a problem, because Pi-Hole uses the dnsmasq service, a small, simple DNS server, for its functions. The configuration of the DNS server can be found under /etc/dnsmasq.d/01-pihole.conf . This file contains all the information Pi-Hole needs. dsnmasq reads all files in this directory that end in .conf. I will now describe how easy it is to

  • naming home IPs
  • Redirects external addresses to internal addresses. What for? You certainly operate your own cloud in the home network in order to have data available on all devices. Of course, this cloud must also be accessible from the Internet, which means that you have to use two names for the cloud. The name in the internal network is therefore different from the name that must be used from the Internet. To avoid this, dnsmasq can redirect the external name in the home network to the internal address.

First we create our own configuration file /etc/dnsmasq.d/02-lan.conf, the content of which looks like this:

addn-hosts=/etc/pihole/lan.list

This is a friendly way of telling dnsmasq that there is a /etc/pihole/lan.list file to consider as well. The content of this file, which we also have to create, has exactly the same structure as a /etc/hosts file. Here's an example:

192.168.178.30 raspberrypi raspberrypi.fritz.box # PI for PiHole
192.168.178.40 pi3 pi3.fritz.box onkelhartwig.myfirewall.org onkelhartwig.myfirewall.org # PI for owncloud and OpenVPN client

As you can see, I have entered two Raspberry Pis for which dnsmasq translates the names into IP addresses (and vice versa). When I'm online, „onkelhartwig.myfirewall.org“ resolves to my external IP, while at home it uses the internal IP (192.168.178.40).
Speaking of which: in an /etc/hosts file, everything after the „#“ character is interpreted as a comment.

en/howtos/pi-hole.txt · Zuletzt geändert: 2022/02/18 08:25 von morquai