Hi!
I previouslly had Pi-Hole running in my network, but wanted to switch to adblock running on OpenWrt. My network configuration is as follows:
My OpenWrt router is the 2nd router in my house, located at 192.168.2.2. Internet connection is provided by an ISP provided router sitting at 192.168.2.1 (some devices are jacked into the ethernet ports of that router). The OpenWrt device was previously set up as a dump AP following dumb-AP guide.
Since I now want to use adbock on this device, I restarted dnsmasq, firewall and odhcpd there, deactivated the ISP-router's DHCP and configured the network there to use 192.168.2.2 as DNS server.
After rebooting, devices weren't able to access the internet anymore, due to what seemed like a DNS error. at the OpenWrt router, I went to Network->Interfaces->LAN->edit and set "Use custom DNS servers" to 8.8.8.8 . After this, internet started working again.
I then installed adblock and the LuCI interface to it. The service is running and can download blocklists, but it seems to be ignored by devices: the "DNS reports" page in the adblock web interface shows an empty list under " Latest DNS Requests".
so I am assuming that DNS queries never reach adblock, but I'm not sure why: On my laptop, running systemd-resolve --status
shows that the laptop does think that 192.168.2.2 is its nameserver. What are some configs I might have missed or tests I could run at this stage?
EDIT: after enabling logging of DNS queries, I can see entries in the system log that indicate that DNS queries DO reach the device, and are getting NXDOMAIN replies, which IIUC means they're getting blocked:
Sun Mar 7 14:15:57 2021 daemon.info dnsmasq[3730]: 352 192.168.2.113/59174 query[A] pixel.facebook.com from 192.168.2.113
Sun Mar 7 14:15:57 2021 daemon.info dnsmasq[3730]: 352 192.168.2.113/59174 config pixel.facebook.com is NXDOMAIN
Sun Mar 7 14:15:57 2021 daemon.info dnsmasq[3730]: 353 192.168.2.113/35558 query[AAAA] pixel.facebook.com from 192.168.2.113
Sun Mar 7 14:15:57 2021 daemon.info dnsmasq[3730]: 353 192.168.2.113/35558 config pixel.facebook.com is NXDOMAIN
Sun Mar 7 14:15:57 2021 daemon.info dnsmasq[3730]: 354 192.168.2.113/59174 query[A] pixel.facebook.com from 192.168.2.113
Sun Mar 7 14:15:57 2021 daemon.info dnsmasq[3730]: 354 192.168.2.113/59174 config pixel.facebook.com is NXDOMAIN
So why are they not showing up in the adblock log as they should? ("DNS Report" is checked in the adblock UI, tcpdump-mini is installed and the router had been rebooted after those changes)
EDIT2: switched from 192.168.1.x to 192.168.2.x