Entware Pi-hole directly on the router? Yes!

[heslo]

chmod u+x /jffs/scripts/dnsmasq.postconf

Boom! We're up again, thank you!

Now to test if I still have this disconnection/reconnection issue

EDIT: Yep, still causing issues if a device disconnects then reconnects. No DNS available to the device

 

[dave14305]

Boom! We're up again, thank you!

Now to test if I still have this disconnection/reconnection issue

EDIT: Yep, still causing issues if a device disconnects then reconnects. No DNS available to the device

That’s why you need the LAN IP on the DHCP page. Better will be to add the dhcp-option in postconf, but prove it works first.

sed "/^user=/a dhcp-option=lan,6,0.0.0.0" -i "$1"

 

[heslo]

That’s why you need the LAN IP on the DHCP page. Better will be to add the dhcp-option in postconf, but prove it works first.

Holy hell, you did it!

My man, thank you. This should definitely be added to the install guide. Out of interest, how would you go about adding it into the postconf?

EDIT: Just saw your edit with the code, awesome! Is there a reason one way is better than another in that regard?

 

[dave14305]

Is there a reason one way is better than another in that regard?

0.0.0.0 means “whatever the interface IP currently is”, which is more flexible if you have multiple interfaces.

 

[jacklul]

Put the router’s LAN IP on the LAN DHCP Server DNS 1 field. When the dnsmasq port is not 53, dnsmasq won’t advertise the router’s IP as the DNS server over DHCP. The “Advertise router IP…” option has no effect if the DNS servers are blank.

You're absolutely right, just looked into source code.

That’s why you need the LAN IP on the DHCP page. Better will be to add the dhcp-option in postconf, but prove it works first.

sed "/^user=/a dhcp-option=lan,6,0.0.0.0" -i "$1"

Thank you for this!
I've update the wiki page with this addition to the postconf script.

 

[heslo]

You're absolutely right, just looked into source code.


Thank you for this!
I've update the wiki page with this addition to the postconf script.

Great that we finally got there! Thanks to you also for all the help and putting this all together!

 

[capitantrueno]

Hi there!

Didn't your script you had in script_usbmount enabled swap ?

I'm not using my own scripts anymore. These are the contents of my mount and umount scripts

admin@4G-AC86U:/tmp/home/root# nvram get script_usbmount
/bin/sh /jffs/scripts/scripts-startup.sh start
admin@4G-AC86U:/tmp/home/root# nvram get script_usbumount
if [ $1 = "/tmp/mnt/ENTWARE" ]; then
  /opt/etc/init.d/rc.unslung stop
fi
admin@4G-AC86U:/tmp/home/root#

Did you see something like 'Enabled swap file XXXX' after running 'swap.sh start'? If you did not then it did not enable /tmp/mnt/ENTWARE/swap.img because another swap file is already enabled.

No, that message does not appear after starting swap.sh.

Run 'cat /proc/swaps' to see what file.

There is more than one entry

admin@4G-AC86U:/tmp/home/root# nvram get script_usbmount
/bin/sh /jffs/scripts/scripts-startup.sh start
admin@4G-AC86U:/tmp/home/root# nvram get script_usbumount
if [ $1 = "/tmp/mnt/ENTWARE" ]; then
  /opt/etc/init.d/rc.unslung stop
fi
admin@4G-AC86U:/tmp/home/root#

This message means 'setcap' command doesn't work on your device or your storage drive is not formatted in a Linux compatible format (I recommended ext4).
It is important because running with setcap is how Pi-hole developers intended the daemon to run.
I did some fixes in the scripts so you can start it in such unsupported cases but as the message says - some issues might happen.
So it should be working.

My router does not support ext4, so I have used ext3 as the filesystem. Regarding setcap, it is installed. Maybe the version is not the most recent, but it is the only one available on my system:

admin@4G-AC86U:/tmp/home/root# opkg install libcap
Package libcap (2.69-1) installed in root is up to date.

Please check if /tmp/etc/dnsmasq.conf contains changes made by /jffs/scripts/dnsmasq.postconf:
You should see bunch of lines being commented (starting with # sign) and server=127.0.0.1#5053 somewhere at the top and "# Modified by custom-configs" at the bottom.
Without changes to /tmp/etc/dnsmasq.conf firmware's dnsmasq will not forward queries to Pi-hole, it will use router's settings instead.

I think the problem is there. After checking my /tmp/etc/dnsmasq file, I'm not able to find any of those lines:

admin@4G-AC86U:/tmp/home/root# cat /tmp/etc/dnsmasq.conf
pid-file=/var/run/dnsmasq.pid
user=nobody
bind-dynamic
interface=br0
interface=pptp*
no-dhcp-interface=pptp*
no-resolv
servers-file=/tmp/resolv.dnsmasq
no-poll
no-negcache
cache-size=1500
min-port=4096
domain=lan
expand-hosts
dhcp-range=lan,192.168.50.2,192.168.50.254,255.255.255.0,86400s
dhcp-option=lan,3,192.168.50.1
dhcp-option=lan,15,lan
dhcp-option=lan,44,0.0.0.0
dhcp-option=lan,252,"\n"
dhcp-authoritative
address=/findasus.local/192.168.50.1
interface=tun22
no-dhcp-interface=tun22
interface=tun23
no-dhcp-interface=tun23
dhcp-host=28:FF:3C:91:54:C4,set:28:FF:3C:91:54:C4,192.168.50.2
dhcp-host=CC:2D:8C:2F:52:4C,set:CC:2D:8C:2F:52:4C,192.168.50.3
dhcp-host=D8:F1:5B:D5:40:B0,set:D8:F1:5B:D5:40:B0,192.168.50.10
dhcp-host=10:7C:61:7D:B9:E0,set:10:7C:61:7D:B9:E0,192.168.50.150
dhcp-script=/sbin/dhcpc_lease

Thanks!

 

[jacklul]

Hi there!

I'm not using my own scripts anymore. These are the contents of my mount and umount scripts

admin@4G-AC86U:/tmp/home/root# nvram get script_usbmount
/bin/sh /jffs/scripts/scripts-startup.sh start
admin@4G-AC86U:/tmp/home/root# nvram get script_usbumount
if [ $1 = "/tmp/mnt/ENTWARE" ]; then
  /opt/etc/init.d/rc.unslung stop
fi
admin@4G-AC86U:/tmp/home/root#

No, that message does not appear after starting swap.sh.


There is more than one entry

admin@4G-AC86U:/tmp/home/root# nvram get script_usbmount
/bin/sh /jffs/scripts/scripts-startup.sh start
admin@4G-AC86U:/tmp/home/root# nvram get script_usbumount
if [ $1 = "/tmp/mnt/ENTWARE" ]; then
  /opt/etc/init.d/rc.unslung stop
fi
admin@4G-AC86U:/tmp/home/root#

My router does not support ext4, so I have used ext3 as the filesystem. Regarding setcap, it is installed. Maybe the version is not the most recent, but it is the only one available on my system:

admin@4G-AC86U:/tmp/home/root# opkg install libcap
Package libcap (2.69-1) installed in root is up to date.

I think the problem is there. After checking my /tmp/etc/dnsmasq file, I'm not able to find any of those lines:

admin@4G-AC86U:/tmp/home/root# cat /tmp/etc/dnsmasq.conf
pid-file=/var/run/dnsmasq.pid
user=nobody
bind-dynamic
interface=br0
interface=pptp*
no-dhcp-interface=pptp*
no-resolv
servers-file=/tmp/resolv.dnsmasq
no-poll
no-negcache
cache-size=1500
min-port=4096
domain=lan
expand-hosts
dhcp-range=lan,192.168.50.2,192.168.50.254,255.255.255.0,86400s
dhcp-option=lan,3,192.168.50.1
dhcp-option=lan,15,lan
dhcp-option=lan,44,0.0.0.0
dhcp-option=lan,252,"\n"
dhcp-authoritative
address=/findasus.local/192.168.50.1
interface=tun22
no-dhcp-interface=tun22
interface=tun23
no-dhcp-interface=tun23
dhcp-host=28:FF:3C:91:54:C4,set:28:FF:3C:91:54:C4,192.168.50.2
dhcp-host=CC:2D:8C:2F:52:4C,set:CC:2D:8C:2F:52:4C,192.168.50.3
dhcp-host=D8:F1:5B:D5:40:B0,set:D8:F1:5B:D5:40:B0,192.168.50.10
dhcp-host=10:7C:61:7D:B9:E0,set:10:7C:61:7D:B9:E0,192.168.50.150
dhcp-script=/sbin/dhcpc_lease

Thanks!

Maybe your usbmount script isn't starting the scripts? Check if /tmp/scripts_started exists
Verify that you see "Started service event monitoring" in syslog since last boot.
You should also see multiple log entries related to those scripts, if there is none then they are not being started.
Make sure the scripts are executable.
If you have multiple swap files there then something is mounting them already, if you attach a list of them then maybe we can track it down.
Try running setcap manually:

setcap -v CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE,CAP_IPC_LOCK,CAP_CHOWN+eip /opt/bin/pihole-FTL

 

[capitantrueno]

Hi there!

Maybe your usbmount script isn't starting the scripts? Check if /tmp/scripts_started exists

Yes, exists:

admin@4G-AC86U:/tmp/home/root# ls -la /tmp/scripts_started
-rw-r--r-- 1 admin root 20 Sep  3 18:08 /tmp/scripts_started
admin@4G-AC86U:/tmp/home/root# cat /tmp/scripts_started
2025-09-03 18:08:17

Verify that you see "Started service event monitoring" in syslog since last boot.
You should also see multiple log entries related to those scripts, if there is none then they are not being started.

It seems like the scripts are loaded.

Sep  3 18:08:17 scripts-startup: Starting custom scripts (/jffs/scripts)...
Sep  3 18:08:17 scripts-startup: Starting '/jffs/scripts/service-event.sh'...
Sep  3 18:08:18 scripts-startup: Starting '/jffs/scripts/hotplug-event.sh'...
Sep  3 18:08:18 hotplug-event: Modified hotplug configuration
Sep  3 18:08:18 service-event: Started service event monitoring...
Sep  3 18:08:18 scripts-startup: Starting '/jffs/scripts/custom-configs.sh'...
Sep  3 18:08:18 custom-configs: Running '/jffs/scripts/dnsmasq.postconf' script...
Sep  3 18:08:18 scripts-startup: Starting '/jffs/scripts/swap.sh'...
Sep  3 18:08:20 rc_service: hotplug 18631:notify_rc restart_nasapps
Sep  3 20:08:20 avahi-daemon[2269]: Alias name 4G-AC86U: avahi_server_add_cname failure: The requested operation is invalid because redundant
Sep  3 20:08:20 iTunes: daemon is stoped
Sep  3 20:08:20 FTP Server: daemon is stoped
Sep  3 20:08:20 Samba Server: smb daemon is stoped
Sep  3 18:08:21 service-event: Running script (args: 'restart' 'nasapps')
Sep  3 20:08:23 Timemachine: daemon is stoped
Sep  3 20:08:23 miniupnpd[7264]: shutting down MiniUPnPd
Sep  3 20:08:23 avahi-daemon[7442]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
Sep  3 20:08:24 Samba Server: daemon is started
Sep  3 20:08:24 avahi-daemon[7442]: Alias name 4G-AC86U: avahi_server_add_cname failure: The requested operation is invalid because redundant
Sep  3 20:08:24 avahi-daemon[7442]: Alias name "findasus" successfully established.
Sep  3 20:08:26 miniupnpd[7879]: version 1.9 started
Sep  3 20:08:26 miniupnpd[7879]: HTTP listening on port 38557
Sep  3 20:08:26 miniupnpd[7879]: Listening for NAT-PMP/PCP traffic on port 5351
Sep  3 18:08:26 custom-configs: Running '/jffs/scripts/dnsmasq.postconf' script...
Sep  3 20:09:00 custom-configs: Running '/jffs/scripts/dnsmasq.postconf' script...
Sep  3 20:09:30 kernel: [  349.402772] entry wcid 3 QosMapSupport=0
Sep  3 20:09:30 kernel: [  349.515610] AP SETKEYS DONE - AKMMap=WPA2-Personal, PairwiseCipher=AES, GroupCipher=AES, wcid=3 from CC:9E:A2:28:E5:2A
Sep  3 20:09:30 kernel: [  349.515610]
Sep  3 20:09:30 kernel: [  349.527850] PTK:33d4fe32855666d2f291c0364b64ab259cbf61d106ee5cc520e23e56773dadb9cc7267ced1dfe9260720d54164bd9877cd3476916bfc5e0f1dba
Sep  3 20:09:30 kernel: [  349.539906] HcGetEdca(): wdev=1, hobj is not ready!
Sep  3 20:09:30 kernel: [  349.539909] HcGetEdca(): wdev=2, hobj is not ready!
Sep  3 20:09:30 kernel: [  349.539911] HcGetEdca(): wdev=3, hobj is not ready!
Sep  3 20:09:30 kernel: [  349.539913] HcGetEdca(): wdev=4, hobj is not ready!
Sep  3 20:09:30 kernel: [  349.539916] HcGetEdca(): wdev=5, hobj is not ready!
Sep  3 20:09:30 kernel: [  349.564592] 63e8aa1f80fd
Sep  3 20:09:33 kernel: [  352.095505] Rcv Wcid(3) AddBAReq
Sep  3 20:09:33 kernel: [  352.098765] Start Seq = 00000010
Sep  3 20:10:00 custom-configs: Running '/jffs/scripts/dnsmasq.postconf' script...
Sep  3 20:10:36 kernel: [  415.611608] ASSOC - 1 receive DIS-ASSOC request
Sep  3 20:10:36 kernel: [  415.634379] WextMboSendStaDisassocToDaemonEvent [d8:f1:5b:d5:40:b0] sizeof 6                     report_buf_len 6 buflen 180 msg_type MBO_MSG_REMOVE_STA
Sep  3 20:10:36 kernel: [  415.646798] ASSOC - 1 receive DIS-ASSOC request
Sep  3 20:10:36 kernel: [  415.651410] ASSOC - 1 receive DIS-ASSOC request
Sep  3 20:10:36 kernel: [  415.655945] ASSOC - 1 receive DIS-ASSOC request
Sep  3 20:10:36 kernel: [  415.660483] ASSOC - 1 receive DIS-ASSOC request
Sep  3 20:11:00 custom-configs: Running '/jffs/scripts/dnsmasq.postconf' script...
Sep  3 20:12:00 custom-configs: Running '/jffs/scripts/dnsmasq.postconf' script...
Sep  3 20:13:00 custom-configs: Running '/jffs/scripts/dnsmasq.postconf' script...
Sep  3 20:13:02 kernel: [  561.610165] Rcv Wcid(3) AddBAReq

Make sure the scripts are executable.

Yes, they are:

admin@4G-AC86U:/tmp/home/root# ls -ls /jffs/scripts/
total 61
15 -rwxrwxrwx 1 admin root 15253 Aug 29 11:38 custom-configs.sh
 3 -rwxrwxrwx 1 admin root  2802 Aug 30 13:57 dnsmasq.postconf
 7 -rwxrwxrwx 1 admin root  6767 Aug 29 11:38 hotplug-event.sh
 1 -rwxrwxr-x 1 admin root   163 Aug 28 22:05 mountOpt
 5 -rwxrwxrwx 1 admin root  5030 Aug 29 08:09 scripts-startup.sh
18 -rwxrwxrwx 1 admin root 18217 Aug 29 11:38 service-event.sh
 1 -rw-rw-rw- 1 admin root   260 Aug 29 11:25 swap.conf
 9 -rwxrwxrwx 1 admin root  8367 Aug 29 10:59 swap.sh
 4 -rwxrwxrwx 1 admin root  3185 Sep  4 07:13 update-scripts.sh

If you have multiple swap files there then something is mounting them already, if you attach a list of them then maybe we can track it down.

My bad. I copied the results but not pasted in my last reply. Here you have:

dmin@4G-AC86U:/tmp/home/root# cat /proc/swaps
Filename                Type        Size    Used    Priority
/tmp/mnt/ENTWARE/asusware.arm/.swap     file        67580    0    -1
/tmp/mnt/ENTWARE/.swap                  file        67580    0    -2

Try running setcap manually:

setcap -v CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE,CAP_IPC_LOCK,CAP_CHOWN+eip /opt/bin/pihole-FTL

This is what I get:

admin@4G-AC86U:/tmp/home/root# setcap -v CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE,CAP_IPC_LOCK,CAP_CHOWN+eip /opt/bin/piho
le-FTL
/opt/bin/pihole-FTL differs in [pie]

Thanks!

 

[jacklul]

Hi there!

Yes, exists:

admin@4G-AC86U:/tmp/home/root# ls -la /tmp/scripts_started
-rw-r--r-- 1 admin root 20 Sep  3 18:08 /tmp/scripts_started
admin@4G-AC86U:/tmp/home/root# cat /tmp/scripts_started
2025-09-03 18:08:17

It seems like the scripts are loaded.

Sep  3 18:08:17 scripts-startup: Starting custom scripts (/jffs/scripts)...
Sep  3 18:08:17 scripts-startup: Starting '/jffs/scripts/service-event.sh'...
Sep  3 18:08:18 scripts-startup: Starting '/jffs/scripts/hotplug-event.sh'...
Sep  3 18:08:18 hotplug-event: Modified hotplug configuration
Sep  3 18:08:18 service-event: Started service event monitoring...
Sep  3 18:08:18 scripts-startup: Starting '/jffs/scripts/custom-configs.sh'...
Sep  3 18:08:18 custom-configs: Running '/jffs/scripts/dnsmasq.postconf' script...
Sep  3 18:08:18 scripts-startup: Starting '/jffs/scripts/swap.sh'...
Sep  3 18:08:20 rc_service: hotplug 18631:notify_rc restart_nasapps
Sep  3 20:08:20 avahi-daemon[2269]: Alias name 4G-AC86U: avahi_server_add_cname failure: The requested operation is invalid because redundant
Sep  3 20:08:20 iTunes: daemon is stoped
Sep  3 20:08:20 FTP Server: daemon is stoped
Sep  3 20:08:20 Samba Server: smb daemon is stoped
Sep  3 18:08:21 service-event: Running script (args: 'restart' 'nasapps')
Sep  3 20:08:23 Timemachine: daemon is stoped
Sep  3 20:08:23 miniupnpd[7264]: shutting down MiniUPnPd
Sep  3 20:08:23 avahi-daemon[7442]: WARNING: No NSS support for mDNS detected, consider installing nss-mdns!
Sep  3 20:08:24 Samba Server: daemon is started
Sep  3 20:08:24 avahi-daemon[7442]: Alias name 4G-AC86U: avahi_server_add_cname failure: The requested operation is invalid because redundant
Sep  3 20:08:24 avahi-daemon[7442]: Alias name "findasus" successfully established.
Sep  3 20:08:26 miniupnpd[7879]: version 1.9 started
Sep  3 20:08:26 miniupnpd[7879]: HTTP listening on port 38557
Sep  3 20:08:26 miniupnpd[7879]: Listening for NAT-PMP/PCP traffic on port 5351
Sep  3 18:08:26 custom-configs: Running '/jffs/scripts/dnsmasq.postconf' script...
Sep  3 20:09:00 custom-configs: Running '/jffs/scripts/dnsmasq.postconf' script...
Sep  3 20:09:30 kernel: [  349.402772] entry wcid 3 QosMapSupport=0
Sep  3 20:09:30 kernel: [  349.515610] AP SETKEYS DONE - AKMMap=WPA2-Personal, PairwiseCipher=AES, GroupCipher=AES, wcid=3 from CC:9E:A2:28:E5:2A
Sep  3 20:09:30 kernel: [  349.515610]
Sep  3 20:09:30 kernel: [  349.527850] PTK:33d4fe32855666d2f291c0364b64ab259cbf61d106ee5cc520e23e56773dadb9cc7267ced1dfe9260720d54164bd9877cd3476916bfc5e0f1dba
Sep  3 20:09:30 kernel: [  349.539906] HcGetEdca(): wdev=1, hobj is not ready!
Sep  3 20:09:30 kernel: [  349.539909] HcGetEdca(): wdev=2, hobj is not ready!
Sep  3 20:09:30 kernel: [  349.539911] HcGetEdca(): wdev=3, hobj is not ready!
Sep  3 20:09:30 kernel: [  349.539913] HcGetEdca(): wdev=4, hobj is not ready!
Sep  3 20:09:30 kernel: [  349.539916] HcGetEdca(): wdev=5, hobj is not ready!
Sep  3 20:09:30 kernel: [  349.564592] 63e8aa1f80fd
Sep  3 20:09:33 kernel: [  352.095505] Rcv Wcid(3) AddBAReq
Sep  3 20:09:33 kernel: [  352.098765] Start Seq = 00000010
Sep  3 20:10:00 custom-configs: Running '/jffs/scripts/dnsmasq.postconf' script...
Sep  3 20:10:36 kernel: [  415.611608] ASSOC - 1 receive DIS-ASSOC request
Sep  3 20:10:36 kernel: [  415.634379] WextMboSendStaDisassocToDaemonEvent [d8:f1:5b:d5:40:b0] sizeof 6                     report_buf_len 6 buflen 180 msg_type MBO_MSG_REMOVE_STA
Sep  3 20:10:36 kernel: [  415.646798] ASSOC - 1 receive DIS-ASSOC request
Sep  3 20:10:36 kernel: [  415.651410] ASSOC - 1 receive DIS-ASSOC request
Sep  3 20:10:36 kernel: [  415.655945] ASSOC - 1 receive DIS-ASSOC request
Sep  3 20:10:36 kernel: [  415.660483] ASSOC - 1 receive DIS-ASSOC request
Sep  3 20:11:00 custom-configs: Running '/jffs/scripts/dnsmasq.postconf' script...
Sep  3 20:12:00 custom-configs: Running '/jffs/scripts/dnsmasq.postconf' script...
Sep  3 20:13:00 custom-configs: Running '/jffs/scripts/dnsmasq.postconf' script...
Sep  3 20:13:02 kernel: [  561.610165] Rcv Wcid(3) AddBAReq

Yes, they are:

admin@4G-AC86U:/tmp/home/root# ls -ls /jffs/scripts/
total 61
15 -rwxrwxrwx 1 admin root 15253 Aug 29 11:38 custom-configs.sh
 3 -rwxrwxrwx 1 admin root  2802 Aug 30 13:57 dnsmasq.postconf
 7 -rwxrwxrwx 1 admin root  6767 Aug 29 11:38 hotplug-event.sh
 1 -rwxrwxr-x 1 admin root   163 Aug 28 22:05 mountOpt
 5 -rwxrwxrwx 1 admin root  5030 Aug 29 08:09 scripts-startup.sh
18 -rwxrwxrwx 1 admin root 18217 Aug 29 11:38 service-event.sh
 1 -rw-rw-rw- 1 admin root   260 Aug 29 11:25 swap.conf
 9 -rwxrwxrwx 1 admin root  8367 Aug 29 10:59 swap.sh
 4 -rwxrwxrwx 1 admin root  3185 Sep  4 07:13 update-scripts.sh

My bad. I copied the results but not pasted in my last reply. Here you have:

dmin@4G-AC86U:/tmp/home/root# cat /proc/swaps
Filename                Type        Size    Used    Priority
/tmp/mnt/ENTWARE/asusware.arm/.swap     file        67580    0    -1
/tmp/mnt/ENTWARE/.swap                  file        67580    0    -2

This is what I get:

admin@4G-AC86U:/tmp/home/root# setcap -v CAP_NET_BIND_SERVICE,CAP_NET_RAW,CAP_NET_ADMIN,CAP_SYS_NICE,CAP_IPC_LOCK,CAP_CHOWN+eip /opt/bin/piho
le-FTL
/opt/bin/pihole-FTL differs in [pie]

Thanks!

It runs the postconf but dnsmasq.conf isn't getting modified... try running "dnsmasq.postconf /etc/dnsmasq.conf" manually and see if it modifies the file, or any error show up.
If it does modify the file the restart dnsmasq the run "custom-configs.sh run" and look for errors and check if it modifies the config.

Those swaps are created by firmware, I believe you can disable it via "nvram set apps_swap_enable=0", "nvram commit" and reboot. Alternatively you can probably change value of "apps_swap_size" to control the size of the swap created by the firmware.

About setcap, I guess if you want you could try executing that command but only with one capability per execution and see on which it errors out. So it would be "setcap -v CAP_NET_RAW+eip pihole-FTL" and so on...
Though Pi-hole probably requires all of those so it might be pointless.

 

[capitantrueno]

Hi there!

It runs the postconf but dnsmasq.conf isn't getting modified... try running "dnsmasq.postconf /etc/dnsmasq.conf" manually and see if it modifies the file, or any error show up.
If it does modify the file the restart dnsmasq the run "custom-configs.sh run" and look for errors and check if it modifies the config.

Tried with no results. No errors and no modifications were made on the file. I don't understand, because as 'admin' user, I have permissions on that file :S

admin@4G-AC86U:/tmp/home/root# /jffs/scripts/dnsmasq.postconf /etc/dnsmasq.conf
admin@4G-AC86U:/tmp/home/root# cat  /etc/dnsmasq.conf
pid-file=/var/run/dnsmasq.pid
user=nobody
bind-dynamic
interface=br0
interface=pptp*
no-dhcp-interface=pptp*
no-resolv
servers-file=/tmp/resolv.dnsmasq
no-poll
no-negcache
cache-size=1500
min-port=4096
domain=lan
expand-hosts
dhcp-range=lan,192.168.50.2,192.168.50.254,255.255.255.0,86400s
dhcp-option=lan,3,192.168.50.1
dhcp-option=lan,15,lan
dhcp-option=lan,44,0.0.0.0
dhcp-option=lan,252,"\n"
dhcp-authoritative
address=/findasus.local/192.168.50.1
interface=tun22
no-dhcp-interface=tun22
interface=tun23
no-dhcp-interface=tun23
dhcp-host=28:FF:3C:91:54:C4,set:28:FF:3C:91:54:C4,192.168.50.2
dhcp-host=CC:2D:8C:2F:52:4C,set:CC:2D:8C:2F:52:4C,192.168.50.3
dhcp-host=D8:F1:5B:D5:40:B0,set:D8:F1:5B:D5:40:B0,192.168.50.10
dhcp-host=10:7C:61:7D:B9:E0,set:10:7C:61:7D:B9:E0,192.168.50.150
dhcp-script=/sbin/dhcpc_lease
admin@4G-AC86U:/tmp/home/root# ls -la /etc/dnsmasq.conf
-rw-rw-rw- 1 admin root 817 May  5  2018 /etc/dnsmasq.conf

Those swaps are created by firmware, I believe you can disable it via "nvram set apps_swap_enable=0", "nvram commit" and reboot. Alternatively you can probably change value of "apps_swap_size" to control the size of the swap created by the firmware.

These are my nvram entries related with 'apps_':

admin@4G-AC86U:/tmp/home/root# nvram show | grep apps_
apps_state_upgrade=
apps_swap_enable=1
apps_state_autorun=4
apps_local_space=/rom
apps_state_switch=
apps_analysis=0
apps_state_update=2
apps_dev=sda1
size: 44278 bytes (17162 left)
apps_depend_action=
apps_swap_file=.swap
apps_new_arm=1
apps_ipkg_server=http://nw-dlcdnet.asus.com/asusware/arm_new/stable
apps_wget_timeout=30
apps_depend_action_target=
apps_state_stop=
apps_state_remove=
apps_state_cancel=
apps_mounted_path=/tmp/mnt/ENTWARE
apps_state_action=
apps_state_enable=
apps_depend_do=
apps_swap_threshold=
apps_state_error=
apps_state_autofix=1
apps_ipkg_old=0
apps_download_file=
apps_install_folder=asusware.arm
apps_state_install=
apps_swap_size=67000
apps_download_percent=

About setcap, I guess if you want you could try executing that command but only with one capability per execution and see on which it errors out. So it would be "setcap -v CAP_NET_RAW+eip pihole-FTL" and so on...
Though Pi-hole probably requires all of those so it might be pointless.

I tried to apply one by one, the results are the same:

admin@4G-AC86U:/tmp/home/root# setcap -v CAP_CHOWN+eip /opt/bin/pihole-FTL
/opt/bin/pihole-FTL differs in [pie]
admin@4G-AC86U:/tmp/home/root# setcap -v C_LOCK,+eip /opt/bin/pihole-FTL
admin@4G-AC86U:/tmp/home/root# setcap -v CAP_NET_BIND_SERVICE+eip /opt/bin/pihole-FTL
/opt/bin/pihole-FTL differs in [pie]
admin@4G-AC86U:/tmp/home/root# setcap -v CAP_NET_RAW+eip /opt/bin/pihole-FTL
/opt/bin/pihole-FTL differs in [pie]
admin@4G-AC86U:/tmp/home/root# dnsmasq.postconf /etc/dnsmasq.conf
admin@4G-AC86U:/tmp/home/root# setcap -v CAP_NET_BIND_SERVICE+eip /opt/bin/pihole-FTL
/opt/bin/pihole-FTL differs in [pie]
admin@4G-AC86U:/tmp/home/root# setcap -v CAP_NET_RAW+eip /opt/bin/pihole-FTL6
/opt/bin/pihole-FTL6 differs in [pie]
admin@4G-AC86U:/tmp/home/root# setcap -v CAP_NET_ADMIN+eip /opt/bin/pihole-FTL
/opt/bin/pihole-FTL differs in [pie]
admin@4G-AC86U:/tmp/home/root# setcap -v CAP_SYS_NICE+eip /opt/bin/pihole-FTL
/opt/bin/pihole-FTL differs in [pie]
admin@4G-AC86U:/tmp/home/root# setcap -v CAP_IPC_LOCK+eip /opt/bin/pihole-FTL
/opt/bin/pihole-FTL differs in [pie]
admin@4G-AC86U:/tmp/home/root# setcap -v CAP_CHOWN+eip /opt/bin/pihole-FTL
/opt/bin/pihole-FTL differs in [pie]

Thanks!

 

[jacklul]

Hi there!

Tried with no results. No errors and no modifications were made on the file. I don't understand, because as 'admin' user, I have permissions on that file :S

admin@4G-AC86U:/tmp/home/root# /jffs/scripts/dnsmasq.postconf /etc/dnsmasq.conf
admin@4G-AC86U:/tmp/home/root# cat  /etc/dnsmasq.conf
pid-file=/var/run/dnsmasq.pid
user=nobody
bind-dynamic
interface=br0
interface=pptp*
no-dhcp-interface=pptp*
no-resolv
servers-file=/tmp/resolv.dnsmasq
no-poll
no-negcache
cache-size=1500
min-port=4096
domain=lan
expand-hosts
dhcp-range=lan,192.168.50.2,192.168.50.254,255.255.255.0,86400s
dhcp-option=lan,3,192.168.50.1
dhcp-option=lan,15,lan
dhcp-option=lan,44,0.0.0.0
dhcp-option=lan,252,"\n"
dhcp-authoritative
address=/findasus.local/192.168.50.1
interface=tun22
no-dhcp-interface=tun22
interface=tun23
no-dhcp-interface=tun23
dhcp-host=28:FF:3C:91:54:C4,set:28:FF:3C:91:54:C4,192.168.50.2
dhcp-host=CC:2D:8C:2F:52:4C,set:CC:2D:8C:2F:52:4C,192.168.50.3
dhcp-host=D8:F1:5B:D5:40:B0,set:D8:F1:5B:D5:40:B0,192.168.50.10
dhcp-host=10:7C:61:7D:B9:E0,set:10:7C:61:7D:B9:E0,192.168.50.150
dhcp-script=/sbin/dhcpc_lease
admin@4G-AC86U:/tmp/home/root# ls -la /etc/dnsmasq.conf
-rw-rw-rw- 1 admin root 817 May  5  2018 /etc/dnsmasq.conf

These are my nvram entries related with 'apps_':

admin@4G-AC86U:/tmp/home/root# nvram show | grep apps_
apps_state_upgrade=
apps_swap_enable=1
apps_state_autorun=4
apps_local_space=/rom
apps_state_switch=
apps_analysis=0
apps_state_update=2
apps_dev=sda1
size: 44278 bytes (17162 left)
apps_depend_action=
apps_swap_file=.swap
apps_new_arm=1
apps_ipkg_server=http://nw-dlcdnet.asus.com/asusware/arm_new/stable
apps_wget_timeout=30
apps_depend_action_target=
apps_state_stop=
apps_state_remove=
apps_state_cancel=
apps_mounted_path=/tmp/mnt/ENTWARE
apps_state_action=
apps_state_enable=
apps_depend_do=
apps_swap_threshold=
apps_state_error=
apps_state_autofix=1
apps_ipkg_old=0
apps_download_file=
apps_install_folder=asusware.arm
apps_state_install=
apps_swap_size=67000
apps_download_percent=

I tried to apply one by one, the results are the same:

admin@4G-AC86U:/tmp/home/root# setcap -v CAP_CHOWN+eip /opt/bin/pihole-FTL
/opt/bin/pihole-FTL differs in [pie]
admin@4G-AC86U:/tmp/home/root# setcap -v C_LOCK,+eip /opt/bin/pihole-FTL
admin@4G-AC86U:/tmp/home/root# setcap -v CAP_NET_BIND_SERVICE+eip /opt/bin/pihole-FTL
/opt/bin/pihole-FTL differs in [pie]
admin@4G-AC86U:/tmp/home/root# setcap -v CAP_NET_RAW+eip /opt/bin/pihole-FTL
/opt/bin/pihole-FTL differs in [pie]
admin@4G-AC86U:/tmp/home/root# dnsmasq.postconf /etc/dnsmasq.conf
admin@4G-AC86U:/tmp/home/root# setcap -v CAP_NET_BIND_SERVICE+eip /opt/bin/pihole-FTL
/opt/bin/pihole-FTL differs in [pie]
admin@4G-AC86U:/tmp/home/root# setcap -v CAP_NET_RAW+eip /opt/bin/pihole-FTL6
/opt/bin/pihole-FTL6 differs in [pie]
admin@4G-AC86U:/tmp/home/root# setcap -v CAP_NET_ADMIN+eip /opt/bin/pihole-FTL
/opt/bin/pihole-FTL differs in [pie]
admin@4G-AC86U:/tmp/home/root# setcap -v CAP_SYS_NICE+eip /opt/bin/pihole-FTL
/opt/bin/pihole-FTL differs in [pie]
admin@4G-AC86U:/tmp/home/root# setcap -v CAP_IPC_LOCK+eip /opt/bin/pihole-FTL
/opt/bin/pihole-FTL differs in [pie]
admin@4G-AC86U:/tmp/home/root# setcap -v CAP_CHOWN+eip /opt/bin/pihole-FTL
/opt/bin/pihole-FTL differs in [pie]

Thanks!

That dnsmasq.postconf is checking if /opt/bin/pihole-FTL exists and something is listening on port 5053.

If the following returns nothing (or errors out) then this is the reason why it doesn't run.

netstat -tulnp | grep -F "127.0.0.1:5053"

 

[capitantrueno]

Hi there!

That dnsmasq.postconf is checking if /opt/bin/pihole-FTL exists and something is listening on port 5053.

If the following returns nothing (or errors out) then this is the reason why it doesn't run.

netstat -tulnp | grep -F "127.0.0.1:5053"

/opt/bin/pihole-FTL exists:

admin@4G-AC86U:/tmp/home/root# ls -la /opt/bin/pihole-FTL
-rwxrwxrwx 1 admin root 25051833 Aug 19 04:51 /opt/bin/pihole-FTL

But nothing is listening on port 5053:

admin@4G-AC86U:/tmp/home/root# netstat -tulnp | grep -F "127.0.0.1:5053"
admin@4G-AC86U:/tmp/home/root#

Any suggestions? Or is it time to give up?

UPDATE:
I tried to start the PiHole service manually with `/opt/etc/init.d/S65pihole-FTL start`. I waited for 15 seconds, and after that, I restarted the dnsmasq service with `service restart_dnsmasq`. The last step was running again custom-configs with `/jffs/scripts/custom-configs.sh run`:

admin@4G-AC86U:/tmp/home/root# /jffs/scripts/custom-configs.sh run
custom-configs: Running '/jffs/scripts/dnsmasq.postconf' script...
custom-configs: Restarted process: /usr/sbin/dnsmasq --log-async

Aaaaaaaaaaaaaaand now my dnsmasq.conf has your updates:

admin@4G-AC86U:/tmp/home/root# cat /etc/dnsmasq.conf
pid-file=/var/run/dnsmasq.pid
user=nobody
cache-size=0
server=127.0.0.1#5053
add-mac=text
add-subnet=32,128
bind-dynamic
interface=br0
interface=pptp*
no-dhcp-interface=pptp*
no-resolv
#servers-file=/tmp/resolv.dnsmasq
no-poll
no-negcache
#cache-size=1500
min-port=4096
domain=lan
expand-hosts
dhcp-range=lan,192.168.50.2,192.168.50.254,255.255.255.0,86400s
dhcp-option=lan,3,192.168.50.1
dhcp-option=lan,15,lan
dhcp-option=lan,44,0.0.0.0
dhcp-option=lan,252,"\n"
dhcp-authoritative
address=/findasus.local/192.168.50.1
interface=tun22
no-dhcp-interface=tun22
interface=tun23
no-dhcp-interface=tun23
dhcp-host=28:FF:3C:91:54:C4,set:28:FF:3C:91:54:C4,192.168.50.2
dhcp-host=CC:2D:8C:2F:52:4C,set:CC:2D:8C:2F:52:4C,192.168.50.3
dhcp-host=D8:F1:5B:D5:40:B0,set:D8:F1:5B:D5:40:B0,192.168.50.10
dhcp-host=10:7C:61:7D:B9:E0,set:10:7C:61:7D:B9:E0,192.168.50.150
dhcp-script=/sbin/dhcpc_lease

# Modified by custom-configs script

Is it mandatory to do something just to get everything started again on the next router's boot?

Thanks

 

[jacklul]

Hi there!


/opt/bin/pihole-FTL exists:

admin@4G-AC86U:/tmp/home/root# ls -la /opt/bin/pihole-FTL
-rwxrwxrwx 1 admin root 25051833 Aug 19 04:51 /opt/bin/pihole-FTL

But nothing is listening on port 5053:

admin@4G-AC86U:/tmp/home/root# netstat -tulnp | grep -F "127.0.0.1:5053"
admin@4G-AC86U:/tmp/home/root#

Any suggestions? Or is it time to give up?

UPDATE:
I tried to start the PiHole service manually with `/opt/etc/init.d/S65pihole-FTL start`. I waited for 15 seconds, and after that, I restarted the dnsmasq service with `service restart_dnsmasq`. The last step was running again custom-configs with `/jffs/scripts/custom-configs.sh run`:

admin@4G-AC86U:/tmp/home/root# /jffs/scripts/custom-configs.sh run
custom-configs: Running '/jffs/scripts/dnsmasq.postconf' script...
custom-configs: Restarted process: /usr/sbin/dnsmasq --log-async

Aaaaaaaaaaaaaaand now my dnsmasq.conf has your updates:

admin@4G-AC86U:/tmp/home/root# cat /etc/dnsmasq.conf
pid-file=/var/run/dnsmasq.pid
user=nobody
cache-size=0
server=127.0.0.1#5053
add-mac=text
add-subnet=32,128
bind-dynamic
interface=br0
interface=pptp*
no-dhcp-interface=pptp*
no-resolv
#servers-file=/tmp/resolv.dnsmasq
no-poll
no-negcache
#cache-size=1500
min-port=4096
domain=lan
expand-hosts
dhcp-range=lan,192.168.50.2,192.168.50.254,255.255.255.0,86400s
dhcp-option=lan,3,192.168.50.1
dhcp-option=lan,15,lan
dhcp-option=lan,44,0.0.0.0
dhcp-option=lan,252,"\n"
dhcp-authoritative
address=/findasus.local/192.168.50.1
interface=tun22
no-dhcp-interface=tun22
interface=tun23
no-dhcp-interface=tun23
dhcp-host=28:FF:3C:91:54:C4,set:28:FF:3C:91:54:C4,192.168.50.2
dhcp-host=CC:2D:8C:2F:52:4C,set:CC:2D:8C:2F:52:4C,192.168.50.3
dhcp-host=D8:F1:5B:D5:40:B0,set:D8:F1:5B:D5:40:B0,192.168.50.10
dhcp-host=10:7C:61:7D:B9:E0,set:10:7C:61:7D:B9:E0,192.168.50.150
dhcp-script=/sbin/dhcpc_lease

# Modified by custom-configs script

Is it mandatory to do something just to get everything started again on the next router's boot?

Thanks

As long scripts-startup and entware starts on boot it should work, that's how I run it.

 

[jacklul]

Updated the package with lots of changes from my dev branch.
Few dependencies were removed, so after the upgrade some packages will be marked as orphaned.

On new installs (pihole.toml missing) some stuff is already pre-configured:
- NTP features are disabled
- upstreams are set to Cloudflare (so the Pi-hole is functional out of the box)
- query logging to pihole.log is disabled
- and few other tweaks mentioned in the wiki

None of the changes to pihole.toml are forced and user can override those at any time after the install.

Also few additions to the postinst script:
- automatically set 'dns.interface' to first interface with private IP it finds
- inform if default ports are already taken, saying specifically that Pi-hole will not start
- show the generated random times for cron entries

 

[heslo]

Awesome, upgraded fine on my end it seems!

 

[bibikalka]

Updated the package with lots of changes from my dev branch.

Is PiHole version still the same? Or updated as well?

 

[jacklul]

Is PiHole version still the same? Or updated as well?

No Pi-hole version change.