681
edits
Changes
Jump to navigation
Jump to search
Line 91:
Line 91: − + − + − + − + − + Line 146:
Line 146: + + Line 163:
Line 165: + + + + + + Line 180:
Line 188: − + − + + − + Line 192:
Line 201: + + + + + +
→Setup your static IP machines to use
# Enable watchdog to send mails, whenever triggered:
# Enable watchdog to send mails, whenever triggered:
sudo apt-get -y install watchdog
sudo apt-get -y install watchdog
sudo sed -i -r 's/^#?max-load-5.*/max-load-5 = 18/' /etc/watchdog.conf
max-load-5 = 18
sudo sed -i -r 's/^#?max-load-15.*/max-load-15 = 12/' /etc/watchdog.conf
max-load-15 = 12
sudo sed -i -r 's/^#?watchdog-device.*/watchdog-device = \/dev\/watchdog/' /etc/watchdog.conf
watchdog-device = /dev/watchdog
sudo sed -i -r 's/^#?watchdog-timeout.*/watchdog-timeout = 15/' /etc/watchdog.conf
watchdog-timeout = 15
sudo systemctl restart watchdog.service
#use schedtools to optimize CPU for some process
#use schedtools to optimize CPU for some process
=== Tweak pihole using web interface ===
=== Tweak pihole using web interface ===
==== windows update ====
If you have windows machines that need updating , go to http://pi.hole and login.
If you have windows machines that need updating , go to http://pi.hole and login.
** you Primary domain.
** you Primary domain.
==== allow dns filtering for your vpn clients ====
go to the pi-hole panel and select Settings/DNS. roll to the lower right, and change setting to '''Respond only on interface eth0.'''
''<u>Only do that if your pihole is on the LAN and not directly connected to the internet.</u>''
==== additional tweak ====
you might also read and apply some part of https://jpgpi250.github.io/piholemanual/doc/Block%20Ads%20Network-wide%20with%20A%20Raspberry%20Pi-hole.pdf
you might also read and apply some part of https://jpgpi250.github.io/piholemanual/doc/Block%20Ads%20Network-wide%20with%20A%20Raspberry%20Pi-hole.pdf
=== Setup your static IP machines to use ===
=== Setup your static IP machines to use ===
As explained, static ip machines that have their own network information set in their own configuration (not those that rely on dhcpd to address them and IP set on SME) have no idea of what idhcp is, and hence needs you to set the dns server with the ip of your pihole.
As explained, static ip machines that have their own network information set in their own configuration (not those that rely on dhcpd to address them and IP set on SME) have no idea of what dhcp is, and hence needs you to set the dns server with the ip of your pihole.
=== Setup SME firewall /router firewall to filter/redirect DNS request ===
=== Setup SME firewall /router firewall to filter/redirect DNS request ===
{{Note box|TODO}}
{{Note box|TODO - See Below - but note still under developement}}
https://wiki.koozali.org/DNS_Block
== Why using SME Server as upstream server, and pihole only given by the dhcpd service to LAN ==
=== Why using SME Server as upstream server, and pihole only given by the dhcpd service to LAN ===
In other words, why not doing the opposite and set SME to rely on pihole?
In other words, why not doing the opposite and set SME to rely on pihole?
# you do not want to rely on an external DNS service pooling requests sending them to pihole, redirecting them to your local services. There are chances that DNSBL will fail with a result too many requests.
# you do not want to rely on an external DNS service pooling requests sending them to pihole, redirecting them to your local services. There are chances that DNSBL will fail with a result too many requests.
# you might want to be able to have some machines relying on SME result without pihole filtering.
# you might want to be able to have some machines relying on SME result without pihole filtering.
=== Testing your Pi-hole installation ===
<syntaxhighlight lang="shell">
nslookup flurry.com
</syntaxhighlight>
Should return 0.0.0.0 if Pi-hole is working.
== References ==
== References ==