Whole system network monitoring and dns sinkhole

Ask Fedora
, , , ,
1

I was thinking to monitor my network for my device only and filter out ads and tracking links with a sinkhole i can do it with a contain blocker within a browser addon but i want a dns level blocker so i come up with pi-hole it is really cool but deploying it in my home will not resolve anything as i have to connect multiple wifi and wired networks so i have to deploy it on my fedora lapi that i use, so i need help

  1. Is it possible to set it up on the host system where i will use it to sink and use.
  2. i am on 34 luckily and pihole website mentioned 33/34 no 35 but i hope 35 should be supported conformation required. If yes then i will do upgrade maybe in next week if no then i will wait for their support.
  3. And when i change connection or turn off and turn on will i have to set everything up again.
  4. And if i mess things up will i have to reinstall my os or i can go back to the previous state. Like nothing happened before.
  5. Will it effect my battery back up a lot.
1 Like
2

The easiest solution is to deploy pihole to a podman container. There are several existing configurations for pihole and it can be deployed and configured in a matter of minutes.

Then just configure you machine to use it like you would normally

3 Likes
3

If i don’t use it on a container will it have issues.
And which is more efficient docker or podman

4

I use a minimalistic DNS filtering solution based on Dnsmasq and StevenBlack/hosts:

sudo dnf install dnsmasq wget
sudo tee /etc/dnsmasq.d/custom.conf << "EOF" > /dev/null
interface=eth0
servers-file=/var/lib/dnsmasq/hosts
EOF
sudo tee /etc/systemd/system/dnsmasq-hosts.service << "EOF" > /dev/null
[Unit]
Description=Dnsmasq hosts update service
[Service]
Type=oneshot
ExecStart=wget --hsts-file=/dev/null -q -O /var/lib/dnsmasq/hosts "https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts"
ExecStart=sed -i -n -r -e "s|^0\\.0\\.0\\.0\\s*(\\S*)$|server=/\\1/|p" /var/lib/dnsmasq/hosts
ExecStart=systemctl restart dnsmasq.service
[Install]
Also=dnsmasq-hosts.timer
EOF
sudo tee /etc/systemd/system/dnsmasq-hosts.timer << "EOF" > /dev/null
[Unit]
Description=Dnsmasq hosts update timer
[Timer]
OnCalendar=daily
Persistent=true
[Install]
WantedBy=timers.target
EOF
sudo systemctl daemon-reload
sudo systemctl --now enable dnsmasq.service dnsmasq-hosts.service
sudo firewall-cmd --permanent --zone=internal --add-service=dns
sudo firewall-cmd --permanent --zone=internal --add-forward-port=port=53:proto=tcp:toport=53
sudo firewall-cmd --permanent --zone=internal --add-forward-port=port=53:proto=udp:toport=53
sudo firewall-cmd --reload
2 Likes