Pi-hole FTLDNS
FTLDNS™ (pihole-FTL) provides an interactive API and also generates statistics for Pi-hole®'s Web interface.
Fast: stats are read directly from memory by coupling our codebase closely with dnsmasq
Versatile: upstream changes to dnsmasq can quickly be merged in without much conflict
Lightweight: runs smoothly with minimal hardware and software requirements such as Raspberry Pi Zero
Interactive: our API can be used to interface with your projects
Insightful: stats normally reserved inside of dnsmasq are made available so you can see what's really happening on your network
-
Checkout Package
osc checkout Web/pihole-ftl && cd $_ - Create Badge
Refresh
Refresh
Source Files
| Filename | Size | Changed |
|---|---|---|
| FTL-v5.5.tar.gz | 0003189610 3.04 MB | |
| SUSE.readme | 0000000512 512 Bytes | |
| _service | 0000000449 449 Bytes | |
| ignore-shmem.c-strncpy-error.patch | 0000000601 601 Bytes | |
| permissions | 0000000267 267 Bytes | |
| pihole-FTL.conf.in | 0000002414 2.36 KB | |
| pihole-ftl.changes | 0000040427 39.5 KB | |
| pihole-ftl.service | 0000000475 475 Bytes | |
| pihole-ftl.spec | 0000004896 4.78 KB | |
| rpmlintrc | 0000000318 318 Bytes | |
| shared_libraries.patch | 0000000822 822 Bytes |
Revision 11 (latest revision is 40)
Samu Voutilainen (Smar)
committed
(revision 11)
-------------------------------------------------------------------- - Update to version v5.5 + Detect and handle interface changes of clients with the same IP + Update SQLite3 to 3.34.0 and expose sqlite3 shell as 'pihole-FTL sqlite3' (drop-in replacement is available as well) + mend + Added missing NS query type to getQueryTypes() + Log date/time of FTL in header just as SQLite3 does as well + Test for embedded SQLite3 shell available and functional + Modified test for NS type + Fix for errno not being set by posix_fallocate() in contrast to fallocte() who did set it. + Add new query types SVCB and HTTPS + Tests: Add SVCB and HTTPS as expected query types + Implement support for displaying exact type instead of the catch-them-all category OTHER. The OTHER category is still used when it comes to computing statistics to ensure your chart's legend does not explode. + We cannot really decide whether local configuration lines are meant for blocking or something else. Just record such queries as replied to from cache because this is what they are. This code made sense at the time where wildcards were implemented as dnsmasq config lines, however, we've advanced to our own regex engine since then and all config lines should have also been auto-migrated. + Clarify comment + Only return regex index when allowed by privacy settings. This may leak information, otherwise. + Check for validity if iface pointe before dereferencing it. + Don't show retried queries when filtering for blocked queries. + Optimize datastructures using bitfields and item re-arrangement (to minimize padding). This reduces the size of query, client, and regex records by 8 bytes per item. Note that this optimization was done on x86_64 and may not apply for other architectures (32bit architectures already used less padding). + Statically assert struct sizes are what we expect. This prevents us from increasing the memory needs unintentionally (e.g. due to sub-optimal padding) + Store blocked property in query flags. + Use blocked property in API code. Make query->upstreamID = -1 the new default to differentiate easily what was forwarded (ID will be >= 0) and what not (ID == -1). Store the upstream server also for other query types that were forwarded (like queries blocked during CNAME inspection). + Add MAXDBDAYS=-1 to disable auto-cleaning and ensure overflow cannot happen (we just enforce the maximum in this case) + pxe: support pxe clients with custom vendor-class + Use the values of --min-port and --max-port in TCP connections. + Fix remote buffer overflow CERT VU#434904 + Check destination of DNS UDP query replies. + Use SHA-256 to provide security against DNS cache poisoning. + Optimse RR digest calculation in DNSSEC. + Fix DNS reply when asking for DNSSEC and a validated CNAME is already cached.
Comments 0