[Solved] eblocker with fritzbox error dns

48 Posts
5 Users
8 Reactions
184 Views
(@alterkelte)
Eminent Member
Joined: 1 Jahr ago
Posts: 20
Topic starter  

hi,
the name resolution of the eblocker, which is operated in automatic network mode on a fritzbox 7590, no longer works correctly since the domain fritz.box (45.76.93.104) was registered.

a ping to a local server returns 45.76.93.104 when the eblocker is activated, and the correct 192.168.178.55 when the eblocker is deactivated.

how can i achieve the correct resolution again with eblocker activated?

ciao markus

Client OS
Browser
eBlocker hardware
Client OS version
Browser version
eBlockerOS version

   
ReplyQuote
(@random)
Illustrious Member Admin
Joined: 5 Jahren ago
Posts: 2056
 

@alterkelte 

  1. Make sure eBlocker's DNS Firewall is enabled
  2. Make sure there is a fritz.box entry pointing to your Fritzbox IP address. Check under DNS Firewall> Tab Local Network as shown below.
IMG 7667

THX!


   
ReplyQuote
(@alterkelte)
Eminent Member
Joined: 1 Jahr ago
Posts: 20
Topic starter  

both points apply

image

does it help to clear the dns cache?

 

no change after clearing the dns cache

 


   
ReplyQuote
(@calimero)
Member
Joined: 5 Jahren ago
Posts: 505
 

@random @benne @bpr

The next trouble is happening..

Someone from the us has registered the eblocker.box address on January 24 / updated the entry today...

image

   
ReplyQuote
(@calimero)
Member
Joined: 5 Jahren ago
Posts: 505
 

@alterkelte can you try a tracert to fritz.box from a command line? and an tracert to google.de

Please with screenshots, enabeld eblocker / disabled eblocker

Thanks


   
ReplyQuote
(@alterkelte)
Eminent Member
Joined: 1 Jahr ago
Posts: 20
Topic starter  

Ich kann mich mit keinem rechner mehr anmelden, obwohl ich kein vpn oder tor verwende

 

20240419 144449

Meine ip ist auf der blokierliste

Geht nur noch über handy


   
ReplyQuote
(@calimero)
Member
Joined: 5 Jahren ago
Posts: 505
 

@alterkelte Where do you try to login? The message in the screenshot is clear -> TOR/VPN is active...


   
ReplyQuote
(@calimero)
Member
Joined: 5 Jahren ago
Posts: 505
 

It looks like that you added this to the eblocker and we have no issue ^^

{
"name": "controlbar.eblocker.org",
"builtin": true,
"hidden": true,
"ipAddress": "139.59.206.208",
"ip6Address": null,
"vpnIpAddress": "139.59.206.208",
"vpnIp6Address": null
}

But it behaves a little strange on some systems..

 


   
ReplyQuote
(@bpr)
Famed Member Admin
Joined: 5 Jahren ago
Posts: 297
 

Just for clarification:

We registered eblocker.box ourselves. It has the same public IP as controlbar.eblocker.org: 139.59.206.208

This IP is bound on eBlocker's own network interface, so requests to it do not go out to the Internet.

Even if the local routing does not work and the eBlocker is bypassed, there is no public webserver running at this IP.

The reason for having a public IP for the controlbar is that most browsers do not allow loading content (i.e. the Controlbar) from a local IP when the page was loaded from a public IP.

 


   
CalimerO and Random reacted
ReplyQuote
(@random)
Illustrious Member Admin
Joined: 5 Jahren ago
Posts: 2056
 

First things first:

@alterkelte This is an English only forum. Please obey the forum rules not to get banned! 

Posted by: @calimero

The next trouble is happening..

Someone from the us has registered the eblocker.box address on January 24 / updated the entry today...

No Sir, that's wrong and there is no problem. Please read our newsletter - especially this one

@alterkelte Your IP address has been blocked for 24 hours as you have entered the wrong password three times in a row. See here (reading is key!):

IMG 7668

Regarding your DNS issue, I'd start with an eBlocker reboot. If the problem persists please share all the info asked here: https://eblocker.org/community/announcements/before-posting-here-please-read/#post-117

THX!


   
CalimerO reacted
ReplyQuote
(@alterkelte)
Eminent Member
Joined: 1 Jahr ago
Posts: 20
Topic starter  

The first thing i did was to restart the eblocker

Here are the tracert results to fritz.box

20240419 180058

   
ReplyQuote
(@alterkelte)
Eminent Member
Joined: 1 Jahr ago
Posts: 20
Topic starter  

Here are the tracert results to google.de

20240419 180539

 


   
ReplyQuote
(@alterkelte)
Eminent Member
Joined: 1 Jahr ago
Posts: 20
Topic starter  

If this is also interesting.

I briefly acrivated ipv6 in the fritzbox for testing, but this week it is switched of

20240419 180749

 


   
ReplyQuote
(@alterkelte)
Eminent Member
Joined: 1 Jahr ago
Posts: 20
Topic starter  
20240419 184022

   
ReplyQuote
(@random)
Illustrious Member Admin
Joined: 5 Jahren ago
Posts: 2056
 

@alterkelte Thanks for the traceroute which shows eBlocker is routing correctly. 

Again, please share:

Posted by: @random

If the problem persists please share all the info asked here: https://eblocker.org/community/announcements/before-posting-here-please-read/#post-117

THX!


   
ReplyQuote
(@bpr)
Famed Member Admin
Joined: 5 Jahren ago
Posts: 297
 

@alterkelte, it seems to me that the DNS requests from your Windows system are bypassing both the eBlocker and the Fritzbox, because both would resolve fritz.box to 192.168.178.1.

You don't happen to have DNS over TLS or something similar configured? (There seem to be some websites that explain how to enable it on Windows 11.) If DNS is encrypted, eBlocker and the Fritzbox can not respond with the local IP and you would get the public IP of fritz.box.

You could also try this website to find out which DNS server you are using: https://www.top10vpn.com/tools/what-is-my-dns-server/


   
ReplyQuote
(@alterkelte)
Eminent Member
Joined: 1 Jahr ago
Posts: 20
Topic starter  

Hardware you use for running eBlockerOS: Raspberry 4 2GB+
eBlockerOS version: 3.1.0
as well as filter lists version 2024-04-18-09-15-04
eBlocker network mode: auto
eBlocker network settings (IP, mask, gateway): 192.168.178.58 255.255.255.0 192.168.178.1
Which devices runs DHCP server? fritzbox 7590 V7.57
IPv6 disabled for client/network? disabled, only activated for serveral days
eBlocker DNS firewall settings: use eblocker as DNS firewall (recommended), externe DNX Server 1.1.1.1, 9.9.9.9 (nach verfügbarkeit)
Client network settings (IP, mask, DNS, gateway) 192.168.178.74 255.255.255.0 192.168.178.1 192.168.178.1
Whether eBlocker’s https integration is enabled for client: yes
Client browser and OS version (i.e. FireFox 80.1 running on macOS 13.4):   firefox 125.0.1
Additional non default Blockers enabled? (like DuckDuckGo, Consent-Blocker, custom lists etc.) no
HTTPS Auto Trust App enabled? yes
Exact way or a link / screenshot to reproduce the issue : the last posts
If VPN or Tor is enabled for the client in eBlocker (and which VPN provider you are using): no and no


   
ReplyQuote
(@alterkelte)
Eminent Member
Joined: 1 Jahr ago
Posts: 20
Topic starter  

i have 3 different computers and 3 different results, although they are all connected to the same fritzbox.

computer 1: (Win10)
DE DTAG Internet service provider operations 217.237.148.113
DE DTAG Internet service provider operations 217.237.151.86
DE DTAG Internet service provider operations 2003:180:2:7000:53:0:1:1

computer 2: (Win11)
US CLOUDFLARENET - Cloudflare, Inc. 172.68.109.115
US CLOUDFLARENET - Cloudflare, Inc. 172.68.109.114
US CLOUDFLARENET - Cloudflare, Inc. 2400:cb00:100:1024::ac44:6d73

computer 3: (this one has the avast virus scanner) (Win11)
CZ AVAST-AS-DC 5.62.40.45

why is the telekom dns not used on computer 2 and 3? the fritzbox has standard settings


   
ReplyQuote
(@alterkelte)
Eminent Member
Joined: 1 Jahr ago
Posts: 20
Topic starter  

the problem occurs on all computers


   
ReplyQuote
(@benne)
Famed Member Admin
Joined: 5 Jahren ago
Posts: 1084
 

@alterkelte 

Please make sure DNS over HTTPS is disabled in Firefox:

Screenshot 2024 04 21 193920

Also disable DNS over HTTPS in Windows 11 (not sure how/if this works in Win 10):

Screenshot 2024 04 21 193244

 

In addition it seems Avast is interfering with your network settings. You should try to disable some "network protection" features in Avast.

This might solve the DNS issues you are describing.


   
ReplyQuote
(@alterkelte)
Eminent Member
Joined: 1 Jahr ago
Posts: 20
Topic starter  

the settings were set to <automatic>. even a manual change to <off> as described in your picture does not bring any change


   
ReplyQuote
(@alterkelte)
Eminent Member
Joined: 1 Jahr ago
Posts: 20
Topic starter  

Nothing worked at all this morning until I reset the network.

grafik

this is now the result of tracert with eblocker activated:

ping diskstation
Ping wird ausgeführt für DiskStation.local [fe80::211:32ff:fe34:dd69%6] mit 32 Bytes Daten:
Antwort von fe80::211:32ff:fe34:dd69%6: Zeit<1ms

tracert fritz.box
Routenverfolgung zu fritz.box [192.168.178.1]
1 <1 ms <1 ms <1 ms dnscheck.eblocker.org [192.168.178.58]
2 1 ms <1 ms <1 ms fritz.box [192.168.178.1]
Ablaufverfolgung beendet.

tracert google.de
Routenverfolgung zu google.de [142.251.37.3]
1 <1 ms <1 ms <1 ms dnscheck.eblocker.org [192.168.178.58]
2 1 ms 1 ms <1 ms fritz.box [192.168.178.1]
3 3 ms 3 ms 2 ms p3e9bf38d.dip0.t-ipconnect.de [62.155.243.141]
4 9 ms 8 ms 8 ms m-ef2-i.M.DE.NET.DTAG.DE [217.0.194.102]
5 8 ms 7 ms 6 ms m-ef2-i.M.DE.NET.DTAG.DE [217.0.194.102]
6 6 ms 6 ms 6 ms 80.157.205.194
7 11 ms 9 ms 7 ms 216.239.48.237
8 7 ms 6 ms 6 ms 108.170.228.45
9 6 ms 5 ms 5 ms muc11s23-in-f3.1e100.net [142.251.37.3]
Ablaufverfolgung beendet.

 

grafik

 

dns check still returns

USCLOUDFLARENET - Cloudflare, Inc.172.68.109.115

after a few days the problem returns. how can i find the reason? is avast networt protection the problem, even though avast is not installed on this computer?

 


   
ReplyQuote
(@bpr)
Famed Member Admin
Joined: 5 Jahren ago
Posts: 297
 

@alterkelte, I think the best way to find the issue is to use "nslookup" in a Windows command prompt (cmd).

Check what the eBlocker returns for "fritz.box":

nslookup fritz.box 192.168.178.58

If this is not the expected IP 192.168.178.1, check the local name "fritz.box" at eBlocker Settings / DNS Firewall / Local network.

By the way: If you have configured 1.1.1.1 as the first DNS server on eBlocker and the DNS check returns Cloudflare, it means eBlocker is correctly intercepting the DNS requests.


   
ReplyQuote
(@alterkelte)
Eminent Member
Joined: 1 Jahr ago
Posts: 20
Topic starter  

here is the result:

nslookup fritz.box
Server: fritz.box
Address: 192.168.178.1

Nicht autorisierende Antwort:
Name: fritz.box.fritz.box
Addresses: 2001:19f0:6c00:1b0e:5400:4ff:fecd:7828
45.76.93.104

nslookup fritz.box 192.168.178.58
Server: dnscheck.eblocker.org
Address: 192.168.178.58

Nicht autorisierende Antwort:
Name: fritz.box.fritz.box
Addresses: 2001:19f0:6c00:1b0e:5400:4ff:fecd:7828
45.76.93.104

 

grafik

 


   
ReplyQuote
(@alterkelte)
Eminent Member
Joined: 1 Jahr ago
Posts: 20
Topic starter  

the windows 10 computer with active elbocker returns:

nslookup fritz.box 192.168.178.58
Server: dnscheck.eblocker.org
Address: 192.168.178.58

Name: fritz.box
Addresses: 2001:19f0:6c00:1b0e:5400:4ff:fecd:7828
192.168.178.1


   
ReplyQuote
(@alterkelte)
Eminent Member
Joined: 1 Jahr ago
Posts: 20
Topic starter  

is this due to the duplication of the name?

grafik

the duplication does not occur on the windows 10 computer


   
ReplyQuote
(@alterkelte)
Eminent Member
Joined: 1 Jahr ago
Posts: 20
Topic starter  

now i use


   
ReplyQuote
(@random)
Illustrious Member Admin
Joined: 5 Jahren ago
Posts: 2056
 

@alterkelte Sorry mate: Information overload. I'm now completely lost and give up here. 

Maybe someone else feels like bringing all the pieces together? 

THX! 


   
ReplyQuote
(@benne)
Famed Member Admin
Joined: 5 Jahren ago
Posts: 1084
 

Posted by: @alterkelte

Nicht autorisierende Antwort:
Name: fritz.box.fritz.box
Addresses: 2001:19f0:6c00:1b0e:5400:4ff:fecd:7828
45.76.93.104

I am not a network expert but here are my observertions:

  • "fritz.box.fritz.box" seems to be a mal-configuration of the default domain. Only one "fritz.box" would be correct.
  • IPv6 is obviously enabled on the fritzbox but you say it's disabled on eBlockerOS. This will not work. Either both on IPv6 enabled or both disabled. 

Unfortunately I can not help with network config in detail, but the issues you are facing are not caused by eBlocker but due to some "wild" network config issues on your side. 

 

 


   
ReplyQuote
(@alterkelte)
Eminent Member
Joined: 1 Jahr ago
Posts: 20
Topic starter  

no, i wrote that i had activated ipv6 on the fritz.box for a few days to test it. then the problems started and i deactivated ipv6 on the fritz.box again.

grafik

   
ReplyQuote
(@alterkelte)
Eminent Member
Joined: 1 Jahr ago
Posts: 20
Topic starter  
grafik

   
ReplyQuote
(@alterkelte)
Eminent Member
Joined: 1 Jahr ago
Posts: 20
Topic starter  

i have no idea where the name duplication comes from. i haven't changed anything on the network in that time. all virus scans are negative. could it be that this is caused by the temporary activation of ipv6? would it help to completely reinstall the eblocker on the raspberry?


   
ReplyQuote
(@alterkelte)
Eminent Member
Joined: 1 Jahr ago
Posts: 20
Topic starter  

i have tested nslookup with and without eblocker. once fritz.box is added and once not

eblocker not active:
nslookup elektronik-kompendium.de
Server: fritz.box
Address: 192.168.178.1

Nicht autorisierende Antwort:
Name: elektronik-kompendium.de
Addresses: 2001:8d8:100f:f000::2b7
217.160.0.96

eblocker active:
nslookup elektronik-kompendium.de
Server: fritz.box
Address: 192.168.178.1

Nicht autorisierende Antwort:
Name: elektronik-kompendium.de.fritz.box
Addresses: 2001:19f0:6c00:1b0e:5400:4ff:fecd:7828
45.76.93.104

 

the same behavior occurs with nslookup fritz.box


   
ReplyQuote
(@benne)
Famed Member Admin
Joined: 5 Jahren ago
Posts: 1084
 

As said, I'm not a network geek but you might want to check the DNS suffix setting in windows:

Screenshot 2024 04 22 121719

And I wonder why the fritzbox is answering the DNS request at all if eBlocker is active. You said "1.1.1.1, 9.9.9.9 (nach verfügbarkeit)" is set under DNS in eBlocker, so no fritzbox. 🤔

From my perspective your network is kind of "specially" configured.

I'd suggest to change eBlockerOS to handle DHCP (via Individual Network Mode), remove individual windows network settings (set all to use DHCP) and everything is going to work fine for sure. 


   
CalimerO reacted
ReplyQuote
(@calimero)
Member
Joined: 5 Jahren ago
Posts: 505
 

@alterkelte and if you're not yet in Discord, you may also join the inofficial eBlocker channel...


   
ReplyQuote
(@calimero)
Member
Joined: 5 Jahren ago
Posts: 505
 

@bpr @benne @random

This is still the Fritz.box issue from March 24...

Automated Malware Analysis Report for http://fritz.box - Generated by Joe Sandbox

The internet is full of the same issue with the IP 45.76.93.104

until now I myself did not find a solution to fix this behaviour network wide... only local with hosts file...

regards


   
ReplyQuote
(@random)
Illustrious Member Admin
Joined: 5 Jahren ago
Posts: 2056
 

@calimero eBlockerOS 3.1 checks for a local fritz.box router and adds it's local(!) IP to the eBlocker DNS Firewall. Hence, network wide(!) all clients using eBlockerOS as DNS get the local/correct IP address when requesting fritz.box domain. No problem. No issue.

If this is not the case with your eBlockerOS, there might be a bug - or you are using a client side VPN/encryption (=not a good idea)...

THX!


   
CalimerO reacted
ReplyQuote
(@calimero)
Member
Joined: 5 Jahren ago
Posts: 505
 

@random Thank you for this clarification. But this seem not to work 100%, I've checked that on a user system.... No VPN & No other encryption in place.... I'm investigating this further...


   
ReplyQuote
(@random)
Illustrious Member Admin
Joined: 5 Jahren ago
Posts: 2056
 

Posted by: @calimero

@random Thank you for this clarification. But this seem not to work 100%

Well, this is just a claim and you are a pro. So, please share evidence!

I.e. a screenshot of DNS Firewall> Local Network showing the fritz.box entry, then a screenshot of nslookup fritz.box and screenshot of the client's DNS settings proving eBlocker is set as DNS.

Then we take it from there.

 

One more hint for your investigation: if a fritz.box is the Internet router and the router is used as DNS the fritz.box will intercept the DNS request and respond with it's local IP (that's why fritz.box resolved correctly before the official TLD .box started, and why the TLD registration is not much of a issue for fritz.box users). So if this request is not intercepted in the user's network, either DNS settings are messed up (as with this avast setting from @alterkelte for example) or some encryption is taking place.

THX! 

 


   
Benne reacted
ReplyQuote
(@calimero)
Member
Joined: 5 Jahren ago
Posts: 505
 

Hi @random and thank you. 

When the user is available again, I'm going through all this and try to take all necessary pictures, if they are different from the above ones.

One thing which I saw is this here

image

even if the automatic proxy discovery is disabled... hosts is empty, Internet Settings are correct

regards


   
ReplyQuote
(@random)
Illustrious Member Admin
Joined: 5 Jahren ago
Posts: 2056
 

@calimero fritz.box =! wpad.fritz.box. Of course eBlocker's DNS can not resolve wpad.fritz.box if there is no DNS entry for this. 

What's the result of fritz.box then?

THX!


   
Benne reacted
ReplyQuote
(@calimero)
Member
Joined: 5 Jahren ago
Posts: 505
 

@random fritz.box and eblocker.box get the same ip 46.76.93.104

I cannot dig into it further as the user is not available now. As soon as I have access again I'll do

regards


   
ReplyQuote
(@benne)
Famed Member Admin
Joined: 5 Jahren ago
Posts: 1084
 

Posted by: @calimero

fritz.box and eblocker.box get the same ip 46.76.93.104

No, that is not the case. I can not confirm this. See:

grafik

To me this looks all good and 100% as expected.

Would be great to see the same on the user's client (with DNS pointing to eBlockerOS). Otherwise we are just wasting time with hearsay.


   
Random reacted
ReplyQuote
(@random)
Illustrious Member Admin
Joined: 5 Jahren ago
Posts: 2056
 

@calimero @alterkelte Any news on this case?

Would be great to see the same analysis @Benne did together with the settings in the DNS Firewall. 

THX!


   
ReplyQuote
(@calimero)
Member
Joined: 5 Jahren ago
Posts: 505
 

@random Good morning Random. When I am on the users PC again I will surely deliver all the requested screenshots.

Regards and have a sunny day


   
ReplyQuote
(@random)
Illustrious Member Admin
Joined: 5 Jahren ago
Posts: 2056
 

@calimero Any news in this regard? 

THX!


   
ReplyQuote
(@calimero)
Member
Joined: 5 Jahren ago
Posts: 505
 

@random I'm sorry, there is no update, as the user stopped trying to get the eblocker working in his network

As soon as I have any news I will post it.

regards


   
ReplyQuote
(@random)
Illustrious Member Admin
Joined: 5 Jahren ago
Posts: 2056
 

@calimero OK, thanks. Then I consider this thread solved as the issue seems to result from a combo of "very individual network settings" and parallel usage of Avast Network protection.

From my perspective it's obvious that the issue is not a bug or an eBlockerOS related issue at all.

THX!


   
ReplyQuote

Nach oben scrollen