hi,
the name resolution of the eblocker, which is operated in automatic network mode on a fritzbox 7590, no longer works correctly since the domain fritz.box (45.76.93.104) was registered.
a ping to a local server returns 45.76.93.104 when the eblocker is activated, and the correct 192.168.178.55 when the eblocker is deactivated.
how can i achieve the correct resolution again with eblocker activated?
ciao markus
- Make sure eBlocker's DNS Firewall is enabled
- Make sure there is a fritz.box entry pointing to your Fritzbox IP address. Check under DNS Firewall> Tab Local Network as shown below.
THX!
both points apply
does it help to clear the dns cache?
no change after clearing the dns cache
@alterkelte can you try a tracert to fritz.box from a command line? and an tracert to google.de
Please with screenshots, enabeld eblocker / disabled eblocker
Thanks
Ich kann mich mit keinem rechner mehr anmelden, obwohl ich kein vpn oder tor verwende
Meine ip ist auf der blokierliste
Geht nur noch über handy
@alterkelte Where do you try to login? The message in the screenshot is clear -> TOR/VPN is active...
It looks like that you added this to the eblocker and we have no issue ^^
{
"name": "controlbar.eblocker.org",
"builtin": true,
"hidden": true,
"ipAddress": "139.59.206.208",
"ip6Address": null,
"vpnIpAddress": "139.59.206.208",
"vpnIp6Address": null
}
But it behaves a little strange on some systems..
Just for clarification:
We registered eblocker.box ourselves. It has the same public IP as controlbar.eblocker.org: 139.59.206.208
This IP is bound on eBlocker's own network interface, so requests to it do not go out to the Internet.
Even if the local routing does not work and the eBlocker is bypassed, there is no public webserver running at this IP.
The reason for having a public IP for the controlbar is that most browsers do not allow loading content (i.e. the Controlbar) from a local IP when the page was loaded from a public IP.
First things first:
@alterkelte This is an English only forum. Please obey the forum rules not to get banned!
The next trouble is happening..
Someone from the us has registered the eblocker.box address on January 24 / updated the entry today...
No Sir, that's wrong and there is no problem. Please read our newsletter - especially this one.
@alterkelte Your IP address has been blocked for 24 hours as you have entered the wrong password three times in a row. See here (reading is key!):
Regarding your DNS issue, I'd start with an eBlocker reboot. If the problem persists please share all the info asked here: https://eblocker.org/community/announcements/before-posting-here-please-read/#post-117
THX!
The first thing i did was to restart the eblocker
Here are the tracert results to fritz.box
Here are the tracert results to google.de
If this is also interesting.
I briefly acrivated ipv6 in the fritzbox for testing, but this week it is switched of
@alterkelte Thanks for the traceroute which shows eBlocker is routing correctly.
Again, please share:
If the problem persists please share all the info asked here: https://eblocker.org/community/announcements/before-posting-here-please-read/#post-117
THX!
@alterkelte, it seems to me that the DNS requests from your Windows system are bypassing both the eBlocker and the Fritzbox, because both would resolve fritz.box to 192.168.178.1.
You don't happen to have DNS over TLS or something similar configured? (There seem to be some websites that explain how to enable it on Windows 11.) If DNS is encrypted, eBlocker and the Fritzbox can not respond with the local IP and you would get the public IP of fritz.box.
You could also try this website to find out which DNS server you are using: https://www.top10vpn.com/tools/what-is-my-dns-server/
Hardware you use for running eBlockerOS: Raspberry 4 2GB+
eBlockerOS version: 3.1.0
as well as filter lists version 2024-04-18-09-15-04
eBlocker network mode: auto
eBlocker network settings (IP, mask, gateway): 192.168.178.58 255.255.255.0 192.168.178.1
Which devices runs DHCP server? fritzbox 7590 V7.57
IPv6 disabled for client/network? disabled, only activated for serveral days
eBlocker DNS firewall settings: use eblocker as DNS firewall (recommended), externe DNX Server 1.1.1.1, 9.9.9.9 (nach verfügbarkeit)
Client network settings (IP, mask, DNS, gateway) 192.168.178.74 255.255.255.0 192.168.178.1 192.168.178.1
Whether eBlocker’s https integration is enabled for client: yes
Client browser and OS version (i.e. FireFox 80.1 running on macOS 13.4): firefox 125.0.1
Additional non default Blockers enabled? (like DuckDuckGo, Consent-Blocker, custom lists etc.) no
HTTPS Auto Trust App enabled? yes
Exact way or a link / screenshot to reproduce the issue : the last posts
If VPN or Tor is enabled for the client in eBlocker (and which VPN provider you are using): no and no
i have 3 different computers and 3 different results, although they are all connected to the same fritzbox.
computer 1: (Win10)
DE DTAG Internet service provider operations 217.237.148.113
DE DTAG Internet service provider operations 217.237.151.86
DE DTAG Internet service provider operations 2003:180:2:7000:53:0:1:1
computer 2: (Win11)
US CLOUDFLARENET - Cloudflare, Inc. 172.68.109.115
US CLOUDFLARENET - Cloudflare, Inc. 172.68.109.114
US CLOUDFLARENET - Cloudflare, Inc. 2400:cb00:100:1024::ac44:6d73
computer 3: (this one has the avast virus scanner) (Win11)
CZ AVAST-AS-DC 5.62.40.45
why is the telekom dns not used on computer 2 and 3? the fritzbox has standard settings
the problem occurs on all computers
Please make sure DNS over HTTPS is disabled in Firefox:
Also disable DNS over HTTPS in Windows 11 (not sure how/if this works in Win 10):
In addition it seems Avast is interfering with your network settings. You should try to disable some "network protection" features in Avast.
This might solve the DNS issues you are describing.
the settings were set to <automatic>. even a manual change to <off> as described in your picture does not bring any change
Nothing worked at all this morning until I reset the network.
this is now the result of tracert with eblocker activated:
ping diskstation
Ping wird ausgeführt für DiskStation.local [fe80::211:32ff:fe34:dd69%6] mit 32 Bytes Daten:
Antwort von fe80::211:32ff:fe34:dd69%6: Zeit<1ms
tracert fritz.box
Routenverfolgung zu fritz.box [192.168.178.1]
1 <1 ms <1 ms <1 ms dnscheck.eblocker.org [192.168.178.58]
2 1 ms <1 ms <1 ms fritz.box [192.168.178.1]
Ablaufverfolgung beendet.
tracert google.de
Routenverfolgung zu google.de [142.251.37.3]
1 <1 ms <1 ms <1 ms dnscheck.eblocker.org [192.168.178.58]
2 1 ms 1 ms <1 ms fritz.box [192.168.178.1]
3 3 ms 3 ms 2 ms p3e9bf38d.dip0.t-ipconnect.de [62.155.243.141]
4 9 ms 8 ms 8 ms m-ef2-i.M.DE.NET.DTAG.DE [217.0.194.102]
5 8 ms 7 ms 6 ms m-ef2-i.M.DE.NET.DTAG.DE [217.0.194.102]
6 6 ms 6 ms 6 ms 80.157.205.194
7 11 ms 9 ms 7 ms 216.239.48.237
8 7 ms 6 ms 6 ms 108.170.228.45
9 6 ms 5 ms 5 ms muc11s23-in-f3.1e100.net [142.251.37.3]
Ablaufverfolgung beendet.
dns check still returns
| US | CLOUDFLARENET - Cloudflare, Inc. | 172.68.109.115 |
after a few days the problem returns. how can i find the reason? is avast networt protection the problem, even though avast is not installed on this computer?
@alterkelte, I think the best way to find the issue is to use "nslookup" in a Windows command prompt (cmd).
Check what the eBlocker returns for "fritz.box":
nslookup fritz.box 192.168.178.58
If this is not the expected IP 192.168.178.1, check the local name "fritz.box" at eBlocker Settings / DNS Firewall / Local network.
By the way: If you have configured 1.1.1.1 as the first DNS server on eBlocker and the DNS check returns Cloudflare, it means eBlocker is correctly intercepting the DNS requests.
here is the result:
nslookup fritz.box
Server: fritz.box
Address: 192.168.178.1
Nicht autorisierende Antwort:
Name: fritz.box.fritz.box
Addresses: 2001:19f0:6c00:1b0e:5400:4ff:fecd:7828
45.76.93.104
nslookup fritz.box 192.168.178.58
Server: dnscheck.eblocker.org
Address: 192.168.178.58
Nicht autorisierende Antwort:
Name: fritz.box.fritz.box
Addresses: 2001:19f0:6c00:1b0e:5400:4ff:fecd:7828
45.76.93.104
the windows 10 computer with active elbocker returns:
nslookup fritz.box 192.168.178.58
Server: dnscheck.eblocker.org
Address: 192.168.178.58
Name: fritz.box
Addresses: 2001:19f0:6c00:1b0e:5400:4ff:fecd:7828
192.168.178.1
is this due to the duplication of the name?
the duplication does not occur on the windows 10 computer
now i use
@alterkelte Sorry mate: Information overload. I'm now completely lost and give up here.
Maybe someone else feels like bringing all the pieces together?
THX!
Nicht autorisierende Antwort:
Name: fritz.box.fritz.box
Addresses: 2001:19f0:6c00:1b0e:5400:4ff:fecd:7828
45.76.93.104
I am not a network expert but here are my observertions:
- "fritz.box.fritz.box" seems to be a mal-configuration of the default domain. Only one "fritz.box" would be correct.
- IPv6 is obviously enabled on the fritzbox but you say it's disabled on eBlockerOS. This will not work. Either both on IPv6 enabled or both disabled.
Unfortunately I can not help with network config in detail, but the issues you are facing are not caused by eBlocker but due to some "wild" network config issues on your side.
no, i wrote that i had activated ipv6 on the fritz.box for a few days to test it. then the problems started and i deactivated ipv6 on the fritz.box again.
i have no idea where the name duplication comes from. i haven't changed anything on the network in that time. all virus scans are negative. could it be that this is caused by the temporary activation of ipv6? would it help to completely reinstall the eblocker on the raspberry?
i have tested nslookup with and without eblocker. once fritz.box is added and once not
eblocker not active:
nslookup elektronik-kompendium.de
Server: fritz.box
Address: 192.168.178.1
Nicht autorisierende Antwort:
Name: elektronik-kompendium.de
Addresses: 2001:8d8:100f:f000::2b7
217.160.0.96
eblocker active:
nslookup elektronik-kompendium.de
Server: fritz.box
Address: 192.168.178.1
Nicht autorisierende Antwort:
Name: elektronik-kompendium.de.fritz.box
Addresses: 2001:19f0:6c00:1b0e:5400:4ff:fecd:7828
45.76.93.104
the same behavior occurs with nslookup fritz.box
As said, I'm not a network geek but you might want to check the DNS suffix setting in windows:
And I wonder why the fritzbox is answering the DNS request at all if eBlocker is active. You said "1.1.1.1, 9.9.9.9 (nach verfügbarkeit)" is set under DNS in eBlocker, so no fritzbox. 🤔
From my perspective your network is kind of "specially" configured.
I'd suggest to change eBlockerOS to handle DHCP (via Individual Network Mode), remove individual windows network settings (set all to use DHCP) and everything is going to work fine for sure.
@alterkelte and if you're not yet in Discord, you may also join the inofficial eBlocker channel...
This is still the Fritz.box issue from March 24...
Automated Malware Analysis Report for http://fritz.box - Generated by Joe Sandbox
The internet is full of the same issue with the IP 45.76.93.104
until now I myself did not find a solution to fix this behaviour network wide... only local with hosts file...
regards
@calimero eBlockerOS 3.1 checks for a local fritz.box router and adds it's local(!) IP to the eBlocker DNS Firewall. Hence, network wide(!) all clients using eBlockerOS as DNS get the local/correct IP address when requesting fritz.box domain. No problem. No issue.
If this is not the case with your eBlockerOS, there might be a bug - or you are using a client side VPN/encryption (=not a good idea)...
THX!
@random Thank you for this clarification. But this seem not to work 100%, I've checked that on a user system.... No VPN & No other encryption in place.... I'm investigating this further...
@random Thank you for this clarification. But this seem not to work 100%
Well, this is just a claim and you are a pro. So, please share evidence!
I.e. a screenshot of DNS Firewall> Local Network showing the fritz.box entry, then a screenshot of nslookup fritz.box and screenshot of the client's DNS settings proving eBlocker is set as DNS.
Then we take it from there.
One more hint for your investigation: if a fritz.box is the Internet router and the router is used as DNS the fritz.box will intercept the DNS request and respond with it's local IP (that's why fritz.box resolved correctly before the official TLD .box started, and why the TLD registration is not much of a issue for fritz.box users). So if this request is not intercepted in the user's network, either DNS settings are messed up (as with this avast setting from @alterkelte for example) or some encryption is taking place.
THX!
Hi @random and thank you.
When the user is available again, I'm going through all this and try to take all necessary pictures, if they are different from the above ones.
One thing which I saw is this here
even if the automatic proxy discovery is disabled... hosts is empty, Internet Settings are correct
regards
@random fritz.box and eblocker.box get the same ip 46.76.93.104
I cannot dig into it further as the user is not available now. As soon as I have access again I'll do
regards
fritz.box and eblocker.box get the same ip 46.76.93.104
No, that is not the case. I can not confirm this. See:
To me this looks all good and 100% as expected.
Would be great to see the same on the user's client (with DNS pointing to eBlockerOS). Otherwise we are just wasting time with hearsay.
@calimero @alterkelte Any news on this case?
Would be great to see the same analysis @Benne did together with the settings in the DNS Firewall.
THX!
@random Good morning Random. When I am on the users PC again I will surely deliver all the requested screenshots.
Regards and have a sunny day
@random I'm sorry, there is no update, as the user stopped trying to get the eblocker working in his network
As soon as I have any news I will post it.
regards
@calimero OK, thanks. Then I consider this thread solved as the issue seems to result from a combo of "very individual network settings" and parallel usage of Avast Network protection.
From my perspective it's obvious that the issue is not a bug or an eBlockerOS related issue at all.
THX!