如何在Linux上安装和使用pi-hole互联网AD的黑洞
在本教程中,我们将介绍在Ubuntu 18.04/Ubuntu 16.04/Debian和CentOS 7系统上pi-hole的安装和使用。 pi-hole是InternetAD的DNS接收器,目的是在不安装任何客户端软件的情况下,保护设备免受有害内容的侵害。
我们是否厌倦了在浏览Internet内容时不断弹出的AD?pi-hole是我们想要的工具!
pi-holeAD黑名单软件的功能
以下是pi-hole的主要功能:
易于安装:pi-hole具有通用的安装程序,可自动完成安装过程。不需要客户端软件提高整体网络性能:由于AD在下载之前被阻止,因此网络性能会更好。线路接口,可确保互操作性质量现代:可以同时阻止IPv4和IPv6上的AD绝对:pi-hole可以阻止非浏览器位置的内容,例如装有AD的移动应用程序和智能电视。免费:pi-hole是开放的有助于确保我们是控制隐私的唯一人的源软件响应性:有了pi-hole,我们将可以通过其强大的DNS查询缓存无缝地每天进行浏览速度轻巧:pi-hole非常轻巧,因为它仅处理DNS查询并返回一个空白HTML文件,因此它不需要太多处理能力。 53mb的磁盘空间和512mb的ram应该足够了。有见地:pi-hole具有漂亮且响应迅速的Web Interface仪表板,从中可以查看和控制Pi-hole多功能:我们还可以将pi-hole用作DHCP服务器,确保可扩展:所有设备均受到自动保护。可伸缩:安装在服务器级硬件上时,它能够处理数亿个查询。监控性能和统计信息:Web界面显示被阻止的AD数量,查询日志等。
如何在Linux上安装pi-hole
通过脚本在Ubuntu 18.04/Ubuntu 16.04和CentOS 7系统上进行Pi-hole安装
# curl -sSL https://install.pi-hole.net | bash
成功安装后,我们应该看到IP地址在设备上设置为DNS服务器,并为pi-hole仪表板登录URL。
[✓] Consolidating blocklists [✓] Extracting domains from blocklists% 0A [i] Number of domains being pulled in by gravity: 145633 [✓] Removing duplicate% 20domains [i] Number of unique domains traped in the Event Horizon: 132404 [i] Nothing to whitelist! [✓] Parsing domains into hosts format [✓] Cleaning up stray matter [✓] Force-reloading DNS service [✓] DNS service is running [✓] Pi-hole blocking is Enabled [i] Web Interface password: Dtp2AU7k This can be changed using pihole -a -p View the web interface at http:/ /pi.hole/admin or http://192.168.10.10/admin Yo u may now configure your devices to use the Pi-hole as their DNS server [i] Pi-hole DNS (IPv4) : 192.168.10.10 If you set a new IP address, please restart the server running the Pi-hole [i] The install log is located at: /etc/pihole/install.log
我们也可以下载安装程序并运行它:
wget -O basic-install.sh https://install.pi-hole.net sudo bash basic-install.sh
如何在Linux上使用pi-hole
运行安装程序后,我们需要配置路由器,以使DHCP客户端使用Pi-hole作为其DNS服务器,以确保连接到网络的所有设备都将被阻止,而无需任何进一步干预。
如果路由器不支持设置DNS服务器,则可以使用Pi-holes内置的DHCP服务器。只需确保首先在路由器上禁用DHCP(如果它具有可用的功能)。作为最后的选择,我们始终可以手动将每个设备设置为使用Pi-hole作为其DNS服务器。
访问pi-hole管理界面
我们可以使用http://pi.hole/admin或者http://192.168.10.10/admin访问其管理Web界面。用主机名替换" pi.hole",或者使用正确的服务器IP地址替换" 192.168.10.10"。 。
要登录管理界面,请使用安装后显示的密码,不需要用户名。成功登录后,将显示如下界面:
所有管理功能都可以通过UI完成,例如:查看总查询,被阻止查询,阻止列表中的域,顶级域,顶级客户端,顶级阻止域的摘要添加白名单/阻止列表域检查审核日志更改上游DNS服务器设置DHCP设置配置API设置将Pi漏洞列表导出为可下载的档案
使用pi-hole CLI
也可以使用" pihole"命令行工具从cli管理pi-hole。
# pihole help Usage: pihole [options] Example: pihole -w -h Add -h after specific commands for more information on usage Whitelist/Blacklist Options: -w, whitelist Whitelist domain(s) -b, blacklist Blacklist domain(s) -wild, wildcard Blacklist domain(s), and all its subdomains Add -h for more info on whitelist/blacklist usage Debugging Options: -d, debug Start a debugging session Add -a to enable automated debugging -f, flush Flush the Pi-hole log -r, reconfigure Reconfigure or Repair Pi-hole subsystems -t, tail View the live output of the Pi-hole log Options: -a, admin Admin Console options Add -h for more info on admin console usage -c, chronometer Calculates stats and displays to an LCD Add -h for more info on chronometer usage -g, updateGravity Update the list of ad-serving domains -h, help, help Show this help dialog -l, logging Specify whether the Pi-hole log should be used Add -h for more info on logging usage -q, query Query the adlists for a specified domain Add -h for more info on query usage -up, updatePihole Update Pi-hole subsystems -v, version Show installed versions of Pi-hole, Admin Console & FTL Add -h for more info on version usage uninstall Uninstall Pi-hole from your system status Display the running status of Pi-hole subsystems enable Enable Pi-hole subsystems disable Disable Pi-hole subsystems Add -h for more info on disable usage restartdns Restart Pi-hole subsystems checkout Switch Pi-hole subsystems to a different Github branch Add -h for more info on checkout usage
更改/重置GUI管理员密码:
# pihole -a -p Enter New Password (Blank for no password): Confirm Password: [✓] New password set
检查pi-hole状态:
# pihole status [✓] DNS service is running [✓] Pi-hole blocking is Enabled
重新配置pi-hole系统:
# pi-hole -r
从系统上卸载Pi-hole
# pi-hole uninstall
重新启动Pi-hole子系统
# pi-hole restartdns
下面的示例将" computigngforgeeks.com"域列入白名单:
# pihole -w theitroad.local [i] Adding theitroad.local to whitelist... [i] theitroad.local does not exist in blacklist, no need to remove! [i] theitroad.local does not exist in wildcard blacklist, no need to remove! [i] Using cached Event Horizon list... [i] 132404 unique domains trapped in the Event Horizon [i] Number of whitelisted domains: 1 [i] Number of blacklisted domains: 0 [✓] Parsing domains into hosts format [✓] Cleaning up stray matter [✓] Force-reloading DNS service [✓] DNS service is running [✓] Pi-hole blocking is Enabled
