![]() When using ECS (EDNS0 Client Subnet), the Pi-hole can tell apart your clients even when the router makes all the queries on their behalf. In your case, your router (pfSense) seems to be configured incorrectly which is the cause for this. We mentioned the option to disable rate-limiting and you could have done so even before updating to ensure there would have been no downtime. Sorry, something went Smart people read the release notes or blog posts before updating. However, we do not want to touch user firewalls and this effectively does the same thing (albeit better because we don't simply drop but reply with a proper REFUSED message). One might argue that rate-limiting should best be realized with a firewall. Rate-limiting can be disabled by setting RATE_LIMIT=0/0. Other clients can continue to use FTL while rate-limited clients are short-circuited at the same time. It is important to note that rate-limiting is happening on a per-client basis. Rate-limiting is very customizable, it defaults to allowing not more than 1000 queries in 60 seconds. This serves the purpose of a real rate-limit and ensures that abnormally behaving clients hammering FTL with thousands of queries per second cannot lead to a denial-of-service failure. Rate-limited queries are answered with a REFUSED reply and not further processed by FTL Even when they are logged in pihole.log, they will not contribute to the overall statistics nor enter the Query Log or the database. How familiar are you with the codebase?: 10Īdd per-client rate-limiting. I give this submission freely, and claim no ownership to its content.I accept that this submission may not be used, and the pull request closed at the will of the maintainer.I have considered, and confirmed that this submission will be valuable to others.I have checked that another pull request for this purpose does not exist.I have read and understood the contributors guide.By submitting this pull request, I confirm the following:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |