
How to block Ads with Pihole - oschvr
https://oschvr.com/posts/blocking-ads-with-pihole
======
oschvr
My fist HN contribution.

A very small weekend project about how to build a working solution with a
cheap Raspberry in less than 1 hour.

In reality, it took me a bit more (~2 hrs) because I was documenting the
process, but shouldn't be the case for you.

Overall I'm happy with the result. It works well and it was very fun to do.

------
ksaj
I just wanted to nitpick a particular line to help you tighten the wording up
a little, and provide some info that might help on an issue you mention.

> It will create an empty file called ssh, which will instruct Raspbian to
> open the SSH port (22)

The reality is port 22 was never closed, and touching that file doesn't "open"
it. This wording sounds like you are talking about firewall rules that aren't
there and don't apply in this context. The port isn't closed unless you have
also installed a network layer firewall. It's just not answering unless you
instruct a particular daemon to listen there. This isn't just a wording issue
- using nmap to scan closed ports and otherwise non-listening ports return
different results. Closed ports are found on firewalls. The rest are either
listening, or not listening.

What you really mean is that touching that file instructs Raspbian to run the
sshd daemon (which does happen to listen on port 22, but that's only relevant
if you have a firewall.)

To clarify, if you install a firewall which blocks the port, then touching the
ssh file into existence will _not_ open the port. The sshd daemon will be
listening, but nobody will be talking to it until you tell the firewall to
open that port. So the wording is technically wrong and may add confusion.

Also, your "Some Macs..." statement also should include "Some Windows..."
because the issue is that Apple, Microsoft and most Linux distros use
different default domain names, and so shouldn't be able to talk to each other
through avahi by definition. You can get them all talking equally by agreeing
on one domain. If you've ever been in an office where half the people can't
seem to get the printer working, it's nearly always this same issue.

It's easy to change the Linux one since you can simply edit /etc/avahi/avahi-
daemon.conf. Your mileage will vary with Mac and Windows, since their configs
will be totally different. Personally I always stick with the Linux one since
most network devices (routers, network drives, etc) use .local as their
domain. And since you are running your own DNS server, there isn't really
anything stopping you from using DNS to service your internal network instead
of dealing with different bonjour/avahi/zeroconf domains. That way you don't
even have to use a domain at all (just the hostname as configured in the DNS),
since everything on the same IP network will be considered the same domain
regardless of their particular configuration.

PS: Dunno if you posted your recursion article before, but I thought it was
done well. And the animated graphics are gold.

------
robertcope
I've never used Pihole. Does it offer anything substantial over something like
NextDNS?

