slcw
commented
2 years ago This sounds like a problem with your DNS server entries. Can you provide your exact DNS server config?
Closed ghost closed 2 years ago
slcw
commented
2 years ago This sounds like a problem with your DNS server entries. Can you provide your exact DNS server config?
ghost
commented
2 years ago The default one.
94.140.14.140
94.140.14.141
89.233.43.71::853::DoT::unicast.censurfridns.dk
116.202.176.26::853::DoT::dot.libredns.gr
116.202.176.26::443::DoH::https://doh.libredns.gr/dns-query
104.244.78.231::853::DoT::uncensored.lux1.dns.nixnet.xyz
209.141.34.95::853::DoT::uncensored.lv1.dns.nixnet.xyz
199.195.251.84::853::DoT::uncensored.ny1.dns.nixnet.xyz
IngoZenz
commented
2 years ago This issue is not reproducible here. Could you post the complete dnsfilter.conf file and also the content of the live log when issue is there?
ghost
commented
2 years ago Sure. I wasn't able to reproduce it with the plain DNS servers this time, but leaving in only the DoT ones still causes the issue.
dnsfilter.conf
#############################################
# WARNING! FOR EXPERTS ONLY! #
# This is personalDNSfilter configuration! #
# Only edit this file if you are an expert! #
#############################################
# detectDNS = true|false.
# if true, the DNS servers will be detected if possible.
# if false, the DNS Servers will be taken from the fallbackDNS setting below.
detectDNS = false
# fallbackDNS - list of DNS servers seperated by ";".
# Used in case DNS servers are not detected automatically (either switched off or not possible).
# Format: <IP>::<PORT>::<PROTOCOL>::<URL END POINT>
# The secure DNS Servers as default below are libredns.gr Nixnet.services uncensoreddns.org
# Examples below
# 116.202.176.26::443::DoH::https://doh.libredns.gr/dns-query (Example of DNS-over-HTTPS)
# 1.1.1.1::853::DoT::cloudflare-dns.com (DNS over TLS, domain name is optional)
# 176.103.130.130::53::UDP
# Fallbacks are from libredns.gr, uncensoreddns.org, nixnet.services, and also adguard.com
# adguard1 (UDP); adguard2 (UDP); uncensoreddns.org (Dot); libredns.gr (DoT); libredns.gr (DoH); nixnet.services Luxembourg (DoT); nixnet.services Las Vegas(DoT); nixnet.services New York(DoT)
fallbackDNS = 89.233.43.71::853::DoT::unicast.censurfridns.dk ;116.202.176.26::853::DoT::dot.libredns.gr ;104.244.78.231::853::DoT::uncensored.lux1.dns.nixnet.xyz ;209.141.34.95::853::DoT::uncensored.lv1.dns.nixnet.xyz ;199.195.251.84::853::DoT::uncensored.ny1.dns.nixnet.xyz
# passcode - can be set in order to force a passcode on android based dnsfilter before getting access
# default is empty string
passcode =
# IP Version Support
ipVersionSupport = 4,6
# Returned IP for resolving blocked host
ipV4BlockedHost = 0.0.0.0
ipV6BlockedHost = ::
# Maximum number of parallel DNS Resolver Connections
maxResolverCount = 100
# enableLocalResolver = true|false
# when enabled, up stream DNS will only be called in case IP cannot be resolved locally,
# either via filter or custom IP mapping (via ">host" entries in additionalHosts file).
# Custom IP mapping requires "enableLocalResolver = true".
enableLocalResolver = true
# localResolverTTL - TTL for locally produced DNS Response
localResolverTTL = 60
# HTTP Proxy for tunneling DNS TCP connections via Proxy
# Note: httpProxyIP is mandatory, httpProxyHost is optional
# In case proxy requires authentication, the auth string for basic auth can optionally be provided
resolveOverHttpProxy = true
httpProxyHost = localhost
httpProxyIP = 127.0.0.1
httpProxyPort = 8118
httpProxyBasicAuthStr =
# routeUnderlyingDNS - Only for Android VPN based version
# Routes all detected dns servers of the underlying network to the dummy VPN created on Android.
# Might be needed when using Google chrome as it might use the underlying DNS servers directly
routeUnderlyingDNS = false
# routeIPs - Only for Android VPN based version.
# List of IPs routed in addition to the (virtual) DNS (configured by the VPN) to the DNSFilter.
# This might be usefull in case applications ignore the VPN's DNS and just use an own DNS Server,
# such as the Googles DNS Servers.
# Uncomment setting below for using this option.
# As an example below the list of Google DNS servers for IPV4 and IPV6.
# This should avoid hardcoded usage of Google DNS Servers, bypassing system DNS settings.
# e.g. routeIPs = 8.8.8.8; 8.8.4.4; 2001:4860:4860::8888; 2001:4860:4860::8844
routeIPs =
# AUTOSTART = true|false - used only by Android version.
# if true android app is started automatically on device boot completed.
AUTOSTART = true
# androidAppWhiteList - Only for Android VPN based version (requires at least Android 5.1).
# List of applications seperated by "," which should bypass the VPN
androidAppWhiteList = com.kiwibrowser.browser
# dnsProxyOnAndroid = true|false - used by Android version.
# if true, on Android, instead a local VPN, a DNS Proxy is started on port 5300
# In case root mode is also enabled, port 53 will be opened as well and local DNS traffic will be routed.
# In root mode could also act as DNS filter Proxy within the local network.
# Without root mode it could be used by openVPN for pDNSf as local filter while connected to a real VPN
dnsProxyOnAndroid = false
# DNS proxy port used on non android version (e.g. on linux or windows computer)
# Note: On Android allways port 5300 is used and port 53 is forwarded in root mode
dnsProxyPortNonAndroid = 53
# dnsProxyOnlyLocalRequests = true | false
# when true only local requests are accepted
dnsProxyOnlyLocalRequests = true
# rootModeOnAndroid = true|false - used by Android version.
# When dnsProxyOnAndroid is enabled, root mode will also open port 53 and route local DNS traffic to this.
# In root mode could also act as DNS filter Proxy within the local network.
# NOTE! this mode does not allow port 53 for upstream DNS Server
rootModeOnAndroid = false
# vpnInAdditionToProxyMode = true|false - used by Android version.
# When dnsProxyOnAndroid is enabled, the local VPN by default will not be started.
# With setting 'vpnInAdditionToProxyMode = true' a local VPN will be started in addition.
vpnInAdditionToProxyMode = false
# androidKeepAwake - Only for Android version.
# When switched on, Android device won't go to sleep mode (e.g. when running proxy mode)
androidKeepAwake = false
# manageDNSCryptProxy - Only for Android version
# if true, an installed DNScryptProxy will be started and stopped together with DNSFilter (requires root!)
manageDNSCryptProxy = false
# options for starting DNSCryptProxy
dnsCryptProxyStartOptions = -config /system/etc/dnscrypt-proxy/dnscrypt-proxy.toml
# traffic log configuration for a rotating traffic log (trafficlog_0.log, trafficlog_1.log, ...)
# enableTrafficLog = true|false - true: trafficlog enabled, false: trafficlog is OFF
# trafficLogSize - max size of a log slot file in bytes / default 1 MB
# trafficLogName - the name of the log /default trafficlog
# trafficLogSlotCount - number of log slots for log rotation / default 2
enableTrafficLog = true
trafficLogName = trafficlog
trafficLogSize = 1048576
trafficLogSlotCount = 2
# Remote host configuration for remote control client
client_remote_ctrl_host = 127.0.0.1
client_remote_ctrl_keyphrase = Change This Default Keyphrase!
client_remote_ctrl_port = 3333
# Remote host configuration for remote control server
server_remote_ctrl_keyphrase = Change This Default Keyphrase!
server_remote_ctrl_port = -1
# Switch for debug logging
debug = false
# DNS request timeout in milliseconds
dnsRequestTimeout = 15000
# the size of the cache for filtered hosts
filterHostsCacheSize = 1000
# the size of the cache for allowed hosts
allowedHostsCacheSize = 1000
# check resolved IP against filter
checkResolvedIP = false
# check CNAME (handle CNAME cloaking)
checkCNAME = true
# filterHostsFile - file path of filter hosts text file containing hosts which are filtered.
# comment in case you want to disable filtering!
filterHostsFile = FILTERHOSTS.TXT
# filterActive = true|false
# when false, filtering is disabled
filterActive = true
# filterAutoUpdateURL - the URL from were the filterHostsFile gets automatically updated.
# You can specify different URLs seperated by ';' for an concatenated filterHostsFile.
# Comment in case you want to disable the automatic update of the filter host file!
filterAutoUpdateURL = https://adaway.org/hosts.txt; https://pgl.yoyo.org/adservers/serverlist.php?hostformat=hosts&showintro=0&mimetype=plaintext; https://hosts-file.net/emd.txt; https://hosts-file.net/exp.txt; https://hosts-file.net/fsa.txt; https://hosts-file.net/grm.txt; https://hosts-file.net/hjk.txt; https://hosts-file.net/psh.txt; https://hosts-file.net/pup.txt; https://hosts-file.net/wrz.txt; https://raw.githubusercontent.com/EnergizedProtection/block/master/spark/formats/hosts; https://raw.githubusercontent.com/EnergizedProtection/block/master/bluGo/formats/domains.txt; https://raw.githubusercontent.com/EnergizedProtection/block/master/blu/formats/domains.txt; https://raw.githubusercontent.com/EnergizedProtection/block/master/basic/formats/domains.txt; https://raw.githubusercontent.com/EnergizedProtection/block/master/ultimate/formats/domains.txt; https://raw.githubusercontent.com/EnergizedProtection/block/master/unified/formats/domains.txt; https://raw.githubusercontent.com/EnergizedProtection/block/master/porn/formats/domains.txt; https://raw.githubusercontent.com/EnergizedProtection/block/master/extensions/porn-lite/formats/domains.txt; https://raw.githubusercontent.com/EnergizedProtection/block/master/extensions/social/formats/domains.txt; https://block.energized.pro/extensions/xtreme/formats/hosts; https://block.energized.pro/extensions/regional/formats/hosts; https://raw.githubusercontent.com/bongochong/CombinedPrivacyBlockLists/master/newhosts-final-Dual.hosts
# filterAutoUpdateURL_IDs - Sequence of short names for above URLs seperated by ";" in same
# sequence as URLs above. When not specified, the URL host will be taken
filterAutoUpdateURL_IDs = adaway; pgl.yoyo.org; Malware; Exploits; Fraud; Spam; Hijack; Phishing; PUP; Warez/Piracy; Spark; BluGo; Blu; Basic; Ultimate; Unified; Porn; Porn Lite; Social; Xtreme; Regional; Combined Privacy Block List
# filterAutoUpdateURL_categories - Sequence of categories for above URLs seperated by ";" in same
# sequence as URLs above. When not specified, the URL host will be taken
filterAutoUpdateURL_categories = adaway; pgl.yoyo.org; hosts-file.net; hosts-file.net; hosts-file.net; hosts-file.net; hosts-file.net; hosts-file.net; hosts-file.net; hosts-file.net; EnergizedProtection; EnergizedProtection; EnergizedProtection; EnergizedProtection; EnergizedProtection; EnergizedProtection; EnergizedProtection; EnergizedProtection; EnergizedProtection; EnergizedProtection; EnergizedProtection; Privacy (combined)
# filterAutoUpdateURL_switchs - Sequence of boolean values (true|false) for above URLs seperated by ";"
# in same sequence as URLs above. When not specified, the value "true" is taken.
# Value "true" means that the URL is active and thus taken for filter download, when false the URL
# is inactive
filterAutoUpdateURL_switchs = false; false; false; false; false; false; false; false; false; false; false; false; false; false; false; false; false; false; false; true; true; true
# previousAutoUpdateURL - the URL from were the last filterHostsFile was automatically updated .
# DO NOT CHANGE! - will be set internally!
previousAutoUpdateURL = https://block.energized.pro/extensions/xtreme/formats/hosts; https://block.energized.pro/extensions/regional/formats/hosts; https://raw.githubusercontent.com/bongochong/CombinedPrivacyBlockLists/master/newhosts-final-Dual.hosts
# reloadIntervalDays - specifies the number of days, after the filter gets updated when configured.
reloadIntervalDays = 1
# live log settings (Android only) colors, text size
filterLogFormat = <font color='#D03D06'>($CONTENT)</font>
acceptLogFormat = <font color='#23751C'>($CONTENT)</font>
fwdLogFormat = <font color='#ff9900'>($CONTENT)</font>
normalLogFormat = ($CONTENT)
logTextSize = 14
# repeatingLogSuppressTime - time in milliseconds in which repeating logs are suppressed
repeatingLogSuppressTime = 2000
# live log timestamp settings
addLiveLogTimestamp = true
liveLogTimeStampFormat = '<font color=''#8c8c8c''><strong>'HH:mm:ss'</strong></font>'
# Text and Link for the footer bar
footerLink = <strong>Want to support us? Feel free to <a href='https://www.paypal.me/iZenz'>DONATE</a></strong>!
# Initial info PopUp
showInitialInfoPopUp = false
initialInfoPopUpTitle = Consider your rating!
initialInfoPopUpText = Thanks for using our free app personalDNSfilter! Sometimes we get bad ratings due to misunderstanding. Therefore, before rating, please check our <a href='https://www.zenz-home.com/personaldnsfilter/help/faq.php'>FAQ</a></strong>, or ask our <a href='https://telegram.me/pdnsf'>Telegram group</a></strong>. A bad rating is not motivating to provide this free app further. <br><br><strong>In case you do not want to invest time to understand a possible issue, then just uninstall the app and do not provide an uneducated rating!</strong>
# Merged custom config from previous config file:
disableVPNOnAndroid = false
footerLinkText = <strong>Want to support us? Feel free to <a href='https://www.paypal.me/iZenz'>DONATE</a></strong>!
additionalHosts_lastImportTS = 1629743577000log
14:41:43
***Initializing personalDNSfilter Version 1505100!***
Using directory: /storage/emulated/0/Android/data/dnsfilter.android/files/PersonalDNSFilter/
Acquired WIFI lock and partial wake lock!
Released WIFI lock and partial wake lock!
Using blocking mode!
VPN connected!
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
VPN runner thread 10 started!
14:41:44
DNS filter: Next filter reload:Tue Dec 28 18:24:30 GMT+01:00 2021
14:41:47
DNS filter: Reloading hosts filter ...
Acquired WIFI lock and partial wake lock!
Connection refused
IO Error occured! Check network or DNS config!
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:41:52
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:41:53
✗ graph.instagram.com
14:41:57
Connection refused
IO Error occured! Check network or DNS config!
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:42:02
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:42:07
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:42:12
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
ERROR loading filter: https://block.energized.pro/extensions/xtreme/formats/hosts
Released WIFI lock and partial wake lock!
Cannot update hosts filter file!
java.net.UnknownHostException: Unable to resolve host "block.energized.pro": No address associated with hostname
Retry at: Tue Dec 28 14:43:12 GMT+01:00 2021
DNS filter: Next filter reload:Tue Dec 28 14:43:12 GMT+01:00 2021
14:42:17
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:42:22
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:42:27
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:42:31
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:42:36
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:42:41
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:42:46
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:42:51
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:42:53
✗ graph.instagram.com
14:42:54
Connection refused
IO Error occured! Check network or DNS config!
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:42:59
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:43:05
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:43:12
DNS filter: Reloading hosts filter ...
Acquired WIFI lock and partial wake lock!
14:43:24
VPN runner thread 9 terminated!
14:43:32
ERROR loading filter: https://block.energized.pro/extensions/xtreme/formats/hosts
Released WIFI lock and partial wake lock!
Cannot update hosts filter file!
java.net.UnknownHostException: Unable to resolve host "block.energized.pro": No address associated with hostname
Retry at: Tue Dec 28 14:44:32 GMT+01:00 2021
DNS filter: Next filter reload:Tue Dec 28 14:44:32 GMT+01:00 2021
14:43:44
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:43:49
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:43:54
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:43:59
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:44:04
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:44:09
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:44:14
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:44:32
DNS filter: Reloading hosts filter ...
Acquired WIFI lock and partial wake lock!
14:44:42
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:44:47
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:44:52
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:45:12
ERROR loading filter: https://block.energized.pro/extensions/xtreme/formats/hosts
Released WIFI lock and partial wake lock!
Cannot update hosts filter file!
java.net.UnknownHostException: Unable to resolve host "block.energized.pro": No address associated with hostname
Retry at: Tue Dec 28 14:46:12 GMT+01:00 2021
DNS filter: Next filter reload:Tue Dec 28 14:46:12 GMT+01:00 2021
14:45:59
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:46:04
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:46:09
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:46:12
DNS filter: Reloading hosts filter ...
Acquired WIFI lock and partial wake lock!
14:46:45
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:46:52
ERROR loading filter: https://block.energized.pro/extensions/xtreme/formats/hosts
Released WIFI lock and partial wake lock!
Cannot update hosts filter file!
java.net.UnknownHostException: Unable to resolve host "block.energized.pro": No address associated with hostname
Retry at: Tue Dec 28 14:47:52 GMT+01:00 2021
DNS filter: Next filter reload:Tue Dec 28 14:47:52 GMT+01:00 2021
14:46:58
✗ graph.instagram.com
14:47:19
Connection refused
IO Error occured! Check network or DNS config!
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:47:24
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:47:28
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:47:33
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:47:38
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:47:43
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:47:48
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:47:52
DNS filter: Reloading hosts filter ...
Acquired WIFI lock and partial wake lock!
14:48:01
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:48:06
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:48:12
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:48:17
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:48:22
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:48:27
Selected DNS: (-1ms) [89.233.43.71]::853::DOT
14:48:32
ERROR loading filter: https://block.energized.pro/extensions/xtreme/formats/hosts
Released WIFI lock and partial wake lock!
Cannot update hosts filter file!
java.net.UnknownHostException: Unable to resolve host "block.energized.pro": No address associated with hostname
Retry at: Tue Dec 28 14:49:32 GMT+01:00 2021
DNS filter: Next filter reload:Tue Dec 28 14:49:32 GMT+01:00 2021
14:48:34
Selected DNS: (-1ms) [89.233.43.71]::853::DOTSomewhat interesting here is that there were definitely more DNS queries than for graph.instagram.com, but none of them got logged (while they do get logged normally).
IngoZenz
commented
2 years ago It is related to the http proxy you have configured. Is this valid?
resolveOverHttpProxy = true
httpProxyHost = localhost
httpProxyIP = 127.0.0.1
httpProxyPort = 8118Thank you for finding that. I must have forgotten to disable it after some testing, but it's quite weird as I haven't changed the config for at least several weeks now... either way sorry for bothering you, disabling the proxy fixes the issue.
When custom DNS servers are set, all apps that depend on personalDNSfilter for DNS lookup can't connect anywhere. Experienced in VPN mode, affects both plain DNS and DoH/DoT servers. With DoH/DoT, it seems even personalDNSfilter itself can't get connectivity.
Version 1505100, I am unsure what other information could be helpful?