Smoothwall Firewall project

Wednesday 13 November 2019

How to use pi-hole with a Docker container on your Mac Laptop to stop unwanted internet adverts.

If you are fed up with pointless internet advertising on sites you visit, here is a great additional service you can install on your local machine - or more importantly for your network to stop it dead. I shall not go through what this product is as here is a link - Pi-Hole.

Basically, you need to install the Docker application on you laptop or desktop so that running up the pi-hole docker container is straight forward. You can get docker for Mac here. For the network installation, a Linux server virtual machine or docker container on a machine continuously running would make sense.

Then you need to clone the pi-hole docker git repository to your local machine

https://github.com/pi-hole/docker-pi-hole.git

Change into that directory and run docker_run.sh 

Once the script has run - it will spit out an admin password that you will need to remember to log into the web-based admin screen.

You can look at that by pointing a browser tab at http://127.0.0.1

Once logged in you will see something like this.


 The last part of getting this working on your laptop is to point the DNS resolution of OSX to point to the localhost - as pi-hole is now listening on port 53. Again for network-based installation you would point this at the IP address of your server running the service. You can also then setup that IP address in your routers DHCP settings so any machine on your LAN will get the same protection as they will push all their traffic through the new DNS server.



You can then run a test from the command line to make sure all your DNS requests are going via your new DNS service like so:

dig www.ubuntu.com

;; Query time: 23 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Nov 13 11:16:40 GMT 2019
;; MSG SIZE  rcvd: 139


You will notice the response comes from your machines localhost - so all is working. With the settings of pi-hole you can specify several upstream DNS resolvers which also keeps your DNS queries out of the clutches of Google. There are many options - but I tend to use OpenDNS and 1.1.1.1

Enjoy. 

 

No comments: