azariah

So something I've encountered whilst running pi-hole on and off over the last 12 months on a Raspberry Pi 3, then 3+, and now in a docker container in unRaid, is that some https enabled sites become interminably slow to load while using pi-hole and a lot of guides jump to a self-signed ssl cert for the pi-hole. The idea is that rather than getting an add the page get's a dummy web page from pi-hole but obviously this an man in the middle (MitM) attack which isn't ideal. I recently found this solution which I've been utilising with my docker setup for a couple of weeks now and it's been great. Here's the link https://pi-hole.net/2018/02/02/why-some-pages-load-slow-when-using-pi-hole-and-how-to-fix-it/ but in a nutshell, you just set a firewall rule on your pi-hole that blocks certain requests on port 80 and 443 using the following rules. iptables -A INPUT -p tcp --destination-port 443 -j REJECT --reject-with tcp-reset iptables -A INPUT -p udp --destination-port 80 -j REJECT --reject-with icmp-port-unreachable iptables -A INPUT -p udp --destination-port 443 -j REJECT --reject-with icmp-port-unreachable ip6tables -A INPUT -p tcp --destination-port 443 -j REJECT --reject-with tcp-reset ip6tables -A INPUT -p udp --destination-port 80 -j REJECT --reject-with icmp6-port-unreachable ip6tables -A INPUT -p udp --destination-port 443 -j REJECT --reject-with icmp6-port-unreachable You'll also need to save the rules with the following commands. iptables-save > /etc/iptables/rules.v4 ip6tables-save > /etc/iptables/rules.v6 Obviously, you need iptables installed which for the docker image you'll find they aren't by default but the official docker image uses Debian so it's a trivial step to install it. Interestingly this does work to block Google's QUIC ad system which was designed to bypass this sort of adblocking solution. So yeah, turns out you can't just send all dns queries to 0.0.0.0 (null) and they have to be redirected somewhere. And because they're redirected somewhere the browser will just sit there and wait for the connection to timeout. Thankfully the solution is simple, just not well documented unfortunately.

As long term follower of LMG and NCIX (RIP) I can confirm this was business as usual for these two larakins, friendly banter at its finest. Wasn't even cringe worthy tbh.

These short throw projectors are epic. Been watching Sony's innovations over the past couple of years and am super impressed with this new model. Even if it's only 1080p at that size as a mobile A/V tech, this is a revolution.

Mmm what would I do with it??? Well I wouldn't build a beast perse but... I really love having a two screen setup with my laptop and I'm an avid web programmer who's been known to have a few to many browsers tabs open at once (current record pushes 100) so the CPU would be a catalyst that would allow me to put together my first PC since starting uni 4 years ago. And hopefully get a triple monitor setup or better sometime in the not to distance future so that when I graduate I have a workstation I can start my own business from.