This is a script for installing pi-hole container on Firewalla Gold or Purple. It is based on the Firewalla tutorial and has been tested on 1.974.
- Pi-hole runs fine on Purple or Gold.
- Firewalla uses pi-hole v5.1.2 in their example. I have switched it to "latest" because that is a bit dated now.
- The Pi-hole password will be,
firewalla
.
To install:
-
SSH into your Firewalla (learn how if you don't know how already.)
-
If you want regular pi-hole with the version Firewalla recommends, copy the line below and paste into the Firewalla shell and then hit enter.
curl -s -L -C- https://raw.githubusercontent.com/mbierman/pihole-installer-for-Firewalla/main/pihole_docker_install.sh | cat <(cat <(bash))
If you want pi-hole with the latest pihole image, copy the line below instead and paste into the Firewalla shell and then hit enter.
curl -s -L -C- https://raw.githubusercontent.com/mbierman/pihole-installer-for-Firewalla/main/pihole_docker_install.sh | cat <(cat <(bash -s -- latest))
If you want pi-hole with DoH, copy the line below instead and paste into the Firewalla shell and then hit enter.
curl -s -L -C- https://raw.githubusercontent.com/mbierman/pihole-installer-for-Firewalla/main/pihole_docker_install.sh | cat <(cat <(bash -s -- doh))
-
Now go to the network settings on Firewalla App, assign
172.16.0.2
as the primary DNS server for all networks that you want to enable Pi-Hole and disable DoH or Unbound on these networks.- Tap on Network Manager.
- Tap on the Top right edit button.
- Tap on each LAN or VLAN segment you want to use pi-hole on.
- Scroll down and change the primary DNS to
172.16.0.2
. Leave the secondary DNS empty.
- After completing the steps above, you should be able to see DNS requests coming up in the pi-hole management console 172.16.0.2/admin.
- Try to block something obvious in pi-hole like facebook.com and try to reach it you should be blocked.
- If you go to browserleaks.com/dns you should see the upstream DNS servers you set in pi-hole if you are using unencrypted DNS.
Standard disclaimer: I can not be responsible for any issues that may result. Nothing in the script should in any way, affect firewalla as a router or comprimise security. Happy to answer questions though if I can. :)
You can run this by copying this line and run it on firewalla to uninstall.
curl -s -L -C- https://raw.githubusercontent.com/mbierman/pihole-installer-for-Firewalla/main/uninstall_pihole.sh | cat <(cat <(bash))
There are lots of pihole communities on Reddit. If you have pi-hole questions, please check there.