Furthermore :
By using Pi-hole on eth green and blue, disturbs the LOG of Proxy at IPFire and you will not be able check every client communication and requested URL’s at IPFire Proxy-Logs .
The LOG will show just the IP of Pi-hole as a client, that requested a domain .
I cannot confirm this. Since yesterday I use the proxy for some clients and I can not observe something like this.
IPFire is configured as follows:
My configuration (Pi-Hole is in the green zone):
# IPFire Domain Name System
DNS Servers: dns3.digitalcourage.de + dns1.digitale-gesellschaft.ch
DNS Configuration:
Protocol for DNS queries: TLS
QNAME Minimisation: Strict
# IPFire DHCP configuration
Primary DNS: 192.168.1.100 <= Pi-hole
# Pi-hole DNS configuration:
Upstream DNS Server: Custom 1 (IPv4) 192.168.1.1 (= IPFire DNS server)
Advances DNS settings:
- Never forward non-FQDNs
- Never forward reverse lookups for private IP ranges
- Use DNSSEC
- Use Conditional Forwarding
(“If not configured as your DHCP server, Pi-hole typically won’t be able to determine the names of devices on your local network. As a result, tables such as Top Clients will only show IP addresses.
One solution for this is to configure Pi-hole to forward these requests to your DHCP server (most likely your router), but only for devices on your home network.”)
Source: Pi-Hole and IPFire, which way round? - #34 by anon87475738