Pi-hole–network wide ad/malware blocking

Pi-hole has been around for a while but just recently I decided to take a closer look at what I’ve been missing out on. Pi-hole was originally designed to run on a dedicated Raspberry Pi but it’s not required.

Version 4.2.1 just released this month with several improvements but what really makes it easy is the setup. It took me about 5 minutes to have ad blocking for all my phones, laptops, and desktops in the house.

First you need a linux system on the network. This is why the Raspberry Pi is a popular choice. It’s low power, small, and most importantly under $40. For me, I used an Ubuntu vm running on my esxi stack.

Next, the one command setup

curl -sSL https://install.pi-hole.net | bash

The next is running through the wizard that really isn’t any different than any other wizard on windows. It just looks a bit different. I recommend running a static IP, but it’s not required.

Next configure you DHCP server to specify Pi-hole as the DNS server. Let Pi-Hole do everything else for you. You can even run DCHP from the Pi-Hole but that’s not covered here.

image

Now just sit back and watch all the ads getting blocked. For more advanced users, custom lists, installing Pi-Hole on your pfsense router, etc are just the beginning of customizations. DNS blocklisting has been around for a long time, Pi-Hole just figured out a really easy consumable way to implement it. Hats off to that team.

How to disable SELinux temporarily or permanently in Centos 6/7 and RHEL 6/7

SELinux is described as a mandatory access control (MAC) security structure executed in the kernel. SELinux offers a means of enforcing some security policies which would otherwise not be effectively implemented by a System Administrator.

The SELinux feature or service is enabled by default, due to this some applications on your system may not actually support this security mechanism. Therefore, to make such applications function normally, you have to disable or turn off SELinux.

# sestatus

Disable SELinux Temporarily

To disable SELinux temporarily, issue the command below as root:

# echo 0 > /selinux/enforce

Alternatively, you can use the setenforce tool:

# setenforce 0

Else, use the Permissive option instead of 0:

# setenforce Permissive

Disable SELinux Permanently

To permanently disable SELinux, use your favorite text editor to open the file /etc/sysconfig/selinux

# nano /etc/sysconfig/selinux

Then change the directive SELinux=enforcing to SELinux=disabled

SELINUX=disabled

Then, save and exit the file, for the changes to take effect, you need to reboot your system and then check the status of SELinux using sestatus:

# sestatus