Aside from it just working, their mobile client is a fantastic thing. When I am off wifi, my phone routes DNS to NextDNS and I get the same adblocking when I am on cellular data.
For those who prefer Pi-Hole, I set up a VPN server on my PfSense so my devices can use the DNS server in my home network when I'm out. The fact that traffic is encrypted is a nice bonus.
I do this on a symmetrical 500Mbit fiber line, YMMV.
That's like saying your seatbelt is uncomfortable so you don't wear it while you're driving. Don't take it off, find a solution to make it work.
Use a better block list (OISD has been mentioned already), or use NextDNS. Neither of those cause breaks in most sites and stop the most bothersome/prevalent ads.
If your router can do it, have it route all of your DNS queries to your (pi-hole|adguard|nextdns). Doesn't matter if they are hardcoded to 8.8.8.8, anything to port 53 goes through the blocker.
I finally ended up setting up my own router with opnsense which you can do for pretty cheap. Either a pc with two ports, a vm on a server if you are into that , or going dedicated hardware like mentioned above. If you really want to understand what goes on your network this is the way to go.
If your router can do it, have it route all of your DNS queries to your (pi-hole|adguard|nextdns). Doesn't matter if they are hardcoded to 8.8.8.8, anything to port 53 goes through the blocker.
Maybe not the best place to ask, but how does one do that with a UNIFI CK gen1, that is, using their Network OS?
I have a RaspPi working wonders but I suspect some devices have hardcoded connections which bypass the DNS request. Is there a simple way to forward to that RaspPi for correct “gate keeping”?
I had issues with just DNAT following some ui forum posts, and I think it's because I'm using switch0 as the interface, with devices across LAN ports on my EdgeRouter. The SNAT masquerade was the key to getting the replies from the pi-hole routed properly.
I was previously using my EdgeRouter as the DHCP DNS server, and using DNS Forwarding on switch0 w/ dnsmasq to forward queries to the pi-hole. With a large cache, this avoided a couple hops for every DNS query on my network. However, this meant that I couldn't see which IP was making the query in the pi-hole query logs, so I've flipped it so that the pi-hole is the DHCP DNS server, and the pi-hole queries the EdgeRouter, which then forwards the requests to public DNS w/ caching. I then assigned every device a '.local' domain in the pi-hole Local DNS tab, which lets pi-hole displays a friendly name for each query in the log.
For completeness sake, here's everything I needed on the EdgeRouter. The EdgeRouter was setup with no VLANs, and with all LAN ports switched w/ a single subnet (switch0 interface exists in the dashboard).
EdgeRouter:
* In the bottom left "System" pop up drawer, set "System domain-name" to "local" (or whatever domain of your choice, like "lan" or "home").
* Services > DHCP Server > [Your DHCP Server] > View Details: Set DNS1 to your pi-hole IP (make sure it's statically mapped!), set Domain to "local"
* Firewall/NAT > NAT: Follow above guide
* Services > DNS: Enable DNS Forwarding for switch0, set appropriate cache size
* Config Tree > service > dns > forwarding: set name server to public DNS server of your choicse
Pi-hole:
* Settings > DNS: Disable all external DNS servers, set custom upstream DNS server to the EdgeRouter
* Local DNS > DNS Records: Look at your EdgeRouter DHCP lease list, give everything you care about a static IP assignment, and then give them ".local" DNS records in pi-hole. SSH-ing in and editing `/etc/pihole/custom.list` may be faster, as pi-hole seems to bring services down and then back up for each entry added via the web UI.
Not sure how to do it on that device but with iptables you would do a DNAT rule with masquerade, so it NATs both src and dst IP and src becomes the IP of your router.
A strange game. The only winning move it not to play.
Eventually, yes, device/software manufacturers will start using encrypted solutions, but until then, ya do what ya can do. Maybe the blocking solutions will evolve and adapt as well.
At some point the last solution will be opening it up to rip out the antennas, as some models already automatically connect to open Wi-Fi’s when you happen to live near a hotspot.
Rimworld is great. Almost 2,000 hours in and I am still learning and evolving my gameplay.
Some people play hardcore/survival mode with hundreds of combat-related mods, others play it as a version of Stardew Valley. It is totally up to you how you want your game to be.
I'm confused as well. I can't imagine a B-17 landing without flaps. I am a pilot, but never flown a B-17, so take it with a grain of salt...
You'd want both the gear and flaps down on landing, so both switches would be in the down position. If the switches weren't in sync, e.g. you need one switch up and the other down for landing, that would be a problem.
From what I remember from a WW2
training video, you begin the landing 1/3 flaps. If you’re close to stall speed, the drag from unexpected full flaps could be enough to stall the plane.
In the reverse hitting flaps up before gear up is likely to cause problems.
