Stumbled across a new-ish firewall device, unknown to me

VLAN group assignment yes, LACP I think is coming but not totally sure. I don’t have access to faster than gigabit (nor need anything faster) so I haven’t looked into that much.

Can it work as a regular DNS server? That would be really handy, and I’m confused as to why it’s not normal for routers to function as local, always fresh DNS servers for say the 100 most relevant domains for a given household. My impression is that Pihole is used to filter ads or something, not as a real DNS server.

I don’t understand what all these assertions about “scams” and “victims” are based on. This thread sort of veered into those claims early on, and it’s not clear what that was based on.

Is there any evidence that this firewall is a scam, or that there are any “victims”? It clearly exists, and people use it, so I don’t know where these accusations came from. You implied that all crowdfunded projects are scams, as though this was some sort of established fact and widely shared understanding. But it’s not a fact at all, since lots of crowdfunded projects are definitely not scams, so I don’t understand where all these extravagant claims are coming from. It’s wildly unethical to falsely claim that someone is a scammer or fraudster – humans live off of their reputations, so false claims that they’re scammers can do massive harm. Whoever these people are, it appears that they are delivering a product that is true to whatever claims they made about it.

Pihole does caching of all DNS responses it serves, with the cache entries expiring as directed by the expiration timeframe provided by each authoritative DNS server. So if has a timeframe of 1 hour, it will save the response for one hour and not recheck until it has expired. In fact the actual DNS serving part of Pihole is just dnsmasq, and the full functionality of dnsmasq is available if you add a custom config file - so it very much is a “real DNS server”. The added filtering of pihole is added as a layer between dnsmasq and whatever upstream DNS server you want to use - and that upstream server can be unbound, which does the recursive DNS lookups locally (contacting the authoritative servers for each domain directly instead of using some provider like Google or Cloudflare)

Yes it can function as a regular DNS server which is pretty trivial. It can also redirect DNS requests to a local DNS server or multiple on your network that you would want to use if you have them. It also rewrites all unencrypted DNS queries to the server you want no matter what is configured on the clients. This thing continues to be fucking fantastic. Also, they push out a lot of new features every 3-4 months via software updates.

1 Like

I’m not sure what this is referencing but I have observed and participated in some incredibly shady/scummy scam-worthy crowd sourced efforts. So FWIW, skepticism or outright paranoia about the legitimacy of it is warranted.
You can do your homework all day if you like but at the end of the day crowd-funded projects are regrettably a roll of the dice with no promise of return. That is one aspect of it that makes it so appealing as platform to start-ups or even established players who want to launch a product or brand without risking their own liquidity.

There is a type of start-up behavior that mirrors ‘pump and dump’ scam seen in stocks and new companies, pre-crowdsource; The behavior I see as scammy or highly suspect is new companies that pop-up promising big things but flop fantastically years later (after the project officially launches).

  • They drag it out for years and years then claiming in a 11th hour post ‘oh gosh we’ve run out of money and soo soo sorry but we can’t deliver any products we promised our backers, we really tried so very hard…’ smug
    All players in the process who received salary or whatever walk away with that cash intact (as far as I know). This is the pump and dump of the post 2000’s era crowdsourcing as I see it but I digress.

The wording in agreements I browsed and answers to the questions I asked about it point to the backers likely getting hosed because once it launches officially the protections (if there are any) mostly fade away save any governmental EU type things I’ve seen.

DMOAT looks interesting i’ll have to check it out when i have time, thanks for the idea.

FYI I have been very busy with RL stuff and of course all the lovely covid crazy-ness that has been with us for 2.5 years.