Since last Update (I guess) Firefox activates DoH without user permission.
When I revert this in the settings and restart the computer, it gets activated again!
Is this a bug or is this normal?
I have my own DNS Server with pihole, I don’t wanna use the DoH Servers from Firefox
This isn’t happening for me.
Do you have a user.js that is setting it or some other policy that is setting it?
no i don’t use a user.js
I don’t know of any other policy that activates DoH.
I also discovered that Firefox Telemetry is activated again.
I had it disabled.
Sounds like maybe either something is wrong with your profile or you have more than one profile.
I would try deleting all your profiles and starting clean maybe.
Sounds like things are switching back to their default values for you. That isn’t normal.
I checkt now all my Systems:
PC 1 → EndeavourOS → Settings changed by Firefox
Notebook → EndeavourOS → Settings changed by Firefox
PC 2 → Linux Mint 21.2 → Settings changed by Firefox
So Firefox changed the Settings with one of its updates
I just checked one of my old installs of EndeavourOS and new install and both are the same as I set them. All is good here with FF.
I am on the latest version from the Arch repos and none of my settings have changed.
Telemetry is still disabled, DOH still disabled. No other settings changes I see.
Where is your Firefox installed from?
On EndeavourOS from the normal repos no AUR
On Linux Mint from the Linux Mint repos
Are you doing any kind of data syncing on your home directory?
Using bleachbit or any other “cleaner” program?
nothing like that
Tomorrow at work I gonna check the firefox settings in my office to compare the behavior.
Also I have an Thinkpad T410 with an older EndeavourOS Install.
I gonna screenshot the settings and update firefox and check if it got also changed.
Check to run
pacman to see if any domain name/URL of pacman repo shows up in Pihole’s query log?
If it doesn’t show up in pihole, then not only is there the Firefox issue, probably some installed tool has DoH capability on root to encrypt all domain queries on your 3 devices.
So I checked it at work in my Windows machine.
DoH was also activated there, with a Firefox Update
Telemetry is still deactivated.
I changed the DoH Settings to deactivated and did a reboot. The setting didn’t change again.
I’m gonna do the Test with pacman when I’m Back from work.
The bad thing in generall is, that the Firefox devs changed the DoH setting without any information in the Firefox to the user
A dialog or warning window would have been nice!
it is actually documented and happened in waves based on countries:
Ok, but why did I Not got informed in Firefox itself about this?
Nobody (normal User) reads this Page.
I didn’t got the notification (shown in the Link) on any machine!
Why do they change a setting, I set myself?
Thats a really bad thing, ob my opinion.
because you don’t use the information channel that they have:
it was also in the changelog of the browser back when they implemented DoH, apparently you don’t read those either.
No Browser notifies its user about default settings changing, all expect you to read the changelog to see that. And yes, a lot of default settings are changed with updates on all browsers.
that is actually a bug on your system. Most likely you changed file or folder permissions or something like that or have another thing running that influences that. My Firefox at work (CentOS 7) does not revert DoH settings, neither does my browser at home (EndeavourOS)
I tried to test this, but pacman didn’t send a DNS request.
Is there a cache for Domains in pacman?
I did a nslookup, to check, the DNS request goes to the pihole:
I don’t think pacman has its own domain cache.
It looks like there is a DNS tool installed somewhere on your devices, it (encrypts all domain requests of pacman repos and ) sends them to other DNS servers. This is why Pihole cannot see them.
Pihole sees all DNS requests from my system, but not them from pcaman.
And Not them from Firefox, when it activated DoH.
I showed an nslookup where IT uses the Pihole DNS
Do you confirm that one of these mirror’s URLs appears in Pihole?
none of the mirrors of this list appear.
But when I run yay, the aur appears in pihole:
I’m so stupid!
I have a bind9 server on my homelab running in front of pihole, to extract my local zone.
It has caching and there are the querys from pacman.
It goes like this:
DNS request → bind9 → pihole → unbound → internet