Be sure not to create an open resolver, something commonly used in DDoS attacks. https://serverfault.com/questions/573465/what-is-an-open-dns-resolver-and-how-can-i-protect-my-server-from-being-misused#573471

This makes perfect sense. Thank you!

That makes some amount of sense. I’m not sure exactly how each article is stitched together to create the full file. Do you happen to know if it’s just put together sequentially or if there’s XORing or more complex algorithm going on there? If it’s only the former, they would still be hosting copyrighted content, just a bit less of it.

EDIT:
https://sabnzbd.org/wiki/extra/nzb-spec
This implies that they are just individually decoded and stitched together.

Just wanted to let you know I somewhat found a solution and edited my post to reflect that.

I’ll check it out. Thanks!

Didn’t work, unfortunately. Same exact issues

Just one on the pihole box and using the local address of it for all LAN DNS.

It is in the DMZ. I also use the box for Jellyfin so I want it remotely accessible.

I just tried disabling it for a short while with the same result. It still gets blocked in the 10.14.0.* network.

Yes. And I set Pi-hole to respond to any interface. Plus, I can see the response being sent in Wireshark. It only gets blocked inside the wireguard interface.

No. I mean that my router doesn’t forward requests for port 53 to my server. My server’s firewall does allow access to port 53, and all my LAN devices are able to use it freely.

I am. Server IP is 192.168.1.xxx. DNS server is running on that machine. It already allows access from all interfaces. I just don’t have port 53 natted from my router to avoid creating an open resolver.