OK, it seems the DNS server issue has been resolved: I actually had changed the local dhcpcd.conf
on the linux client a while ago and that prevented it from obtaining the correct DNS server.
Two more questions came up though:
- I was not able to get the DNS server to work when using a dummy interface: when assigning the IP
192.168.1.2
to the dummy interface, I could not access that IP from the client, only locally on the router. Hence, assigning it as a DNS server did not work. I just used a regular interface within the lan bridge, this seemed to work. Is this the right way of doing it if I want both DNS servers to be accessible in the network?
- Is there a way to tell adblock which dns server to bind to? Right now, whenever I restart the adblock service, it will enter the
option serversfile
line on the first listed DNS server in /etc/config/dhcp
. What’s more confusing is that from testing with the configuration below, adblock seems to be active on 192.168.1.1
instead of 192.168.1.2
, which is what I intended. Why is this?
/etc/config/dhcp
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'redacted'
config interface 'lan'
option type 'bridge'
option ifname 'eth0.1'
option proto 'static'
option ipaddr '192.168.1.1'
option netmask '255.255.255.0'
option ip6assign '60'
config interface 'wan'
option ifname 'eth0.2'
option proto 'dhcp'
config device 'wan_dev'
option name 'eth0.2'
option macaddr 'bb:bb:bb:bb:bb:bb'
config interface 'wan6'
option ifname 'eth0.2'
option proto 'dhcpv6'
option reqaddress 'try'
option reqprefix 'auto'
config switch
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan
option device 'switch0'
option vlan '1'
option ports '2 3 4 5 0t'
config switch_vlan
option device 'switch0'
option vlan '2'
option ports '1 0t'
config interface 'adblock'
option proto 'static'
option ipaddr '192.168.1.2'
option netmask '255.255.255.0'
option ifname 'br-lan'
/etc/config/network
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config dnsmasq 'adblock_dns'
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/adblock/'
option domain 'adblock'
option expandhosts '1'
option authoritative '0'
option readethers '1'
option leasefile '/tmp/dhcp.leases.adblock'
option nonwildcard '1'
list interface 'adblock'
list notinterface 'loopback'
option localservice '0'
option resolvfile '/tmp/resolv.conf.auto'
option serversfile '/tmp/adb_list.overall'
config dhcp 'adblock'
option instance 'adblock_dns'
option interface 'adblock'
option start '100'
option limit '150'
option leasetime '12h'
config dnsmasq 'lan_dns'
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases.lan'
option nonwildcard '1'
list interface 'lan'
option localservice '0'
option resolvfile '/tmp/resolv.conf.auto'
config dhcp 'lan'
option instance 'lan_dns'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
config host
option mac 'AA:AA:AA:AA:AA:AA'
option ip '192.168.1.182'
option tag 'adblock_tag'
config tag 'adblock_tag'
list dhcp_option '6,192.168.1.2'
/etc/config/adblock
config adblock 'global'
option adb_basever '3.8'
option adb_dnsvariant 'nxdomain'
option adb_fetchutil 'uclient-fetch'
option adb_trigger 'wan'
option adb_enabled '1'
option adb_dns 'dnsmasq'
config adblock 'extra'
option adb_debug '0'
option adb_forcedns '0'
option adb_report '0'
option adb_maxqueue '4'
option adb_nice '0'
option adb_dnsfilereset 'false'
option adb_backupdir '/tmp'
config source 'adaway'
option adb_src 'https://adaway.org/hosts.txt'
option adb_src_rset '/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
option adb_src_desc 'focus on mobile ads, infrequent updates, approx. 400 entries'
option enabled '1'
config source 'adguard'
option adb_src 'https://filters.adtidy.org/windows/filters/15.txt'
option adb_src_rset 'BEGIN{FS=\"[/|^|\r]\"}/^\|\|([[:alnum:]_-]+\.)+[[:alpha:]]+[\/\^\r]+$/{print tolower(\$3)}'
option adb_src_desc 'combined adguard dns filter list, frequent updates, approx. 17.000 entries'
option enabled '1'
config source 'bitcoin'
option adb_src 'https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/hosts.txt'
option adb_src_rset '/^0\.0\.0\.0[[:space:]]+([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
option adb_src_desc 'focus on malicious bitcoin mining sites, infrequent updates, approx. 80 entries'
option enabled '1'
config source 'disconnect'
option adb_src 'https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt'
option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'mozilla driven blocklist, numerous updates on the same day, approx. 4.700 entries'
option enabled '1'
config source 'dshield'
option adb_src 'https://www.dshield.org/feeds/suspiciousdomains_Low.txt'
option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'generic blocklist, daily updates, approx. 3.500 entries'
option enabled '0'
config source 'hphosts'
option adb_src 'https://hosts-file.net/ad_servers.txt'
option adb_src_rset '/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|\$)+/{print tolower(\$2)}'
option adb_src_desc 'broad blocklist, monthly updates, approx. 19.200 entries'
option enabled '0'
config source 'malware'
option adb_src 'https://mirror.espoch.edu.ec/malwaredomains/justdomains'
option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'broad blocklist, daily updates, approx. 18.300 entries'
option enabled '0'
config source 'malwarelist'
option adb_src 'http://www.malwaredomainlist.com/hostslist/hosts.txt'
option adb_src_rset '/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
option adb_src_desc 'focus on malware, daily updates, approx. 1.200 entries'
option enabled '0'
config source 'openphish'
option adb_src 'https://openphish.com/feed.txt'
option adb_src_rset 'BEGIN{FS=\"/\"}/^http[s]?:\/\/([[:alnum:]_-]+\.)+[[:alpha:]]+(\/|$)/{print tolower(\$3)}'
option adb_src_desc 'focus on phishing, numerous updates on the same day, approx. 2.400 entries'
option enabled '0'
config source 'ransomware'
option adb_src 'https://ransomwaretracker.abuse.ch/downloads/RW_DOMBL.txt'
option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'focus on ransomware by abuse.ch, numerous updates on the same day, approx. 1900 entries'
option enabled '0'
config source 'reg_cn'
option adb_src 'https://easylist-downloads.adblockplus.org/easylistchina+easylist.txt'
option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([[:alnum:]_-]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
option adb_src_desc 'focus on chinese ads plus generic easylist additions, daily updates, approx. 11.700 entries'
option enabled '0'
config source 'reg_cz'
option adb_src 'https://raw.githubusercontent.com/qxstyles/turris-hole-czech-block-list/master/turris-hole-czech-block-list'
option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'focus on czech ads maintained by Turris Omnia Users, infrequent updates, approx. 100 entries'
option enabled '0'
config source 'reg_de'
option adb_src 'https://easylist-downloads.adblockplus.org/easylistgermany+easylist.txt'
option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([[:alnum:]_-]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
option adb_src_desc 'focus on german ads plus generic easylist additions, daily updates, approx. 9.200 entries'
option enabled '0'
config source 'reg_id'
option adb_src 'https://easylist-downloads.adblockplus.org/abpindo+easylist.txt'
option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([[:alnum:]_-]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
option adb_src_desc 'focus on indonesian ads plus generic easylist additions, weekly updates, approx. 9.600 entries'
option enabled '0'
config source 'reg_nl'
option adb_src 'https://easylist-downloads.adblockplus.org/easylistdutch+easylist.txt'
option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([[:alnum:]_-]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
option adb_src_desc 'focus on dutch ads plus generic easylist additions, weekly updates, approx. 9.400 entries'
option enabled '0'
config source 'reg_pl'
option adb_src 'http://adblocklist.org/adblock-pxf-polish.txt'
option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([[:alnum:]_-]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
option adb_src_desc 'focus on polish ads, daily updates, approx. 90 entries'
option enabled '0'
config source 'reg_ro'
option adb_src 'https://easylist-downloads.adblockplus.org/rolist+easylist.txt'
option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([[:alnum:]_-]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
option adb_src_desc 'focus on romanian ads plus generic easylist additions, weekly updates, approx. 9.400 entries'
option enabled '0'
config source 'reg_ru'
option adb_src 'https://easylist-downloads.adblockplus.org/ruadlist+easylist.txt'
option adb_src_rset 'BEGIN{FS=\"[|^]\"}/^\|\|([[:alnum:]_-]+\.)+[[:alpha:]]+\^("\\\$third-party")?$/{print tolower(\$3)}'
option adb_src_desc 'focus on russian ads plus generic easylist additions, weekly updates, approx. 14.500 entries'
option enabled '0'
config source 'shalla'
option adb_src 'http://www.shallalist.de/Downloads/shallalist.tar.gz'
option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'huge blocklist archive subdivided in different categories, daily updates. Check http://www.shallalist.de/categories.html for more categories'
list adb_src_cat 'adv'
list adb_src_cat 'costtraps'
list adb_src_cat 'spyware'
list adb_src_cat 'tracker'
list adb_src_cat 'warez'
option enabled '0'
config source 'spam404'
option adb_src 'https://raw.githubusercontent.com/Dawsey21/Lists/master/main-blacklist.txt'
option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)+/{print tolower(\$1)}'
option adb_src_desc 'generic blocklist, infrequent updates, approx. 6.000 entries'
option enabled '0'
config source 'sysctl'
option adb_src 'http://sysctl.org/cameleon/hosts'
option adb_src_rset '/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
option adb_src_desc 'broad blocklist, weekly updates, approx. 16.500 entries'
option enabled '0'
config source 'ut_capitole'
option adb_src 'https://dsi.ut-capitole.fr/blacklists/download/blacklists.tar.gz'
option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'huge blocklist archive subdivided in different categories, daily updates. Check https://dsi.ut-capitole.fr/blacklists/index_en.php for more categories'
list adb_src_cat 'publicite'
list adb_src_cat 'cryptojacking'
list adb_src_cat 'ddos'
list adb_src_cat 'malware'
list adb_src_cat 'phishing'
list adb_src_cat 'warez'
option enabled '0'
config source 'whocares'
option adb_src 'http://someonewhocares.org/hosts/hosts'
option adb_src_rset '/^127\.0\.0\.1[[:space:]]+([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
option adb_src_desc 'broad blocklist, weekly updates, approx. 10.000 entries'
option enabled '0'
config source 'winspy'
option adb_src 'https://raw.githubusercontent.com/crazy-max/WindowsSpyBlocker/master/data/hosts/spy.txt'
option adb_src_rset '/^0\.0\.0\.0[[:space:]]+([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
option adb_src_desc 'focus on windows spy & telemetry domains, infrequent updates, approx. 300 entries'
option enabled '0'
config source 'winhelp'
option adb_src 'http://winhelp2002.mvps.org/hosts.txt'
option adb_src_rset '/^0\.0\.0\.0[[:space:]]+([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$2)}'
option adb_src_desc 'broad blocklist, infrequent updates, approx. 13.000 entries'
option enabled '0'
config source 'yoyo'
option adb_src 'https://pgl.yoyo.org/adservers/serverlist.php?hostformat=nohtml&showintro=0&mimetype=plaintext'
option adb_src_rset '/^([[:alnum:]_-]+\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower(\$1)}'
option adb_src_desc 'focus on ad related domains, weekly updates, approx. 2.400 entries'
option enabled '1'