/etc/init.d/adblock-lean
inject_blocklist_file()
{
[[ -f /tmp/blocklist ]] || return 1
if [[ "${compress_blocklist}" == 1 ]]
then
clean_dnsmasq_dir
printf "conf-script=\"./tmp/dnsmasq.d/.extract_blocklist\"\n" > /tmp/dnsmasq.d/conf-script
chmod +x /tmp/dnsmasq.d/.extract_blocklist
printf "busybox gunzip -c /tmp/dnsmasq.d/.blocklist.gz\nexit 0\n" > /tmp/dnsmasq.d/.extract_blocklist
gzip -f /tmp/blocklist
mv /tmp/blocklist.gz /tmp/dnsmasq.d/.blocklist.gz
injected_blocklist_file_size_KB=$(du -bk /tmp/dnsmasq.d/.blocklist.gz | awk '{print $1}')
else
clean_dnsmasq_dir
mv /tmp/blocklist /tmp/dnsmasq.d/blocklist
injected_blocklist_file_size_KB=$(du -bk /tmp/dnsmasq.d/blocklist | awk '{print $1}')
return 0
root@OpenWrt:~/adblock-lean# /etc/init.d/adblock-lean reload
Stopping adblock-lean.
Removing any adblock-lean blocklist files in /tmp/dnsmasq.d/ and restarting dnsmasq.
Removing any leftover adblock-lean temporary files.
Stopped adblock-lean.
Started adblock-lean.
No existing compressed or uncompressed blocklist identified.
No local blocklist identified.
Downloading new blocklist file part(s).
Downloading new blocklist file part from: https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/pro.txt.
Download of new blocklist file part from: https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/pro.txt suceeded (downloaded file size: 6848 KB; line count: 250090).
Sanitizing blocklist file part.
Checking for any rogue elements.
Successfully generated preprocessed blocklist file with 250090 line(s).
Removing duplicates and forming new preprocessed blocklist file.
No local allowlist identified.
Processed blocklist file size: 6848 KB.
Performing dnsmasq --test on the processed blocklist.
dnsmasq --test output: dnsmasq: syntax check OK.
The dnsmasq --test on the processed blocklist passed.
New blocklist file check passed.
chmod: /tmp/dnsmasq.d/.extract_blocklist: No such file or directory
Successfully injected new blocklist file for use by dnsmasq with size: 1815 KB.
Restarting dnsmasq.
drwxr-xr-x 2 root root 100 Feb 24 17:27 .
drwxrwxrwt 26 root root 700 Feb 24 17:27 ..
-rw-r--r-- 1 root root 1.8M Feb 24 17:27 .blocklist.gz
-rw-r--r-- 1 root root 54 Feb 24 17:27 .extract_blocklist
-rw-r--r-- 1 root root 49 Feb 24 17:27 conf-script
Restart of dnsmasq completed.
Checking dnsmasq instance.
No instance of dnsmasq detected with new blocklist.
The dnsmasq check failed with new blocklist file.
No previous blocklist file found.
Can you make this:
if [[ "${compress_blocklist}" == 1 ]]
then
clean_dnsmasq_dir
printf "conf-script=\"busybox sh /tmp/dnsmasq.d/.extract_blocklist\"\n" > /tmp/dnsmasq.d/conf-script
printf "busybox gunzip -c /tmp/dnsmasq.d/.blocklist.gz\nexit 0\n" > /tmp/dnsmasq.d/.extract_blocklist
gzip -f /tmp/blocklist
If that works then I think that's the way forward.
oot@OpenWrt:~/adblock-lean# /etc/init.d/adblock-lean start
Started adblock-lean.
No existing compressed or uncompressed blocklist identified.
No local blocklist identified.
Downloading new blocklist file part(s).
Downloading new blocklist file part from: https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/pro.txt.
Download of new blocklist file part from: https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/pro.txt suceeded (downloaded file size: 6848 KB; line count: 250090).
Sanitizing blocklist file part.
Checking for any rogue elements.
Successfully generated preprocessed blocklist file with 250090 line(s).
Removing duplicates and forming new preprocessed blocklist file.
No local allowlist identified.
Processed blocklist file size: 6848 KB.
Performing dnsmasq --test on the processed blocklist.
dnsmasq --test output: dnsmasq: syntax check OK.
The dnsmasq --test on the processed blocklist passed.
New blocklist file check passed.
Successfully injected new blocklist file for use by dnsmasq with size: 1815 KB.
Restarting dnsmasq.
drwxr-xr-x 2 root root 100 Feb 24 17:40 .
drwxrwxrwt 26 root root 700 Feb 24 17:40 ..
-rw-r--r-- 1 root root 1.8M Feb 24 17:40 .blocklist.gz
-rw-r--r-- 1 root root 54 Feb 24 17:40 .extract_blocklist
-rw-r--r-- 1 root root 59 Feb 24 17:40 conf-script
Restart of dnsmasq completed.
Checking dnsmasq instance.
The dnsmasq check passed with new blocklist file.
New blocklist installed with good line count: 250090.
Ah sweet. We fixed? Just need to prepend busybox to the sh call.
Thanks for your help and persistence here @ninjanoir78!
I think so,
how about > prepend busybox to the sh call. ? What do you mean?
Like this:
Seems @dave14305 was right and sh alone
doesn’t always work.
I’ll push update to GitHub tomorrow.
2 Likes
maybe /bin/sh ?
1 Like
Almost got it:
check_addnmount_str()
{
addnmount_str=$(uci get dhcp.@dnsmasq[0].addnmount 2> /dev/null)
for addnmount_path in ${addnmount_str}
do
case "${addnmount_path}" in
/bin[/]*|/bin/busybox[/]*)
return 0
;;
*)
;;
esac
done
But the above isn't quite right. How do I properly make any trailing slashes optional? @patrakov you’re great with these sorts of things?
Sorry, I don't understand what is needed here. Examples would help.
In any case, you can remove and re-add a single optional trailing slash like this:
addnmount_path=${addnmount_path%/}/
P.S. Sorry for not answering such mentions - got completely caught up in audits and similar bureaucracy.
Ah not at all. Sorry for dialing you so much!
Regarding:
I’m trying to work out how to make the matches work properly. It should match either /bin with any number of trailing slashes (0,1,2..) or /bin/busybox again with any number of trailing slashes. Can’t that be done in single line in case statement?
case doesn't do regex, so I would lean more toward a grep.
echo "${addnmount_path}" | grep -qE "^/bin(/|/busybox)?$"
2 Likes
Thanks for wording the requirements precisely. This makes the question much easier to answer. And the answer is "no", as the requirement is not expressible as a glob, and globs are what the "case" statement takes.
In bash, but not in a pure POSIX shell, you can write an "if" statement like this:
if [[ $addnmount_path =~ ^/bin(|/busybox)/*$ ]] ; then
return 0
fi
In pure POSIX shell, the equivalent would be:
if printf "%s" "$addnmount_path" | grep -Eq '^/bin(|/busybox)/*$' ; then
return 0
fi
Hi guys!
I have been testing this new version from regular branch from a couple hours, and it feels a bit different from the previous ones about 12 days ago. I have been traveling and didn't have a chance to check, but I am about to travel again, and it's a good opportunity to use my router on the go. For now, everything is fine. I am using the default blocking lists from HAGEZI, but I am adding some extra ones, specifically for the telemetry of Microsoft, Amazon, and Apple. My router has limited RAM capacity and NAND limited too, so I have to be mindful of the size of the lists. HAGEZI recommends that the PRO version, which we use in Adblock-Lean by default, is sufficient.
I have also added some extra packages that have worked well for me to control and perform DNS hijacking for devices that try to bypass ads, especially with Android devices that seem to inject ads. With this, I can block them. In case you're interested, what I do is add the following:
- DNSProxy2 using Cloudflare and DoH.
- Add some tweaks so that WAN does not use the ISP's DNS plus what I desire.
- Clear the DNSMASQ cache.
- Add permissions and rules to the firewall to enforce DNS towards dnsmasq.
- I do the same for WIFI and guest WIFI and block the other traditional DNS ports so that they only pass through DNSProxy2 (DNSMASQ).
- Use Adblock-Lean
These small adjustments allow me to block everything in the HAGEZI lists but also ensure that my DNS requests are encrypted towards Cloudflare. I would love to use Unbound but I don't want to mess anymore with openwrt, this setup is very easy for my needs.
I've been at it for a couple of hours, and everything is working wonderfully. I thought my little router was going to crash, but it processed all the lines, cleaned up, and created a version that is functioning, and I still have some free space. I'll be traveling, so it's ideal to test it at my destination.
again thank you so much for this tool guys and everyone that works to improve it! I'll keep testing
Terminal Prompt with Results
Started adblock-lean.
No existing compressed or uncompressed blocklist identified.
No local blocklist identified.
Downloading new blocklist file part(s).
Downloading new blocklist file part from: https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/pro.txt.
Download of new blocklist file part from: https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/pro.txt suceeded (downloaded file size: 6778 KB; line count: 248808).
Sanitizing blocklist file part.
Checking for any rogue elements.
Downloading new blocklist file part from: https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/native.amazon.txt.
Download of new blocklist file part from: https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/native.amazon.txt suceeded (downloaded file size: 8 KB; line count: 227).
Sanitizing blocklist file part.
Checking for any rogue elements.
Downloading new blocklist file part from: https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/native.apple.txt.
Download of new blocklist file part from: https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/native.apple.txt suceeded (downloaded file size: 1 KB; line count: 19).
Sanitizing blocklist file part.
Checking for any rogue elements.
Downloading new blocklist file part from: https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/native.winoffice.txt.
Download of new blocklist file part from: https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/native.winoffice.txt suceeded (downloaded file size: 3 KB; line count: 64).
Sanitizing blocklist file part.
Checking for any rogue elements.
Successfully generated preprocessed blocklist file with 249118 line(s).
Removing duplicates and forming new preprocessed blocklist file.
No local allowlist identified.
Processed blocklist file size: 6780 KB.
Performing dnsmasq --test on the processed blocklist.
dnsmasq --test output: dnsmasq: syntax check OK.
The dnsmasq --test on the processed blocklist passed.
New blocklist file check passed.
Successfully imported new blocklist file for use by dnsmasq with size: 1786 KB.
Restarting dnsmasq.
Restart of dnsmasq completed.
Checking dnsmasq instance.
The dnsmasq check passed with new blocklist file.
New blocklist installed with good line count: 248842.
2 Likes
When would a path to a binary file have trailing slashes? 
Oh good point. I meant just for the /bin part.
Got it - thanks so much both for your helpful input here.
Hopefully I got the improved addnmount string check right with this:
1 Like
Hey that's excellent news and thank you for your testing. Is this with 128MB ram?
Please make sure to use:
initial_dnsmasq_restart=1 # enable (1) or disable (0) initial dnsmasq restart
since that will free up memory for the blocklist creation process.
I wonder how much spare memory you have available during the blocklist update and once it has completed? I find it helpful to monitor the memory usage using the package 'htop' and sorting by memory usage (shift+m).
Yes I think this is an excellent choice and you could just run with that (assuming there is a reasonable amount of headroom left during the blocklist creation and in normal use).
I personally use:
blocklist_urls="https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/pro.txt https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/tif.txt https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/native.winoffice.txt https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/native.apple.txt https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/native.amazon.txt"
I presume that might just be too much for your device?
If so, perhaps this variant might work:
https://github.com/hagezi/dns-blocklists/blob/main/dnsmasq/light.txt https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/tif.txt https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/native.winoffice.txt https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/native.apple.txt https://raw.githubusercontent.com/hagezi/dns-blocklists/main/dnsmasq/native.amazon.txt"
Finally, regarding:
I am not 100% certain, but I believe 'stubby' is faster.
why hasnt this been packaged for openwrt yet ?
1 Like
It's just a service script with config.
I suppose it could be, by someone with the skill and motivation.
Albeit any updates and fixes would then be subject to delays pending package updates.
1 Like