Adblock-lean: set up adblock using dnsmasq blocklist

dave14305 · May 23, 2023, 7:49pm

BTW, this is an alternate method of whitelisting. local is a synonym for server and the trailing # says, “use the standard servers for this domain.”

anon10117369 · May 23, 2023, 8:06pm

But isn't whitelisting the absence of a block line? Surely I'm being dense here, but with our allowlist we just ensure we don't have any blocks. So I'm trying to understand significance of line that is not a block but an allow.

@Wizballs likewise NXDOMAIN seems OK so far for me too. So maybe let's just stick with NXDOMAIN and park toggling for now, and see if demand for null IP emerges in the future.

In any case, it seems apt to me now to leave our check_dnsmasq with both the NXDOMAIN and null IP checks in place just to keep options open.

For my main DNS over TLS provider I actually just switched from CleanBrowsing to Cloudflare Family (1.1.1.3), and webpage load times seem a little faster. I only just discovered that Cloudflare has an option for families.

dave14305 · May 23, 2023, 8:22pm

Yes, I was just offering a commentary on the example you posted. Plus I see that is how @dibdot processes whitelists in Adblock.

github.com

openwrt/packages/blob/72c8977b3b4b3b8c905bd53db7557cf6bc8963db/net/adblock/files/adblock.sh#LL262-L263


      
          				adb_dnsdeny="${adb_dnsdeny:-"${adb_awk} '{print \"local=/\"\$0\"/\"}'"}"
          				adb_dnsallow="${adb_dnsallow:-"${adb_awk} '{print \"local=/\"\$0\"/#\"}'"}"

TL;DR Don’t mind me…

anon10117369 · May 23, 2023, 8:29pm

Not in the slightest. In my book you're one of Jedi Masters on this platform.

And crikey Charlie that's some serious complexity. @Wizballs take a look at the code @dave14305 just linked above.

dave14305 · May 23, 2023, 8:34pm

Not even close, but doing my best to catch up. You must be thinking of the “old dave14305”.

a-z · May 26, 2023, 9:32pm

guys I'm testing your new version, on a linksys E5600 is more limited with ram but it is working fine I'm going to add a wireguard server soon. My report is working flawless at the moment.

I notice that OISD Big list for dnsmasq ver 2.86 uses this syntax is that okay?

local=/0--foodwarez.da.ru/

HaGeZi uses

address=/0123movies.cam/

I just wonder if I can try to mix and match other lists to see the performance but so far is doing well (dnsmasq only).

This is my setup for this tiny router Linksys e5600

DNS HTTPS Proxy Settings DNSMASQ (this super enforces all the dns request and I get DoT/DoH to cloudflare)
DDNS to cloudflare
Adblock-Lean (blocking ads with dnsmasq) OISD + HaGeZi Pro
WireGuard Server (soon)

thank you again!

anon10117369 · May 27, 2023, 6:45am

Thanks a lot for your report.

Yes we accommodate this difference and swap any instances of the latter to the former.

Yes we allow for this. Please try different combinations and let us know what works well.

Is this an alternative to DNS over TLS via stubby? I use the latter. Not sure what the difference is. Anyone?

Ace! Glad to hear this.

Wizballs · May 28, 2023, 12:39am

All running good here. Sent a small github pull request to save one step, and a few CPU cycles. See what you think.