thank you and i wish for anyone who wants to install adblock-lean may find this thread
I've followed the code optimisation discussion on the forum and decided to install adblock-lean at my parents house since it seems like a nice enable and forget about service. However when I install it on OpenWrt-24.10-rc4 I get an error due to a missing /tmp/dnsmasq.d directory. There is a different dnsmasq.d directory in /tmp. Is 24.10-rc4 supported or should I downgrade to 23.05.5 to get adblock-lean to work?
root@C2600:~# service adblock-lean status
adblock-lean is stopped.
root@C2600:~# service adblock-lean start
Error: Directory '/tmp/dnsmasq.d' does not exist. Failed to detect dnsmasq directory or dnsmasq is not running.
root@C2600:~#
root@C2600:~#
root@C2600:~#
root@C2600:~#
root@C2600:~# ls /tmp/dnsmasq.cfg01411c.d/
Found the solution further up in an earlier post:
- before installing adblock-lean, run following commands:
uci set dhcp.@dnsmasq[0].confdir='/tmp/dnsmasq.d'
uci commit dhcp
service dnsmasq restart
Thanks for this great adblock service. Everything is running without issues now.
root@C2600:~# service adblock-lean status
Checking active blocklist.
The dnsmasq check passed and the presently installed blocklist has entries count: 763,936.
adblock-lean is active.
Generating dnsmasq stats.
dnsmasq stats available for reading using 'logread'.
Checking for adblock-lean updates.
The locally installed adblock-lean is the latest version.
Great that you found the solution. The next version of adblock-lean which should handle the changes to the dnsmasq service is in the works.
Hi all, we are close to release a new version of adblock-lean. One currently unsolved issue is that the entries count in Hagezi lists which we include in our default presets (mini/small/medium/large) has grown in the past few months. This is especially noticeable withe the 'large' preset which has grown from ~700k entries in August to ~1.1M entries now. The 'medium' preset has grown from ~350k to ~430k. While the 'medium' preset should still be fine for routers with 256MiB of memory, I am not as sure about the 'large' preset and routers with 512MiB of memory.
So I'd like to ask people who have a device with 256MiB and 512MiB of memory:
- For devices with 512MiB of memory and the 'large' preset: does the current 'large' preset work well for you (you can verify that you are using that preset by looking at the resulting blocklist entries count)
- Same for devices with 256MiB of memory and the 'medium' preset
- How much free memory do you have when adblock-lean is running?
- Which hardware do you have? (
ubus call system board
)
Thank you for you help!
With 1,058,184 entries following processing, I see:
root@OpenWrt-1:~# ubus call system board
{
"kernel": "5.15.167",
"hostname": "OpenWrt-1",
"system": "ARMv8 Processor rev 4",
"model": "Linksys E8450 (UBI)",
"board_name": "linksys,e8450-ubi",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "23.05.5",
"revision": "r24106-10cc5fcd00",
"target": "mediatek/mt7622",
"description": "OpenWrt 23.05.5 r24106-10cc5fcd00"
}
}
root@OpenWrt-1:/var/log# free -m
total used free shared buff/cache available
Mem: 502500 188244 163132 12424 151124 250868
Swap: 0 0 0
My Mi ax3000t with "options mt7915e wed_enable=Y" in which using more ram if this option enable.
root@OpenWrt:~# ubus call system board
{
"kernel": "6.6.67",
"hostname": "OpenWrt",
"system": "ARMv8 Processor rev 4",
"model": "Xiaomi Mi Router AX3000T",
"board_name": "xiaomi,mi-router-ax3000t",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "24.10.0-rc4",
"revision": "r28211-d55754ce0d",
"target": "mediatek/filogic",
"description": "OpenWrt 24.10.0-rc4 r28211-d55754ce0d",
"builddate": "1734915335"
}
}
root@OpenWrt:~# free -m
total used free shared buff/cache available
Mem: 239084 149596 43908 3096 45580 40576
Swap: 0 0 0
root@OpenWrt:~# service adblock-lean status
Checking active blocklist.
The dnsmasq check passed and the presently installed blocklist has entries count: 433,811.
adblock-lean is active.
Generating dnsmasq stats.
dnsmasq stats available for reading using 'logread'.
Checking for adblock-lean updates.
The locally installed adblock-lean is the latest version.
Can you link me the .txt url for 1m+ entries?
Just a few days ago Hagezi's Pro+TIF lists were around 1.1M entries, mostly because the TIF list kinda exploded. He cut down that list a bit, so it's not as huge now. TIF stands for Threat Intelligence Feed or something like that. So not really adblocking, more like blocking malicious domains. The TIF lists tend to fluctuate quite a bit because new domains get added all the time, and old domains get removed for various reasons. If you want to increase adblocking coverage, then you can consider one of the more aggressive Hagezi lists, however note that the more aggressive they are, the more false positives they have. For this reason, our default presets only include the Pro list which provides good adblocking with minimum false positives. You could add a list from another source, although I do not have specific recommendations besides oisd which I already recommended you earlier.
The README includes links to the Hagezi Github repo which has descriptions of all lists he maintains.
Hi Antonk,
Just did a check on my router (DL-WRX36, running 24.10 NSS build from qosmio repo). This an device with loads of memory 1 Gb. I also did see the fluctuation in the size especially from the large profile. Running currently:
blocklist_urls="https://raw.githubusercontent.com/hagezi/dns-blocklists/main/wildcard/pro-onlydomains.txt https://raw.githubusercontent.com/hagezi/dns-blocklists/main/wildcard/tif.medium-onlydomains.txt"
That would be the medium setting. Naturally i have the space to run the large profile but i don't see the benefit for "normal" use and keeping the family happy with no adds. I noticed that browsing was a little bit less responsive on the large profile (makes sense, nothing to do with adblock-lean) then on the medium profile. The medium profile blocks 96% of adds (without browser adblockers) which is really good and more then enough for our home situation. The medium profile is in my opinion the best middle ground between good adblocking and snappyness on devices that have 512 Mb memory or more.
Fellow adblockers, adblock-lean has just received another raft of updates thanks to @antonk. These include, inter alia, enhancements like supporting top level domains in the allowlist or blocklist, better compatibility with newer versions of OpenWrt such as support for apk and initial handling of multiple dnsmasq instances, and various bug fixes.
The latest version of adblock-lean, incorporating these updates, can be obtained with a call to:
service adblock-lean update
Any feedback welcome.
This is a pretty big update, so I'll add the usual disclaimer: we did our best to test it but as it goes with software, there might be bugs we missed. If you find one, please let us know and we will fix it.
Also huge appreciation to @Lynx who (as always) asked the right questions to right my wrongs
Hype!
I've noticed it complained about missing dnsmasq config missing from the file which i think is kinda expected from this update. Otherwise yeah, its working fine.
Update Process
root@OpenWrt:~# service adblock-lean update
Obtaining latest version of adblock-lean.
Restarting dnsmasq.
Waiting for dnsmasq initialization.
Restart of dnsmasq completed.
NOTE: config format has changed.
Error: Missing keys in config: 'DNSMASQ_INSTANCE DNSMASQ_INDEX DNSMASQ_CONF_D'.
Corresponding default config entries:
DNSMASQ_INSTANCE=""
DNSMASQ_INDEX=""
DNSMASQ_CONF_D=""
Perform following automatic changes?
1. Re-add missing config entries with default values
y|n: y
Checking dnsmasq instances.
Detected only 1 dnsmasq instance - skipping manual instance selection.
Selected dnsmasq instance 0: 'cfg01411c'.
Selected dnsmasq conf-dir '/tmp/dnsmasq.d'.
Old config file was saved as /tmp/adblock-lean_config.old.
This will overwrite existing config. Proceed?
y|n: y
Saving new config file to '/etc/adblock-lean/config'.
The adblock-lean service is already enabled.
adblock-lean has been updated to the latest version.
Start adblock-lean now? (y|n)
y|n: y
gawk detected so using gawk for fast (sub)domain match removal and entries packing.
GNU sed detected so list processing will be fast.
coreutils-sort detected so sort will be fast.
Checking dnsmasq instances.
Starting adblock-lean.
No existing compressed or uncompressed blocklist identified.
Testing connectivity.
Found local allowlist. Sanitizing.
Successfully processed allowlist (source file size: 21 B, sanitized line count: 1).
Successfully generated allowlist with 1 entries.
Will remove any (sub)domain matches present in the allowlist from the blocklist and append corresponding server entr
ies to the blocklist.
No local blocklist identified.
Starting raw blocklist part(s) download.
Downloading, checking and sanitizing raw blocklist part from: https://raw.githubusercontent.com/hagezi/dns-blocklist
s/main/wildcard/pro-onlydomains.txt.
Successfully processed blocklist (source file size: 3.61 MiB, sanitized line count: 192,582).
Downloading, checking and sanitizing raw blocklist part from: https://raw.githubusercontent.com/hagezi/dns-blocklist
s/main/wildcard/tif.mini-onlydomains.txt.
Successfully processed blocklist (source file size: 1.49 MiB, sanitized line count: 85,975).
Successfully generated preprocessed blocklist file with 278,558 entries.
Sorting and merging the blocklist parts into a single blocklist file.
Stopping dnsmasq.
Checking the resulting blocklist with 'dnsmasq --test'.
New blocklist file check passed.
Final list uncompressed file size: 4.69 MiB.
Checking dnsmasq instances.
Successfully imported new compressed blocklist file for use by dnsmasq with size: 1.7 MiB.
Restarting dnsmasq.
Waiting for dnsmasq initialization.
Restart of dnsmasq completed.
Processing time for blocklist generation and import: 1m:2s.
Checking active blocklist.
Checking dnsmasq instances.
No ip addresses detected for dnsmasq instance 'cfg01411c'. Using the loopback addresses.
Active blocklist check passed with the new blocklist file.
New blocklist installed with entries count: 255,073.
Checking for adblock-lean updates.
The locally installed adblock-lean is the latest version.
Great work, thanks so much for all your hard work!
I just have 30 mins before work resumes so bare with me (and i am by no means a programmer but i am able to read code)
First quick and dirty observation
I am seeing the same line popup as "Bin"in the logs after the update:
"No ip addresses detected for dnsmasq instance 'cfg01411c'. Using the loopback addresses".
I suspect this due the version of Openwrt in use: <= Openwrt 23.05 or => 24.10 (RC's / Main). If i look at the code of Adblock -lean between line 2697 and 2792 thats "new" code for properly determining the correct dnsmasq instance.
Looking at that code it will first query for the presence of dnsmasq instance in use.
<= 23.05 it will find dnsmasq.d
=> 24.10 it will find dnsmasq.cfg01411c.d
The code between lines 2765 and 2778 should select the correct dnsmasq instance:
if [ "${conf_dirs_cnt}" = 1 ]
then
DNSMASQ_CONF_D="${conf_dirs}"
else
if is_included "/tmp/dnsmasq.d" "${conf_dirs}"
then
DNSMASQ_CONF_D=/tmp/dnsmasq.d
elif is_included "/tmp/dnsmasq.cfg01411c.d" "${conf_dirs}"
then
DNSMASQ_CONF_D=/tmp/dnsmasq.cfg01411c.d
else
# fall back to first conf-dir
DNSMASQ_CONF_D="${conf_dirs%%"${_NL_}"*}"
The log message mentioned earlier ""No ip addresses detected for dnsmasq instance 'cfg01411c'. Using the loopback addresses"." indicaties that neither /tmp/dnsmasq.d or /tmp/dnsmasq.cfg01411c.d are found so its does a fallback querie DNSMASQ_CONF_D="${conf_dirs%%"${NL}"*}""" and writes that to the config file (which is a good thing to keep it working)??
Running out of time, back to work.
Yes, you interpreted most of this correctly. Except adblock-lean only writes to config when the user asks it to. Which is either while updating config during version updates, or when using the setup
, gen_config
or set_dnsmasq_dir
commands. Otherwise adblock-lean verifies that the dnsmasq instance which was configured exists and is running with expected options and that's it.
When adblock-lean doesn't find an explicitly set network interface for the selected dnsmasq instance, it prints this message about ip addresses but it's not an error. It just means that we assume that loopback ip addresses should be used. This is typically the case, unless the user specified interfaces for the dnsmasq instance in /etc/config/dhcp. The mentioned ip addresses are used for the dns queries which adblock-lean issues to verify that the blocklist was successfully loaded and that dns resolution is working.
This is correct. Before this update, adblock-lean expected only one dnsmasq instance to exist in the system and for that instance to always be listening on the loopback ip addresses and using the conf-dir /tmp/dnsmasq.d
. The biggest change in this update is proper support for handling dnsmasq instances, including analyzing dnsmasq config and runtime info to detect correct conf-dir, correct interfaces and correct ip address for the selected instance, and validation mechanism which makes sure that adblock-lean config is harmonized with the actual state of the dnsmasq service.
Which is why some new config options were added. Normally, these options are set automatically at the time of adblock-lean update to this version or when running the setup
command.
Hi Antonk,
Thanks for the explanation. I just did 2 test on my Openwrt version: 24.10 NSS build from qosmio repo.
test 1 : with the line "option confdir '/tmp/dnsmasq.d'" added to dchp to simulate the =<23.05 behaviour
test 2: without the extra line added which represents the stock =>24.10/main behaviour.
Both configurations where installed like it was a "fresh" install of adblock-lean (removed the scripts in init.d and the configs, cron /tmp). Normally i install it manually (wiki on Lynx's Git page), this time i just used the Automated interactive setup, since most will do it that way.
Both result were the same: installed fine no errors, adblock-lean running.
Good job!
That's great to hear! Thank you for testing and reporting back.