Adblock support thread

professor_jonny · December 22, 2020, 8:35am

I have adblock all working it blocks domains in the blacklists but reporting does not seem to work.
I have enabled reporting and downloaded the tcpdump package, it does not work from CLI either.

Status / Version
enabled / 4.0.7
Blocked Domains
43,027
Active Sources
adaway, adguard, disconnect, yoyo
DNS Backend
dnsmasq, /tmp/dnsmasq.d
Run Utils
/bin/uclient-fetch, /usr/bin/awk
Run Interfaces
trigger: -, report: any
Run Directories
base: /tmp, backup: /tmp, report: /tmp, jail: /tmp
Run Flags
backup: 1, reset: 0, flush: 0, force: 0, search: 1, report: 1, mail: 0, jail: 0
Last Run
reload, 0m 15s, 510/390/376, 22.12.2020 21:06:30

dibdot · December 22, 2020, 3:16pm

Did you restart adblock after enabling the report feature?
Check for a running tcpdump process, e.g.

root@blackroute:~# ps | grep [t]cpdump
 5673 root      4820 SN   /usr/sbin/tcpdump -nn -s0 -l -i br-lan port 53 -C5 -W10 -w /mnt/data/adblock/reports/adb_report.pcap

Havelock · December 22, 2020, 6:09pm

Ah - but I "backported" to 19.07.5 - so that's why...

professor_jonny · December 22, 2020, 6:15pm

I believe it was an typo in the dhcp or firewall config, I think it was logging a unused/ incorect instance or interface or something ? editing these files made logging work i also added the local queries option and it could be that ?.

I do have another question tho: How do I make adblock it active on two virtual bridged interfaces Adults_Lan, Kids_Lan for example I tried to set up multiple dnsmasq in the dhcp and it did not work, do you have a sample config by chance ?
I have it working on the first interface now and logging corectly now but it is not active on Kids_Lan

If i could only have it active on the Kids_Lan I would be ok with that but im unsure how to select this.

This is my current config:

config dnsmasq 
	option domainneeded '1'
	option boguspriv '1'
	option filterwin2k '0'
	option localise_queries '1'
	option rebind_protection '0'
	option rebind_localhost '1'
	option local '/Adults_Lan/'
	option domain 'Adults_Lan'
	option expandhosts '1'
	option nonegcache '0'
	option authoritative '1'
	option readethers '1'
	option localservice '1'
	option leasefile '/tmp/dhcp.leases.adults'
	option resolvfile '/tmp/resolv.conf.auto'
	option confdir '/tmp/dnsmasq.d'
	option nonwildcard '1'


config dhcp 'Adults_Lan'
	option start 100
	option limit 150
	option leasetime 12h
	option interface Adults_Lan
	option force 1

config dhcp 'Kids_Lan'
	option start '100'
	option leasetime '12h'
	option limit '150'
	option interface 'Kids_Lan'
	option force '1'

config dhcp 'Wan'
	option interface 'Wan'
	option ignore '1'

config odhcpd 'odhcpd'
	option maindhcp '0'
	option leasefile '/tmp/hosts/odhcpd'
	option leasetrigger '/usr/sbin/odhcpd-update'
	option loglevel '4'

Havelock · December 22, 2020, 7:11pm

This begs the question of how to (configure and) run multiple instances of dnsmasq each bound the respective interface. Is this implemented in Openwrt (yet)?

professor_jonny · December 23, 2020, 7:35am

[OpenWrt Wiki] DNS and DHCP configuration examples

From what I believe you use the instance to bind it to a specific interface but I could not get it to work correctly:

config dnsmasq 'Adults_Dnsmasq'
	list interface 'Adults'


config dnsmasq 'Kids_Dnsmasq'
	list interface 'Kids'

config dhcp 'Adults'
	option instance 'Adults_Dnsmasq'
	option interface 'Adults'

config dhcp 'Kids'
	option instance 'Kids_Dnsmasq'
	option interface 'Kids'

edit I now have it working:
Multiple dnsmac for adblock - Installing and Using OpenWrt - OpenWrt Forum

I now have adblock working on both bridges on seperate lan segments but i now cant figure out how to make it do a dns report on both interfaces it just operates on the first one listed in the dhcp config.

I see the experimental option adb_dnsinstance '1' which will switch addblock to the second dhcp instance in a dhcp file but i alreeady have adblock working just not the reporting function on the second or all interfaces.

dibdot · December 24, 2020, 11:51am

Great that it works for you. To capture multiple reporting interfaces add the custom/virtual "any" interface, e.g.

After that restart adblock ... you should see the following tcpdump process ...

Hope this helps!

Merry Christmas!

TreatorC · December 24, 2020, 2:24pm

You also have to replace dnsmasq with dnsmasq-full
package for correct DNS functioning in multi-VLAN environment

professor_jonny · December 26, 2020, 10:41am

It seems to work with the cut down version of dnsmasq without issue.
however im having issues with UPNP operating in 19.07 but that seems to be a common problem.

stevennausak · December 28, 2020, 2:49pm

Hi, i want con configure the email address section to send report on a specific email address. Now he not send anything and probably something is set wrong, I've seen on documentation without success so i ask a little help if is possible. First tcpdump-mini is required to run this option i've already installed tcpdump for another service. Also the msmtp is already installed.

I'don't know if tcpdump mini may substitute the "mini" version even will be auspicable. Then the setting to compile in the proper section. Actually have done:

On general Setting:

On Advanced E-Mail setting:

Obviously the address xxxxx@xxxxx.xxxx contains a real and working address. Any suggestions? Thanks.

trmanco · December 28, 2020, 4:27pm

I've been having issues checking the DNS reporting tab since 4.0.7-3, I've tried deleting the generated DNS files but it didn't work. Am I missing something? I'm on 4.0.7-4 now and it has worked before.

dibdot · December 28, 2020, 6:32pm

No, it's a XHTML bug with this ancient theme. I've fixed this issue a few seconds ago in master and 19.07 branch. Please update/install the updated LuCI package in a few hours/days.

In the meantime use another theme, e.g. bootstrap should work just fine.

dibdot · December 28, 2020, 6:36pm

post the content of your msmtp config file please.

Regarding tcpdump: both package variants are working, if you're already using the full tcpdump version than just keep it - it's fine.

stevennausak · December 28, 2020, 8:58pm

That was the problem . I hadn't configured msmtp. In fact I looked for this type of configuration on AdBlock but it wasn't there and I didn't understand where to put the email account data. Now I have done this by editing the / etc / msmtprc file as follows:

account default

host smtp.gmail.com
port 587
auth on
* user account@gmail.com
* password password

auto_from off
* from account@gmail.com

tls on
tls_starttls on
tls_certcheck off

logfile
syslog LOG_MAIL

Obviously I have entered the correct data of the email account where I have asterisked.

dibdot · December 28, 2020, 9:27pm

Please doublecheck your config with the adblock readme example, e.g. your configured account "default" in msmtp doesn't match with the configured email profile "adb-notify" in adblock.

stevennausak · December 28, 2020, 10:01pm

@dibdot
i've modified the msmtp config . How can i test it?

dibdot · December 29, 2020, 10:31am

Start the script /etc/adblock/adblock.mail, optionally you could enable adblock debug logging to get more log output (if needed).

stevennausak · December 29, 2020, 11:06am

I've try to start the script both putty and ttyd package appositely installed (nice!) but happen this...seem nothing.

BusyBox v1.30.1 () built-in shell (ash)

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 -----------------------------------------------------
 OpenWrt 19.07.5, r11257-5090152ae3
 -----------------------------------------------------
root@routerone:/# /etc/adblock/adblock.mail
root@routerone:/#

The adblock logview:

Tue Dec 29 10:37:14 2020 user.info adblock-[4635]: mail sent to 'my.gmail.address@gmail.com' with rc '78'
Tue Dec 29 10:43:52 2020 user.info adblock-[5050]: mail sent to 'my.gmail.address@gmail.com' with rc '78'

The email address in the log-view is correct because i had sent twice with the script but no mail incomes yet.

Actual configuration is below:

[...]
defaults
auth            on
tls             on
tls_certcheck   off
timeout         5
syslog          LOG_MAIL
[...]
account         adb_notify
host            smtp.gmail.com
port            587
from            my.gmail.address@gmail.com
user            my.gmail.address
password        my.mail.password

Other parameters nedd co correct?

Thank you

Update: Also less secure app and IMAP already activated (needed on gmail account).

dibdot · December 29, 2020, 11:51am

Return code 78 means "config error" ...
Just to be sure you haven't included "[...]" in your msmtp config!? If so, please remove these placeholders and try it again.

stevennausak · December 29, 2020, 12:29pm

edited and retried

mail sent to '*******@gmail.com' with rc '0'

I put [...] because it was included in the notes. If it is useless I would recommend removing it.

Mail received. Now seem to work.

Can I advise if possible to make these settings possible directly from AdBlock without having to intervene from the terminal? I intend to keep the dependency on msmtp but to be able to configure from Ad-Block. If msmtp is not installed the menu remains white / not editable.