Hi,
deeply undocumented but possible ...
Change the rep_info line like that:
rep_info="$(/etc/init.d/adblock report + 500 true cli 2>/dev/null)"
this generates a report with the last 500 DNS requests ....
1 Like
I tested this ...
It took 2 minutes and 50 seconds to be generated on a TP-Link WDR4300 and fired to my email ...
I will check an amount that I find interesting, but knowing the place where I must change it is much easier!
1 Like
This sounds like a good place to ask a question I had... I just started using the DNS over HTTPS package, and wonder if there are any issues with Adblock.
I haven't noticed any issues after a few days, but I wanted to go back to using Force Local DNS, which I don't have on right now.
I see in the box, if I hit the check, there are 53, 853, 5353 as what it would fill in. Wondering if you can tell if that's correct. Or, if somebody(s) out there have already been running both of these features, and how it's been going.
Hi dibdot.. Many thanks for your support here. Is this functionality added to GUI on next release?
An new query here. In my DNS reports, I am getting a lot IPV6 address instead of internal machines hostname or IPV4 address. May be there is nothing to with AdBlock on this. But how can I eliminate it? Disable IPV6 DHCP releases completely? I tried that but it fully broken my DHCP server and forwarding of packets. Any better way please
https://forum.openwrt.org/t/the-best-package-to-encrypt-your-dns-traffic/92363
Looks like this thread overlaps into my question about issues between Adblock and DNS over HTTPS (and other DNS encrypting methods)
Short answer, doesnt seem to break anything, but things might run a bit slower. They're still arguing about the premise of his thread, though.
@dibdot I noticed that download of 'games_tracking' failed for my router.
I checked out it's github and they changed a path to hosts list, new path is:
https://raw.githubusercontent.com/KodoPengin/GameIndustry-hosts-Template/master/Main-Template/hosts
Could you please update the url for games_tracking?
So, back to my DNS over HTTPS question, nobody else running that and Adblock?
Am still wondering if thse are the correct ports, if I force local DNS. Have been out of town the past week or so, havent had the chance to try it and see.
Thanks for the info - updated in 19.07, 21.02 and master branch.
1 Like
I am using force local DNS in Adblock and using port 53. I was having some clients which uses port 53, but some other external DNS servers. After enabling this settings, those traffic destined on port 53 (but other DNS server) forced to port 53 of the local DNS server. This is my setting. Again I am not using DNS over HTTPS. In this case, DNS over HTTPS may using a different port?, if so, you need to manually use that in firewall configuration. the rule that created by the above configuration in screenshots is under "Port forwards" under firewall configuration and it is easy to change the port 53 to a custom port. But I think it is good to create a new rule with the custom port.
Sorry if this has been asked before but I've recently switched from Pi-hole to Adblock on OpenWrt to reduce complexity. I like the built in force DNS, email and DNS stats.
The one thing I've noticed is the block and allow lists don't support regex inputs, only domains. Is there any chance in the future for these to be regex aware at all? I'm aware this will add complexity and possibly additional memory requirements to parse regex rules, but can reduce the amount of overall domain entries in some cases.
Nope, regex are not supported in dns backends like dnsmasq, unbound, bind or kresd.
Can you give an example, pls, where regex would be desirable ?
Thanks for your reply. No worries, thought I'd just ask. Coming from Pi-Hole more recently regex support was added for the allow and block lists, I assume they are translating the regex into plain domain entries before going into dnsmasq.
Basic example say for multiple clientsx.google.com domains.
Manually:
clients1.google.com
clients2.google.com
clients3.google.com
clients4.google.com
clients5.google.com
clients6.google.com
Regex:
clients[1-6].google.com$
Nope, they're using a dnsmasq fork called FTL with pihole specific enhancements.
1 Like
Sorry, I meant a real world example.
Being able to reduce the amount of overall domain rules I guess? If you can write a single rule that collapses several explicit domain rules that is less rules overall to have to manage but comes with memory and performance issues I'd imagine given regex can be inefficient with resources in some scenarios.
Not major though. I just wondered I only had a few in Pi-Hole previously.
Just note: in master there is a new adblock version 4.1.1 (version history see first post). There is one new feature to support client segregation based on their IP address:
* support the RPZ trigger 'RPZ-CLIENT-IP' to always allow/block certain clients based on their IP (currently only supported by bind!)
In LuCI you'll find two new input fields under "Advanced DNS Settings", e.g.
As noted, this RPZ-trigger feature is currently only supported in bind but hopefully unbound and kresd will follow sometime ...
For details check https://tools.ietf.org/id/draft-vixie-dnsop-dns-rpz-00.html#rfc.section.4.1
1 Like
reg_pl1's address is now https://raw.githubusercontent.com/PolishFiltersTeam/KAD/master/KAD.txt I believe
utcapitole is giving me issues as well, but not sure as to the cause as the extracted link works fine:
Tue Apr 20 03:21:08 2021 user.info adblock-4.0.7[9120]: download of 'utcapitole' failed, url: https://dsi.ut-capitole.fr/blacklists/download/blacklists.tar.gz, rule: /^([[:alnum:]_-]{1,63}\.)+[[:alpha:]]+([[:space:]]|$)/{print tolower($1)}, categories: publicite bitcoin cryptojacking ddos malware phishing warez, rc: 0, log: Downloading 'htt/tmp/tmp.ALpppF/blac 34% |********** | 6816k 0:00:14 ETA3.49.48.249:443 Writing to '/tmp/tmp.ALpppF/blacklists.tar.gz'
Tue Apr 20 03:21:08 2021 user.info adblock-4.0.7[9120]: archive extraction of 'utcapitole' failed, categories: publicite bitcoin cryptojacking ddos malware phishing warez, entries: , rc: 0
Disk and RAM seem ok space wise..