Adblock support thread

I've read discussion in the thread from a few years ago about performance and using addn-hosts block method vs. using the address directive. I am running 4.1.3 and my installation still seems to be using address directives (>50K of them!) rather than addn-hosts. The performance of dnsmasq on my router is horrible with those >50K address directives.

How do I switch to using add-hosts? I don't see any of the DNS Backend knobs in LuCI that were discussed a few years ago to select which mechanism to use.

Update: Looking through this thread a bit more, I see a posting that says adblock never uses addn-hosts, but I am sure I read topics before it and after it with people referring to it.

In any case, if dnsmasq and it's address directive are so horribly inefficient is the solution here to switch DNS servers to something else such as unbound or bind even?

Replaced dnsmasq with unbound. CPU usage is much much lower now.

1 Like

But now unbound is OOMing the device and being killed by the OOM-killer. :frowning_face:

There's a "jail" feature for that. But I don't know how to configure it.

"Jail" feature for unbound?

What I do for this is selective DNS hijacking. I direct everything by default to the CleanBrowsing Family Filter DNS which I'd thoroughly recommend for blocking vile content - it blocks almost all porn and enforces safe search on Google images and YouTube. Any DNS requests by clients on port 53 are hijacked and go to the CleanBrowsing server. Then for certain MAC addresses (televisions and iPad) I redirect to Cloudflare instead.

And 'this device' i.e. router is set to use CleanBrowsing Family Filter via stubby.

I think you could do the same to achieve what you are looking for?

2 Likes

Thank you for the info.

1 Like

Hi there, newbie here.
I've been running Adblock with dnsmasq + "forcing local DNS" and it has been working well.
Now, I was trying to make "stubby" work to forward DNS requests from specific hosts on my LAN via DoT, but I can't get it to work.

What I am trying to achieve:

  1. Some hosts to resolve DNS via Adblock in the Openwrt router
  2. Some hosts to resolve DNS using external specific DNS Server, via DoT

For #2, I am trying to setup Stubby, but it only works when I disable Adblock.

Is there a way to accomplish #1 and #2? Do I need 2 instances of a DNS server running in the OpenWRT router?

Thank you!

Hi, i can't find the log. /tmp/adblock-Report does'nt exists

1

Have you run a report since your last reboot/restart?

1 Like

Thank you guy, option not saw and not flagged. Now it work.

I don't know the details, the documentation lacks in that department.

Hello, how can I decrease host file size? I can see that the adblock package already has some compression features, but I was wondering what the end result looks like. Looking at some domain blocking files in unbound, dnsmasq, and the generic /etc/host file I can see a lot of bloat. First and foremost a lot of these solutions use 127.0.0.1 instead of 0.0.0.0, a whole 2 bytes larger! This would not be much of an issue if it wasn't for the fact that this ip address is repeated for every single blocked domain. I understand the idea behind the host file is to map ip addresses to domain names, so it makes sense to have to explicitly define the ip address for each domain in the standard case. But when using local dns resolvers like dnsmasq and unbound with there own domain blocking files and formats, shouldn't the setup be smart enough to just set the sinkhole ip address to a single character variable and process it from there? Am I missing something in regards to smaller domain blocking?

Sounds quite weird - adblock uses NXDomain since years without any IPs in their blocklist.

Which router? Please post the output of /etc/init.d/adblock status - thanks.

No, it's only useable for a second dnsmasq instance.

Yep, via cron. Just setup an appropriate timer (see "Refresh Timer" in adblock/LuCI).

1 Like

Yes but does it copy paste "NXDOMAIN" for every single line in the block list? Or is the final result just a blocklist without "NXDOMAIN" written in it and when it gets processed by the program it then adds "NXDOMAIN" as a variable in memory?

Which router?

GL.iNet GL-AR750

Please post the output of /etc/init.d/adblock status - thanks.

# /etc/init.d/adblock status
::: adblock runtime information
  + adblock_status  : enabled
  + adblock_version : 4.1.3
  + blocked_domains : 51069
  + active_sources  : adaway, adguard, disconnect, yoyo
  + dns_backend     : unbound (unbound-control), /var/lib/unbound
  + run_utils       : download: /usr/bin/curl, sort: /usr/libexec/sort-coreutils, awk: /bin/busybox
  + run_ifaces      : trigger: trm_wwan, report: br-lan
  + run_directories : base: /tmp, backup: /tmp/adblock-Backup, report: /tmp/adblock-Report, jail: /tmp
  + run_flags       : backup: ✔, flush: ✘, force: ✔, search: ✘, report: ✔, mail: ✔, jail: ✘
  + last_run        : start, 0m 40s, 123/43/29, 2022-08-25T15:29:08-04:00
  + system          : GL.iNet GL-AR750, OpenWrt 21.02.3 r16554-1d4dea6d4f

But how is any of the that relevant to the issue of unbound OOMing? Amount of blocked_domains?

Hi,
great addon. thanks.
how can i block google search ads?