No, pi-hole like statistics are not supported.
Hi, can someone provide an example for Jail feature?
I already have guest VLAN and would like to have whitelist-jail for it, while keeping usual adblock functionality for my main network.
I made sure my adb_list.jail was generated but what should I do next?
Just reference this file in your second dnsmasq instance, e.g.:
option serversfile '/tmp/adb_list.jail'
It does not work for me: I created second entry for dnsmasq config on VLAN ip, I made sure when I connected guest wifi I had that ip ( 192.168.17.1) as my dns server. But I still can access servers outside of my whitelist
jail file:
server=/wikipedia.org/#
server=/#/
dhcp file
config dnsmasq 'all'
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.auto'
option nonwildcard '1'
option localservice '1'
option sequential_ip '1'
option filterwin2k '1'
option serversfile '/tmp/adb_list.overall'
option interface 192.168.16.1
option nonwildcard '1'
config dnsmasq 'guest'
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp_guest.leases'
option resolvfile '/tmp/resolv.conf.auto'
option nonwildcard '1'
option localservice '1'
option sequential_ip '1'
option filterwin2k '1'
option serversfile '/tmp/adb_list.jail'
option interface 192.168.17.1
option nonwildcard '1'
Your interface config looks wrong to me, 'interface' should point to a logical interface name (e.g. 'lan') and not to an IP address. Said that, I'm not an dnsmasq expert, maybe it's better to search the forum for such dnsmasq configuration examples with multiple dnsmasq instances.
Hi. I want to ask about the correct configs to make adblock works for all my devices. Sometimes when I use firefox on ubuntu, the ads are totally blocked but when I change into firefox on windows 10, the ads keep coming through.
Here is my dhcp config:
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option nonwildcard '1'
option localservice '1'
option serversfile '/tmp/adb_list.overall'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option force '1'
option dhcpv6 'server'
option ra 'server'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config domain 'localhost'
option name 'console.gl-inet.com'
option ip '192.168.8.1'
Adblock status for the current situation:
root@GL-AR300M:~# /etc/init.d/adblock status
::: adblock runtime information
+ adblock_status : enabled
+ adblock_version : 3.5.2
+ overall_domains : 74243 (normal mode)
+ fetch_utility : /usr/bin/wget (built-in)
+ dns_backend : dnsmasq (/tmp)
+ last_rundate : 07.10.2018 22:24:43
+ system_release : GL.iNet GL-AR300M, OpenWrt 18.06.0-rc1 r7090-d2aa3a1b62
When I try to nslookup within windows, the result is:
C:\Users\pakeko>nslookup speedtest. net
Server: UnKnown
Address: fdf8:3f22:ee7::1
Non-authoritative answer:
Name: speedtest .net
Addresses: 2a04:4e42:600::731
2a04:4e42::731
2a04:4e42:400::731
2a04:4e42:200::731
151.101.194.219
151.101.130.219
151.101.66.219
151.101.2.219
C:\Users\pakeko>nslookup speedtest .net 192.168.8.1
Server: console .gl-inet.com
Address: 192.168.8.1
Non-authoritative answer:
Name: speedtest. net
Addresses: 2a04:4e42:200::731
2a04:4e42:600::731
2a04:4e42::731
2a04:4e42:400::731
151.101.2.219
151.101.194.219
151.101.130.219
151.101.66.219
Please guide me. Thanks
Probably your windows client does not use your router dns - please re-check your settings. However you can force the usage of the router dns via 'adb_forcedns' option (see readme).
I just updated to a snapshot build and have AdBlock 3.5.5-2, but the "winspy" URL in the config file is still the old one, and not the one in the GitHub source. Very strange. I changed it manually and get 322 domains, so it works now. Just informational.
Installed Adblock 3.5.5-2 and the luci-app-adblock for the web interface.
But is it normal that it's only showing " Overall Domains 10285 (normal mode)", when I've selected multiple sources with quite a few of them having over 10k domains alone?
Startup Trigger is WAN, ufetch to download and dnsmask(/tmp) for backend.
edit: Just tried removing all sources except one, adaway, now it says 0. Something isn't working here...
Sun Oct 14 00:25:25 2018 user.info adblock-3.5.5-2[12688]: adblock instance started ::: action: reload, priority: 0, pid: 12688
Sun Oct 14 00:25:26 2018 user.info adblock-3.5.5-2[12688]: blocklist with overall 0 domains loaded successfully (NETGEAR WNDR4300, OpenWrt 18.06.1 r7258-5eb055306f)
Please enable debug logging and check the logs, probably your download utility lacks of SSL support.
That may just be it, after enabling debug mode, it tells me
log: /bin/uclient-fetch: SSL support not available, please install one of the libustream-.*[ssl|tls] packages as well as the ca-bundle and ca-certificates packages.
But, when I tried to install the ssl package, it tell me
Collected errors:
* satisfy_dependencies_for: Cannot satisfy the following dependencies for luci-ssl-nginx:
* nginx-ssl * nginx-mod-luci-ssl * libustream-openssl * openssl-util *
* opkg_install_cmd: Cannot install package luci-ssl-nginx.
I then tried to install the dependencies through Software, but it spout out similar errors that I was missing dependencies. Is there a package that contains everything I need or a guide on every parts in order?
You just need install libustream-mbedtls.
Are you command "opkg update" before opkg install packages ?
Couldn't see "libustream-mbedtls" at all in Available Software (GUI, not SSH/Telnet). (there were errors when trying to fetch all the packages from the feeds, could be why...)
Reinstalled the openwrt image through tftf, suddenly I'm not getting any error after updating the software center, I can see "libustream-mbedtls" in available software, it installed without any issues.
Installed Adblock and luci-app-adblock.
Now everything works with SSL enabled.
But, now I would love to know why this host list that I'm trying to add, only shows as "1 domain" ;
https://raw.githubusercontent.com/StevenBlack/hosts/master/alternates/fakenews-gambling/hosts
Also, some lists seems to fail to connect?, even though I manually checked the url and they work just fine... aaaaand I'm still seeing tons of ads everywhere even though there's over 60k domains loaded, nothing seems to be blocked. I'm just about ready to give up. what am I doing wrong now...
Mon Oct 15 22:21:38 2018 user.info adblock-3.5.5-2[8148]: adblock instance started ::: action: reload, priority: 0, pid: 8148
Mon Oct 15 22:21:38 2018 user.debug adblock-3.5.5-2[8148]: f_jsnup::: status: running, mode: normal mode, cnt: 73068, notify: 0, notify_cnt: 0, notify_pid: -
Mon Oct 15 22:21:38 2018 user.debug adblock-3.5.5-2[8148]: f_uci ::: config: dhcp, change:
Mon Oct 15 22:21:39 2018 user.debug adblock-3.5.5-2[8148]: f_uci ::: config: firewall, change:
Mon Oct 15 22:21:39 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: dns: dnsmasq, fetch_util: /bin/uclient-fetch (libustream-ssl), backup: 0, backup_mode: 0, dns_jail: 0, force_srt: 1, force_dns: 0, mem_total: 125, mem_free: 82, max_queue: 8
Mon Oct 15 22:21:39 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: adaway, enabled: 1
Mon Oct 15 22:21:39 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: easyfr, enabled: 1
Mon Oct 15 22:21:39 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: easylist, enabled: 1
Mon Oct 15 22:21:39 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: adguard, enabled: 1
Mon Oct 15 22:21:39 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: bitcoin, enabled: 1
Mon Oct 15 22:21:39 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: disconnect, enabled: 1
Mon Oct 15 22:21:39 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: dshield, enabled: 1
Mon Oct 15 22:21:39 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: hphosts, enabled: 1
Mon Oct 15 22:21:40 2018 user.debug adblock-3.5.5-2[8148]: f_list ::: name: adaway, mode: download, cnt: 409, in_rc: 0, out_rc: 0
Mon Oct 15 22:21:44 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: disconnect, url: https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt, rc: 4, log: Downloading 'https://s3.amazonaws.com/lists.disconnect.me/simple_malvertising.txt' Failed to establish connection
Mon Oct 15 22:21:44 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: dshield, url: https://www.dshield.org/feeds/suspiciousdomains_Low.txt, rc: 4, log: Downloading 'https://www.dshield.org/feeds/suspiciousdomains_Low.txt' Failed to establish connection
Mon Oct 15 22:21:44 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: hphosts, url: https://hosts-file.net/ad_servers.txt, rc: 4, log: Downloading 'https://hosts-file.net/ad_servers.txt' Failed to establish connection
Mon Oct 15 22:21:45 2018 user.debug adblock-3.5.5-2[8148]: f_list ::: name: bitcoin, mode: download, cnt: 473, in_rc: 0, out_rc: 0
Mon Oct 15 22:21:59 2018 user.debug adblock-3.5.5-2[8148]: f_list ::: name: adguard, mode: download, cnt: 22174, in_rc: 0, out_rc: 0
Mon Oct 15 22:22:04 2018 user.debug adblock-3.5.5-2[8148]: f_list ::: name: easylist, mode: download, cnt: 25411, in_rc: 0, out_rc: 0
Mon Oct 15 22:22:04 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: malware, enabled: 1
Mon Oct 15 22:22:04 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: malwarelist, enabled: 1
Mon Oct 15 22:22:04 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: openphish, enabled: 1
Mon Oct 15 22:22:04 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: ransomware, enabled: 1
Mon Oct 15 22:22:04 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: reg_ru, enabled: 1
Mon Oct 15 22:22:05 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: shalla, enabled: 1
Mon Oct 15 22:22:05 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: ut_capitole, enabled: 1
Mon Oct 15 22:22:05 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: whocares, enabled: 1
Mon Oct 15 22:22:07 2018 user.debug adblock-3.5.5-2[8148]: f_list ::: name: malwarelist, mode: download, cnt: 1129, in_rc: 0, out_rc: 0
Mon Oct 15 22:22:10 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: shalla, url: http://www.shallalist.de/Downloads/shallalist.tar.gz, rc: 4, log: Downloading 'http://www.shallalist.de/Downloads/shallalist.tar.gz' Failed to establish connection
Mon Oct 15 22:22:10 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: ut_capitole, url: https://dsi.ut-capitole.fr/blacklists/download/blacklists.tar.gz, rc: 4, log: Downloading 'https://dsi.ut-capitole.fr/blacklists/download/blacklists.tar.gz' Failed to establish connection
Mon Oct 15 22:22:10 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: whocares, url: http://someonewhocares.org/hosts/hosts, rc: 4, log: Downloading 'http://someonewhocares.org/hosts/hosts' Failed to establish connection
Mon Oct 15 22:22:11 2018 user.debug adblock-3.5.5-2[8148]: f_list ::: name: ransomware, mode: download, cnt: 1903, in_rc: 0, out_rc: 0
Mon Oct 15 22:22:12 2018 user.debug adblock-3.5.5-2[8148]: f_list ::: name: openphish, mode: download, cnt: 3688, in_rc: 0, out_rc: 0
Mon Oct 15 22:22:23 2018 user.debug adblock-3.5.5-2[8148]: f_list ::: name: malware, mode: download, cnt: 26824, in_rc: 0, out_rc: 0
Mon Oct 15 22:22:30 2018 user.debug adblock-3.5.5-2[8148]: f_list ::: name: reg_ru, mode: download, cnt: 22957, in_rc: 0, out_rc: 0
Mon Oct 15 22:22:30 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: winspy, enabled: 1
Mon Oct 15 22:22:30 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: youtube, enabled: 1
Mon Oct 15 22:22:30 2018 user.debug adblock-3.5.5-2[8148]: f_main ::: name: yoyo, enabled: 1
Mon Oct 15 22:22:31 2018 user.debug adblock-3.5.5-2[8148]: f_list ::: name: winspy, mode: download, cnt: 343, in_rc: 0, out_rc: 0
Mon Oct 15 22:22:32 2018 user.debug adblock-3.5.5-2[8148]: f_list ::: name: youtube, mode: download, cnt: 171, in_rc: 0, out_rc: 0
Mon Oct 15 22:22:33 2018 user.debug adblock-3.5.5-2[8148]: f_list ::: name: yoyo, mode: download, cnt: 2618, in_rc: 0, out_rc: 0
Mon Oct 15 22:22:34 2018 user.debug adblock-3.5.5-2[8148]: f_list ::: name: overall, mode: merge, cnt: 108100, in_rc: 0, out_rc: 0
Mon Oct 15 22:22:34 2018 user.debug adblock-3.5.5-2[8148]: f_hash ::: hash_util: /usr/bin/sha256sum, hash: e3c81322a9d7d8e22261dfbb52b3bb4772b89cdc922a289a4886566111e57146, out_rc: 1
Mon Oct 15 22:24:07 2018 user.debug adblock-3.5.5-2[8148]: f_tld ::: source: /tmp/tmp.KFMHPd/adb_list.overall, cnt: 108100, cnt_srt: 70387, cnt_tld: 67847
Mon Oct 15 22:24:18 2018 user.debug adblock-3.5.5-2[8148]: f_list ::: name: overall, mode: final, cnt: 67847, in_rc: 0, out_rc: 0
Mon Oct 15 22:24:19 2018 user.debug adblock-3.5.5-2[8148]: f_hash ::: hash_util: /usr/bin/sha256sum, hash: 706831970d7af7f32de8665071dc9fc4d7127a3922fbe9b9b9d4b7676dfcb212, out_rc: 1
Mon Oct 15 22:24:19 2018 user.debug adblock-3.5.5-2[8148]: f_dnsup::: cache_util: -, cache_rc: 0, cache_flush: 0, cache_cnt: 0, rc: 0
Mon Oct 15 22:24:19 2018 user.debug adblock-3.5.5-2[8148]: f_jsnup::: status: enabled, mode: normal mode, cnt: 67847, notify: 0, notify_cnt: 0, notify_pid: -
Mon Oct 15 22:24:19 2018 user.info adblock-3.5.5-2[8148]: blocklist with overall 67847 domains loaded successfully (NETGEAR WNDR4300, OpenWrt 18.06.1 r7258-5eb055306f)
Maybe your router / uplink can't handle 8 downloads in parallel. Start with the defaults and set "Max. Download Queue" in LuCI to "4". BTW, setting "Force Sort" is needless in your environment, cause your router has already 128 MB RAM.
How do you do that? Please provide your config excerpt with that source.
Make sure that your clients use your local/routers DNS. Test with nslookup that e.g. "doubleclick.net" returns NXDOMAIN.
Alright, got my lists to work and I can see in the log that it's downloading the whole thing now, had to change the "option adb_src_rset" line, I had used 128.0.0.1 instead of 0.0.0.0
Not sure what you mean here? How do I do that
From further testing, I found that, on mobile (wireless, on LAN interface), Adblock is working, didn't have to do any extra config for it to work there. It's blocking ads, and youtube, and many other websites... so I disabled everything except the ones I manually added and now it's working on just the ads as intended. (will require more testing to find which list blocks everything... probably hphost)
BUT, that's just for my mobile devices. On desktop, wired via Ethernet, it's not working, at all. I don't know what I'm doing wrong, it just doesn't work wired.
Edit : When you try to diagnose why Youtube doesn't work with your config... Only to find out it's youtube itself that's having a rare server issue, not the config.
I want the time I wasted on this back... (still doesn't work wired though)
1 Like
over firefox61, can not use this
Yep, the webextensions API does no longer support this - a still working approach is described here: Adblock support thread
Hi all, just wanted to say thank you for all the hard work that's put into adblock and let others know of a solution to a little problem I had with an Amazon Kindle Fire tablet on my network.
When I enabled adblock on my WRT32X (running one of @davidc502's builds) it was blocking ads nicely but I noticed my Amazon Kindle Fire HD 8 had an exclamation mark over the WiFi logo. Settings stated "internet service not working", although all browsing, etc. worked fine. Some tcpdump'ing on the router showed it was doing a DNS lookup for 'spectrum.s3.amazonaws.com' as soon as it associated. Adding this hostname to the adblock whitelist and restarting the service has gotten rid of the exclamation mark. I believe it was a purely cosmetic issue, as the rest of the tablet operated fine, but this fixes it nonetheless.
1 Like
WiteWulf,
Thanks for that tidbit. I have a hardly-used Kindle Fire Tablet in my house and have been curious as to the reason that little exclamation mark existed over the wifi yet it all seemed to work well. I'm going to keep spectrum.s3.amazonaws.com blocked however it's nice to know the reason.
1 Like
Hmmm...further to my previous post re. Kindle Fire HD and "internet service not working" my other half has now pointed out that she can't download books to her Kindle with adblock turned on. I'm gonna have to do some more digging as it looks like the amazon filtering is a little too enthusiastic.