Adblock support thread


#690

Hey!

First of all thanks for this adblock, great work! :slight_smile:
I need your help, I'm using adblock_version : 3.5.5-4
and facing those two issues.

First problem,
I cannot send pic/vids/gifs etc with viber with none of my devices. (I can receive though without problems.)
I went to advanced / query and searched for www.viber.com and found the following which I whitelisted.
www.viber.com
viber.com
ads.viber.com
ads-d.viber.com
ads.aws.viber.com
After many adblock restarts some times I may be able to run viber without problems but if for some reason I have to rr my router then again viber is blocked.
Is there any way to find out the exact time I'm trying to send something, what is been blocked?

Second problem is that very often I'm getting Youtube ads in my TV.
is there any way I can turn off Youtube ads entirely?

Thanks for your time in advance.


#691

Please provide the following information, see here

Thanks!


#692

Since release 3.6.x "yes" via Report Engine, this release will be part of OpenWrt 19.x.

No ... search this thread for youtube.


#693

I love the new reporting feature; however, it appears to simply report queries that result in an NXDOMAIN. Unfortunately, this ends up with misleading information in the "Latest DNS Queries" panel.

In my specific example, we use Zoom conferencing. There is apparently a bug in the code where it repeatedly tries to resolve gateway-s.zoom.us. As of now, in my report, I have 2,234 attempts and several entries in the Latest DNS Queries with a "Whitelist" button next to them.

I saw this and had already whitelisted zoom.us, so I thought it was odd; however, thinking this might be causing issues with Zoom, I hit the Whitelist button and continued to see NXDOMAIN reports. I reloaded the blacklists with the same results. I finally restarted the router and still saw the same behavior. Suspecting there might be some other cause, I finally queried the Google DNS servers and found that gateway-s.zoom.us doesn't exist.

Would it be possible to:

  • Cross-reference the Top 10 panel against the blacklist and only flag queries in the Blocked Domains column that are explicitly blacklisted?
  • Do the same cross-referencing in the Latest Queries panel, but instead of a button, put a message along the lines of "unknown host"?

This would clean up the report a bit and would also save some hunting on the part of admins trying to figure out the source of an issue.


#694

No, that data comes from a detached tcpdump process without fancy (pre-)filter capabilities. To quickly find out NX domains which are not adblock related, just use the domain query: if the query doesn't find the blocked domain (e.g., 'gateway-s.zoom.us') than the NX is unrelated to adblock.

Edit: Said that, maybe it's useful to pull out the "Query domains" tab out of the advanced tab and place it beside the "DNS Query Report"!? Thoughts?


#695

hi dibdot!
i get the following message, if i want a report in cli:
/etc/init.d/adblock report
Error relocating /usr/bin/sort: explicit_bzero: symbol not found
Error relocating /usr/bin/sort: explicit_bzero: symbol not found

Other issue:
i dont have the new database query window in luci (see image).
adblock

My log: 
Sat Jan 19 10:30:31 2019 user.debug adblock-3.6.3[7235]: f_report ::: action: report, report: 1, search: +, count: 50, filter: false, print: true, reputil: /usr/sbin/tcpdump, repdir: /mnt/data/adblock, repiface: br-lan, replisten: 53, repchunksize: 1, repchunkcnt: 5, bg_pid: 6175
Sat Jan 19 10:32:25 2019 user.debug adblock-3.6.3[7324]: f_report ::: action: restart, report: 1, search: +, count: 50, filter: false, print: false, reputil: /usr/sbin/tcpdump, repdir: /mnt/data/adblock, repiface: br-lan, replisten: 53, repchunksize: 1, repchunkcnt: 5, bg_pid:
Sat Jan 19 10:32:26 2019 user.debug adblock-3.6.3[7324]: f_hash   ::: hash_util: /usr/bin/sha256sum, hash: a72f00020c7ce06be3d72c8b65ee53ab4077df63e141c68c6a855d5338221868, out_rc: 1
Sat Jan 19 10:32:26 2019 user.debug adblock-3.6.3[7324]: f_hash   ::: hash_util: /usr/bin/sha256sum, hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b, out_rc: 1
Sat Jan 19 10:32:33 2019 user.debug adblock-3.6.3[7324]: f_dnsup  ::: cache_util: -, cache_rc: -, cache_flush: 1, cache_cnt: 0, rc: 0
Sat Jan 19 10:32:33 2019 user.debug adblock-3.6.3[7324]: f_rmdns  ::: dns: dnsmasq, dns_dir: /tmp, dns_prefix: adb_list, dns_file: adb_list.overall, rt_file: /tmp/adb_runtime.json, backup_dir: /mnt/data/adblock
Sat Jan 19 10:32:33 2019 user.info adblock-3.6.3[7324]: adblock instance started ::: action: restart, priority: 0, pid: 7324
Sat Jan 19 10:32:34 2019 user.debug adblock-3.6.3[7324]: f_jsnup  ::: status: running, mode: normal mode, cnt: , notify: 1, notify_cnt: 25000, notify_pid: -
Sat Jan 19 10:32:34 2019 user.debug adblock-3.6.3[7324]: f_uci    ::: config: dhcp, change:
Sat Jan 19 10:32:34 2019 user.debug adblock-3.6.3[7324]: f_uci    ::: config: firewall, change:
Sat Jan 19 10:32:34 2019 user.debug adblock-3.6.3[7324]: f_main   ::: dns: dnsmasq, fetch_util: /bin/uclient-fetch (libustream-ssl), backup: 1, backup_mode: 0, dns_jail: 0, force_dns: 0, mem_total: 60, mem_free: 29, max_queue: 8
....
Sat Jan 19 10:33:02 2019 user.debug adblock-3.6.3[7324]: f_jsnup  ::: status: enabled, mode: normal mode, cnt: 38824, notify: 1, notify_cnt: 25000, notify_pid: -
Sat Jan 19 10:33:02 2019 user.info adblock-3.6.3[7324]: blocklist with overall 38824 domains loaded successfully (TP-Link TL-WR1043N/ND v3, OpenWrt 18.06.1 r7258-5eb055306f)
Sat Jan 19 10:34:10 2019 user.debug adblock-3.6.3[8014]: f_report ::: action: report, report: 1, search: +, count: 50, filter: false, print: true, reputil: /usr/sbin/tcpdump, repdir: /mnt/data/adblock, repiface: br-lan, replisten: 53, repchunksize: 1, repchunkcnt: 5, bg_pid: 7353

Thanks!


#696

I upgraded to 3.6.x and found some extra viber queries and it seems now that is working.
Will post back if it is not.

Will do.

Thank you for your swift replies :slight_smile:


#697

Said that, maybe it's useful to pull out the "Query domains" tab out of the advanced tab and place it beside the "DNS Query Report"!? Thoughts?

Hmm... So, here's my dilemma with that: I did, in fact, check the Query Domains tab and saw a "+" next to zoom.us. The issue I've run into in the past was where I would see domains blocked in spite of the fact that Query Domains shows them as being whitelisted, so I tend not to trust the results that come back from that tab. I was running into this exact issue with ProofPoint (I believe the domain is proofpoint.net), where Query Domains showed it whitelisted but it was still being blocked (I had added proofpoint.net on the Whitelist tab). It appears the Query Domains mechanism doesn't check to make sure the live rpz database is up-to-date and consistent with the white/blacklists, so reality can be inconsistent with the Query Domains results. I've struggled with this on numerous occasions trying to update the live database and it seems to be exacerbated with the "backup" checkbox being checked.

Given this, if my perception about how Query Domains works is correct (that it's not searching /var/lib/bind/adb_list.overall), perhaps the true fix would be to make the overall manual whitelisting process more intuitive. I should mention that I'm using a full bind DNS server on my OpenWRT instance.

If I'm incorrect as to how all of this works and my perception is wrong, my apologies. I love the adblock package and the new reporting feature is really nice. It's just that the process of adding a domain to the Whitelist tab has always been a source of frustration and it's never been clear how to update the live rpz database, short of (possibly) restarting adblock from the cli--and that's even iffy with the backup feature.


#698

Thanks for the report. Never seen such error, probably an out of memory condition. Please save report-data & backup files on an external USB-Stick and not on "/tmp" (which references by default to your routers tmpfs).

please reset your LuCI cache (rm -rf /tmp/luci-*)


#699

The "Query domains" function search through the final generated/used blocklist - nothing more. After adding domains to your black- or whitelist simply refresh your blocklist sources and the added domains should no longer be found (if you've added something to your whitelist, of course ;-).


#700

Perhaps adding a note to that effect to both the Blacklist and Whitelist tabs as well as automating that (or at least noting that fact) when you hit a Blacklist/Whitelist button on the report page would be helpful? I've used OpenWRT and Lede for a few years now, and adblock for at least two years and that's never been clear to me. I was initially under the impression that updating any of those lists would automatically take effect.


#701

Thanks dibdot,
i removed the pakage coreutils-sort and the error msg was gone!
For the interface i upgraded luci packeges from the snapshot repo and it solved my other probnle.

Thx!


#702

Hello there,
Updated with the latest snapshot adblock package + the luci package and runtime information seems not working. Suspend and Refresh button broken too. Any idea ?
Thanks
firefox_2019-01-20_09-11-41


#704

Looks like the adblock service is not enabled, enable the service in LuCI or run /etc/init.d/adblock enable and /etc/init.d/adblock start. Check the logs afterwards (logread -e "adblock").


#705

Hi there,
thanks for the reply.
Still the same but Adblock is 'working' it's just I have no info in Luci :slight_smile:

it's 'working' because it triggered not as much ip as I should expect (another issue I guess)

Mon Jan 21 20:36:34 2019 user.info adblock-3.6.3[17247]: adblock instance started ::: action: restart, priority: 0, pid: 17247
Mon Jan 21 20:36:37 2019 user.info adblock-3.6.3[17247]: blocklist with overall 3167 domains loaded successfully (Netgear Nighthawk X4S R7800, OpenWrt 18.06.1 r7258-5eb055306f)

#706

Please provide the output of /etc/init.d/adblock status and cat /tmp/adb_runtime.json. After that, please remove the json file and restart adblock.

Thanks!


#707

My fault, reporting was disabled. Works now as expected :slight_smile:


#708

Can you please add an option to disable the tcpdump reporting?

I have that tool installed, but don't care about that feature. And it just uses too much memory. The process is already big, but on top there's multiple MBs of tcpdump files in tmpfs!


#709

The option exist ('adb_report'), only the implementation is missing! :wink:
It's clearly a bug and fixed with the forthcoming release 3.6.4, see here


#710

How would I block/blacklist all subdomains for a domain; like *.xzy.com including xyz.com itself?
The Blacklist help states 'wildcards and regex are not' supported.