Adblock support thread

Been a user for quite a while, just updated to the latest, thanks for a great package!

I have noticed a slight oddity that I thought I'd mention, along with a question, that go with the DNS Query Report feature...

The question is on sorting of the top 10 listing. I wanted to be sure I'm right in that it reads in 3 columns, first being the total number of DNS requests of any kind (?) by client, then the most requested unblocked domains by domain, then the most requested blocked ones?

On to the odd thing. I was looking over things after moving to 3.8.4 yesterday, and adding one of andryou's lists to my collection... I noticed yet again how chatty my Roku box is, but there was something wierd.

Here's the report output in part:

Top 10 Reporting
Count	Name / IP-Address			Count	Domain				Count	Blocked Domain
1800	192.168.1.213				786	api-global.netflix.com		1128	cooper.logs.roku.com
1581	fde5:45cb:2b15::53f:4017:6ab2:90cf	599	www.google.com			208	scribe.logs.roku.com
830	LGwebOSTV.lan				177	spectrum.s3.amazonaws.com	118	ichnaea.netflix.com
668	amazon-7e76b5894.lan			176	push.prod.netflix.com		107	mobile-collector.newrelic.com

Filter the DNS Query result set for a particular domain, client or time frame.
cooper.logs.roku.com
 
Latest DNS Queries
Date	Time	Client	Domain	Answer	Action
2019-10-06	15:21:57	192.168.1.213	cooper.logs.roku.com	OK	
2019-10-06	15:21:27	192.168.1.213	cooper.logs.roku.com	NX	
2019-10-06	15:20:57	192.168.1.213	cooper.logs.roku.com	NX	
2019-10-06	15:20:27	192.168.1.213	cooper.logs.roku.com	NX	
2019-10-06	15:19:56	192.168.1.213	cooper.logs.roku.com	NX	
2019-10-06	15:19:26	192.168.1.213	cooper.logs.roku.com	NX	
2019-10-06	15:19:05	192.168.1.213	cooper.logs.roku.com	NX	

Apologies for not figuring out how to get the indenting fixed for the top of the table.
Basic thing is, I noticed that the cooper.logs.roku.com entry was at the top of the blocked domains, but in the list of most recent I noticed it as a non blacklisted item. And, a little farther down the list, there it was blocked.

Doing the filtered search shows a long list of blocked instances, with the most recent instance not blocked. Hmmm... Far as I can tell, there wasn't a reload to refresh the lists. I have a twice a day cron entry for that, but its hours off till the next one, so I don't know what happened there?

Any good explanation why this would happen?

Yep ... ... the report engine evaluates the tcpdump data at the report "refresh" time. If there is no response to the last request to "cooper.logs.roku.com" at this time, the Report Engine reports "OK" and not "NX". Probably I will simply ignore such incomplete records in the future ...

I have just read through the last 200 posts and I must say how impressed I am with Dirk's dedication to answer all questions here. Not only speaking of real issues with adblock, but also for a list of other issues ranging from general network issues to openwrt setup hints and beyond.

Thank you for that! Keep up the great work.

Although it's actually not a problem of adblock, i fixed it in 3.8.6-2

Hello,

need help, when I use adawy list my fire tv can coonect over wlan. I did whitelist amazonas.com and amazon.com it's not working.

Second is if I want download something from the appstore it's not working. Someone posted years ago this domains to whitelist it's not working anymore.

How can I update all the lists once a week and how can keep it up running all the time the adblock even when I restart the routers!?

gvt1 com
gvt2 com

Thanks for help.

@dibdot any plans on releasing the DNS query report feature on the regular branch? I had to switch back to the non snapshot release due to other packages and now I am really missing that piece of information.

I think on firetv is related to the actual apps you use with it. try those links below or google "whitelist urls" + the service you want to use. the pihole community has very extensive lists - both for blocking and whitelisting.

https://wolf-u.li/5954/domain-whitelist-fuer-die-nutzung-des-firetv-stick-unter-pihole/

Adblock 3.8.x will be included in 19.07 - I do not plan to backport this version to 18.06.

Is there any reason not to just install the later Adblock on 18.x.x? I've been running it on 18.06.4, apparently fine.

No, most probably it will just run fine ... I just don't have enough spare time to properly support older releases.

I am too running the latest adblock on 18.06.2 but with the old luci-app-adblock. which works fine, but of course, does not have reports.
the last time I tried to install the snapshot version of luci-app-adblock it somehow messed up the whole gui.
@JonP: do you have reports 18.06.4?
edit: nevermind. just tried - works fine. welcome back reports!

I think I remember, I had issues too till I removed and reinstalled everything. Helps to remember to get the LUCI interface up to same version, I did that as well...

Can it block by IP address? If not can you recommend something that can download a list of IP's and block them?

Nope, adblock is solely dns based. To block via IP look here: banIP support thread

hi can anyone help me, everytime i try to switch my DNS backend to Unbound i always get an Error Status on the Adblock luci and when i check the system log it give me the following reports.

Mon Oct 28 04:21:55 2019 user.err adblock-3.8.6-2[18057]: dns backend 'unbound' not running or executable
Mon Oct 28 04:21:55 2019 daemon.err adblock.sh[18057]: /usr/bin/adblock.sh: line 317: can't create /var/lib/unbound/adb_list.overall: nonexistent directory
Mon Oct 28 04:21:55 2019 user.err adblock-3.8.6-2[18057]: Please also check 'https://github.com/openwrt/packages/blob/master/net/adblock/files/README.md'
Mon Oct 28 04:25:00 2019 user.notice unbound: default protocol configuration
Mon Oct 28 04:25:00 2019 user.notice unbound: default memory configuration
Mon Oct 28 04:25:00 2019 user.notice unbound: default recursion configuration
Mon Oct 28 04:25:25 2019 daemon.info procd: Instance unbound::unbound s in a crash loop 6 crashes, 1 seconds since last crash
Mon Oct 28 04:25:38 2019 user.err adblock-3.8.6-2[18788]: dns backend 'unbound' not running or executable
Mon Oct 28 04:25:38 2019 user.err adblock-3.8.6-2[18788]: Please also check 'https://github.com/openwrt/packages/blob/master/net/adblock/files/README.md'

i have unbound-control installed so i'm not sure if im doing anything wrong.

Please make sure that your unbound installation works OK without adblock. If so you didn't use the usual unbound directory structure and you need to change 'adb_dnsdir' in your adblock config as well (should point to your main unbound runtime directory).

Does adblock use files under a folder like /tmp/tmp.filMID/ after it starts up? Looks like those are temporary files and some RAM could be saved if they are removed.

ls -l /tmp/adb_* /tmp/tmp.filMID/
-rw-r--r--    1 dnsmasq  root      19990384 Oct 30 20:19 /tmp/adb_list.overall
-rw-r--r--    1 root     root           396 Oct 30 20:19 /tmp/adb_runtime.json

/tmp/tmp.filMID/:
-rw-r--r--    1 root     root      21765337 Oct 30 20:08 tmp.jOgFAC.blacklist

That's OK, the latter one is the json status file ... and the first one is the blocklist file used by the dns backend. Said that, if you use adblock 3.8.x you can enable the extra option 'DNS File Reset' in the LuCI frontend to wipe this file after dns backend load (adblock takes care to re-generate this file whenever the dns backend reloads).

That's a bug caused by multiple start/restart/reload commands in parallel. This will be fixed with this PR (not merged yet): https://github.com/openwrt/packages/pull/10406

I might be mis-understanding how this is supposed to work, but the contents of /etc/adblock/adblock.blacklist is always used no matter if the blacklist - static local domain blacklist, always deny these domains is enabled or disabled.

Which adblock version? In 3.8.x you can't enable/disable the black- and whitelist anymore, they're always enabled ...