Adblock support thread

I should have written "without obviously whitelisting the guce.advertising.com website"

The idea is still being able to access the site without having them collect information trough that host

Maybe with an additional browser plugin - not on dns level.

updated to latest version (4.0) from 3.8, but got error: fs.exec_direct is not a function,, ,adblock status wasn't displayed on luci too,, ,any solution? thanks a lot..

Rebooted, deleted old config?

1 Like

same error: fs.exec_direct is not a function

Do a clean openwrt install and reinstall adblock 4 since this will ensure you don't have any old adblock 3.8 files or any other packages you have installed that may conflict.

1 Like

Thanks for the update!
But is the blocklist query function broken (in luci)?
Also why is conf-dir used now?
By default conf-dir is set to /tmp/dnsmasq.d.
Changing this does break other things that store config files there. (like vpn-policy-routing)

Your OpenWrt release is too old - please use the latest stable version (OpenWrt 19.07.2 r10947-65030d81f3).

1 Like

No - at least not in pre-release testers and my environments ... :wink:

Cause adblock 4 uses "address" and "local" syntax in the final blocklist. It's a bit faster than before and it supports redirections like we use for safesearch support now.

Than don't change it by now and ask @stangri if he can made this configurable in vpr, too.

Nope, please remove this part.

Yes sorry, I just noticed it doesn't work :smile:

I think this not possible.
There is no way to specify a conffile option in dnsmasq.
So vpn policy routing has to use /tmp/dnsmasq.d
And maybe other packages also relay on this functionality.
Maybe you can work around this by storing the final adb list file directly in /tmp/dnsmasq.d
and when the user specified a different path for the adb list create a link from there to /tmp/dnsmasq.d ?
But I don't with this works...when dnsmasq jailing is enabled im certain it will not work, unless the user specified path is also added to the jail.

Just specify the 'confdir' ... and use this dir for your generated dnsmasq related files.

?
I store my adb list file on an external storage.
adblock now sets the confdir to this external directory.
vpn policy routing doesn't seem to allow to configure a different path.
It is not possible to add more than one confdir option.
However it is possible to add multiple conf-files directives.
But there is no uci support for this.

And for blocklist source query.
Is it possible that it silently times out and just reports that nothing is found? (Because the block list is too large?)
Querying through command line works fine.

Yep, I understand that. I don't talk about multiple confdir options ... I talk about that other apps like vpr may also support this confdir syntax (and both are using the same in your config)

Most probably that's the case. There's nothing I can do/fix about it. Could you provide your cli adblock status?

Here is the status:

# /etc/init.d/adblock status
::: adblock runtime information
  + adblock_status  : enabled
  + adblock_version : 4.0.0
  + blocked_domains : 531968
  + active_sources  : adaway adguard andryou bitcoin disconnect dshield energized_blu hphosts malwaredomains malwarelist notracking oisd_nl openphish phishing_army reg_de smarttv spam404 stevenblack sysctl whocares winhelp winspy yoyo
  + dns_backend     : dnsmasq, /mnt/sda1/adblock/blocklists/dnsmasq-br-lan
  + run_utils       : /bin/uclient-fetch, /usr/bin/awk
  + run_ifaces      : trigger: wan, report: br-lan
  + run_directories : base: /tmp, backup: /mnt/sda1/adblock/backup, report: /mnt/sda1/adblock/reports/br-lan, jail: /tmp
  + run_flags       : backup: 1, reset: 0, flush: 1, force: 0, search: 0, report: 1, mail: 0, jail: 0
  + last_run        : start, 5m 33s, 509/276/292, 30.03.2020 10:29:50
  + system          : Linksys WRT1200AC, OpenWrt SNAPSHOT r12776+272-437eb41f23

1 Gb swap is enabled.
StevenBlack list was modified ( only block adware + malware)

Thanks, 23 sources ... most probably the search runs in a timeout during source archive scanning. I'll take a look if I can optimize that. At least I could provide a search option which excludes source archives from search.

For testing purposes :wink:

What about this:
/etc/init.d/dnsmasq
(the neg_ttl ca be ignored but I would like to see this also supported.. :smile:)

--- /rom/etc/init.d/dnsmasq	2020-03-30 06:31:20.000000000 +0200
+++ /etc/init.d/dnsmasq	2020-03-30 10:55:41.000000000 +0200
@@ -190,6 +190,10 @@
 	xappend "--addn-hosts=$1"
 }
 
+append_conffile() {
+	xappend "--conf-file=$1"
+}
+
 append_bogusnxdomain() {
 	xappend "--bogus-nxdomain=$1"
 }
@@ -890,6 +894,7 @@
 		config_list_foreach "$cfg" "notinterface" append_notinterface
 	}
 	config_list_foreach "$cfg" "addnhosts" append_addnhosts
+	config_list_foreach "$cfg" "conffile" append_conffile
 	config_list_foreach "$cfg" "bogusnxdomain" append_bogusnxdomain
 	append_parm "$cfg" "leasefile" "--dhcp-leasefile" "/tmp/dhcp.leases"
 	append_parm "$cfg" "serversfile" "--servers-file"
@@ -899,6 +904,7 @@
 	append_parm "$cfg" "max_ttl" "--max-ttl"
 	append_parm "$cfg" "min_cache_ttl" "--min-cache-ttl"
 	append_parm "$cfg" "max_cache_ttl" "--max-cache-ttl"
+	append_parm "$cfg" "neg_ttl" "--neg-ttl"
 	append_parm "$cfg" "pxe_prompt" "--pxe-prompt"
 	config_list_foreach "$cfg" "pxe_service" append_pxe_service
 	config_get DOMAIN "$cfg" domain

/usr/bin/adblock.sh

-- /rom/usr/bin/adblock.sh	2020-03-30 06:31:20.000000000 +0200
+++ /usr/bin/adblock.sh	2020-03-30 11:15:23.000000000 +0200
@@ -562,12 +562,12 @@
 			config="dhcp"
 			for instance in ${adb_dnsinstance}
 			do
-				if [ "${adb_enabled}" -eq 1 ] && [ -z "$(uci_get dhcp "@dnsmasq[${instance}]" confdir | grep -Fo "${adb_dnsdir}")" ]
+				if [ "${adb_enabled}" -eq 1 ] && [ -z "$(uci_get dhcp "@dnsmasq[${instance}]" conffile | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
 				then
-					uci_set dhcp "@dnsmasq[${instance}]" confdir "${adb_dnsdir}"
-				elif [ "${adb_enabled}" -eq 0 ] && [ -n "$(uci_get dhcp "@dnsmasq[${instance}]" confdir | grep -Fo "${adb_dnsdir}")" ]
+					uci -q add_list dhcp."@dnsmasq[${instance}]".conffile="${adb_dnsdir}/${adb_dnsfile}"
+				elif [ "${adb_enabled}" -eq 0 ] && [ -n "$(uci_get dhcp "@dnsmasq[${instance}]" conffile | grep -Fo "${adb_dnsdir}/${adb_dnsfile}")" ]
 				then
-					uci_remove dhcp "@dnsmasq[${instance}]" confdir
+					uci -q del_list dhcp."@dnsmasq[${instance}]".conffile="${adb_dnsdir}/${adb_dnsfile}"
 				fi
 			done
 		;;

That will only work with the domain blocking part...
For the other functions/features... I haven't looked at them yet.

And all conf files need to be added to the jail of course, when dnsmasq jailing is enabled.

Feel free to discuss dnsmasq changes/enhancements with the respective maintainer, in the meantime I'm using parameters in adblock which are available in 19.07 and master.

FYI, I did a build of trunk just now. Adblock is not working.

root@OpenWrt:~# opkg update
Downloading http://downloads.openwrt.org/snapshots/targets/lantiq/xrx200/packages/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_core
Downloading http://downloads.openwrt.org/snapshots/targets/lantiq/xrx200/packages/Packages.sig
Signature check passed.
Downloading http://downloads.openwrt.org/snapshots/packages/mips_24kc/base/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_base
Downloading http://downloads.openwrt.org/snapshots/packages/mips_24kc/base/Packages.sig
Signature check passed.
Downloading http://downloads.openwrt.org/snapshots/packages/mips_24kc/luci/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_luci
Downloading http://downloads.openwrt.org/snapshots/packages/mips_24kc/luci/Packages.sig
Signature check passed.
Downloading http://downloads.openwrt.org/snapshots/packages/mips_24kc/packages/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_packages
Downloading http://downloads.openwrt.org/snapshots/packages/mips_24kc/packages/Packages.sig
Signature check passed.
Downloading http://downloads.openwrt.org/snapshots/packages/mips_24kc/routing/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_routing
Downloading http://downloads.openwrt.org/snapshots/packages/mips_24kc/routing/Packages.sig
Signature check passed.
Downloading http://downloads.openwrt.org/snapshots/packages/mips_24kc/telephony/Packages.gz
Updated list of available packages in /var/opkg-lists/openwrt_telephony
Downloading http://downloads.openwrt.org/snapshots/packages/mips_24kc/telephony/Packages.sig
Signature check passed.
root@OpenWrt:~# opkg list adblock
adblock - 4.0.0-1
adblock - 3.8.15-1 - Powerful adblock script to block ad/abuse domains via dnsmasq, unbound, named or kresd.
 The script supports many domain blacklist sites plus manual black- and whitelist overrides.
 Please see https://github.com/openwrt/packages/blob/master/net/adblock/files/README.md for further information.
root@OpenWrt:~# opkg install adblock --force-reinstall --force-maintainer
No packages removed.
Installing adblock (4.0.0-1) to root...
Collected errors:
 * opkg_download_pkg: Package adblock is not available from any configured src.
 * opkg_install_pkg: Failed to download adblock. Perhaps you need to run 'opkg update'?
 * opkg_install_cmd: Cannot install package adblock.
root@OpenWrt:~# uname -a
Linux OpenWrt 5.4.28 #0 SMP Mon Mar 30 03:28:11 2020 mips GNU/Linux

Nope, adblock is not available for this target yet. Please use the download links in the first post.

I've added a query timeout to make sure that the query comes back latest after 30 seconds, to prevent any web frontend timeouts ... with all results to this point.

1 Like