Thanks, I will change the source with the next update.
1 Like
Hello,
I don't see any option for the "DNS Blocking Variant" under luci for my settings. I'd like to try the null/addn-hosts method for blocking. Any advice/commands would be greatly appreciated!
Just to add, I've looked here: https://github.com/openwrt/packages/tree/master/net/adblock/files and am on 4.0.7. I'm hoping that if it's not in luci, I could just edit the adblock file?
Thanks!
I installed adblock as per CLI script, did not do too much tweaking, but did install DNS report and tcpdump-mini. No errors, all nicely active.
But it is doing anything. I have the impression noting much is blocked. It does report the default lists active, but my uBlock is showing pretty much the same amount of browser intercept (meaning they are not intercepted at the router?)
Mostly I am OK with uBlock Origin on PC, but I would like to block YouTube ad's on my TV and Chromecast/Phone.
EDIT: never mind. It is all working as is. PC does not show much, because uBlock is too fast, it ensures the DNS does not even go out. And YouTube on Chromecast/Android simply is not possible.
Too bad.
Some info:
Sun Jun 13 11:08:53 2021 user.info adblock-4.1.2[4800]: adblock instance started ::: action: reload, priority: 0, pid: 4800
Sun Jun 13 11:09:35 2021 user.info adblock-4.1.2[4800]: blocklist with overall 41746 blocked domains loaded successfully (TP-Link Archer C7 v2, OpenWrt 21.02.0-rc2 r16122-c2139eef27)
root@ROUTER_MDH:~# /etc/init.d/adblock list
::: Available adblock sources
:::
Name Enabled Size Focus Info URL
-------------------------------------------------------------------
+ adaway x S mobile https://github.com/AdAway/adaway.github.io
+ adguard x L general https://adguard.com
+ adguard_tracking S tracking https://github.com/AdguardTeam/cname-trackers
+ android_tracking S tracking https://github.com/Perflyst/PiHoleBlocklist
+ andryou L compilation https://gitlab.com/andryou/block/-/blob/master/rea
+ anti_ad L compilation https://github.com/privacy-protection-tools/anti-A
+ anudeep M compilation https://github.com/anudeepND/blacklist
+ bitcoin S mining https://github.com/hoshsadiq/adblock-nocoin-list
+ disconnect x S general https://disconnect.me
+ energized VAR compilation https://energized.pro
+ firetv_tracking S tracking https://github.com/Perflyst/PiHoleBlocklist
+ games_tracking S tracking https://www.gameindustry.eu
+ gaming S gaming https://github.com/abyssin/pihole-blocklist
+ notracking XL tracking https://github.com/notracking/hosts-blocklists
+ oisd_basic L general https://oisd.nl
+ oisd_full XXL general https://oisd.nl
+ openphish S phishing https://openphish.com
+ phishing_army S phishing https://phishing.army
+ reg_cn M reg_china https://easylist.to
+ reg_cz M reg_czech+slovak https://easylist.to
+ reg_de M reg_germany https://easylist.to
+ reg_es M reg_spain https://easylist.to
+ reg_fi S reg_finland https://github.com/finnish-easylist-addition
+ reg_fr S reg_france https://forums.lanik.us/viewforum.php?f=91
+ reg_id M reg_indonesia https://easylist.to
+ reg_it M reg_italy https://easylist.to
+ reg_kr S reg_korea https://list-kr.github.io
+ reg_nl M reg_netherlands https://easylist.to
+ reg_pl1 S reg_poland https://kadantiscam.netlify.app
+ reg_pl2 S reg_poland https://www.certyficate.it
+ reg_ro M reg_romania https://easylist.to
+ reg_se s reg_sweden https://github.com/lassekongo83/Frellwits-filter-l
+ reg_ru M reg_russia https://easylist.to
+ reg_vn S reg_vietnam https://bigdargon.github.io/hostsVN
+ shallalist VAR general https://www.shallalist.de
+ smarttv_tracking S tracking https://github.com/Perflyst/PiHoleBlocklist
+ spam404 S general https://github.com/Dawsey21
+ stevenblack VAR compilation https://github.com/StevenBlack/hosts
+ stopforumspam S spam https://www.stopforumspam.com
+ utcapitole VAR general https://dsi.ut-capitole.fr/blacklists/index_en.php
+ wally3k S compilation https://firebog.net/about
+ whocares M general https://someonewhocares.org
+ winhelp S general https://winhelp2002.mvps.org
+ winspy S win_telemetry https://github.com/crazy-max/WindowsSpyBlocker
+ yoyo x S general https://pgl.yoyo.org/as
---------------------------------------------------------------------------
* Configured shallalist categories: -
* Configured utcapitole categories: -
* Configured energized variants: -
* Configured stevenblack variants: -
root@ROUTER_MDH:~# /etc/init.d/adblock status
::: adblock runtime information
+ adblock_status : enabled
+ adblock_version : 4.1.2
+ blocked_domains : 41746
+ active_sources : adaway, adguard, disconnect, yoyo
+ dns_backend : dnsmasq (-), /tmp/dnsmasq.d
+ run_utils : download: /bin/uclient-fetch, sort: /usr/libexec/sort-coreutils, awk: /bin/busybox
+ run_ifaces : trigger: wan, report: br-lan
+ run_directories : base: /tmp, backup: /etc/adblock, report: /tmp/adblock-Report, jail: /tmp
+ run_flags : backup: ✔, flush: ✘, force: ✘, search: ✘, report: ✔, mail: ✘, jail: ✘
+ last_run : reload, 0m 42s, 123/56/42, 13.06.2021 11:09:35
+ system : TP-Link Archer C7 v2, OpenWrt 21.02.0-rc2 r16122-c2139eef27
root@ROUTER_MDH:~#
Guys, have moved to snapshot with 4.1.3.
And have no revers lookups for local addresses within "DNS report" anymore (pure IPs only).
Have tried with both tcpdump and tcpdump-mini.
Are there any options to force reverse lookups for adblock/dnsmask please?
That was a performance tweak in later adblock 4.x releases to prevent possible report generation timeouts in LuCI. Currently there is no option to switch this on/off.
To get back the old behaviour just change the following line in /usr/bin/adblock.sh:
Just remove the "-nn" part and you're done.
2 Likes
OpenWrt 21.02.0-rc3, official Geode build
Adblock stopped working after recent upgrade of BusyBox (rolled out today) with error:
"user.err adblock-4.1.3[3816]: coreutils sort not found or not executable"
It's not recommended to update core components via opkg, it's likely to semi-brick your device ...
in your case you've borked at least your coreutils-sort installation. To fix it, re-install coreutils-sort, e.g.:
opkg update
opkg install coreutils-sort --force-reinstall
6 Likes
The latest adblock update in master and 21.02 branch (4.1.3-2) now includes an option for that. In LuCI you'll find the new "Resolve IPs" option under "Advanced Report Settings", e.g.
2 Likes
Hi folks!
I use adblock 4.1.2 in a custom build. Last time I logged into the device, Luci reported "error" in adblock status. How can I find out what kind of error it is and what causes it?
Check the log ("Log View" tab in LuCI) ... if it's empty, just reload ablock and check again.
Yes, it was empty and after restart (edit: I did a restart instead of a reload) it just contained the restart/download action. Any more logs to check related exclusively to adblock?
enable debug logging, but you won't see more cause errors will always be printed.
Ok, if it happens again I will look more detailed...Thank you!
In adblock info on the wiki it says that it binds to the first dnsmasq instance with multiple instances but in my case adblock seems to be active on both is there a way to enable or disable binding to a specific dnsmasq instace?
I see a config option option adb_dnsinstance '1' but it does not seem to work it is still bound to all instances.
I do use httpdns proxy and I have two rules to forward DNS queries are these rules is this creating an issue?.
config redirect
option target 'DNAT'
option name 'Adult_dns_53'
option src_dport '53'
option src 'Adults_Zone'
config redirect
option target 'DNAT'
option name 'Kids_dns_53'
option src_dport '53'
option src 'Kids_Zone'
As long as both instances are sharing the same dnsmasq "confdir" the blocklist will influence both instances. Just define an additional/separate "confdir" for the second instance and you're done.
I have set up a different config dir for each instance changed the adblock dns config dir to tmp/Kids_Lan and it still blocks add traffic on both instances.
My configs are as below before reboot after editing the dhcp file:
of note when I reboot openwrt the dhcp file
automatically changes the config dir to something I dont want and seems to use a shared config dir.
The below option confdir '/tmp/Adults_Lan/dnsmasq.d'
gets changes to option confdir '/tmp/Kids_Lan/dnsmasq.d'
it looks like addblock atutmatically alters the config directory based on the settings in the adblock config file so the setting option adb_dnsinstance '1' alters the dhcp file config for the second instance to update the confdir.
Is there a adblock config setting so that I may disable this auto updating of the dhcp config ?
I'm looking to script different rules for different interfaces alternativly I have 3 interfaces and set adb_dnsinstance '2' is that valid ?
config dnsmasq 'Adults_Dns'
option localise_queries '1'
option rebind_protection '0'
option local '/Adults_Lan/'
option domain 'Adults_Lan'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/Adults_Lan/dhcp.leases'
option serversfile '/tmp/Adults_Lan/adb_list.overall'
list interface 'Adults_Lan'
option localservice '0'
list server '127.0.0.1#5054'
list server '127.0.0.1#5053'
option noresolv '1'
option doh_backup_noresolv '-1'
list doh_backup_server '8.8.8.8'
option confdir '/tmp/Adults_Lan/dnsmasq.d'
config dnsmasq 'Kids_Dns'
option localise_queries '1'
option rebind_protection '0'
option local '/Kids_Lan/'
option domain 'Kids_Lan'
option expandhosts '1'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/Kids_Lan/dhcp.leases'
option confdir '/tmp/Kids_Lan/dnsmasq.d'
option serversfile '/tmp/Kids_Lan/adb_list.overall'
list interface 'Kids_Lan'
list notinterface 'loopback'
option localservice '0'
list server '127.0.0.1#5054'
list server '127.0.0.1#5053'
option noresolv '1'
option doh_backup_noresolv '-1'
list doh_backup_server '8.8.8.8'
config dhcp 'Adults_Lan'
option instance 'Adults_Dns'
option interface 'Adults_Lan'
option start '100'
option limit '150'
option leasetime '12h'
option force '1'
config dhcp 'Kids_Lan'
option instance 'Kids_Dns'
option interface 'Kids_Lan'
option start '100'
option leasetime '12h'
option limit '150'
option force '1'
config dhcp 'Wan'
option interface 'Wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
config adblock 'global'
option adb_enabled '1'
option adb_debug '0'
option adb_forcedns '0'
option adb_dnsfilereset '0'
option adb_mail '0'
option adb_backup '1'
option adb_maxqueue '4'
list adb_sources 'adaway'
list adb_sources 'adguard'
list adb_sources 'disconnect'
list adb_sources 'yoyo'
option adb_dns 'dnsmasq'
option adb_fetchutil 'uclient-fetch'
option adb_safesearch '1'
option adb_report '1'
option adb_repiface 'any'
list adb_safesearchlist 'google'
option adb_trigger 'Wan'
option adb_dnsdir '/tmp/Kids_Lan/dnsmasq.d'
option adb_dnsflush '1'
If you're willing to script such iteration, you need three separate adblock configs. In each adblock config you have to change at least this pair of parameters: 'adb_dnsdir' and 'adb_dnsinstance'. The instance numbering starts with "0" for the first instance.
I'm not a great help here cause I'm using unbound, sorry.
1 Like
Heyo. Running Adblock on an Omnia and running into blocking ad issues.
Installed Adblock via the Turris OS admin packages dashboard, then switched to Luci web dashboard to start setting stuff up per the Turris community wiki:
Configure service via LuCI interface
Now, go to the LuCI web interface, Services → Adblock page and make the following changes from the 'default' pre-set:
- make sure “Enable Adblock” is checked (required)
- change “DNS Backend” to “kresd” (default for Turris Omnia)
- change “Startup Trigger” to “timed”
- change “Download utility” to “wget” (required for Turris Omnia)
- check additional Blocklist Sources, e.g.,: adaway, adguard, blacklist, disconnect, ransomware, winspy, yoyo, zeus
- you can check “Verbose Debug Logging” (if you would like to check everything is working fine)
- [optional] check “Force Local DNS”
Finally, hit “Save & Apply” button to save all changes and start adblock processing.
[...]
Finally start adblock processing with:
/etc/init.d/adblock reload
There's at least one difference which I'm not sure if it's because of Adblock version differences since the wiki was written or something, but there is no "timed" trigger:
When I run the guide's healthcheck, nslookup securepubads.g.doubleclick.net localhost, I get:
Server: localhost
Address: ::1#53
** server can't find securepubads.g.doubleclick.net: NXDOMAIN
** server can't find securepubads.g.doubleclick.net: NXDOMAIN
instead of:
nslookup securepubads.g.doubleclick.net localhost
Server: 127.0.0.1
Address 1: 127.0.0.1 localhost
nslookup: can't resolve 'securepubads.g.doubleclick.net': Name does not resolve
The lack of ad blocking is further confirmed when I pull up mobile and look at a major US news outlets that are known for ads (e.g. CNN)
In case it helps:
root@turris:~# /etc/init.d/adblock status
::: adblock runtime information
+ adblock_status : running
+ adblock_version : 4.0.7
+ blocked_domains : 0
+ active_sources : adaway adguard android_tracking anti_ad disconnect firetv_tracking notracking smarttv_tracking winspy yoyo
+ dns_backend : kresd, /etc/kresd
+ run_utils : -
+ run_ifaces : trigger: timed, report: br-lan
+ run_directories : base: /tmp, backup: /tmp, report: /tmp, jail: /tmp
+ run_flags : backup: 1, reset: 0, flush: 0, force: 1, search: 0, report: 1, mail: 0, jail: 0
+ last_run : -
+ system : Turris Omnia, TurrisOS 5.2.3 c88bdb8294a73e0eaa3cd86e843564a8244b333c
Also, despite having DNS Report enabled, hitting 'Save & Apply', the report is blank after refreshing:
Start Timestamp
-, -
End Timestamp
-, -
Total DNS Requests
-
Blocked DNS Requests
- (-)
I'm not sure if there's a CLI way to enable it since the web dash seems to be having set var issues?
Forget the turris wiki page - it's outdated. The status you've posted is "running", that means adblock is still running/processing your lists. Make sure that you'll get the final 'enabled' status before you're running checks you've mentioned above. In your case I would set the trigger interface to 'wan', reboot your router and check the adblock logs (Log View tab in LuCI) afterwards.
1 Like