Cannot update opkg after installing adguard

ewm · February 3, 2024, 10:47pm

i just installed adguard following the instructions here, and can now not update opkg or install any other packages. i can still access the internet, but when i run opkg updage i get this:

root@OpenWrt:~# opkg update
Downloading https://downloads.openwrt.org/releases/23.05.0/targets/rockchip/armv8/packages/Packages.gz
Failed to send request: Operation not permitted
*** Failed to download the package list from https://downloads.openwrt.org/releases/23.05.0/targets/rockchip/armv8/packages/Packages.gz

LilRedDog · February 4, 2024, 1:06am

try: service adguardhome disable

then try: opkg update

regardless the result start it back up so it is returned to its original state:
service adguardhome enable
service adguardhome start

This is not to fix anything but to see if it is really adguard's fault.

ewm · February 4, 2024, 1:19am

i get the same issue, so it must be caused by something i did during the adguard setup

LilRedDog · February 4, 2024, 1:23am

Ordinarily I would say it is a DNS issue (because opkg failures are, almost, always DNS issues) but I've never seen that ^ error before.

ewm · February 4, 2024, 1:31am

i think it is a dns error. if i use nslookup, i get an error unless is specify the dns

root@OpenWrt:~# nslookup downloads.openwrt.org 8.8.8.8
Server:         8.8.8.8
Address:        8.8.8.8:53

Non-authoritative answer:
downloads.openwrt.org   canonical name = dualstack.j.sni.global.fastly.net
Name:   dualstack.j.sni.global.fastly.net
Address: 2a04:4e42::644
Name:   dualstack.j.sni.global.fastly.net
Address: 2a04:4e42:200::644
Name:   dualstack.j.sni.global.fastly.net
Address: 2a04:4e42:400::644
Name:   dualstack.j.sni.global.fastly.net
Address: 2a04:4e42:600::644

Non-authoritative answer:
downloads.openwrt.org   canonical name = dualstack.j.sni.global.fastly.net
Name:   dualstack.j.sni.global.fastly.net
Address: 151.101.2.132
Name:   dualstack.j.sni.global.fastly.net
Address: 151.101.66.132
Name:   dualstack.j.sni.global.fastly.net
Address: 151.101.130.132
Name:   dualstack.j.sni.global.fastly.net
Address: 151.101.194.132

root@OpenWrt:~# nslookup downloads.openwrt.org
nslookup: write to '127.0.0.1': Connection refused
nslookup: write to '::1': Connection refused
;; connection timed out; no servers could be reached

LilRedDog · February 4, 2024, 1:38am

In LuCI:
Network/ interfaces/wan->edit/advanced-> use custom dns servers/add a different dns server like 1.1.1.1/click + (plus)/ save/save and apply.

Try opkg update.

ewm · February 4, 2024, 1:46am

the dns was already set to quad9, but i get the error when i use 1.1.1.1 or set no dns

stangri · February 4, 2024, 1:50am

Another option would be uci add_list dhcp.@dnsmasq[0].server='/openwrt.org/1.1.1.1' followed by commit/dnsmasq restart.

LilRedDog · February 4, 2024, 1:53am

Try @stangri's instructions.

ewm · February 4, 2024, 2:00am

still the same error, although i get -ash: commit/dnsmasq: not found when i run uci add_list dhcp.@dnsmasq[0].server='/openwrt.org/1.1.1.1', so i just rebooted via luci

nvm. now my internet is not working at all

stangri · February 4, 2024, 2:02am

I was hoping I didn't need to spell it...

uci add_list dhcp.@dnsmasq[0].server='/openwrt.org/1.1.1.1'
uci commit dhcp
service dnsmasq restart

ewm · February 4, 2024, 2:09am

sorry, i am new to openwrt...

i get the following after running the commands

udhcpc: started, v1.36.1
udhcpc: broadcasting discover
udhcpc: no lease, failing

opkg update or my internet still doesn't work either

nassoor · February 4, 2024, 6:02am

I have gotten around this issue by modifying the /etc/resolv.conf file to add an external nameserver.

I don't how sound this is but it works for me.

LilRedDog · February 4, 2024, 6:14am

Try rebooting the gateway/router, then DNS server let it finish then turn on the router.

I'm not getting stung with that again then turn on your local DNS server.

egc · February 4, 2024, 8:41am

I just too a quick peak at the instructions e.g.
uci set dhcp.@dnsmasq[0].port="54"

That sets DNSMasq's listen port to 54, which means ADGH is listening in on port 53.

So if ADGH is not working and you want to use DNSMasq again you have to set the listen port for DNSmasq back to 53 (or delete it as 53 is the default).

Much simpler solution: use DNSmasq with an Adguard DNS server as resolver?
Or if you want Secure DNS use SmartDNS with Adguard DNS as resolver?

nassoor · February 4, 2024, 5:00pm

I have played with changing the nameservers in /etc/resolv.conf and setting the router's IP address (such as 192.168.1.1) as a nameserver will make opkg work. Until the next reboot.

ADGH is much more than a resolver. It offers granular control with a nice graphical interface. a more close comparison is NextDNS but that costs $$

On a side note, I used to have Tailscale installed on the same router and thought that it might be causing this issue, but uninstalling it didn't help.

ewm · February 4, 2024, 8:21pm

i ended up reinstalling adguard using a different guide and got it to work correctly. i don't think the command on openwrt's guide for dns interception was working correctly with my version. thanks for you help!

LilRedDog · February 4, 2024, 8:32pm

Good.

Go ahead and mark the thread solved; just give yourself credit in your last post so when others search they can find a thread that found a solution.
And please link to the guide that worked.

system · February 14, 2024, 8:34pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.