@r00t Thank you very much. Now I only need to get my hands dirty 
@didot You're welcome!
@Hemperror, I figured this out for you with @stangri's help. Although we didn't figure out the exact cause yet, apparently upgrading to the latest version solves your problem.
# echo -e -n 'untrusted comment: public key 7ffc7517c4cc0c56\nRWR//HUXxMwMVnx7fESOKO7x8XoW4/dRidJPjt91hAAU2L59mYvHy0Fa\n' > /tmp/stangri-repo.pub && opkg-key add /tmp/stangri-repo.pub
# ! grep -q 'stangri_repo' /etc/opkg/customfeeds.conf && echo 'src/gz stangri_repo https://raw.githubusercontent.com/stangri/openwrt-repo/master' >> /etc/opkg/customfeeds.conf
# opkg update; opkg upgrade simple-adblock
# cp /etc/config/simple-adblock-opkg /etc/config/simple-adblock
Then enable Simple AdBlock in LuCI. If you already have it enabled, run service simple-adblock stop before you run above commands and then start it again.
@r00t thx for helping me , but problem is still there...
Maybe its my network setup whats causing the problem.
Tried latest build and it works great. My OpenVPN configuration is working great but a single message repeats on the log: IP packet with unknown IP version=15 seen. Even with no VPN established. With vanilla LEDE 17.01 and same config there are no messages. I think it appears every minute.
I observed that I had to add the ca-bundle package because of failing DDNS settings, IP is updated via https. Maybe it can be added in next builds? And if not so much asking, add the revision number to the changelog?
Thanks for your builds and your time!
@r00t on your nightly seems to load from servers but still not blocking ads...hmmmm?
Mon Apr 3 21:32:19 2017 user.notice simple-adblock [4764]: ERROR: service is not enabled.
Mon Apr 3 21:32:19 2017 user.notice simple-adblock [4796]: Forcing local DNS server: 192.168.2.101.
Mon Apr 3 21:32:26 2017 user.notice simple-adblock [4796]: [DL] Blocked Hosts: www.mvps.org [✓]
Mon Apr 3 21:32:29 2017 user.notice simple-adblock [4796]: [DL] Blocked Hosts: pgl.yoyo.org [✓]
Mon Apr 3 21:32:29 2017 daemon.err uhttpd[2510]: tr: write error: Broken pipe
Mon Apr 3 21:32:29 2017 daemon.err uhttpd[2510]: head: standard output: I/O error
Mon Apr 3 21:32:31 2017 user.notice simple-adblock [4796]: [DL] Blocked Hosts: www.malwaredomainlist.com [✓]
Mon Apr 3 21:32:34 2017 user.notice simple-adblock [4796]: [DL] Blocked Hosts: adaway.org [✓]
Mon Apr 3 21:32:39 2017 user.notice simple-adblock [4796]: [DL] Blocked Hosts: someonewhocares.org [✓]
Mon Apr 3 21:32:44 2017 daemon.err uhttpd[2510]: Failed to establish connection
Mon Apr 3 21:32:44 2017 user.notice simple-adblock [4796]: [DL] Blocked Hosts: zeustracker.abuse.ch [✗]
Mon Apr 3 21:32:46 2017 user.notice simple-adblock [4796]: [DL] Blocked Domains: mirror1.malwaredomains.com [✓]
Mon Apr 3 21:32:47 2017 user.notice simple-adblock [4796]: [DL] Blocked Domains: s3.amazonaws.com [✓]
Mon Apr 3 21:32:47 2017 daemon.err uhttpd[2510]: tr: write error: Broken pipe
Mon Apr 3 21:32:48 2017 user.notice simple-adblock [4796]: [DL] Blocked Domains: s3.amazonaws.com [✓]
Mon Apr 3 21:32:48 2017 daemon.err uhttpd[2510]: tr: write error: Broken pipe
Mon Apr 3 21:32:48 2017 daemon.err uhttpd[2510]: head: standard output: Broken pipe
Mon Apr 3 21:32:49 2017 user.notice simple-adblock [4796]: [DL] Blocked Domains: s3.amazonaws.com [✓]
Mon Apr 3 21:32:50 2017 user.notice simple-adblock [4796]: [DL] Blocked Domains: ransomwaretracker.abuse.ch [✓]
Mon Apr 3 21:32:51 2017 user.notice simple-adblock [4796]: [DL] Blocked Domains: gitlab.com [✓]
Mon Apr 3 21:32:54 2017 user.notice simple-adblock [4796]: [DL] Blocked Domains: dshield.org [✓]
Mon Apr 3 21:32:54 2017 user.notice simple-adblock [4796]: Waiting for background processes [✓]
Mon Apr 3 21:32:55 2017 user.notice simple-adblock [4796]: Sorting merged file [✓]
Mon Apr 3 21:32:57 2017 user.notice simple-adblock [4796]: Whitelisting domains [✓]
Mon Apr 3 21:32:58 2017 user.notice simple-adblock [4796]: Formatting merged file [✓]
Mon Apr 3 21:32:58 2017 user.notice simple-adblock [4796]: Removing temporary files [✓]
Mon Apr 3 21:32:58 2017 daemon.info dnsmasq[2490]: exiting on receipt of SIGTERM
Mon Apr 3 21:32:58 2017 user.notice dnsmasq: found already running DHCP-server on interface 'br-lan' refusing to start, use 'option force 1' to override
Mon Apr 3 21:32:58 2017 user.notice simple-adblock [4796]: Restarting dnsmasq [✓]
Mon Apr 3 21:32:59 2017 user.notice simple-adblock [4796]: service blocking 52676 domains ✓
Mon Apr 3 21:32:59 2017 daemon.info procd: Not starting instance simple-adblock::instance1, command not set
Mon Apr 3 21:32:59 2017 daemon.info dnsmasq[5371]: started, version 2.77test4 cachesize 150
Mon Apr 3 21:32:59 2017 daemon.info dnsmasq[5371]: DNS service limited to local subnets
Mon Apr 3 21:32:59 2017 daemon.info dnsmasq[5371]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-auth no-DNSSEC no-ID loop-detect inotify
Mon Apr 3 21:32:59 2017 daemon.info dnsmasq[5371]: using local addresses only for domain test
Mon Apr 3 21:32:59 2017 daemon.info dnsmasq[5371]: using local addresses only for domain onion
Mon Apr 3 21:32:59 2017 daemon.info dnsmasq[5371]: using local addresses only for domain localhost
Mon Apr 3 21:32:59 2017 daemon.info dnsmasq[5371]: using local addresses only for domain local
Mon Apr 3 21:32:59 2017 daemon.info dnsmasq[5371]: using local addresses only for domain invalid
Mon Apr 3 21:32:59 2017 daemon.info dnsmasq[5371]: using local addresses only for domain example.net
Mon Apr 3 21:32:59 2017 daemon.info dnsmasq[5371]: using local addresses only for domain example.org
Mon Apr 3 21:32:59 2017 daemon.info dnsmasq[5371]: using local addresses only for domain example.com
Mon Apr 3 21:32:59 2017 daemon.info dnsmasq[5371]: using nameserver 8.8.8.8#53 for domain pool.ntp.org
Mon Apr 3 21:32:59 2017 daemon.info dnsmasq[5371]: using nameserver 127.0.0.1#5353
Mon Apr 3 21:32:59 2017 daemon.info dnsmasq[5371]: using 52680 more local addresses
Mon Apr 3 21:32:59 2017 daemon.info dnsmasq[5371]: read /etc/hosts - 4 addresses
Mon Apr 3 21:32:59 2017 daemon.info dnsmasq[5371]: read /tmp/hosts/odhcpd - 0 addresses
Mon Apr 3 21:32:59 2017 daemon.info dnsmasq[5371]: read /tmp/hosts/dhcp.cfg02411c - 0 addresses
edit. dont know why but the problem is solved??? Thx alot @r00t and @stangri
@r00t Have you ever played around with using a local dns cache like Unbound on Archer C7v2? I have been trying to find a guide to implement DNSCrypt and Unbound. Your custom build comes the closest to something similar since you already have DNSCrypt set up and I was wondering if you would be able to make it an option on the custom build?
@dacarrs, the OpenWRT doc says:
The error "IP packet with unknown IP version=15 seen" can be observed in OpenWrt when compression is not active; and it is not active if you use the incorrect keyword "comp-lzo", the correct keyword would be "option comp_lzo yes" (note the underscore instead of the "dash").
More here http://carryflag.blogspot.de/2015/05/openvpn-ip-packet-with-unknown-ip.html and here http://forums.openvpn.net/viewtopic.php?t=22672 .. I wouldn't worry about it too much as long as your VPN works. Although it's indeed weird you see this even without VPN connection and that it's not happening with vanilla LEDE.
I'll add ca-bundle to the next release - probably today.
@Hemperror, I'm not sure what's wrong with your setup. You could do uci set simple-adblock.config.debug=1; uci commit and then service simple-adblock restart and send the contents of /var/simple-adblock.log to @stangri
@saltyoptics, no, sorry, I never looked into Unbound on OpenWRT/LEDE and currently don't plan to add it to this build. Its size is close to 13MB, which is already larger and much closer to the device's limit than I'd like it to be. However, I can always compile the packages for you if you need them or you could fork my configs/patches and compile it yourself after adding Unbound. I might play with it in the future, but I'm not sure yet. OpenNIC has been working well.
@r00t Thank you! Will try later if I can find some free time. I will recheck my DDNS and check for any errors. Regarding OpenVPN message log will try with the links you posted but I think I already tried, but no harm to recheck, but it is not really an issue because VPN was working great.
If you figure out what's causing the OpenVPN messages, please ping me so I can fix this in case it's related to a default config or something and not your client configs.
Btw does dnscrypt-proxy work for you guys after updating to the latest couple of builds (any since sunday)? For some reason I always have to manually enable and restart it after flashing a new release. Wondering if that's just me.
For some reason, the latest build forces my router to restart as soon as it connects to the internet. I have to leave the WAN port unplugged to even access the router.
That's odd. Any logs or anything? I'm running today's build and it's working fine for me so far.
I've seen something similar on other forum.
Apparently for some reasons, some routers at random instances are rebooting as soon as they connect to the internet while working on OpenWRT/LEDE.
Doing a firstboot or installing the firmware again solves the issue, even if you're just gonna restore the backup with the same config. If you won't be able to resolve your issue any other way, this will probably be your solution.
Sorry I didn't grab any logs. It happened both with the nightly build at the time and the 2017-04-04 build. Went back to what I had before and it was fine again. Maybe it was a coincidence and it flashed incorrectly twice, idk.
Hi r00t, I'm getting the following message when trying to flash your images from an LEDE standard firmware build:
"The uploaded image file does not contain a supported format..."
- forgive me if it's an obvious question I'm new with the LEDE project, I used DD-wrt before
Thanks
You can fix this by adding:
conf-file=/tmp/dnsmasq.d/simple-adblock to your dnsmasq.conf
also you can change simple adblock to put the blocklist to /etc so the file is there on boot you can reload simple-adblock at any time to renew the file.
@dacarrs
Thats right
#Need iptables-mod-nat-extra installed
Hi @r00t, thanks for sharing this build with us. Can you can make the C7's MTU go up to 9000 from it's current "cap" of 4070? It's already known that the switch could do 9K mtu. #18296 (Jumbo frame limited to 4070 MTU on Archer C7 (ar71xx/ag71xx)) – OpenWrt
@neko I'd rather see this fixed upstream. Someone already mentioned this issue here LEDE on Archer C7 - jumbo frame not working .. I'll follow up there and if the devs aren't interested I'll add a patch for this.
Sounds like you're using the wrong image file. Try the factory one if you're using the sysupgrade image or the other way around.