That's something you should ask the AGH team.
However caches are designed to be refilled. Just let it do its thing.
[How-To-Updated 2021] Installing AdGuardHome on OpenWrt [Manual and opkg method]
That's something you should ask the AGH team.
Thanks for this tutorial, I just installed it on my Archer C7 router (Extroot USB Storage).
I have a question about how to update AGH, from the "update now" button you can't get the error message.
translate the error please?
is it asking you to manually update?
It asks me to update, and when I click on update the following error appears, sorry I'm a bit of a noob
ok. it has failed to update and is asking you to follow the manual update method.
check the openwrt syslog to see if there is more errors there. See if it cannot get the update, or another reason.
I would check your disk space to ensure there is space to download to. remember you need double the binary space (35mb so at least 70mb spare. It backs up your original AGH binary and then updates to the new version).
check how much space you have in /tmp as well as it downloads the update there before unpacking it.
I originally listed filters with this thread and took them out in the end once AGH updated their primary lists. I figure its time to lay out why I choose the lists I do and also publicise them for others to use or explore.
AdGuard DNS List - https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
This is included and is the primary list built in to AGH. I leave this one enabled. This is a default filter for AdGuard Home and for the public AdGuard DNS servers.
Adaway block list - https://adaway.org/hosts.txt - disabled by default. I don't use this list.
Perflyst and Dandelion Sprout's Smart-TV Blocklist - https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/SmartTV-AGH.txt
This list prevents smart tvs from monitoring/reporting back on you. He also has blocklists for other devices like Amazon fires and Android blocking.
Scam Blocklist by DurableNapkin - https://raw.githubusercontent.com/durablenapkin/scamblocklist/master/adguard.txt
This is now included in the osid blocklists but I leave it in as it wasn't included at first.
https://github.com/StevenBlack/hosts - https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
My primary blocklist after the default AGH list.
Latest Domain list - https://osint.digitalside.it/Threat-Intel/lists/latestdomains.txt
These are recently registered lists that serve malware. Part of the https://osint.digitalside.it/ threat groups.
EasyPrivacy List - https://v.firebog.net/hosts/Easyprivacy.txt
Part of the firebog lists. I've previously used this list with AdBlock Pro in my browser.
https://www.github.developerdan.com/hosts/ - https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt
Adblock list from developer dan. He has a selection of other lists as well.
Phishing Army List - https://phishing.army/download/phishing_army_blocklist.txt
NoCoin Filter List - https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/hosts.txt
stops in browser-based crypto mining.
The Big List of Hacked Malware Web Sites - https://raw.githubusercontent.com/mitchellkrogza/The-Big-List-of-Hacked-Malware-Web-Sites/master/hosts
Online Malicious URL Blocklist - https://malware-filter.gitlab.io/malware-filter/urlhaus-filter.txt
A blocklist of malicious websites that are being used for malware distribution, based on the Database dump (CSV) of Abuse.ch URLhaus
How AGH builds its default lists.
How To Upgrade Your AdGuardHome Install :
Some claim that you can upgrade from AdGuardHome WEBGUI - it has never worked
for me while running OpenWRT. No need to fear - here is how to upgrade when new EDGE
Version pops up. Hopefully, if you initially Setup Exroot for your AdGuardHome Install
( that means on a USB Stick ) then all you have to do is grab the new
installation by doing exactly what you did when
you first installed AdGuardHome. With Exroot - you do not have to worry about
any space issues - this is why we recommend Exroot to begin with.
1 - Download the correct AdGuard Home package for your router's processor.
2 - Create a folder to extract the archive into - and use WinRAR, 7Zip, PeaZip or
some such file archiver to unzip AdGuardHome_linux_your_router.tar.gz
3 - You will now have a decompressed folder named " AdGuardHome " .
4 - Then issue this command below :
5 - Fire up WINSCP - open /opt/ directory on the right side of
the application - then Drag & Drop the AdGuardHome
decompressed folder from the directory you had it in on your desktop.
If you know how to use SCP on OpenWRT ( Linux ) you may use
that method here as well.
6 - After you drag and drop new AdGuardHome into the /opt/ directory
( overwriting the old installation ) - then enter these commands :
a - # /etc/init.d/AdGuardHome restart
b - # /etc/init.d/dnsmasq restart
The AGH manual update method is here : https://github.com/AdguardTeam/AdGuardHome/wiki/FAQ#manual-update
Its far more likely there is something else preventing his install from updating properly hence the need to check the logs.
Also AGH team has added update from shell method. https://github.com/AdguardTeam/AdGuardHome/wiki/Getting-Started#command-line-update
To update AdGuard Home package without the need to use Web API run:
AdGuard Home's DNS cache does not follow the cache logic of other DNS servers.
Any idea why am I getting this error in Luci system log?
Every time a phone connects to wifi I get:
Mon Nov 28 17:04:37 2022 daemon.info dnsmasq-dhcp: DHCPACK(br-lan) 192.168.1.103 f1:11:2D:70:4f:54 DadiPhone Mon Nov 28 17:04:40 2022 daemon.err AdGuardHome: 2022/11/28 11:34:40.260839 [error] unpacking udp packet: dns: buffer size too small Mon Nov 28 17:04:43 2022 daemon.err AdGuardHome: 2022/11/28 11:34:43.274015 [error] unpacking udp packet: dns: buffer size too small
and sometimes log is flooded with
dns: bad rdata error like this:
Sun Nov 27 15:11:04 2022 daemon.notice netifd: Network device 'pppoe-wan' link is up Sun Nov 27 15:11:04 2022 daemon.notice netifd: Interface 'wan' is now up Sun Nov 27 15:11:04 2022 daemon.info qosify: start interface pppoe-wan Sun Nov 27 15:11:04 2022 user.notice firewall: Reloading firewall due to ifup of wan (pppoe-wan) Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome: 2022/11/27 10:32:34.269000 [error] unpacking udp packet: dns: bad rdata Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome: 2022/11/27 10:32:34.269002 [error] unpacking udp packet: dns: bad rdata Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome: 2022/11/27 10:32:34.269006 [error] unpacking udp packet: dns: buffer size too small Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome: 2022/11/27 10:32:34.320417 [error] unpacking udp packet: dns: bad rdata Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome: 2022/11/27 10:32:34.408443 [error] unpacking udp packet: dns: bad rdata Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome: 2022/11/27 10:32:34.415034 [error] unpacking udp packet: dns: bad rdata Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome: 2022/11/27 10:32:34.415072 [error] unpacking udp packet: dns: bad rdata Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome: 2022/11/27 10:32:34.415095 [error] unpacking udp packet: dns: bad rdata Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome: 2022/11/27 10:32:34.421840 [error] unpacking udp packet: dns: bad rdata Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome: 2022/11/27 10:32:34.428710 [error] unpacking udp packet: dns: bad rdata Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome: 2022/11/27 10:32:34.474049 [error] unpacking udp packet: dns: bad rdata Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome: 2022/11/27 10:32:34.474345 [error] unpacking udp packet: dns: bad rdata Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome: 2022/11/27 10:32:34.557111 [error] unpacking udp packet: dns: bad rdata
What are these errors and what do they mean?
you are using the stable 107 build? I've not seen it with the edge 108 build.
Also are you running it in a docker container or directly on the router? Either way I'd add your bug report to that thread to see why its happening.
Yes I am using stable version
Also are you running it in a docker container or directly on the router?
Directly on the router. I'm using stable OpenWrt 22.03.2
Either way I'd add your bug report to that thread to see why its happening.
Thank you. I tried changing TCP/UDP buffer size in openwrt but that didn't help. I googled the issue but unfortunately I couldn't find the solution on this one.
My suggestion would be to upgrade to the edge version and see if that solves your issue. If not then do add to the issue linked on adguards issue list and hopefully they can find the root issue. It does appear to be linked to buffers but I'd think its down to their go engine. Odd that more people haven't seen the issue given its a stable version. I'd defiantly report it and include what router you run AGH on, and what phone is causing the issue.
:edit: Actually. file a new bug report as it refers to 103 build but reference that bug report as part of your issue.
Thank you. Well that was on Samsung phone. Although I didn't see flood of error logs before with default AdGuardHome settings. I'll post my settings here in brief-
Meanwhile is there a next stable version for adguardhome? Edge builds are nightly builds right? Also is it possible to upgrade AGH on stable openwrt version?
bind_host: 192.168.1.1 bind_port: 8080 beta_bind_port: 0 users: - name: root1 password: $2a$10$UWkRVpWnZIpe5rnkY1MCXeS3RRYRhGrgj/.twXEUh4jRyAspkpAqy auth_attempts: 5 block_auth_min: 15 http_proxy: "" language: "" debug_pprof: false web_session_ttl: 720 dns: bind_hosts: - 192.168.1.1 - 127.0.0.1 port: 53 statistics_interval: 1 querylog_enabled: true querylog_file_enabled: true querylog_interval: 2160h querylog_size_memory: 1000 anonymize_client_ip: false protection_enabled: true blocking_mode: default blocking_ipv4: "" blocking_ipv6: "" blocked_response_ttl: 10 parental_block_host: family-block.dns.adguard.com safebrowsing_block_host: standard-block.dns.adguard.com ratelimit: 0 ratelimit_whitelist:  refuse_any: true upstream_dns: - '[/lan/]127.0.0.1:54' - '[//]127.0.0.1:54' - '[/pool.ntp.org/]22.214.171.124' - '[/pool.ntp.org/]126.96.36.199' - '[/pool.ntp.org/]188.8.131.52' - '[/pool.ntp.org/]184.108.40.206' - https://dns.cloudflare.com/dns-query - https://dns.google/dns-query - https://doh.opendns.com/dns-query - https://blitz.ahadns.com - https://dns.nextdns.io - https://basic.rethinkdns.com/ upstream_dns_file: "" bootstrap_dns: - 220.127.116.11 - 18.104.22.168 - 22.214.171.124 - 126.96.36.199 all_servers: true fastest_addr: false fastest_timeout: 1s allowed_clients:  disallowed_clients:  blocked_hosts: - version.bind - id.server - hostname.bind trusted_proxies: - 127.0.0.0/8 - ::1/128 cache_size: 4194304 cache_ttl_min: 3600 cache_ttl_max: 86400 cache_optimistic: true bogus_nxdomain:  aaaa_disabled: true enable_dnssec: true edns_client_subnet: false max_goroutines: 300 ipset:  filtering_enabled: true filters_update_interval: 24 parental_enabled: false safesearch_enabled: false safebrowsing_enabled: false safebrowsing_cache_size: 1048576 safesearch_cache_size: 1048576 parental_cache_size: 1048576 cache_time: 30 rewrites:  blocked_services:  upstream_timeout: 10s local_domain_name: lan resolve_clients: true use_private_ptr_resolvers: true local_ptr_upstreams: - 192.168.1.1:54 tls: enabled: false server_name: "" force_https: false port_https: 443 port_dns_over_tls: 853 port_dns_over_quic: 784 port_dnscrypt: 0 dnscrypt_config_file: "" allow_unencrypted_doh: false strict_sni_check: false certificate_chain: "" private_key: "" certificate_path: "" private_key_path: "" filters: - enabled: true url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt name: AdGuard DNS filter id: 1 - enabled: true url: https://adaway.org/hosts.txt name: AdAway Default Blocklist id: 2 - enabled: true url: https://abp.oisd.nl/ name: oisd id: 1665787488 whitelist_filters:  user_rules: - '## snpachat' - '||analytics.snapchat.com^' - '||app-analytics.snapchat.com^' - '||usc.adserver.snapads.com^' - '||snapads.com^' - '||app-analytics-v2.snapchat.com^' - '||asia-southeast1-gcp.api.snapchat.com^' - '||pica.aeonlucid.com^' - '# ||us-central1-gcp.api.snapchat.com^' - '||usc.adserver.snapads.com^' - '||geofilters-api.snapchat.com^' - '||cognac-prod.appspot.com^' - '||ase.adserver.snapads.com^' - '||tr.snapchat.com^' - '||loc.sc-jpl.com^' - '# ||storage.googleapis.com^' - '||snapchat-proxy.appspot.com^' - '## aa01.net' - '# ||betterstream.co^' - '||statcounter.com^' - '||runecrispin.com^' - '||miracslubs.com^' - '||addthis.com^' - '||googletagmanager.com^' - '||cloudflareinsights.com^' - '||jwpltx.com^' - '## yts.mx' - '||builip.com^' - '||static.cloudflareinsights.com^' - '||cdnondemand.org^' dhcp: enabled: false interface_name: "" dhcpv4: gateway_ip: "" subnet_mask: "" range_start: "" range_end: "" lease_duration: 86400 icmp_timeout_msec: 1000 options:  dhcpv6: range_start: "" lease_duration: 86400 ra_slaac_only: false ra_allow_slaac: false clients:  log_compress: false log_localtime: false log_max_backups: 0 log_max_size: 100 log_max_age: 3 log_file: "" verbose: false os: group: "" user: "" rlimit_nofile: 0 schema_version: 12
Update: I've opkg version of AGH so I can't update it to v108 that way
It is slightly tricky but possible.
uninstall AGH and revert your opkg changes by using my uninstall script which will set you back to defaults. Then you can use my script set to reinstall the edge version and resetup AGH.
A potentially faster way is to reset your OpenWrt install and start afresh. But that will depend on what customisations/defaults you have changed. EG DHCP statics setup etc.
The edge builds aren't nightly but are much more uptodate and so far I've not run into any major issues using them. As I've said before. Once they fix some long standing issues and AGH development is more stable then stable builds would be preferable. I still think AGH is "beta" software and thus its a moving target for builds. 107 has been more stable but they have not back ported some 108 changes.
That seems like it'll take more time than I anticipated. Maybe I'll update it later this week. Tonight I'll look into it in detail. Thanks Mercy!
potentially you could uninstall and use the edge script directly but I've never tested that. Also unless the router has its own WAN dns upstream set, when you remove AGH it can break DNS resolution. I'm just being cautious with how I suggest to rip/replace
really when doing things like this you should always start from a "known good configuration" just "incase". Its just good engineering. Duct tape works sometimes but that's just a patch till you get it really fixed
:edit: I rolled the opkg version into my thread as James and I had worked on it and it was a convenient place to have up to date info for both.
Haha Trust me I've literally spent 2-3 days fixing DNS issues while installing AGH. It's always DNS lol. Now I'm pretty aware how to setup AGH on my router Also, I'll go with your resetting method method cuz I like it clean setup so far.
Edit: Did you say your opkg version? That's great! But alas I can't install your updated version on my firmware right? It should be manual way as you said..
its not mine. @jamesmacwhite does the pulls of the 107 builds and gets them packaged for openwrt opkg installs. We both worked on it and the wiki to make it easier for people to use AGH on their router. I originally just worked on improving AGH's manual install and tweaked it for preparing OpenWrt for then using the script from AGH to install. James took that and used it to help do the opkg version with changes for smaller routers. There are key differences between the versions. Mine follows the /opt layout and saves all data and filters. James version due to OpenWrt settings has the bulk of the data saved in ram and thus re downloads filters etc after a reboot.
The opkg version is better for smaller space/ram routers. But it means you are restricted to stable releases only. (as OpenWrt rules require stable packages)
The manual edge builds are closer to bleeding edge and save all data to /opt. That requires more space. But also means AGH will self update.
I'm running OpenWrt on RPi4 with 4GB RAM and Adguard workdir is set to the partition on my MicroSD. So I can give manual update a chance