That's something you should ask the AGH team.
However caches are designed to be refilled. Just let it do its thing.
@mercygroundabyss
Thanks for this tutorial, I just installed it on my Archer C7 router (Extroot USB Storage).
I have a question about how to update AGH, from the "update now" button you can't get the error message.
translate the error please?
is it asking you to manually update?
It asks me to update, and when I click on update the following error appears, sorry I'm a bit of a noob
ok. it has failed to update and is asking you to follow the manual update method.
check the openwrt syslog to see if there is more errors there. See if it cannot get the update, or another reason.
I would check your disk space to ensure there is space to download to. remember you need double the binary space (35mb so at least 70mb spare. It backs up your original AGH binary and then updates to the new version).
check how much space you have in /tmp as well as it downloads the update there before unpacking it.
Revisiting filters.
I originally listed filters with this thread and took them out in the end once AGH updated their primary lists. I figure its time to lay out why I choose the lists I do and also publicise them for others to use or explore.
AdGuard DNS List - https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
This is included and is the primary list built in to AGH. I leave this one enabled. This is a default filter for AdGuard Home and for the public AdGuard DNS servers.
Adaway block list - https://adaway.org/hosts.txt - disabled by default. I don't use this list.
Perflyst and Dandelion Sprout's Smart-TV Blocklist - https://raw.githubusercontent.com/Perflyst/PiHoleBlocklist/master/SmartTV-AGH.txt
This list prevents smart tvs from monitoring/reporting back on you. He also has blocklists for other devices like Amazon fires and Android blocking.
Scam Blocklist by DurableNapkin - https://raw.githubusercontent.com/durablenapkin/scamblocklist/master/adguard.txt
This is now included in the osid blocklists but I leave it in as it wasn't included at first.
https://github.com/StevenBlack/hosts - https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
My primary blocklist after the default AGH list.
Latest Domain list - https://osint.digitalside.it/Threat-Intel/lists/latestdomains.txt
These are recently registered lists that serve malware. Part of the https://osint.digitalside.it/ threat groups.
EasyPrivacy List - https://v.firebog.net/hosts/Easyprivacy.txt
Part of the firebog lists. I've previously used this list with AdBlock Pro in my browser.
https://www.github.developerdan.com/hosts/ - https://www.github.developerdan.com/hosts/lists/ads-and-tracking-extended.txt
Adblock list from developer dan. He has a selection of other lists as well.
Phishing Army List - https://phishing.army/download/phishing_army_blocklist.txt
AntiPhishing lists.
NoCoin Filter List - https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/hosts.txt
stops in browser-based crypto mining.
The Big List of Hacked Malware Web Sites - https://raw.githubusercontent.com/mitchellkrogza/The-Big-List-of-Hacked-Malware-Web-Sites/master/hosts
Online Malicious URL Blocklist - https://malware-filter.gitlab.io/malware-filter/urlhaus-filter.txt
A blocklist of malicious websites that are being used for malware distribution, based on the Database dump (CSV) of Abuse.ch URLhaus
Reference sites:
How AGH builds its default lists.
How To Upgrade Your AdGuardHome Install :
Some claim that you can upgrade from AdGuardHome WEBGUI - it has never worked
for me while running OpenWRT. No need to fear - here is how to upgrade when new EDGE
Version pops up. Hopefully, if you initially Setup Exroot for your AdGuardHome Install
( that means on a USB Stick ) then all you have to do is grab the new
installation by doing exactly what you did when
you first installed AdGuardHome. With Exroot - you do not have to worry about
any space issues - this is why we recommend Exroot to begin with.
1 - Download the correct AdGuard Home package for your router's processor.
2 - Create a folder to extract the archive into - and use WinRAR, 7Zip, PeaZip or
some such file archiver to unzip AdGuardHome_linux_your_router.tar.gz
3 - You will now have a decompressed folder named " AdGuardHome " .
4 - Then issue this command below :
/etc/init.d/AdGuardHome stop
5 - Fire up WINSCP - open /opt/ directory on the right side of
the application - then Drag & Drop the AdGuardHome
decompressed folder from the directory you had it in on your desktop.
If you know how to use SCP on OpenWRT ( Linux ) you may use
that method here as well.
6 - After you drag and drop new AdGuardHome into the /opt/ directory
( overwriting the old installation ) - then enter these commands :
a - # /etc/init.d/AdGuardHome restart
b - # /etc/init.d/dnsmasq restart
Source:
The AGH manual update method is here : https://github.com/AdguardTeam/AdGuardHome/wiki/FAQ#manual-update
Its far more likely there is something else preventing his install from updating properly hence the need to check the logs.
Also AGH team has added update from shell method. https://github.com/AdguardTeam/AdGuardHome/wiki/Getting-Started#command-line-update
Command-line update
To update AdGuard Home package without the need to use Web API run:
./AdGuardHome --update
AdGuard Home's DNS cache does not follow the cache logic of other DNS servers.
Any idea why am I getting this error in Luci system log?
Every time a phone connects to wifi I get:
Mon Nov 28 17:04:37 2022 daemon.info dnsmasq-dhcp[1]: DHCPACK(br-lan) 192.168.1.103 f1:11:2D:70:4f:54 DadiPhone
Mon Nov 28 17:04:40 2022 daemon.err AdGuardHome[2820]: 2022/11/28 11:34:40.260839 [error] unpacking udp packet: dns: buffer size too small
Mon Nov 28 17:04:43 2022 daemon.err AdGuardHome[2820]: 2022/11/28 11:34:43.274015 [error] unpacking udp packet: dns: buffer size too small
and sometimes log is flooded with dns: bad rdata
error like this:
Sun Nov 27 15:11:04 2022 daemon.notice netifd: Network device 'pppoe-wan' link is up
Sun Nov 27 15:11:04 2022 daemon.notice netifd: Interface 'wan' is now up
Sun Nov 27 15:11:04 2022 daemon.info qosify: start interface pppoe-wan
Sun Nov 27 15:11:04 2022 user.notice firewall: Reloading firewall due to ifup of wan (pppoe-wan)
Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome[2820]: 2022/11/27 10:32:34.269000 [error] unpacking udp packet: dns: bad rdata
Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome[2820]: 2022/11/27 10:32:34.269002 [error] unpacking udp packet: dns: bad rdata
Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome[2820]: 2022/11/27 10:32:34.269006 [error] unpacking udp packet: dns: buffer size too small
Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome[2820]: 2022/11/27 10:32:34.320417 [error] unpacking udp packet: dns: bad rdata
Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome[2820]: 2022/11/27 10:32:34.408443 [error] unpacking udp packet: dns: bad rdata
Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome[2820]: 2022/11/27 10:32:34.415034 [error] unpacking udp packet: dns: bad rdata
Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome[2820]: 2022/11/27 10:32:34.415072 [error] unpacking udp packet: dns: bad rdata
Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome[2820]: 2022/11/27 10:32:34.415095 [error] unpacking udp packet: dns: bad rdata
Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome[2820]: 2022/11/27 10:32:34.421840 [error] unpacking udp packet: dns: bad rdata
Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome[2820]: 2022/11/27 10:32:34.428710 [error] unpacking udp packet: dns: bad rdata
Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome[2820]: 2022/11/27 10:32:34.474049 [error] unpacking udp packet: dns: bad rdata
Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome[2820]: 2022/11/27 10:32:34.474345 [error] unpacking udp packet: dns: bad rdata
Sun Nov 27 16:02:34 2022 daemon.err AdGuardHome[2820]: 2022/11/27 10:32:34.557111 [error] unpacking udp packet: dns: bad rdata
What are these errors and what do they mean?
you are using the stable 107 build? I've not seen it with the edge 108 build.
Also are you running it in a docker container or directly on the router? Either way I'd add your bug report to that thread to see why its happening.
Yes I am using stable version
Also are you running it in a docker container or directly on the router?
Directly on the router. I'm using stable OpenWrt 22.03.2
Either way I'd add your bug report to that thread to see why its happening.
Thank you. I tried changing TCP/UDP buffer size in openwrt but that didn't help. I googled the issue but unfortunately I couldn't find the solution on this one.
My suggestion would be to upgrade to the edge version and see if that solves your issue. If not then do add to the issue linked on adguards issue list and hopefully they can find the root issue. It does appear to be linked to buffers but I'd think its down to their go engine. Odd that more people haven't seen the issue given its a stable version. I'd defiantly report it and include what router you run AGH on, and what phone is causing the issue.
:edit: Actually. file a new bug report as it refers to 103 build but reference that bug report as part of your issue.
Thank you. Well that was on Samsung phone. Although I didn't see flood of error logs before with default AdGuardHome settings. I'll post my settings here in brief-
Meanwhile is there a next stable version for adguardhome? Edge builds are nightly builds right? Also is it possible to upgrade AGH on stable openwrt version?
adguardhome.yaml
bind_host: 192.168.1.1
bind_port: 8080
beta_bind_port: 0
users:
- name: root1
password: $2a$10$UWkRVpWnZIpe5rnkY1MCXeS3RRYRhGrgj/.twXEUh4jRyAspkpAqy
auth_attempts: 5
block_auth_min: 15
http_proxy: ""
language: ""
debug_pprof: false
web_session_ttl: 720
dns:
bind_hosts:
- 192.168.1.1
- 127.0.0.1
port: 53
statistics_interval: 1
querylog_enabled: true
querylog_file_enabled: true
querylog_interval: 2160h
querylog_size_memory: 1000
anonymize_client_ip: false
protection_enabled: true
blocking_mode: default
blocking_ipv4: ""
blocking_ipv6: ""
blocked_response_ttl: 10
parental_block_host: family-block.dns.adguard.com
safebrowsing_block_host: standard-block.dns.adguard.com
ratelimit: 0
ratelimit_whitelist: []
refuse_any: true
upstream_dns:
- '[/lan/]127.0.0.1:54'
- '[//]127.0.0.1:54'
- '[/pool.ntp.org/]1.1.1.1'
- '[/pool.ntp.org/]1.0.0.1'
- '[/pool.ntp.org/]8.8.8.8'
- '[/pool.ntp.org/]8.8.4.4'
- https://dns.cloudflare.com/dns-query
- https://dns.google/dns-query
- https://doh.opendns.com/dns-query
- https://blitz.ahadns.com
- https://dns.nextdns.io
- https://basic.rethinkdns.com/
upstream_dns_file: ""
bootstrap_dns:
- 1.1.1.1
- 1.0.0.1
- 8.8.8.8
- 8.8.4.4
all_servers: true
fastest_addr: false
fastest_timeout: 1s
allowed_clients: []
disallowed_clients: []
blocked_hosts:
- version.bind
- id.server
- hostname.bind
trusted_proxies:
- 127.0.0.0/8
- ::1/128
cache_size: 4194304
cache_ttl_min: 3600
cache_ttl_max: 86400
cache_optimistic: true
bogus_nxdomain: []
aaaa_disabled: true
enable_dnssec: true
edns_client_subnet: false
max_goroutines: 300
ipset: []
filtering_enabled: true
filters_update_interval: 24
parental_enabled: false
safesearch_enabled: false
safebrowsing_enabled: false
safebrowsing_cache_size: 1048576
safesearch_cache_size: 1048576
parental_cache_size: 1048576
cache_time: 30
rewrites: []
blocked_services: []
upstream_timeout: 10s
local_domain_name: lan
resolve_clients: true
use_private_ptr_resolvers: true
local_ptr_upstreams:
- 192.168.1.1:54
tls:
enabled: false
server_name: ""
force_https: false
port_https: 443
port_dns_over_tls: 853
port_dns_over_quic: 784
port_dnscrypt: 0
dnscrypt_config_file: ""
allow_unencrypted_doh: false
strict_sni_check: false
certificate_chain: ""
private_key: ""
certificate_path: ""
private_key_path: ""
filters:
- enabled: true
url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
name: AdGuard DNS filter
id: 1
- enabled: true
url: https://adaway.org/hosts.txt
name: AdAway Default Blocklist
id: 2
- enabled: true
url: https://abp.oisd.nl/
name: oisd
id: 1665787488
whitelist_filters: []
user_rules:
- '## snpachat'
- '||analytics.snapchat.com^'
- '||app-analytics.snapchat.com^'
- '||usc.adserver.snapads.com^'
- '||snapads.com^'
- '||app-analytics-v2.snapchat.com^'
- '||asia-southeast1-gcp.api.snapchat.com^'
- '||pica.aeonlucid.com^'
- '# ||us-central1-gcp.api.snapchat.com^'
- '||usc.adserver.snapads.com^'
- '||geofilters-api.snapchat.com^'
- '||cognac-prod.appspot.com^'
- '||ase.adserver.snapads.com^'
- '||tr.snapchat.com^'
- '||loc.sc-jpl.com^'
- '# ||storage.googleapis.com^'
- '||snapchat-proxy.appspot.com^'
- '## aa01.net'
- '# ||betterstream.co^'
- '||statcounter.com^'
- '||runecrispin.com^'
- '||miracslubs.com^'
- '||addthis.com^'
- '||googletagmanager.com^'
- '||cloudflareinsights.com^'
- '||jwpltx.com^'
- '## yts.mx'
- '||builip.com^'
- '||static.cloudflareinsights.com^'
- '||cdnondemand.org^'
dhcp:
enabled: false
interface_name: ""
dhcpv4:
gateway_ip: ""
subnet_mask: ""
range_start: ""
range_end: ""
lease_duration: 86400
icmp_timeout_msec: 1000
options: []
dhcpv6:
range_start: ""
lease_duration: 86400
ra_slaac_only: false
ra_allow_slaac: false
clients: []
log_compress: false
log_localtime: false
log_max_backups: 0
log_max_size: 100
log_max_age: 3
log_file: ""
verbose: false
os:
group: ""
user: ""
rlimit_nofile: 0
schema_version: 12
Update: I've opkg version of AGH so I can't update it to v108 that way
It is slightly tricky but possible.
uninstall AGH and revert your opkg changes by using my uninstall script which will set you back to defaults. Then you can use my script set to reinstall the edge version and resetup AGH.
A potentially faster way is to reset your OpenWrt install and start afresh. But that will depend on what customisations/defaults you have changed. EG DHCP statics setup etc.
The edge builds aren't nightly but are much more uptodate and so far I've not run into any major issues using them. As I've said before. Once they fix some long standing issues and AGH development is more stable then stable builds would be preferable. I still think AGH is "beta" software and thus its a moving target for builds. 107 has been more stable but they have not back ported some 108 changes.
That seems like it'll take more time than I anticipated. Maybe I'll update it later this week. Tonight I'll look into it in detail. Thanks Mercy!
potentially you could uninstall and use the edge script directly but I've never tested that. Also unless the router has its own WAN dns upstream set, when you remove AGH it can break DNS resolution. I'm just being cautious with how I suggest to rip/replace
really when doing things like this you should always start from a "known good configuration" just "incase". Its just good engineering. Duct tape works sometimes but that's just a patch till you get it really fixed
:edit: I rolled the opkg version into my thread as James and I had worked on it and it was a convenient place to have up to date info for both.
Haha Trust me I've literally spent 2-3 days fixing DNS issues while installing AGH. It's always DNS lol. Now I'm pretty aware how to setup AGH on my router
Also, I'll go with your resetting method method cuz I like it clean setup so far.
Edit: Did you say your opkg version? That's great! But alas I can't install your updated version on my firmware right? It should be manual way as you said..
its not mine. @jamesmacwhite does the pulls of the 107 builds and gets them packaged for openwrt opkg installs. We both worked on it and the wiki to make it easier for people to use AGH on their router. I originally just worked on improving AGH's manual install and tweaked it for preparing OpenWrt for then using the script from AGH to install. James took that and used it to help do the opkg version with changes for smaller routers. There are key differences between the versions. Mine follows the /opt layout and saves all data and filters. James version due to OpenWrt settings has the bulk of the data saved in ram and thus re downloads filters etc after a reboot.
The opkg version is better for smaller space/ram routers. But it means you are restricted to stable releases only. (as OpenWrt rules require stable packages)
The manual edge builds are closer to bleeding edge and save all data to /opt. That requires more space. But also means AGH will self update.
I'm running OpenWrt on RPi4 with 4GB RAM and Adguard workdir is set to the partition on my MicroSD. So I can give manual update a chance