Davema
January 5, 2023, 9:09am
#446
First of all, thanks for making this adguardhome package on openwrt.
I am trying to set it up properly on my openwrt router (TP link C2600) but are running into some problems when rebooting my router. I have used the tutorial of OneMarcFifty, from ~25 min , . Basically, moved DNSmasq to 5353 and let AGH run on port 53. I have set the AGH upstream DNS server 127.0.0.1:5353 as also mentioned in this wiki , .
I have enabled the adguardhome service by:
service adguardhome enable
service adguardhome start
Now when I perform a reboot of my router my internet stops and adguardhome is not starting up again. When I run by SSH: service adguardhome status the reply is running. logread -e AdGuardHome is not giving any errors.
When I now change my dnsmasq port back again from 5353 to 53 my internet works again. I have performed multiple attempts to opkg remove the adguardhome package and manually deleted the config file again (rm /etc/adguardhome.yaml). Then do a reinstall, AGH first works but every time after a router reboot the AGH breaks again.
I have read sometimes the NTP can be an issue and tried to add this to upstream server as well:
[/pool.ntp.org/]1.1.1.1
[/pool.ntp.org/]1.0.0.1
[/pool.ntp.org/]2606:4700:4700::1111
[/pool.ntp.org/]2606:4700:4700::1001
Any help on what I can do to make AGH survive a reboot of my router?
Davema
January 6, 2023, 12:19pm
#447
Never mind this post I have solved the issue by very carefully following the steps in the Wiki .
Now dnsmasq is running on port 54 and by running the setup script from the wiki I have made some extra change to my /etc/config/dhcp settings that I forgot earlier. Also, the adguardhome rDNS settings and LAN domain interception settings are now fully in line with the Wiki.
Now AGH is working and coming up again after a router reboot.
1 Like
Thank you for the guide,
On my LAN I have internet access but from OpenWrt I have not, becouse of the name resolver.
root@OpenWrt:~# ping 1.1.1.1
PING 1.1.1.1 (1.1.1.1): 56 data bytes
64 bytes from 1.1.1.1: seq=0 ttl=59 time=19.352 ms
64 bytes from 1.1.1.1: seq=1 ttl=59 time=24.086 ms
64 bytes from 1.1.1.1: seq=2 ttl=59 time=24.827 ms
64 bytes from 1.1.1.1: seq=3 ttl=59 time=28.371 ms
64 bytes from 1.1.1.1: seq=4 ttl=59 time=23.944 ms
64 bytes from 1.1.1.1: seq=5 ttl=59 time=26.813 ms
64 bytes from 1.1.1.1: seq=6 ttl=59 time=29.624 ms
^C
--- 1.1.1.1 ping statistics ---
7 packets transmitted, 7 packets received, 0% packet loss
round-trip min/avg/max = 19.352/25.288/29.624 ms
root@OpenWrt:~# ping www.google.com
ping: bad address 'www.google.com'
root@OpenWrt:~# cat /etc/resolve.conf
search lan
nameserver 127.0.0.1
nameserver::1
If I change it to my openOpenWRTsIPsguard) the opeOpenWrtn resresolvee nameserver but after a reboot the resoresolvef revers my setting.
root@OpenWrt:~# cat /etc/resolve.conf
search lan
nameserver 192.168.20.1
nameserver ::1
root@OpenWrt:~# ping www.google.com
PING www.google.com (142.251.208.100): 56 data bytes
64 bytes from 142.251.208.100: seq=0 ttl=119 time=24.032 ms
64 bytes from 142.251.208.100: seq=1 ttl=119 time=17.753 ms
64 bytes from 142.251.208.100: seq=2 ttl=119 time=18.484 ms
64 bytes from 142.251.208.100: seq=3 ttl=119 time=17.345 ms
64 bytes from 142.251.208.100: seq=4 ttl=119 time=23.202 ms
^C
--- www.google.com ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 17.345/20.163/24.032 ms
How Can I make the config file pernament?
Well, I have this problem too. Opkg doesn't work with Adguard. Wrote 1.1.1.1 and 1.0.0.1 as dns servers on wan interface. No effect
zxc_TW
January 24, 2023, 1:40pm
#451
@mercygroundabyss Do you have the latest version of openWRT built by anaelorlinski? (Use the version of nftables + iptables compatibility packages)
same issues here too. setting dns server on wan interface have no effect.
@Reconvene9657 @Voidstranger and whoever it may concern please follow up this simple guide:AdGuard Home https://www.youtube.com/watch?v=yMcM40ipDlQ 22.03.3 with adguardhome package version 0.107.21-1
Interfaces ยป WAN -> Disable Use DNS servers advertised by peer . Don't use any Use custom DNS servers
DHCP and DNS > General settings > Disable Rebind protection . In Advanced, Change DNS server port to 54 from 53.
Open AdguardHome Setup page 192.168.1.1:3000 .
This is what my adguardhome.yaml looks:
bind_host: 192.168.1.1
bind_port: 8080
beta_bind_port: 0
users:
- name: usernamae
password: password
auth_attempts: 5
block_auth_min: 15
http_proxy: ""
language: ""
debug_pprof: false
web_session_ttl: 720
dns:
bind_hosts:
- 192.168.1.1
- 127.0.0.1
port: 53
statistics_interval: 1
querylog_enabled: true
querylog_file_enabled: true
querylog_interval: 2160h
querylog_size_memory: 1000
anonymize_client_ip: false
protection_enabled: true
blocking_mode: default
blocking_ipv4: ""
blocking_ipv6: ""
blocked_response_ttl: 10
parental_block_host: family-block.dns.adguard.com
safebrowsing_block_host: standard-block.dns.adguard.com
ratelimit: 20
ratelimit_whitelist: []
refuse_any: true
upstream_dns:
- '[/lan/]127.0.0.1:54'
- '[//]127.0.0.1:54'
- '[/pool.ntp.org/]1.1.1.1'
- '[/pool.ntp.org/]1.0.0.1'
- '[/pool.ntp.org/]8.8.8.8'
- '[/pool.ntp.org/]8.8.4.4'
- https://dns.cloudflare.com/dns-query
- https://dns.google/dns-query
- https://doh.opendns.com/dns-query
- https://blitz.ahadns.com
- https://dns.nextdns.io
- https://basic.rethinkdns.com
upstream_dns_file: ""
bootstrap_dns:
- 1.1.1.1
- 1.0.0.1
- 8.8.8.8
- 8.8.4.4
all_servers: true
fastest_addr: false
fastest_timeout: 1s
allowed_clients: []
disallowed_clients: []
blocked_hosts:
- version.bind
- id.server
- hostname.bind
trusted_proxies:
- 127.0.0.0/8
- ::1/128
cache_size: 4194304
cache_ttl_min: 3600
cache_ttl_max: 86400
cache_optimistic: true
bogus_nxdomain: []
aaaa_disabled: false
enable_dnssec: true
edns_client_subnet: false
max_goroutines: 300
handle_ddr: true
ipset: []
ipset_file: ""
filtering_enabled: true
filters_update_interval: 24
parental_enabled: false
safesearch_enabled: false
safebrowsing_enabled: false
safebrowsing_cache_size: 1048576
safesearch_cache_size: 1048576
parental_cache_size: 1048576
cache_time: 30
rewrites: []
blocked_services: []
upstream_timeout: 10s
private_networks: []
use_private_ptr_resolvers: true
local_ptr_upstreams:
- 192.168.1.1:54
serve_http3: false
use_http3_upstreams: false
tls:
enabled: false
server_name: ""
force_https: false
port_https: 443
port_dns_over_tls: 853
port_dns_over_quic: 784
port_dnscrypt: 0
dnscrypt_config_file: ""
allow_unencrypted_doh: false
certificate_chain: ""
private_key: ""
certificate_path: ""
private_key_path: ""
strict_sni_check: false
filters:
- enabled: true
url: https://adguardteam.github.io/AdGuardSDNSFilter/Filters/filter.txt
name: AdGuard DNS filter
id: 1
- enabled: true
url: https://adaway.org/hosts.txt
name: AdAway Default Blocklist
id: 2
- enabled: true
url: https://abp.oisd.nl/
name: oisd
id: 1665787488
whitelist_filters: []
user_rules: []
dhcp:
enabled: false
interface_name: ""
local_domain_name: lan
dhcpv4:
gateway_ip: ""
subnet_mask: ""
range_start: ""
range_end: ""
lease_duration: 86400
icmp_timeout_msec: 1000
options: []
dhcpv6:
range_start: ""
lease_duration: 86400
ra_slaac_only: false
ra_allow_slaac: false
clients:
runtime_sources:
whois: true
arp: true
rdns: true
dhcp: true
hosts: true
persistent: []
log_file: ""
log_max_backups: 0
log_max_size: 100
log_max_age: 3
log_compress: false
log_localtime: false
verbose: false
os:
group: ""
user: ""
rlimit_nofile: 0
schema_version: 14
I reinstalled Adguard and chose all interfaces on first settings page. Now adguard works as intended
1 Like
Tip: you could have also just removed adguardhome.yaml file instead reinstalling whole package to get on the setup page
Just for curiosity can I see your adguardhome.yaml file?
I'm using 0.108 version. Here yaml:
bind_host: 0.0.0.0
bind_port: 8080
users:
- name: adguard
password: xxx
auth_attempts: 5
block_auth_min: 15
http_proxy: ""
language: ""
theme: auto
debug_pprof: false
web_session_ttl: 720
dns:
bind_hosts:
- 0.0.0.0
port: 53
statistics_interval: 30
querylog_enabled: true
querylog_file_enabled: true
querylog_interval: 720h
querylog_size_memory: 1000
anonymize_client_ip: false
protection_enabled: true
blocking_mode: default
blocking_ipv4: ""
blocking_ipv6: ""
blocked_response_ttl: 10
parental_block_host: family-block.dns.adguard.com
safebrowsing_block_host: standard-block.dns.adguard.com
ratelimit: 150
ratelimit_whitelist: []
refuse_any: true
upstream_dns:
- https://dns.cloudflare.com/dns-query
- '[/lan/]127.0.0.1:54'
- '[//]127.0.0.1:54'
- '[/downloads.openwrt.org/]1.1.1.1'
- '[/pool.ntp.org/]1.1.1.1'
- '[/pool.ntp.org/]1.0.0.1'
- '[/ntp.time.in.ua/]1.1.1.1'
- '[/ntp2.time.in.ua/]1.1.1.1'
- '[/ntp3.time.in.ua/]1.1.1.1'
- '[/0.openwrt.pool.ntp.org/]1.1.1.1'
- '[/1.openwrt.pool.ntp.org/]1.1.1.1'
- '[/2.openwrt.pool.ntp.org/]1.1.1.1'
- '[/3.openwrt.pool.ntp.org/]1.1.1.1'
- '[/ntp.time.in.ua/]1.0.0.1'
- '[/ntp2.time.in.ua/]1.0.0.1'
- '[/ntp3.time.in.ua/]1.0.0.1'
- '[/0.openwrt.pool.ntp.org/]1.0.0.1'
- '[/1.openwrt.pool.ntp.org/]1.0.0.1'
- '[/2.openwrt.pool.ntp.org/]1.0.0.1'
- '[/3.openwrt.pool.ntp.org/]1.0.0.1'
upstream_dns_file: ""
bootstrap_dns:
- 9.9.9.10
- 149.112.112.10
- 2620:fe::10
- 2620:fe::fe:10
all_servers: false
fastest_addr: false
fastest_timeout: 1s
allowed_clients: []
disallowed_clients: []
blocked_hosts:
- version.bind
- id.server
- hostname.bind
trusted_proxies:
- 127.0.0.0/8
- ::1/128
cache_size: 4194304
cache_ttl_min: 0
cache_ttl_max: 0
cache_optimistic: false
bogus_nxdomain: []
aaaa_disabled: false
enable_dnssec: true
edns_client_subnet: false
max_goroutines: 300
handle_ddr: true
ipset: []
ipset_file: ""
filtering_enabled: true
filters_update_interval: 168
parental_enabled: false
safesearch_enabled: false
safebrowsing_enabled: false
safebrowsing_cache_size: 1048576
safesearch_cache_size: 1048576
parental_cache_size: 1048576
cache_time: 30
rewrites: []
blocked_services: []
upstream_timeout: 10s
private_networks: []
use_private_ptr_resolvers: true
local_ptr_upstreams: []
use_dns64: false
dns64_prefixes: []
serve_http3: false
use_http3_upstreams: false
tls:
enabled: false
server_name: ""
force_https: false
port_https: 443
port_dns_over_tls: 853
port_dns_over_quic: 853
port_dnscrypt: 0
dnscrypt_config_file: ""
allow_unencrypted_doh: false
certificate_chain: ""
private_key: ""
certificate_path: ""
private_key_path: ""
strict_sni_check: false
filters:
- enabled: true
url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_1.txt
name: AdGuard DNS filter
id: 1
- enabled: true
url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_2.txt
name: AdAway Default Blocklist
id: 2
- enabled: true
url: https://adguardteam.github.io/HostlistsRegistry/assets/filter_23.txt
name: WindowsSpyBlocker - Hosts spy rules
id: 1674589437
- enabled: true
url: https://easylist-downloads.adblockplus.org/advblock.txt
name: RU AdList
id: 1674589439
- enabled: true
url: https://easylist-downloads.adblockplus.org/antiadblockfilters.txt
name: Adblock Warning Removal List
id: 1674589440
- enabled: true
url: https://easylist.to/easylist/easylist.txt
name: EasyList
id: 1674589441
whitelist_filters: []
user_rules: []
dhcp:
enabled: false
interface_name: ""
local_domain_name: lan
dhcpv4:
gateway_ip: ""
subnet_mask: ""
range_start: ""
range_end: ""
lease_duration: 86400
icmp_timeout_msec: 1000
options: []
dhcpv6:
range_start: ""
lease_duration: 86400
ra_slaac_only: false
ra_allow_slaac: false
clients:
runtime_sources:
whois: true
arp: true
rdns: true
dhcp: true
hosts: true
persistent: []
log_file: ""
log_max_backups: 0
log_max_size: 100
log_max_age: 3
log_compress: false
log_localtime: false
verbose: false
os:
group: ""
user: ""
rlimit_nofile: 0
schema_version: 14
you can try
dns:
bind_hosts:
- 192.168.1.1
- 127.0.0.1
This will make your client list on home page readable without causing any issue hopefully.
Also try to achieve Average processing time below 3-5ms
cjom
January 29, 2023, 1:14pm
#458
I'm thinking about keeping my AGH automatically updated with a daily cron job running the command "/opt/AdGuardHome/AdGuardHome --update"
Is there any "don't do it" reason I am missing?
