Is it feasible to use Adblock-Fast in combination with DoH HTTPS-DNS-PROXY?

I have a Xiaomi 4C (16MB Flash, 64MB RAM) on a 100 MBit Internet connection with OpenWRT 23.05.3 serving a single host on LAN.

On this router I have installed DoH with HTTPS-DNS-Proxy with the excellent Luci GUI and the default DNS resolvers (Cloudflare / Google):

My question is, considering the mentioned hardware, if it is feasible to extend this setup with the Adblock-Fast package for adblocking?

Is Adblock-Fast simply "plug and play" or would it interfer with the previously mentioned DoH setup?

Is the routers RAM of 64MB sufficient?

I appreciate your feedback!

Yes, this is definitely a suitable configuration as the two packages are orthogonal and complementary bits of the same puzzle.

The dns proxy allows you to "privatize" your outgoing DNS queries, and the adblock package allows you to intercept (and sometimes discard) DNS queries before they get that far.


@efahl has already provided a sufficient answer for packages compatibility, I'll just add the adblock-fast configuration/usage bits.

By default all the source block-lists in adblock-fast config are disabled. For the routers with 64Mb RAM I'd start with enabling all the lists which are under 1Mb in size (the sizes are reported in the WebUI next to the check-box to enable/disable source block-list).

There's a free RAM check built into the adblock-fast binary, so if you select the lists which together exceed the RAM required for downloading, processing and combining source block-lists into one custom list, it just wouldn't run and you should get an error in WebUI.


Thanks @efahl and @stangri ! So from your comments I understand that adblock-fast will not interfer with my DoH https-dns-proxy setup, but rather complement the existing DNS encryption by blocking specific DNS requests to undesired / malicious domain names.

I guess I will test to enable the host files of less then 1 MB as suggested. However, are there any recommendations for specific host lists to ensure a good level of protection while keeping a lean setup to save hardware resources (RAM / CPU usage)?

Also, can you recommend any websites that let you test in the browser how effectively your adblocking is working or if there are any gaps? Similar to test websites for DNS encryption...

Thank you!

Here’s a couple that have been mentioned in other threads and

1 Like

yes, large majority of those tests need the web-browser blocking (essentially parsing the HTML page for elements) as domain-blocking alone cannot achieve the same effect as parsing HTML page for potential ad elements.

1 Like

So would you recommend to use adblock-fast in combination with a browser extension like uBlock?

In my opinion the risk of adding an extension to the browser outweighs minimal intrusion from ads I still see without going deep in adding domains to the lists I use with the adblock-fast. So no, I personally can't recommend it, but I see why people use them. :wink:

Too many extensions were quietly sold to a third party which then started doing unsavoury things in them.


Ok, so adblock-fast should be sufficient then without any additional browser extensions?

Well, it depends. Do you want to block ads in youtube videos or similarly embedded content? Then you have no choice but to use something like uBlock, because no DNS-based solution can detect that.

1 Like

DNS based ad blocking (pretty much regardless of the actual implementation) can only be a 30% solution at best, it has no understanding of the code flow (the contents) of your web pages, it only has a -limited by design- blacklist of domain names that are known for unwanted stuff.

…but these 30% are often the most annoying parts of it, so killing those off might be 'enough' to appease your experience without spending more effort into it.


The only browser extensions I use in Chrome and Firefox are uBlock and Noscript. Are there any valid security concerns regarding these extensions?


None that I'm aware of, those both are plugins with very high reputation and long-standing utility...