No DNS entries in adblock report

Hi all,

Problem:
I can't see any DNS entries in adblock report and I can not imagine that ads will be filtered...

Setup:
config adblock 'global'
option adb_enabled '1'
option adb_debug '1'
option adb_forcedns '0'
option adb_safesearch '0'
option adb_dnsfilereset '0'
option adb_mail '0'
option adb_report '1'
option adb_backup '1'
list adb_sources 'adaway'
list adb_sources 'adguard'
list adb_sources 'disconnect'
list adb_sources 'yoyo'
option adb_dns 'dnsmasq'
option adb_fetchutil 'uclient-fetch'
option adb_repiface 'br-lan'
option adb_represolve '1'
option adb_trigger 'wan'

/usr/bin/nslookup example.com
Server: 127.0.0.1
Address: 127.0.0.1:53

Non-authoritative answer:
Name: example.com
Address: 93.184.215.14

tcpdump installed.

are you blocking example.com ?

are your devices using your DNS ?

example.com will not be blocked.
All devices using openwrt DNS.
BTW banip works fine and logs all ip's.

@dibdot some assistance ?

finding out if ads are being filtered or not, should be pretty easy to test...

Yes...but I can't see any traffic, which will be not filtered as well...

traffic where ?

tcpdump the DNS port, see if it's actually queried.

Normally you can see all traffic in DNS report...not filtered and blocked DNS entries

Does it work in the CLI?

how? Any comands?

Online readme? Anyway, type /etc/init.d/adblock report

No entries, empty.

Is there a tcpdump process running?

ps | grep "tcpdump"
/usr/bin/tcpdump -nn -p -s0 -l -i br-lan port 53 -C5 -W10 -w /mnt/data/adblock/report/adb_report.pcap

To get a proper starting point:

  • stop adblock and make sure that the above process do not longer run
  • clean up your adblock report directory, esp. the pcap files
  • restart adblock

Goog morning,

following status quo:

root@OpenWrt:~# /etc/init.d/adblock report
empty
1.)
root@OpenWrt:~# ps | grep "tcpdump"
7961 root 5212 S /usr/bin/tcpdump -nn -p -s0 -l -i br-lan port 53 -C1 -W5 -w /tmp/adblock-Report/adb_report.pcap
9192 root 1316 S grep tcpdump
2.)
root@OpenWrt:~# /usr/bin/tcpdump -nn -p -s0 -l -i br-lan port 53 -C5 -W10 -w /mnt/data/adblock/report/adb_report.pcap
tcpdump: /mnt/data/adblock/report/adb_report.pcap0: No such file or directory
3.)
root@OpenWrt:~# /etc/init.d/adblock# /etc/init.d/adblock stop
Service stopped
4.)
root@OpenWrt:/tmp/adblock-Report# ls
adb_mailreport.txt adb_report.json adb_report.pcap0 adb_report.srt
root@OpenWrt:/tmp/adblock-Report# rm -rf report
root@OpenWrt:/tmp/adblock-Report# ls
root@OpenWrt:/tmp/adblock-Report#
Reports/Folder deleted
5.)
root@OpenWrt:/tmp/adblock-Report# /etc/init.d/adblock restart
Service restarted
6.)
root@OpenWrt:/tmp/adblock-Report# ls
adb_mailreport.txt adb_report.json adb_report.pcap0 adb_report.srt
7.)
-->root@OpenWrt:/tmp/adblock-Report# /etc/init.d/adblock report

root@OpenWrt:/tmp/adblock-Report#

Still empty...

Please post the output of ...

tcpdump --version

... and the output of ...

tcpdump -nn -tttt -r /tmp/adblock-Report/adb_report.pcap0

Thanks!

root@OpenWrt:/tmp/adblock-Report# tcpdump --version
tcpdump version 4.99.4
libpcap version 1.10.4 (with TPACKET_V3)

tcpdump -nn -tttt -r /tmp/adblock-Report/adb_report.pcap0

there are lots fo entries:
...
root@OpenWrt:/tmp/adblock-Report# tcpdump -nn -tttt -r /tmp/adblock-Report/adb_report.pcap0
reading from file /tmp/adblock-Report/adb_report.pcap0, link-type EN10MB (Ethernet), snapshot length 262144
2024-06-24 09:29:39.707735 IP 192.168.152.2.47871 > 51.161.34.158.53: 60508% [1au] A? psds.grapheneos.org. (48)
2024-06-24 09:29:39.708035 IP 192.168.152.2.51033 > 51.161.34.158.53: 47273% [1au] A? supl.grapheneos.org. (48)
2024-06-24 09:29:39.806554 IP 51.161.34.158.53 > 192.168.152.2.51033: 47273*- 2/0/1 RRSIG, A 54.37.41.189 (174)
2024-06-24 09:29:39.827730 IP 51.161.34.158.53 > 192.168.152.2.47871: 60508*- 0/4/1 (392)
2024-06-24 09:29:39.828630 IP 192.168.152.2.43467 > 198.251.90.93.53: 51011% [1au] A? broadcom.psds.grapheneos.org. (57)
2024-06-24 09:29:39.846795 IP 198.251.90.93.53 > 192.168.152.2.43467: 51011*- 2/0/1 RRSIG, A 54.37.41.189 (183)
2024-06-24 09:29:41.460245 IP 192.168.152.2.42239 > 205.251.197.191.53: 27502% [1au] A? location.services.mozilla.com. (58)
2024-06-24 09:29:41.461332 IP 192.168.152.2.56118 > 205.251.198.119.53: 51572% [1au] A? location.services.mozilla.com. (58)
2024-06-24 09:29:41.471199 IP 205.251.198.119.53 > 192.168.152.2.56118: 51572*-$ 1/4/1 CNAME prod.classify-client.prod.webservices.mozgcp.net. (254)
2024-06-24 09:29:41.472252 IP 192.168.152.2.46687 > 216.239.38.108.53: 22440% [1au] A? webservices.mozgcp.net. (51)
2024-06-24 09:29:41.477580 IP 205.251.197.191.53 > 192.168.152.2.42239: 27502*-$ 1/4/1 CNAME prod.classify-client.prod.webservices.mozgcp.net. (254)
2024-06-24 09:29:41.491418 IP 216.239.38.108.53 > 192.168.152.2.46687: 22440- 0/4/1 (172)
2024-06-24 09:29:41.492448 IP 192.168.152.2.64449 > 216.239.32.109.53: 40123% [1au] A? prod.webservices.mozgcp.net. (56)
2024-06-24 09:29:41.513466 IP 216.239.32.109.53 > 192.168.152.2.64449: 40123- 0/4/1 (177)
2024-06-24 09:29:41.514305 IP 192.168.152.2.25671 > 216.239.36.107.53: 4251% [1au] A? classify-client.prod.webservices.mozgcp.net. (72)
2024-06-24 09:29:41.553718 IP 216.239.36.107.53 > 192.168.152.2.25671: 4251- 0/4/1 (193)
2024-06-24 09:29:41.554575 IP 192.168.152.2.26590 > 216.239.36.110.53: 15384% [1au] AAAA? prod.classify-client.prod.webservices.mozgcp.net. (77)
2024-06-24 09:29:41.594717 IP 216.239.36.110.53 > 192.168.152.2.26590: 15384*- 0/1/1 (170)
2024-06-24 09:29:54.924945 IP 192.168.152.2.64954 > 173.245.59.148.53: 63232% [1au] A? www2.deepl.com. (43)
2024-06-24 09:29:54.927312 IP 192.168.152.2.41513 > 108.162.193.148.53: 53020% [1au] A? www2.deepl.com. (43)
2024-06-24 09:29:54.947223 IP 173.245.59.148.53 > 192.168.152.2.64954: 63232*- 1/0/1 CNAME 733868e706dd40d3a4a0588fc39b3df8.pacloudflare.com. (103)
2024-06-24 09:29:54.948285 IP 192.168.152.2.5034 > 173.245.58.77.53: 19105% [1au] A? 733868e706dd40d3a4a0588fc39b3df8.pacloudflare.com. (78)
2024-06-24 09:29:54.949827 IP 108.162.193.148.53 > 192.168.152.2.41513: 53020*- 1/0/1 CNAME 733868e706dd40d3a4a0588fc39b3df8.pacloudflare.com. (103)
2024-06-24 09:29:54.950693 IP 192.168.152.2.29511 > 108.162.192.77.53: 31486% [1au] A? 733868e706dd40d3a4a0588fc39b3df8.pacloudflare.com. (78)
2024-06-24 09:29:54.971093 IP 173.245.58.77.53 > 192.168.152.2.5034: 19105*- 2/0/1 A 172.65.212.243, RRSIG (206)
2024-06-24 09:29:54.975287 IP 108.162.192.77.53 > 192.168.152.2.29511: 31486*- 2/0/1 A 172.65.212.243, RRSIG (206)
2024-06-24 09:29:54.978034 IP 192.168.152.2.58937 > 173.245.58.77.53: 19517% [1au] AAAA? 733868e706dd40d3a4a0588fc39b3df8.pacloudflare.com. (78)
2024-06-24 09:29:55.018436 IP 173.245.58.77.53 > 192.168.152.2.58937: 19517*- 0/4/1 (442)
2024-06-24 09:30:16.876715 IP 192.168.152.2.23473 > 172.64.33.119.53: 4744% [1au] A? identity.bitwarden.com. (51)
...

There are unknown chars after the ID (%, *) in your dump. Did you use a special DNS resolver or proxy or something like that?
Anyway, could you please send me an example pcap file to my adblock maintainers address - then I could add those variants, too.

2 Likes

Mail is out with 2 files.

New adblock 4.1.5-10 update is now available in master/23.05-branch (see https://github.com/openwrt/packages/commit/a029f01d81b021b6ab7fd24e5da7d9af03681aba for reference).

Thanks for providing the PCAP files & for testing! :slight_smile:

2 Likes

U're welcome!

Issue fixed perfectly.

1 Like