OpenWRT Raspberry Pi 4b WiFi Router with adblock

Not a question, but a "how to". I had a difficult time finding good instructions for how to build a basic wifi router with adblocker.

Here is what I did, and it is easily repeatable, in my opinion. I hope this helps others to get started.

OpenWRT Raspberry Pi 4b WiFi Router with adblock.

Flash OpenWRT image to a micro SD card.

Use gparted to expand the rootfs partition to fill the micro SD card.

Turn off (disable) wifi on your computer.
Unplug Ethernet cable coming from your router to your computer.
Verify that you are not connected to any other network.
Connect Raspberry Pi to your computer via Ethernet cable.
Insert the CF card into your Raspberry Pi.
Power on and boot up the Raspberry Pi.
Raspberry Pi will assign your computer an IP 192.168.1.x.
There's no password yet. Click Login.

System > Administration
Router Password password
Click Save

Network > Wireless
Enable Wireless
Edit Network
Device Configuration
Advanced Settings
Country Code - US - United States
Interface Configuration
Wireless Security
Encryption WPA2-PSK (strong security)
Cipher auto
Key password
Click Save

Network > Interfaces
Add new interface...
Name - wan
Protocol - DHCP client
Device - Ethernet Adapter: "eth0"
Click Create interface
Firewall Settings
Create / Assign firewall-zone - wan
Click Save
Edit lan interface
General Settings
Device - Wireless Network: Master "OpenWrt" (lan)
Click Save
Click Save & Apply

Within 90 seconds...
Disconnect Ethernet cable from Raspberry Pi
Turn on (enable) wifi on your computer
Connect to OpenWRT SSID with the password
This will apply the changes made to the interfaces.

Connect Ethernet cable from ISP Modem/Router to the Raspberry Pi.

System > Reboot
Perform reboot

Use a browser without an adblocker extension installed.
Use incognito mode so that you have no browser cache.

You will see ads Left, Right and Top on screen.

System > Software
Update lists...
Install adblock
Install luci-app-adblock
Install tcpdump
Install ddns-scripts
Install luci-app-ddns
Install openvpn-openssl
Install luci-app-openvpn

System > Reboot
Perform reboot

Services > Adblock
Enabled - (check)
Startup Trigger Interface - wan
Force Local DNS - (check)
Forced Zones - lan wan
Forced Ports - 53 853 5353
This will add 6 entries in the Firewall Port Forwards
DNS Report - (check)
Click Save & Apply

Network > Firewall
Port Forwards
Verify Adblock DNS Port Forwards are listed

System > Reboot
Perform reboot

Open browser without adblocker extension installed.
Use incognito mode so that you have no browser cache.

You may see boxes where ads were located before, but no ads.

Try other sites like or or

Let me know if this was helpful.


I don't think this is necessary now in retrospect. I saw a YouTuber do it when I was learning how install OpenWRT, so I did it to mine. I haven't seen any other instruction saying to do that. Maybe later I'll make a partition for something else if I decide what to do with the extra space on the card.

I did not know what the difference between SquashFS and ext4 before I built my first working OpenWRT Pi Router. But now that I've read the differences between them, I went with SquashFS and rebuilt my router at this early stage instead of waiting. I knew, I would always want to change it, and If I keep tweaking my setup, it just gets harder to redo it in the future.

Very nice job. I'd love to see a walkthrough like this for a wireless bridge on a Raspberry Pi4 where it gets internet from the wireless and bridges it to the Ethernet port AND keeps the same subnet as the main router, i.e., no DHCP server handing out IP on the Pi and the eth0 port getting an IP from the main router.

I'd also like to add a second radio and turn it into a repeater too where wireless clients on the second radio also stay on the same subnet as the main router and get their IP from the main router. Have not found a reliable dongle for the second radio.

USB that just works.

Very nice job. I'd love to see a walkthrough like this for a wireless bridge on a Raspberry Pi4 where it gets internet from the wireless and bridges it to the Ethernet port AND keeps the same subnet as the main router, i.e., no DHCP server handing out IP on the Pi and the eth0 port getting an IP from the main router.

If you use the firmware configure, and use 'Customize installed packages and/or first boot script' it will bind eth0 to radio0 on the lan with a bridge.]( IOW both the radio and the Ethernet will be on the lan. You will need to remove the radio0 and then add it as a wan WDS client device in LuCi. The in-router bridge will traffic between them.

From there someone can tell you how to use WDS for the wireless client..

I’ve tried two on that list and they work as receivers fine temporarily but not as transmitters. Even as receivers, they spontaneously stop working and the log says, “beacon lost” and no way to recover short of a reboot. There’s still things to work out on the firmware.

I’ve tried to follow YouTube videos and official Openwrt instructions online to do this, but they aren’t a step by step process easily followed and are somewhat dated as the firmware evolved. I’ve tried it with WDS, mesh, and relayd but no success. Figuring out interfaces and devices and firewall and bridge interfaces and protocols and settings is not so straightforward as the videos and written instructions pretend. Connecting what to what is a trial and error effort. I’ve been doing it like old video games where you save a configuration to go back a step if you screw something up. It would be nice if there was a repository of backups with generic wifi settings of various configurations of OpenWrt people could use and maybe a list of packages to install from the firmware configuration area. This is why I found the step by step here most helpful — but it too is now dated as the Adblock setup has changed from when these instructions were posted.

Usually daemon.notice wpa_supplicant[707]: wlan1: CTRL-EVENT-BEACON-LOSS does not cause a disconnect. It happened with me when the client radio(on the WWAN) and the AP ( on the wlan) radio were on the same channel or over lapping a channel some AH was running 40Mhz on. Now it happens occasionally and I know nothing about how to edit the WPA supplicant.

I agree. I do not use WDS (because I want to connect to APs that I have no control over)
I have not found a post that uses two radios with a pi.
I've found plenty that use a USB ethernet dongle on a pi zero w or pi zero 2 and get ~ 100Mb/s while I'm only getting 5Mb/s consistently and up to 10Mb/s (with 2 radios) occasionally, according to task manager set to update low and traffic in real time logs on the router (which is every 3 seconds) which shows it is not a random peak..

I do not see it getting any better. But I'll dawdle around until I find something else to entertain me.

The gurus really do not like using Raspberry pi for a router. Aside from the internal antennas being terrible there are too many variables (like what chipset the USB dongle is using).

Just out of curiosity:

What are the two you tried?

The Panda PAU04 and the CanaKit BC19675. Just looking at the list, they have the same chip. Which of the others might be worth trying?

I’ve successfully got it to work, just not reliably. I set up the dongle as the receiver and the built in radio as the transmitter. However it craps out and is slow even when working. The Pi probably can’t do it. I have not successfully got it to work with everything in the same IP range and subnet. Much trial and error left. I bought 10 4gb sd cards and I’ll try different setups on different chips until I get something working.

ALFA AWUS036ACHM is the one he really likes and say it plays nice with Pi 4.

If you set the Pi up to use your base (the Pis wwan AP)as a dhcp server and disable dhcp on the pi, it still won't play nice?

I should add that the recommendation here in the forums is to use WDS for that setup.

1 Like

I'm sorry, I should have addressed this:

That is not a driver issue. Many USB chipsets are client only. On that list [1] means they have tried it and if it is client mode only they notate it with [4].
The ALFA AWUS036ACHM also has a [2] which means they have tested it and it will do both client and AP modes.

I'm using a Alfa AWUS036NH which if you use the software that comes with it in Windows, will do both at the same time.


So, I tried it: using the Alfa as both in OpenWrt and it worked for about 3 seconds and then would cycle on and off. But maybe if you used the ALFA AWUS036ACHM 2.4GHz for client and 5GHz for the AP it might work. Mine is 2.4 only.

1 Like

These instructions work.

Wireless Bridge with relayd setup

1 Like

I'll have to dive deeper into relayd. I tried it and nothing improved but I'm sure I configured it wrong.
I'm going for something different than you: I'm, trying to make a travel router to isolate my devices from whatever AP/hotspot I connect to.

This works for that:

Network Chuck's Travel Router Project for Rp4

Thank you.

He was the first person I thought of when you said

His instructions are to open up the firewall and I was quickly told here that was poor firewall etiquette.

I presume he did this to allow logins that have a portal and it forwards the portal to a client but OpenWrt has an answer for that.

[]This is what I have done

Are the below packages needed for proper operation, or extra for your configuration?

I see that it does need these packages...

DNS Report -
Gather DNS related network traffic via tcpdump and provide a DNS Report on demand. Please note: this needs additional 'tcpdump' or 'tcpdump-mini' package installation and a full adblock service restart to take effect.