Hi everyone! I just setup AdGuard Home on my AVM FritzBox 7530 running OpenWrt 25.12.0-rc4. Currently all my clients are able to use the internet, however, the router itself has partial internet connectivity.
For example:
root@MainRouter:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=114 time=180.498 ms
64 bytes from 8.8.8.8: seq=1 ttl=114 time=88.188 ms
64 bytes from 8.8.8.8: seq=2 ttl=114 time=78.468 ms
64 bytes from 8.8.8.8: seq=3 ttl=114 time=116.670 ms
64 bytes from 8.8.8.8: seq=4 ttl=114 time=82.614 ms
64 bytes from 8.8.8.8: seq=5 ttl=114 time=88.348 ms
64 bytes from 8.8.8.8: seq=6 ttl=114 time=82.723 ms
root@MainRouter:~# ping google.com
ping: bad address 'google.com'
Same thing goes for nslookup and traceroute:
root@MainRouter:~# traceroute google.com
traceroute: bad address 'google.com'
root@MainRouter:~# nslookup google.com
nslookup: write to '127.0.0.1': Connection refused
nslookup: write to '::1': Connection refused
;; connection timed out; no servers could be reached
root@MainRouter:~# nslookup 8.8.8.8
nslookup: read: Connection refused
nslookup: read: Connection refused
nslookup: read: Connection refused
nslookup: read: Connection refused
;; connection timed out; no servers could be reached
root@MainRouter:~# traceroute 8.8.8.8
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 46 byte packets
1 10.75.140.55 (10.75.140.55) 6.163 ms 4.721 ms 4.180 ms
2 * * *
3 10.10.206.113 (10.10.206.113) 65.016 ms 63.241 ms 71.471 ms
4 10.10.206.229 (10.10.206.229) 69.366 ms 66.031 ms 68.179 ms
5 172.17.73.5 (172.17.73.5) 69.923 ms 192.085 ms 139.120 ms
6 172.17.60.57 (172.17.60.57) 756.033 ms * *
7 202.125.137.228 (202.125.137.228) 77.129 ms 241.007 ms 108.171 ms
8 10.253.4.50 (10.253.4.50) 63.950 ms * 83.724 ms
9 10.253.4.26 (10.253.4.26) 75.201 ms 10.253.4.8 (10.253.4.8) 75.855 ms 10.253.4.26 (10.253.4.26) 69.080 ms
10 * * *
11 * * *
12 8.8.8.8 (8.8.8.8) 86.406 ms 87.069 ms 87.007 ms
I have used the AdGuard Home configuration setup available here at the OpenWrt Wiki. I also searched here at the forum and found one or two posts but still the same thing.
My configurations are as follows:
cat /etc/config/network
root@MainRouter:~# cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option packet_steering '0'
option dhcp_default_duid '000498ce20052b454090827451b5460b4b0b'
config atm-bridge 'atm'
option vpi '0'
option vci '103'
option encaps 'llc'
option payload 'bridged'
option nameprefix 'dsl'
config dsl 'dsl'
option annex 'a'
option ds_snr_offset '0'
config device
option name 'br-lan'
option type 'bridge'
option stp '1'
option ipv6 '0'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
list ports 'lan1.20'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option netmask '255.255.255.0'
option ipaddr '192.168.1.1'
config device
option name 'dsl0'
config interface 'wan'
option device 'br-wan'
option proto 'pppoe'
option username '####'
option password '####'
option ipv6 '1'
option peerdns '0'
option metric '1024'
option keepalive '3 10'
list dns '8.8.8.8'
list dns '8.8.4.4'
config interface 'ptcl'
option proto 'dhcp'
option device 'lan1'
option defaultroute '0'
config device
option type 'bridge'
option name 'br-wan'
list ports 'lan1.10'
list ports 'dsl0.10'
config interface 'wgvpn0'
option proto 'wireguard'
option private_key '####'
list dns '10.2.0.1'
list addresses '10.2.0.3/32'
config wireguard_wgvpn0
option description 'PROTON VPN'
option public_key '####'
option endpoint_host '185.177.125.4'
option endpoint_port '51820'
list allowed_ips '0.0.0.0/0'
config interface 'wgserver0'
option proto 'wireguard'
option private_key '####'
option listen_port '51000'
list addresses '192.168.5.1/24'
config wireguard_wgserver0
option description 'Peer 1'
option public_key '####'
option preshared_key '####'
option endpoint_port '51000'
option persistent_keepalive '25'
option route_allowed_ips '1'
list allowed_ips '192.168.5.2/32'
config wireguard_wgserver0
option public_key '####'
option private_key '####'
option description 'Peer 2'
option preshared_key '#####'
option endpoint_port '51000'
option persistent_keepalive '25'
option route_allowed_ips '1'
list allowed_ips '192.168.5.3/32'
config interface 'wwan'
option proto 'dhcp'
option device 'phy0-sta0'
cat /etc/config/dhcp
root@MainRouter:~# cat /etc/config/dhcp
config dnsmasq
option domainneeded '1'
option localise_queries '1'
option rebind_protection '0'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option cachesize '1000'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option localservice '1'
option ednspacket_max '1232'
list addnmount '/var/run/pbr.dnsmasq'
option port '5353'
option noresolv '1'
list server '192.168.1.1'
option dnsforwardmax '1024'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '24h'
option dhcpv4 'server'
option force '1'
list dhcp_option '6,192.168.1.1'
list dhcp_option '3,192.168.1.1'
config dhcp 'wan'
option interface 'wan'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/odhcpd.leases'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
option piodir '/tmp/odhcpd-piodir'
option hostsdir '/tmp/hosts'
config host
option name 'AhmarAftab-RA'
option ip '192.168.1.181'
option leasetime 'infinite'
list match_tag 'known'
option instance 'cfg01411c'
cat /etc/config/adguardhome
config adguardhome 'config'
# All paths must be readable by the configured user
option config_file '/etc/adguardhome/adguardhome.yaml'
# Where to store persistent data by AdGuard Home
option work_dir '/mnt/sda1/adguardhome'
option user 'root'
option group 'root'
option verbose '0'
# Files and directories that AdGuard Home has read-only access to
# list jail_mount '/etc/ssl/adguardhome.crt'
# list jail_mount '/etc/ssl/adguardhome.key'
cat /etc/adguardhome/adguardhome.yaml
http:
pprof:
port: 6060
enabled: false
address: 192.168.1.1:8080
session_ttl: 720h
users:
- name: root
password: $2a$10$jfhH7jdxvNEZhgboKWlOd.lsopc3RvfTXkxNW3OUP0V34QVjp1tg2
auth_attempts: 5
block_auth_min: 15
http_proxy: ""
language: ""
theme: auto
dns:
bind_hosts:
- 192.168.1.1
port: 53
anonymize_client_ip: false
ratelimit: 20
ratelimit_subnet_len_ipv4: 24
ratelimit_subnet_len_ipv6: 56
ratelimit_whitelist: []
refuse_any: true
upstream_dns:
- '[/lan/]127.0.0.1:5353'
- '[//]127.0.0.1:5353'
- '[/pool.ntp.org/]1.1.1.1'
- '[/pool.ntp.org/]1.0.0.1'
- https://unfiltered.adguard-dns.com/dns-query
upstream_dns_file: ""
bootstrap_dns:
- 9.9.9.10
- 149.112.112.10
- 2620:fe::10
- 2620:fe::fe:10
fallback_dns:
- 8.8.8.8
- 8.8.4.4
upstream_mode: load_balance
fastest_timeout: 1s
allowed_clients: []
disallowed_clients: []
blocked_hosts:
- version.bind
- id.server
- hostname.bind
trusted_proxies:
- 127.0.0.0/8
- ::1/128
cache_enabled: true
cache_size: 4194304
cache_ttl_min: 0
cache_ttl_max: 0
cache_optimistic: false
cache_optimistic_answer_ttl: 30s
cache_optimistic_max_age: 12h
bogus_nxdomain: []
aaaa_disabled: false
enable_dnssec: false
edns_client_subnet:
custom_ip: ""
enabled: false
use_custom: false
max_goroutines: 300
handle_ddr: true
ipset: []
ipset_file: ""
bootstrap_prefer_ipv6: false
upstream_timeout: 10s
private_networks: []
use_private_ptr_resolvers: true
local_ptr_upstreams:
- 127.0.0.1:5353
use_dns64: false
dns64_prefixes: []
serve_http3: false
use_http3_upstreams: false
serve_plain_dns: true
hostsfile_enabled: true
pending_requests:
enabled: true
tls:
enabled: false
server_name: ""
force_https: false
port_https: 443
port_dns_over_tls: 853
port_dns_over_quic: 853
port_dnscrypt: 0
dnscrypt_config_file: ""
allow_unencrypted_doh: false
certificate_chain: ""
private_key: ""
certificate_path: ""
private_key_path: ""
strict_sni_check: false
querylog:
dir_path: ""
ignored: []
interval: 2160h
size_memory: 1000
enabled: true
file_enabled: true
statistics:
dir_path: ""
ignored: []
interval: 24h
enabled: true
filters:
- enabled: false
url: https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/multi.txt
name: Hagezi Multi Normal
id: 1771688127
- enabled: true
url: https://cdn.jsdelivr.net/gh/hagezi/dns-blocklists@latest/adblock/pro.txt
name: Hagezi Multi Pro
id: 1771688128
whitelist_filters: []
user_rules: []
dhcp:
enabled: false
interface_name: ""
local_domain_name: lan
dhcpv4:
gateway_ip: ""
subnet_mask: ""
range_start: ""
range_end: ""
lease_duration: 86400
icmp_timeout_msec: 1000
options: []
dhcpv6:
range_start: ""
lease_duration: 86400
ra_slaac_only: false
ra_allow_slaac: false
filtering:
blocking_ipv4: ""
blocking_ipv6: ""
blocked_services:
schedule:
time_zone: UTC
ids: []
protection_disabled_until: null
safe_search:
enabled: false
bing: true
duckduckgo: true
ecosia: true
google: true
pixabay: true
yandex: true
youtube: true
blocking_mode: default
parental_block_host: family-block.dns.adguard.com
safebrowsing_block_host: standard-block.dns.adguard.com
rewrites: []
safe_fs_patterns:
- /mnt/sda1/adguardhome/userfilters/*
safebrowsing_cache_size: 1048576
safesearch_cache_size: 1048576
parental_cache_size: 1048576
cache_time: 30
filters_update_interval: 24
blocked_response_ttl: 10
filtering_enabled: true
rewrites_enabled: true
parental_enabled: false
safebrowsing_enabled: false
protection_enabled: true
clients:
runtime_sources:
whois: true
arp: true
rdns: true
dhcp: true
hosts: true
persistent: []
log:
enabled: true
file: ""
max_backups: 0
max_size: 100
max_age: 3
compress: false
local_time: false
verbose: false
os:
group: ""
user: ""
rlimit_nofile: 0
schema_version: 32
If you guys require some more information, do let me know. Thanks in advance.