Simple-adblock: fast, lean and fully uci/luci configurable AdBlocking


#43

simple-adblock does that by default.


#44

I've noticed it recently too. Will have to have another look at it when I have time.


#45

Thank you!


#46

Just bringing this up: https://blog.malwarebytes.com/threat-analysis/2018/02/drive-by-cryptomining-campaign-attracts-millions-of-android-users/

You may want to add these domains to the block list manually in Web UI/configs. If you know of a public list of domains/hosts which includes these bad domains and is not included in the simple-adblock config -- please let me know so I can update the default config for the package.


#47

In adblock we're using this source:

https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/hosts.txt

The example domains in your link load the malicious javascript code from on of those coinhive sites.


Adblock support thread
#48

This is true for builds > 17.01.4 adblock 2.6.2?

opkg upgrade safe if enough flash space available?

PS: Yes ;- )


#49

Thanks Dirk! I've added that source to the default config for simple-adblock 1.5.8-4. Anyone who has simple-adblock already installed should add that as "Blacklisted Hosts URL" in their own configs.


#50

Hello I'm french and I use simple adblock thank you for your wonderful work I would like to know how I can do little to translate simple adblock I can not find the file could you help me? If I can find the file to translate it, I could even send it to you so that you can share it to everyone

PS: sorry my english is no very good


#51

Thanks for volunteering to improve the package. I haven't done it myself, but as far as I understand, you need to download the templates/simple-adblock.pot file from here: https://github.com/openwrt/luci/tree/master/applications/luci-app-simple-adblock/po, and insert the translations like done here: https://github.com/openwrt/luci/blob/master/applications/luci-app-simple-adblock/po/sv/simple-adblock.po.

I think there's a special app which makes the translation process easier, but at least on macOS it's a paid app.

Maybe one of the wonderful people who have already translated the UI to other languages will chime in with better information -- I couldn't find an OpenWrt wiki article on that.


#52

Hello thank you for your answer unfortunately I have a lot of trouble using ghitub so I translated the file and you and post a request I do not know unfortunately if it works like that but I try to do the best I can for you help thank you for telling me if you see the demand :slight_smile:


#53

I'd like to try a network-wide ad blocker like this one on my newly-LEDE-flashed wr1043nd v2.1. I'm fairly new to LEDE though I have a decent amount of experience with DD-WRT and a little with OpenWRT. I flashed a stock LEDE image (did not build my own and would rather not) and simple-adblock is not available as a package when I do a search for software.

Having used Debian/Ubuntu for years I'm familiar with repositories and with alternate user repositories and configuring the package manager to use the latter. With a system like LEDE, which I guess would classify as an embedded O.S., I'm not sure whether package repositories operate in the same way.

Is the directive above ("add my repo") to be taken in much the same way as it would be for a Debian/Ubuntu system? In other words, would adding that repo make available the simple-adblock package to a running LEDE system? Or is the repo in this case one that supplies some needed files for the LEDE user who is building his own LEDE image for flashing onto some hardware to which he has access?

Clarification on that point will be appreciated. Running LEDE Reboot 17.01.4 r3560-79f57e422d here, btw.


#54

Exactly. If you add my repo to your router the simple-adblock and its accompanying luci-app-simple-adblock packages will be available to you after opkg update.

Having said that, if you don't want to deal with the custom repo and don't mind the package which is a bit slower, but way more powerful you can try adblock and luci-app-adblock from the official release repo.


#55

Can this exclude a subnet from being ad-blocked?


#56

Unless you can configure the subnet to use a different DNS server (like 8.8.8.8 directly instead of the router) -- no.

Check the adblock package, if I'm not mistaken, together with unbound you may configure it like you want.


#57

I do have the subnet getting external DNS using 'option 6' of dnsmasq.


#58

Then, unless the DNS Hijacking is set, simple-adblock should not be serving that subnet.


#59

Yes.
Considering DNS Hijacking is a firewall rule, you can create similar firewall rules via firewall rules interface and this way you can customize your DNS hijacking. This will permit you to choose which subnet of your network will be served by simple-adblock and which subnet will not .

This can be a good idea for a next version, to permit hijacking by subnet range. But you can do it now via custom firewall rules.

Simple-adblock uses the best way to block ADs by using trusted DNSBL lists, it has the same perfection as pfBlockNG from pfsense that I used for years. It should be called Greatest-adblock :slight_smile:


#60

I've been trying to get this to work for a few hours but no matter what I can still access the sites I've blocked.

I have a Linksys WRT1900AC, on firmware LEDE Reboot 17.01.4 r3560-79f57e422d / LuCI lede-17.01 branch (git-17.290.79498-d3f0685)
Kernel Version 4.4.92

I enabled debug logging and peeked at the log, nothing was complaining at the end of it but I'll grab it if you want.

I've got the dns hijacking enabled for every interface. I tried the blocked websites from a few devices and nothing seems to be blocked : (

EDIT: Actually I think I know what's going on. I have set a custom DNS server, because I don't want to use comcast's dns, I want to use cloudflare's. I set this in the settings for the interfaces: 29%20PM

Am I goofing this up?


#61

I completely started over. All I've done is set up the wireless interfaces, then installed and added domains to the adblock. This still does not work at all. Help??


#62

@UnbendableStraw, I'm using dnscrypt-proxy to avoid my ISP's DNS server, i'll try to reproduce your issue...
Afaik domain blocking works fine for me. I'm using davidc's latest build with my WRT3200acm.

edit: I've just tested domain blocking and it works fine for me... I'm not using anything special setup, just the following custom firewall rules to enforce my routers DNS server for android clients aso. (lan + guest):

iptables -t nat -I PREROUTING -i br-lan -p udp --dport 53 -j REDIRECT --to-port 53
iptables -t nat -I PREROUTING -i br-lan -p tcp --dport 53 -j REDIRECT --to-port 53
iptables -t nat -I PREROUTING -i br-guest -p udp --dport 53 -j REDIRECT --to-port 53
iptables -t nat -I PREROUTING -i br-guest -p tcp --dport 53 -j REDIRECT --to-port 53

And i ticked "Flush DNS Cache" + "Force Local DNS" in my adblock config.
I'm not sure why it doesn't work for you... Maybe you should try out Davidc's build, i can definitely recommend his builds ! :wink: