[solved] Open NAT & DoH & Simple-Adblock on OpenWrt RPi-4

vampirexox · December 13, 2020, 7:52pm

Hello
I'm not getting 'Open' NAT on my PlayStation 4 that I used to get earlier. I'm running OpenWRT on my Raspberry Pi 4, which is now acting as my main router. My current setup goes like ONT (bridge mode) -> Raspberry Pi 4 on WAN (OpenWRT, configured PPPoE, SQM, Adblock, DoH etc.,) -> Tp-Link Archer AX3000 (On Access Point operating mode).

My setup that I used to get 'Open' NAT goes something like ONT (bridge mode) -> Tp-Link Archer AX3000 (On Router mode, configured PPPoE, uPnP enabled)

I have tried port-forwarding setting Static IP for my PlayStation, installed uPnP, but nothing ever helped.

I have installed simple-adblock, since I was using DoH, but, it doesn't block any ads in all honesty.

What am I doing wrong, and how can I have a fix around these issues? Any help would be appreciated. Thanks!

anon50098793 · December 14, 2020, 8:51am

if you have not already done so... have a read through the following articles/threads;

then post your config related to your current firewall rules or upnp depending on the option you have decided to use...

vampirexox · December 17, 2020, 4:39am

I was able to get my NAT Type to Open, following your link provided, but I'm not able to get Adblock running.

These are my settings. I have enabled DNS Over HTTPS Proxy using Cloudflare & Google. That doesn't seem to be working as well.

DNS Over HTTPS Settings

ESNI Checker Result

Simple Adblock Settings

Visiting https://blockads.fivefilters.org/ shows

anon50098793 · December 17, 2020, 4:46am

what does it say in LUCI > System > startup next to the above service?

vampirexox · December 17, 2020, 4:50am

Shows enabled.

vampirexox · December 17, 2020, 5:01am

What am I doing wrong?

anon50098793 · December 17, 2020, 5:07am

well... to me... it appears to be working... on what metric are you making the assertion that it is not working?

vampirexox · December 17, 2020, 5:14am

I have included Cloudflare ESNI Results above for your reference. It says it might not be using 1.1.1.1 DNS, plus adblock never worked as well.

anon50098793 · December 17, 2020, 5:16am

one thing at a time... and please don't intermix 'adblock' and 'simple-adblock'... if you want to use simple-adblock... then 'adblock' is not supposed to be working...

vampirexox · December 17, 2020, 5:18am

I have disabled Adblock from startup, and stopped it before I installed simple-adblock.

Edit - Also, my bad, I said Adblock, I meant simple-adblock.

anon50098793 · December 17, 2020, 5:20am

probably safer to un-install 'adblock' at this point... that way we don't have to mention it again...

edit: emove 'solved' and update the thread title to better describe your request/s...

vampirexox · December 17, 2020, 5:30am

Uninstalling Adblock from Luci interface, I get this error

Removing package luci-app-adblock from root...
adblock was autoinstalled and is now orphaned, removing.
Removing package adblock from root...
Not deleting modified conffile /etc/config/adblock.
coreutils-sort was autoinstalled and is now orphaned, removing.
Removing package coreutils-sort from root...
Removing package adblock from root...
You can force removal of packages with failed prerm scripts with the option: 
	--force-remove
No packages removed.

Collected errors:
 * pkg_run_script: Internal error: adblock has a NULL tmp_unpack_dir.
 * opkg_remove_pkg: not removing package "adblock", prerm script failed

anon50098793 · December 17, 2020, 5:33am

never seen that before... you can use ssh... to run;

opkg remove --force-remove adblock luci-app-adblock

or my builds have a window called 'doCMD' in system > custom commands... but you have to add single quotes...

'opkg remove --force-remove adblock luci-app-adblock'

vampirexox · December 17, 2020, 5:41am

I restarted my Pi, and I'm not able to see Adblock anymore from "Services". Running that command on custom commands, results in "opkg: unknown sub-command adblock" - so I'm guessing it is uninstalled by now? - I can see install button next to luci-app--adblock & adblock in Software Available List.

anon50098793 · December 17, 2020, 5:43am

whoops forgot remove... edited above... but yes... your first output did kinda-look like it might have removed it...

vampirexox · December 17, 2020, 5:58am

Ok, it gives me "# doCMD.sh "opkg remove --force-remove adblock luci-app-adblock" No packages removed." - so it's removed by now.

Even after removing Adblock, simple-adblock isn't blocking ads.

anon50098793 · December 17, 2020, 6:45am

that is expected... we removed it for sanity... we have made no changes to DoH ( remember, one thing at a time?)... nor simple-adblock...

vampirexox · December 17, 2020, 6:51am

Haha, understood. simple-adblock shows its blocking 60,000+ domains with dnsmasq.servers

anon50098793 · December 17, 2020, 7:07am

in your simple-adblock settings... please click the [X] next to 'HOSTSLISTS' > "https://www.malwaredomainlist.com/hostslist/hosts.txt"

then click save and apply...

as I don't run these... and everything seems functional to me... ( no idea how to interpret the ESNI output )... this is as far as I can go... so hopefully someone else can interpret/confirm whether it's working or not...

it will help if you can paste the output of the following commands...

lsof -i -nP | grep dnsmasq
uci show dhcp | grep servers
uci show simple-adblock
uci show https-dns-proxy

frollic · December 17, 2020, 7:25am

https://www.malwaredomainlist.com/hostslist/hosts.txt currently returns an empty list,
but picking any of the domains on one of the domain lists added should generate a page
not found in the browser, with the clients using the Pi as DNS.