Using Adblock alongside WireGuard

Hello everyone. I have a TP-Link TD-W8970 Modem/Router with OpenWRT 18.06.1. I configure wireguard protocol and make two separate networks: one for regular WAN and another one for wireguard tunneled WAN. Here is my network file:

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr ''
	option netmask ''

config globals 'globals'
	option ula_prefix 'fdee:aa0c:26fa::/48'

config atm-bridge 'atm'
	option encaps 'llc'
	option payload 'bridged'
	option nameprefix 'dsl'
	option vci '35'
	option vpi '0'

config dsl 'dsl'
	option annex 'a'
	option tone 'av'
	option ds_snr_offset '0'

config interface 'lan'
	option type 'bridge'
	option ifname 'eth0.1'
	option proto 'static'
	option ip6assign '60'
	option netmask ''
	option ipaddr ''

config interface 'wan'
	option ifname 'dsl0'
	option proto 'pppoe'
	option ipv6 '1'
	option password '***'
	option peerdns '0'
	option username '***'
	option force_link '1'
	list dns ''
	option pppd_options 'debug'
	option keepalive '50 5'

config device 'wan_dsl0_dev'
	option name 'dsl0'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '0 2 4 5 6t'

config interface 'wgNet'
	option proto 'wireguard'
	option force_link '1'
	option private_key '***'
	list addresses '****/32'
	list addresses '****/120'

config wireguard_wgNet
	option public_key '***'
	list allowed_ips ''
	list allowed_ips '::0/0'
	option endpoint_port '***'
	option endpoint_host '****'

config interface 'WGLOCAL'
	option proto 'static'
	option netmask ''
	option ipaddr ''
	option ip6assign '64'

config route
	option interface 'wgNet'
	option target ''
	option netmask ''
	option table 'wgvpn'

config rule
	option in 'WGLOCAL'
	option src ''
	option lookup 'wgvpn'

config route
	option target ''
	option netmask ''
	option interface 'lan'
	option table 'wgvpn'

Now, I want to use adblock for my networks. No problem with LAN, But I can't use adblock solution for my wireguard network. Maybe you've already noticed why, If not I posted it before.

Short explanation: my DNS traffic doesn't pass through wireguard tunnel by using DHCP(DNS Leak Problem), So I had to set static DNS on each client. DNS Leak Problem resolved using this trick, but now I can't using adblock for this interface.

I guess I must look for a solution that forward all device DNS queries to wireguard interface, not directly to the WAN.

Hi again. Can anybody help me with this? I just looking for a way to forward all Device DNS queries to other Interface.

Yes you can. Redirect the traffic to the DNS server running Adblock (or router set to use it).

1 Like

Currently adblock running by OpenWRT, Also Wireguard. If I choose OpenWRT for DNS Server on my clients(Like Windows and Mobile Phones), OpenWRT resolve my requests and adblock also work correcly. But the problem is: If the OpenWRT going to resolve my DNS Queries, it does not pass them through wireguard interface, It pass them using direct wan, and because of my ISP have DNS Filtering, I cannot access facebook and etc... even duo I uses wireguard.

Then set the IPs of all WAN DNS servers to use a route via Wireguard.

1 Like

Ok... But how?

1 Like

I wrote it down like this, but it didn't work anyway:

config route
	option target ''
	option netmask ''
	option interface 'lan'
	option table 'wgvpn'

Also I check it using traceroute and tracert in Windows OS.
What did I wrong?

You have a table named wgvpn?

I don't think you need this.

And your interface needs to be the WG, correct?

1 Like

Yes, I created that since I have a separate network for my wireguard.