Good evening,
would you recommend me any lists for OpenWrt? There are so many and I don't know which ones to choose, as I could risk overloading the RAM memory of my router ultimately. Thanks in advance.
Best how?
The larger the better, one would assume, but kills low ram devices.
I'm blocking 1.4 mil domains, but it's not hosted on a router.
1 Like
I use:
This currently blocks 47,351 domains. On an 800 MHz core, with a 100 Mbps connection, users browsing normally and doing DNS test (e.g. https://www.dnsleaktest.com/) could slow DNS resolution to make the Internet appear slow; or sites would just time out for a few seconds.
But yes, the domain block lists do have to be loaded in some memory or flash, dnsmasq uses more CPUs on lookups than memory (I barely see memory jump above 0% doing a leak test).
I'd be more concerned about CPUs blocking via domain.
Blocking by IPs more takes more memory...I block:
Header: family inet hashsize 65536 maxelem 131072
Size in memory: 3499624 # <---------------
References: xxxxxxxx
Number of entries: 108092
Hi,
I post here because maybe subject is related. With the following lists in figure, I have problems with android phones, it seems to no receive all notifications or receives it later. Another strange things is that google images search doesnt work well, the images are not clickable (while the link under, are).
So the questions are: which list(s) causes these or which are the suggested lists not so aggressive?
adblock-lean uses one of the well-respected Hagezi blocklists by default. The maintainer of these lists provides an excellent comparison and analysis of his various lists here:
O man... thanks! So I should disable adblock standard, right, and install it?
You mean adblock-lean? I suspect for many users a basic install of adblock-lean is set and forget. It has no dependencies and simply operates as a service file to maintain the present blocklist used in dnsmasq by updating daily and performing many different safety checks to deal with any rogue entries or bad blocklists and e.g. rollback to the previous list if there is an issue. Or if you already have something that supports dnsmasq lists then you could just keep on using that and switch to one of the Hagezi blocklists having read what he writes about the comparison of each. The findings are essentially that you don't gain much by having very large lists compared with his most basic list.
See Hagezi's recommendations here.
adblock-lean uses the Multi PRO list by default:
In my experience everything works just fine with this, minus the ads.
just installed without particular config and it works greatly, very good job!!!! Just a last question, hopefully: there is a way to see the blocked url/query as it is in adblock luci plugin?
No, since AdBlock works with DNS names only, it doesn't know anything about the URLs.
uh, I dont understand... they dont work on the same principles? intercept dns query and block them? 
Only on the DNS query, it doesn't see the rest of the URL/query.
It isn't even familiar with the HTTPS protocol.
yes ok but in the AdBlock luci plugin I see a recap of the last queries, the domain, and if they are blocked or not (the "DNS report" tab). This may help in case of troubleshooting.
Hope in the future!!! Thanks to both!!!
Not happening, you'd need to set up a MITM proxy, or similar.
DNS <> HTTPS
ah ok: you mean AdBlock is at application level (http) while adblock-lean is dns based. So my doubt is: is there a way to collect and see the dns query blocked? a file somewhere. Sorry for the questions, i'm a OpenWrt noob and it is not clear to me the relationship within dnsmasq, https-over-dns and adblock-lean... all things I use and (seem to) work but...
AdBlock beeing the Openwrt addon, or the browser addon ?
All Openwrt adblockers are DNS based.
If you need to block and/or collect HTTPS queries/URLs, there's no better place to do it, than in your browser.
AdBlock the Openwrt add on. Via Luci, there is a panel/tab called "DNS report" that shows some statistics. @Lynx: just testing better and there are some advertisement, should I do something more after the installation? EDIT: restarted the service, seems to work now
Disable DoH in your browser, and DoH or DoT on OS level.
ublock-origin for Chrome is surely one of the best if not the best adblocker extensions available at the moment. It presently even completely blocks youtube adverts in the UK.
You can only get some rudimentary stats in adblock-lean like so:
root@OpenWrt-1:~# service adblock-lean status
Checking dnsmasq instance.
The dnsmasq check passed and the presently installed blocklist has good line count: 377657.
adblock-lean appears to be active.
Generating dnsmasq stats.
dnsmasq stats available for reading using 'logread'.
Wed Jan 3 17:22:33 2024 user.notice adblock-lean: Generating dnsmasq stats.
Wed Jan 3 17:22:33 2024 daemon.info dnsmasq[1]: time 1704302553
Wed Jan 3 17:22:33 2024 daemon.info dnsmasq[1]: cache size 1000, 0/8328 cache insertions re-used unexpired cache entries.
Wed Jan 3 17:22:33 2024 daemon.info dnsmasq[1]: queries forwarded 8999, queries answered locally 3469
Wed Jan 3 17:22:33 2024 daemon.info dnsmasq[1]: queries for authoritative zones 0
Wed Jan 3 17:22:33 2024 daemon.info dnsmasq[1]: pool memory in use 0, max 0, allocated 0
Wed Jan 3 17:22:33 2024 daemon.info dnsmasq[1]: server 127.0.0.1#5453: queries sent 6682, retried 136, failed 57, nxdomain replies 28, avg. latency 87ms
Wed Jan 3 17:22:33 2024 daemon.info dnsmasq[1]: server ::1#5453: queries sent 3552, retried 206, failed 14, nxdomain replies 13, avg. latency 108ms
You add add custom entries to blacklist or whitelist as per the config:
# Path to optional local allowlist/blocklist files in the form:
# site1.com
# site2.com
local_allowlist_path="/root/adblock-lean/allowlist"
local_blocklist_path="/root/adblock-lean/blocklist"
It's just meant as set and forget - you shouldn't need to look at it for ordinary use. I don't. It just works in the background.
You can observe adverts on newspaper websites / speedtest.net gone and use this site to test (careful to disable ublock-origin for any sites used for testing purposes):