Hi,

i have tried to install adblock 1.4.0 on my router (15.05.1), but receive following errors:
opkg install adblock_1.4.3-1_all.ipk
Installing adblock (1.4.3-1) to root...
Collected errors:
* wfopen: //usr/lib/opkg/info/adblock.conffiles: Directory not empty.
* wfopen: //usr/lib/opkg/info/adblock.control: Directory not empty.
* wfopen: //usr/lib/opkg/info/adblock.postinst: Directory not empty.
* wfopen: //usr/lib/opkg/info/adblock.prerm: Directory not empty.
* wfopen: /usr/bin/adblock-helper.sh: Directory not empty.
* wfopen: /usr/bin/adblock-update.sh: Directory not empty.
* set_flags_from_control: Failed to open //usr/lib/opkg/info/adblock.control: No such file or directory.
* pkg_write_filelist: Failed to open //usr/lib/opkg/info/adblock.list: Directory not empty.
* opkg_install_pkg: Failed to extract data files for adblock. Package debris may remain!
* opkg_install_cmd: Cannot install package adblock.
* opkg_conf_write_status_files: Can't open status file //usr/lib/opkg/status: Directory not empty.

any idea?
many thanks
chris

(Last edited by tango38317 on 5 Aug 2016, 17:40)

Sorry, I have no idea. I think this is unrelated to adblock. Any special extroot configuration or something like that?

Please post the output of
   ls -la /usr/lib/opkg/info/adblock*
and 
   cat /etc/opkg.conf

Hi,

sorry for late reply:
output of: ls -la /usr/lib/opkg/info/adblock*
ls: /usr/lib/opkg/info/adblock*: No such file or directory
and:
cat /etc/opkg.conf
dest root /
dest ram /tmp
lists_dir ext /var/opkg-lists
option overlay_root /overlay
option check_signature 1

Any special extroot configuration or something like that? > i don´t think so. made my image for asus rt-n16 with own buildroot.

Version:  CHAOS CALMER (Chaos Calmer, r49378)

EDIT: FOUND MY ISSUE > USED WRONG IPK - used it from download link and not from correct "build folder for MIPS"
br
Chris

(Last edited by tango38317 on 9 Aug 2016, 14:55)

BUG (or feature)

If a TLD is blacklisted (e.g. here.com) one cannot whitelist a sub domain thereof (i.e. some.thing.api.here.com). Have to whitelist the whole TLD (to make maps from here.com work for instance).
Is there a work around or fix?

Feature!
What you like to achieve is simply not possible ... you have to whitelist "here.com" and you can optionally blacklist certain subdomains of this TLD.

hm.. here.com is blacklisted through disconnect.me - I wonder why...
Can you explain why it is not possible to resolve here.com locally and forward a dns request for subdomain.here.com to upstream dns server? Limitation of dnsmasq?

Please consult the dnsmasq manpage here, adblock uses the address feature for blocking ...

-A, --address=/<domain>/[domain/][<ipaddr>]
[...]
 so --address=/example.com/ [...] returns NXDOMAIN for example.com and all its subdomains.
[...]

(Last edited by dibdot on 14 Aug 2016, 20:00)

Thanks fot the pointer.

I've noticed that the disconnect list has a number of false positives. It's been fairly annoying. I'd suggest disabling it as a default list and enabling something like spam404 instead.

Examples for false positives? here.com is probably on the list due to their extensive client activity tracking ...

Is it so bad that access to the entire service must be denied? Clearly it is an issue if the user above is trying to make a partial whitelist but is limited in doing so. How much more could they possibly be tracking than Google does? Or is the block acceptable because they are a far lesser known mapping service.

As for other examples, I've run into at least two others myself, though have forgotten one as this was months ago. One would be the site phonearena.com which, while not being an exemplary website in and of itself, contains profiles of device specs not found on competitor sites (such as gsmarena) and having access blocked is inconvenient.

Given the trend, I find it hard to believe these are the only examples of false positives. I am simply not a fan of overly aggressive block lists. Unlike its use in a browser plugin such as ublock origin which generates a warning preload page with options, blocking at the router level will result in a blank page with no explanation.

at the end it's a personal trade-off for every list, i.e I'm using disconnect.me without any whitelisting (I have no windows mobile) while others put "here.com" on their whitelist, too. And you're right, blocking on router level is more "digital" ... but it works with all connected devices

(Last edited by dibdot on 20 Aug 2016, 07:08)

hello everyone!
i'm trying to install adblock on my openwrt router OpenWrt Chaos Calmer 15.05.1 .

I downloaded the package manually from the website and installed using "opkg install adblock_1.4.5-1_all.ipk"
then I tried to start the service "/etc/init.d/adblock start"
but I only get

root@ArcherC7:/etc/adblock# logread -e "adblock"
Sun Aug 21 22:57:45 2016 user.notice adblock[1170] info : adblock service started due to 'ifup' of 'lan' interface
Sun Aug 21 22:57:46 2016 user.notice adblock[1569] info : AP mode detected, please set local LuCI instance to ports <> 80/443

I did try changing "/etc/config/uhttpd"
        list listen_http '0.0.0.0:8080'
        list listen_http '[::]:8080'
        list listen_https '0.0.0.0:8443'
        list listen_https '[::]:8443'

but no luck

Am i missing something?
thank you very much for your help

bye!

(Last edited by hiworld on 21 Aug 2016, 22:05)

No, it's a bug ... please change /usr/bin/adblock-helper.sh like that (in line 172 changed the grep search string):

if [ -n "$(${adb_uci} -q get uhttpd.main.listen_http | grep -o ":80$")" ] ||
   [ -n "$(${adb_uci} -q get uhttpd.main.listen_https | grep -o ":443$")" ]

(Last edited by dibdot on 21 Aug 2016, 22:22)

I changed the lines, unfortunately with no luck

root@ArcherC7:~# logread -e "adblock"
Sun Aug 21 23:29:35 2016 user.notice adblock[1176] info : adblock service started due to 'ifup' of 'lan' interface
Sun Aug 21 23:29:35 2016 user.notice adblock[1577] info : AP mode detected, please set local LuCI instance to ports <> 80/443

thank you

Please Check my edited comment above, I've slightly changed the grep again...sorry.

ok now it's running!
thank you very much, it's a great job !

however I had to change my UCI listening ports, should not be using nullports?

Sun Aug 21 23:56:49 2016 user.notice adblock[3612] info : domain adblock processing started (1.4.5, r48532, 21.08.2016 23:56:49)
Sun Aug 21 23:56:49 2016 user.notice adblock[3612] info : AP mode enabled
Sun Aug 21 23:56:49 2016 user.notice adblock[3612] info : backup/restore will be disabled
Sun Aug 21 23:56:50 2016 user.notice adblock[3612] info : created volatile firewall rulesets
Sun Aug 21 23:56:50 2016 user.notice adblock[3612] info : created volatile uhttpd instances
Sun Aug 21 23:56:50 2016 user.notice adblock[3612] info : => processing source 'adaway'
Sun Aug 21 23:56:50 2016 user.notice adblock[3612] info :    source download finished (410 entries)
Sun Aug 21 23:56:51 2016 user.notice adblock[3612] info :    domain merging finished
Sun Aug 21 23:56:51 2016 user.notice adblock[3612] info : => processing source 'disconnect'
Sun Aug 21 23:56:53 2016 user.notice adblock[3612] info :    source download finished (5695 entries)
Sun Aug 21 23:56:53 2016 user.notice adblock[3612] info :    domain merging finished
Sun Aug 21 23:56:54 2016 user.notice adblock[3612] info : => processing source 'yoyo'
Sun Aug 21 23:56:55 2016 user.notice adblock[3612] info :    source download finished (2371 entries)
Sun Aug 21 23:56:55 2016 user.notice adblock[3612] info :    domain merging finished
Sun Aug 21 23:56:55 2016 user.notice adblock[3612] info : remove duplicates in separate block lists
Sun Aug 21 23:57:00 2016 user.notice adblock[3612] info : block lists with overall 6112 domains loaded
Sun Aug 21 23:57:00 2016 user.notice adblock[3612] info : firewall statistics (IPv4/IPv6): 0%/0% of all packets in prerouting chain are ad related & blocked
Sun Aug 21 23:57:00 2016 user.notice adblock[3612] info : domain adblock processing finished successfully (1.4.5, r48532, 21.08.2016 23:57:00)

(Last edited by hiworld on 21 Aug 2016, 23:24)

I just found some porn sites not blocked with shalla "porn" enabled. So I manually added the site to /etc/adblock/adblock.blacklist. But it seems not working.

The following is the example what I did:
cat >> /etc/adblock/adblock.blacklist << EOF
xxxxxx.com
EOF

But the site is still accessible.

What I am missing?

any help would be greatly appreciated.

My Router is WRT1900ACS with LEDE r1404, adblock is 1.4.8

(Last edited by huangjqiu on 10 Sep 2016, 18:16)

Changes are only evaluated when adblock get's (re-)started, either explicitly or implicitly via a WAN ifup event.

In other words, "/etc/init.d/adblock restart" (well, technically the start part of it) will include new additions/ removals from the whitelist/ blacklist into the active filtering.

No, it didn't work even after /etc/init.d/adblock restart
The site is still accessible.

Did you enable the blacklist source in the config (it's disabled by default)?

config source 'blacklist'
    option enabled '1'
    [...]

BTW, since adblock 1.4.7 you can always use the query function to check if certain domains are blocked (see onlince doc)

(Last edited by dibdot on 11 Sep 2016, 06:26)

Maybe due to the DNS cache on the client machine?

My bad, blacklist wasn't enabled. It works perfectly now.

Thanks very much!

For some reason adblock wont download lists

root@lede:~# /etc/init.d/adblock restart
adblock[22245] info : all adblock related services stopped
adblock[22402] info : domain adblock processing started (1.4.9, r1618, 18.09.2016 07:55:08)
adblock[22402] info : backup/restore will be disabled
adblock[22402] info : created volatile firewall rulesets
adblock[22402] info : created volatile uhttpd instances
adblock[22402] info : => processing source 'adaway'
adblock[22402] info :    no online timestamp
/bin/wget: unrecognized option: no-config
Usage: /bin/wget [options] <URL>
Options:
        -4                              Use IPv4 only
        -6                              Use IPv6 only
        -q                              Turn off status messages
        -O <file>                       Redirect output to file (use "-" for stdout)
        -P <dir>                        Set directory for output files
        --user=<user>                   HTTP authentication username
        --password=<password>           HTTP authentication password
        --user-agent|-U <str>           Set HTTP user agent
        --post-data=STRING              use the POST method; send STRING as the data
        --spider|-s                     Spider mode - only check file existence
        --timeout=N|-T N                Set connect/request timeout to N seconds
        --proxy=on|off|-Y on|off        Enable/disable env var configured proxy

HTTPS options:
        --ca-certificate=<cert>         Load CA certificates from file <cert>
        --no-check-certificate          don't validate the server's certificate

adblock[22402] info :    empty source download, skipped
adblock[22402] info : => processing source 'disconnect'
adblock[22402] info :    no online timestamp
/bin/wget: unrecognized option: no-config
Usage: /bin/wget [options] <URL>
Options:
        -4                              Use IPv4 only
        -6                              Use IPv6 only
        -q                              Turn off status messages
        -O <file>                       Redirect output to file (use "-" for stdout)
        -P <dir>                        Set directory for output files
        --user=<user>                   HTTP authentication username
        --password=<password>           HTTP authentication password
        --user-agent|-U <str>           Set HTTP user agent
        --post-data=STRING              use the POST method; send STRING as the data
        --spider|-s                     Spider mode - only check file existence
        --timeout=N|-T N                Set connect/request timeout to N seconds
        --proxy=on|off|-Y on|off        Enable/disable env var configured proxy

HTTPS options:
        --ca-certificate=<cert>         Load CA certificates from file <cert>
        --no-check-certificate          don't validate the server's certificate

adblock[22402] info :    empty source download, skipped
adblock[22402] info : => processing source 'yoyo'
adblock[22402] info :    no online timestamp
/bin/wget: unrecognized option: no-config
Usage: /bin/wget [options] <URL>
Options:
        -4                              Use IPv4 only
        -6                              Use IPv6 only
        -q                              Turn off status messages
        -O <file>                       Redirect output to file (use "-" for stdout)
        -P <dir>                        Set directory for output files
        --user=<user>                   HTTP authentication username
        --password=<password>           HTTP authentication password
        --user-agent|-U <str>           Set HTTP user agent
        --post-data=STRING              use the POST method; send STRING as the data
        --spider|-s                     Spider mode - only check file existence
        --timeout=N|-T N                Set connect/request timeout to N seconds
        --proxy=on|off|-Y on|off        Enable/disable env var configured proxy

HTTPS options:
        --ca-certificate=<cert>         Load CA certificates from file <cert>
        --no-check-certificate          don't validate the server's certificate

adblock[22402] info :    empty source download, skipped
ls: /tmp/dnsmasq.d/adb_list*: No such file or directory
adblock[22402] info : block lists with overall 0 domains are still valid, no update required
adblock[22402] info : firewall statistics (IPv4/IPv6): 0%/0% of all packets in prerouting chain are ad related & blocked
adblock[22402] info : domain adblock processing finished successfully (1.4.9, r1618, 18.09.2016 07:55:10)

busybox wget is not supported, please check/re-install the wget package with ssl support ('which wget' should point to /usr/bin/wget after installation).