AB-Solution - The Ad Blocking Solution

[Butterfly Bones]

great thanks. Its an arm7I

Now I just need to figure out the command to install it

Download to the router home directory, should be /tmp/home/root#
Then run this command on the script:

chmod a+rx <name_of_script>

then you can run it with
sh <name_of_script>

 

[Spydawg]

thanks

 

[Butterfly Bones]

fingers crossed

 

[skeal]

@thelonelycoder It would seem that clearing cookies and cache and content settings in Chrome gets rid of the banner known as "Tim".

This does not work. I was wrong.

 

[skeal]

@thelonelycoder My snbforums is missing adds. It seems when there are no adds there is the banner when I have adds no banner.

 

[Spydawg]

fingers crossed

Well as soon as I install entware the USB drive gets corrupted or something, it gets unmounted and throws out errors in router log..
Same after a router reboot..
Reformating jffs partition and USB device and starting again... I have no idea..

I guess I can live without the pixelserv for now.. don't know why it worked 6 months ago without any issues and now this...

 

[Butterfly Bones]

Well as soon as I install entware the USB drive gets corrupted or something, it gets unmounted and throws out errors in router log..
Same after a router reboot..
Reformating jffs partition and USB device and starting again... I have no idea..

I guess I can live without the pixelserv for now.. don't know why it worked 6 months ago without any issues and now this...

I'm guessing your USB drive has failed. Try another one.

 

[Spydawg]

its the 3rd one I tried, first one died failed after 6-7 months in this router running great.
I picked up 2 8g Lexars at best buy, tried yesterday with one and today with the other one..
They also pass formats (quick format off)

I'll try another though

 

[Butterfly Bones]

That is weird, I have no more educated guesses left. Someone with more knowledge will likely solve this. Good luck.

 

[Spydawg]

Thanks for the help

 

[skeal]

Possible resolve for the Tim Banner
Ok I have been testing this for a half hour now and it seems to work.
Are you an AB-Solution user that uses Chrome (not Chromium) as your browser?
Go into settings in Chrome and Advanced then scroll to Content settings.
Open Content settings and scroll to Add Blocking then click it.
Switch the slide to on and the setting should change to Allowed.
Back out of Content settings and clear browser cache including content settings feature and cookies.
Close Chrome.
Re-open Chrome and open some website first.
Then open SNBForums and check for Tim's warning in my case it's gone and seems to stay gone for now.
Hope this works for you.

 

[Descartes]

If you have Policy Rules enabled, ABS will not work over the tunnel unless you make some config changes. It has to do with the way DNS is handled when using Policy Rules. I explain this in more detail and have documented the changes you will need to make here https://x3mtek.com/torguard-openvpn-2-4-client-setup-for-asuswrt-merlin-firmware/

Thanks for the information. It is appreciated.

 

[Spydawg]

That is weird, I have no more educated guesses left. Someone with more knowledge will likely solve this. Good luck.

Well... I tried another USB device, and it works now.. So, I'll be returning these 2 8g lexar to best buy for replacements.. damn things.. Thanks for all the help!

 

[Butterfly Bones]

Good, glad you got it working!

 

[Sebastien Bougie]

Hello,

Quick question, everytime i reboot the router and start ab-solution i get a Fixing Entware Path. I uninstall AB Solution and Entware and after a reboot same thing...

Can someone tell me how to fix this?

Thanks

 

[Clark Griswald]

@thiggins @thelonelycoder
RE: Tim's Banner
This site is helpful and informative, and I have zero problems with the ads for this site.
I try to always hit the Amazon link, prior to buying, so that SNB is able to get "credit" from my purchases.
Please inform the noobs, such as myself, what to whitelist, or could you have the Ab Solution update, so the proper ads are allowed?
Thank You

 

[skeal]

@thiggins @thelonelycoder
RE: Tim's Banner
This site is helpful and informative, and I have zero problems with the ads for this site.
I try to always hit the Amazon link, prior to buying, so that SNB is able to get "credit" from my purchases.
Please inform the noobs, such as myself, what to whitelist, or could you have the Ab Solution update, so the proper ads are allowed?
Thank You

I found my problem to be in Chrome itself. Chrome has an add blocker in Content Settings and I changed the value to "allowed" relaunched Chrome and it was gone and still is.

 

[Flipmode11]

Really keen to get this up and running but a few queries...

Given the fact so many people have had major issues with storage, has anyone created a separate 'Removal & Cleanup Script', should problems like this be experienced?? i.e. Rather than (from what I understand) having to Format the entire JFFS partition and all USB partitions and lose ALL settings, logs, stats, data, etc? Thanks!

Start by installing amtm. Then run the install for AB-Solution and include pixelserv-tls in the install process this will properly install Entware. Reload the amtm menu to get the colours. Next step could be DNSCrypt or Skynet but in Skynet or in amtm create a swap file as Skynet will require it on your model. If you go from AB-Solution to Skynet install; Skynet setup will require you to use a swap file. Your usb drive must be at least 500mb for this reason.

May I confirm your instructions to make them a little more clear? I find most instructions here very vague, not listing benefits or disadvantages - trying understand add-on sequence, limitations and installation.

Install AMTM terminal menu.
Run the AB-Solution install.
Include add-on 'PixelServ-TLS' (n.b. Arch64/64bit for AC86u, 32bit for others - TBC!) which will auto-install the 'Entware' add-on too.
Now you have AMTM, AB-Solution, PixelServ-TLS add-on and Entware add-on installed.

Reload the AMTM menu to get the colours...? ? ? On a terminal/telnet screen?
Next step 'could' be DNSCrypt -or- Skynet...? ? ?
Skynet:
-> If using AC68, AC66 or a lower spec router, Skynet / DNSCrypt setup will require creation of a Swap file (500MB+), as they require it for older models... ... Does that means AC88, AC87 and AC86 don't need 500mb swap??
-> If you proceed w/ Skynet installation; Skynet setup will require you to use a Swap file (500MB+).
DNSCrypt:
-> Swap requirements?....​

AFAIK The only 64bit router is the AC86U

Really appreciate it Skeal! I was wondering about Arch64 and options 1 and 2 before starting the whole process... Thought it was all a bit vague!

Reinstalling AB_Solution.. Installed fine..
Get error now installing the pixelserv-tls

How did you resolve it? Full wipe of everything plus USB??

Great to see so many people sharing their knowledge.
Cheers!

 

[skeal]

@thiggins @thelonelycoder
RE: Tim's Banner
This site is helpful and informative, and I have zero problems with the ads for this site.
I try to always hit the Amazon link, prior to buying, so that SNB is able to get "credit" from my purchases.
Please inform the noobs, such as myself, what to whitelist, or could you have the Ab Solution update, so the proper ads are allowed?
Thank You

Click the link in this post and check out what some have posted. https://www.snbforums.com/threads/ab-solution-the-ad-blocking-solution.37511/page-142#post-393233

 

[Flipmode11]

If you have Policy Rules enabled, ABS will not work over the tunnel unless you make some config changes. It has to do with the way DNS is handled when using Policy Rules. I explain this in more detail and have documented the changes you will need to make here https://x3mtek.com/torguard-openvpn-2-4-client-setup-for-asuswrt-merlin-firmware/

This is interesting as I read the URL and ABS won't work with VPN due to routing issues. I use VPN policy rules (VOIP H/W to WAN) and I set 'Accept DNS Configuration' setting to be "Strict" to prevent DNS leaks (and prevent users manually changing their DNS config). So how do you overcome the limitation of ABS and OpenVPN client? I read on and saw the mention of the URL...
I have used "Strict" for a long time and VyprVPN (inc. VyprVPN DNS) and have never required a "dhcp-option DNS 12.23.34.45" setting.
Perhaps something should be added to the UI to make this clear? Thanks!
e.g. Set DHCP Option to the same DNS in your LAN>DHCP>DNS section? or WAN>DNS section?

Reference: And yes, a DNS leak is a huge issue... :/ Though, I'm not sure how when using "Strict"? Typo? Strict = Secure?

To resolve the DNS and routing issues when using Policy Rules with Asuswrt-Merlin, set Accept DNS Configuration to “Strict” and specify the DNS server for the VPN tunnel to use by adding the dhcp-option DNS command in the Custom Configuration section. Without the dhcp-option command, AB-Solution updates will fail, the AB-Solution email function will no longer work and the wget command will not BE able to resolve A domain name.
The downside with these settings is that DNS will leak. Having my DNS leak has not caused me any issues for my use case.​

My log shows:
> PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.2.85.1,explicit-exit-notify 5,rcvbuf 524288,route-gateway 10.2.85.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.2.85.48 255.255.255.0'
Should the DHCP-Option DNS not be 10.2.85.1? Or really should be set to a 3rd party DNS???
Internal OpenVPN Router IP: 10.2.85.48 + Public VPN IP: 103.27.227.27. This guide doesn't seem right.

Thanks for all your time,
Cheers!

My chromecast also keeps pinging 8.8.8.8, even if blocked it doesn't affect connectivity at all. I'm assuming it just falls back to be my default dns (set up through dsncrpyt).

A lot of software will perform a connectivity checks just like many routers offer DNS Probes so I assume this software is also probing a known server (99% of Dev's choose 8.8.8.8/8.8.4.4) due to Google's reliability to always be online.

Added these to the whitelist.txt. Higgin's popups still occurring.

@thelonelycoder I don't know how your ad-blocking works ('cos I don't use it) but you might need to whitelist these and possibly others:
aax-us-east.amazon-adsystem.com
ws-na.amazon-adsystem.com

Hi guys, I don't know if you are aware of how these scripts work... Basically a special script is either embedded in header/footer or a linked script within pages and perform checks for known browser plug-in/extension names - e.g. uBlock, AdGuard or AdBlock etc... When these AdBlockers are enabled or active for the page, these embedded scripts will often pop-up and disallow access to content.
Adding a domain to a whitelist will not fix anything. What is NOT being whitelisted is the 3rd party or embedded Anti-AdBlock Script - hence the invention of these "Anti-AdBlock Killer" subscription lists. You'd have to create a custom filter. To solve your problem, try disabling the extension for that page - e.g. uBlock open the menu and click the power button, or create a rule w/ uBlock and open the menu and change the Red square to a Green square for those adverts. Now it only is affected on that domain.

The way I got my system to honor Tim's request of allowing his ads as well as tracking is to do as he stated about giving access to Firefox tracking on his forums and also temporarily change the DNS address on this one computer to say something like 8.8.8.8 instead of the router's address, which effectively bypasses the router's ad blocker(AB Solutions)

This is a reason why I permanently have an OpenVPN client running. AC88u thru OpenVPN client 128/256bit w/ DNS Configuration set as "Strict". AFAIK It stops people bypassing the security you put in place and enforces DNS config. It means WAN DNS are always enforced to network devices. Changing DNS randomly to work shows the system is not setup properly.
This means it uses Router's DNS first, from what I understand, hijacking user configured DNS entries. So if someone set's their DNS to Google/Level3/OpenDNS, it doesn't matter, DNS:53 will redirect those requests to the router's, through the VPN to the DNS and back. You can easily add the known advert providers to the whitelist and disable any browser-based advert blocker for the SNB domain. That will prevent the Anti-Adblock scripts on SNB from being triggered. Support SNB!

Cloud Blocking...
You can also configure a lightning-fast advert and malicious server blocking DNS (e.g. AdGuard DNS at (https://adguard.com/en/adguard-dns/overview.html) is very fast - <15ms latency! Or others "Comodo DNS", "Norton DNS"... whom I trust much less with my data) and reduce resource utilisation on low-end devices, or for basic protection (Will there be a configurable hosted 'Lite' AB Solution? ). i.e. AdGuard will block malicious and advertising servers and some are configurable to add exceptions (Comodo, Norton, Open, etc). It obviously won't be as 'granular' as ad-blocking extensions and PC software, but it will work effectively with zero resources. I digress...

Cheers!