AB-Solution - The Ad Blocking Solution

[thelonelycoder]

Hi. I'm a complete noob with this, and found this ad-blocking solution interesting. I just installed and everything seems fine.
I want to ask 2 things. First of all, is it better to use Pixelserv-tls than not? Any scenario where NOT using it would be better? Second is, I make use of openvpn client configured on the router, where I redirect all traffic for my laptop through the VPN tunnel, by using the policy based routing option. Making the laptops LAN ip have the destination IP set to 0.0.0.0. Question is, does this setup affect AB and or pixelserv-tls?

Pixelserv-tls blocks https ads, plus it may fill gaps left by blocked ads.
As for the VPN tunnel, just make sure all DNS requests go to the routers dnsmasq server and not an upstream server.
Then, ad-blocking will work.

 

[Xentrk]

Pixelserv-tls blocks https ads, plus it may fill gaps left by blocked ads.
As for the VPN tunnel, just make sure all DNS requests go to the routers dnsmasq server and not an upstream server.
Then, ad-blocking will work.

And to add to that, if you find ad blocking is not working on the VPN tunnel when using Policy Rules, try changing Accept DNS Configuration to Strict.

 

[Eet_46]

Pixelserv-tls blocks https ads, plus it may fill gaps left by blocked ads.
As for the VPN tunnel, just make sure all DNS requests go to the routers dnsmasq server and not an upstream server.
Then, ad-blocking will work.

- To be honest, I'm not entirely sure how to ensure that. Again, i'm a noob at this
But i've got "Connect to DNS Server automatically" set to "yes", then nothing entered at DNS 1 and 2 under LAN/DHCP Server settings, and "Forward local domain queries to upstream DNS" set to "No". Under VPN Client settings, I'm using "policy rules (strict)" and "Accept DNS Configuration" set to "strict". I'm not sure if they all matter here though? (And if yes, if they're set correctly) - And if any other settings need to be checked?

 

[skeal]

- To be honest, I'm not entirely sure how to ensure that. Again, i'm a noob at this
But i've got "Connect to DNS Server automatically" set to "yes", then nothing entered at DNS 1 and 2 under LAN/DHCP Server settings, and "Forward local domain queries to upstream DNS" set to "No". Under VPN Client settings, I'm using "policy rules (strict)" and "Accept DNS Configuration" set to "strict". I'm not sure if they all matter here though? (And if yes, if they're set correctly) - And if any other settings need to be checked?

Once again you need to use the routers address as the DNS in WAN settings. If this doesn't work I suggest installing something like DNSCrypt that has the option to route everything through the routers dnsmasq. Then hard-code the routers local address (192.168.x.x) into WAN DNS and everything should work no adds. Oh and the DNS setting in openvpn can be disabled at this point.
EDIT: Reread post 1522 above that’s great advice from a smart man.

 

[thelonelycoder]

For those updating pixelserv-tls to the latest version v35.HZ12.Kk, run this in the terminal, then restart pixelserv in the ps menu after.

chown nobody /opt/var/cache/pixelserv

I'll release an update as soon as time permits that includes the owner change of that directory.

 

[Raphie]

Hi thelonelycoder, I’m using ab-solution with much satisfaction.
But I don’t have a clue how to update to the new pixelsvr.
It would be great if you could just include an update script simmilar to the installer script so I can update via the telnet UI

also, with 3.91 I get quite a lot of certificate errors, generating “this site is not secure messages” on sites that should be secure.
I.e. Ak.ms (microsoft server) and office 365 login service in Office itself (ms account webpages work fine) and other sites stay blank on the first enter and need a refresh to display the content. Are there any settings I can change on my side to improve this?

 

[thelonelycoder]

Hi thelonelycoder, I’m using ab-solution with much satisfaction.
But I don’t have a clue how to update to the new pixelsvr.
It would be great if you could just include an update script simmilar to the installer script so I can update via the telnet UI

The AB-Solution ps menu option "6. Manage Entware packages" has a sub-option "6. update and upgrade installed packages".
It will do for now until I come up with a better option...

also, with 3.91 I get quite a lot of certificate errors, generating “this site is not secure messages” on sites that should be secure.

Try using a smaller blocking file type until you are comfortable with whitelisting in el.

 

[elorimer]

and office 365 login service in Office

I use the shootersw40 blocking list and don't have this issue.

TLC: "It will do for now"? It works perfect.

 

[Raphie]

It seems that googleadservices is causing a lot of these misses.
I’ve added googleadservices already, but it seems the actual requests are handled by different servers than the ones you see in your browser windows. I don’t care to much, but my wife complaints that it pretty much renders google search returns page 1 pretty much useless

 

[thelonelycoder]

TLC: "It will do for now"? It works perfect.

Haha, what else do you expect me to answer when the options are already there and built in?

 

[thelonelycoder]

I’ve added googleadservices already, but it seems the actual requests are handled by different servers than the ones you see in your browser windows. I don’t care to much, but my wife complaints that it pretty much renders google search returns page 1 pretty much useless

Tell her not to click on the affiliated links but the real links further down to the website that offers them.

 

[Raphie]

Yes I know, I told her, the certificate issue seems to be a combination of the trend micro service and pixelsvr. When I dissable trend micro it works fine, when I dissable pixelsvr it works fine too. But together the browser thinks a lot of sites certificates are spoofed.

 

[thelonelycoder]

Yes I know, I told her, the certificate issue seems to be a combination of the trend micro service and pixelsvr. When I dissable trend micro it works fine, when I dissable pixelsvr it works fine too. But together the browser thinks a lot of sites certificates are spoofed.

Not much I can do to help if the two bite each other. Maybe ask Trend Micro for help?

 

[Raphie]

Trend is part of the asus firmware, not much one can do except dissabling it I’ll plotter on.

 

[Pir8pete]

does my setup have an issue?

Why did this happen? -> rc_service: service 24371:notify_rc restart_dnsmasq


see below;

Sep 29 05:20:00 crond[490]: USER Pir8pete pid 25158 cmd /tmp/mnt/AB-Solution/adblocking/addon/rotate-logs.add
Sep 29 05:20:19 Pir8pete: AB-Solution counted ads and rotated log files (daily cron job)
Sep 29 05:20:19 Pir8pete: AB-Solution blocked 281,221 total 7,072 week 3,318 new ads
Sep 30 05:20:00 crond[490]: USER Pir8pete pid 14645 cmd /tmp/mnt/AB-Solution/adblocking/addon/rotate-logs.add
Sep 30 05:20:05 Pir8pete: AB-Solution counted ads and rotated log files (daily cron job)
Sep 30 05:20:05 Pir8pete: AB-Solution blocked 284,324 total 10,175 week 3,103 new ads
Oct  1 05:20:00 crond[490]: USER Pir8pete pid 3865 cmd /tmp/mnt/AB-Solution/adblocking/addon/rotate-logs.add
Oct  1 05:20:06 Pir8pete: AB-Solution counted ads and rotated log files (daily cron job)
Oct  1 05:20:06 Pir8pete: AB-Solution blocked 287,498 total 13,349 week 3,174 new ads
Oct  2 05:20:00 crond[490]: USER Pir8pete pid 25532 cmd /tmp/mnt/AB-Solution/adblocking/addon/rotate-logs.add
Oct  2 05:20:05 Pir8pete: AB-Solution counted ads and rotated log files (daily cron job)
Oct  2 05:20:05 Pir8pete: AB-Solution blocked 291,742 total 17,593 week 4,244 new ads
Oct  3 05:20:00 crond[490]: USER Pir8pete pid 14766 cmd /tmp/mnt/AB-Solution/adblocking/addon/rotate-logs.add
Oct  3 05:20:05 Pir8pete: AB-Solution counted ads and rotated log files (daily cron job)
Oct  3 05:20:05 Pir8pete: AB-Solution blocked 297,615 total 23,466 week 5,873 new ads
Oct  4 02:00:00 crond[490]: USER Pir8pete pid 24354 cmd /tmp/mnt/AB-Solution/adblocking/addon/update-hosts.add cronjob
Oct  4 02:00:04 rc_service: service 24371:notify_rc restart_dnsmasq
Oct  4 02:00:05 custom_script: Running /jffs/scripts/dnsmasq.postconf (args: /etc/dnsmasq.conf)
Oct  4 02:00:05 Pir8pete: AB-Solution added entries via ab_dnsmasq_postconf.sh
Oct  4 02:00:05 Pir8pete: AB-Solution linked ab_dnsmasq_postconf.sh via /jffs/scripts/dnsmasq.postconf
Oct  4 02:00:15 Pir8pete: AB-Solution updated blocking file, 25878 domains are now blocked
Oct  4 02:00:22 Pir8pete: AB-Solution counted ads before log files reset (triggered by update-hosts.add)
Oct  4 02:00:22 Pir8pete: AB-Solution blocked 305,036 total 30,887 week 7,421 new ads
Oct  4 02:00:22 Pir8pete: AB-Solution rotated dnsmasq log files
Oct  4 05:20:00 crond[490]: USER Pir8pete pid 4185 cmd /tmp/mnt/AB-Solution/adblocking/addon/rotate-logs.add
Oct  4 05:20:01 Pir8pete: AB-Solution counted ads and rotated log files (daily cron job)
Oct  4 05:20:01 Pir8pete: AB-Solution blocked 305,850 total 814 week 814 new ads

 

[RMerlin]

Why did this happen? -> rc_service: service 24371:notify_rc restart_dnsmasq

Because AB-Solution restarted it.

 

[thelonelycoder]

does my setup have an issue?

Why did this happen? -> rc_service: service 24371:notify_rc restart_dnsmasq

Wednesday is your update day, notice the cronjob positional parameter at the end.
This deletes the old logfiles, creates a new set and restarts dnsmasq so it uses the new files.

Oct  4 02:00:00 crond[490]: USER Pir8pete pid 24354 cmd /tmp/mnt/AB-Solution/adblocking/addon/update-hosts.add cronjob

 

[elorimer]

It seems that googleadservices is causing a lot of these misses.
I’ve added googleadservices already, but it seems the actual requests are handled by different servers than the ones you see in your browser windows. I don’t care to much, but my wife complaints that it pretty much renders google search returns page 1 pretty much useless

Yes, these are always issues, but they are usually highlighted with 'SPONSORED'. I.e., someone paid to have you click on that and direct you to something that knows you came from the sponsored link so they can recover their costs.

As TLC said, click on the unsponsored link for a better price. Explain it that way.

 

[Raphie]

Hehehe I,ve switched from list 5 to shooter4 now, less agressive
Sorts out most of the certificate issues, still keeping googlead, dartserve doubleclick etc blocked as I don’t want to feed the system.
But all non advert sites now work as well as all the office365 services

 

[thelonelycoder]

The addon pixelserv-tls.add v3.9.2 is now available, use cu to update.

Sets owner of certificate directory to 'nobody', required for pixelserv-tls v35.HZ12.Kk.
Removes -z switch option to set custom certificate directory, setting this would cause problems, no one ever used that switch anyway.

To update to the latest pixelserv-tls version use ps option '6. Manage Entware packages' after this addon update.
If pixelserv-tls already is updated to the latest version, disable and then enable ad-blocking a to set the owner rights of the certificate directory.