AB-Solution - The Ad Blocking Solution

[MacG32]

I don't run anything at all in Skynet. We just share lists of hosts to whitelist in each others scripts.
Skynet is IP based while AB is hosts based.
I block hosts resolving to the real world IP.

That said, I don't know how AB can do anything different.
The two IPs are these hosts:
213.230.210.230 hosts-file.net
107.22.171.143 ec2-107-22-171-144.compute-1.amazonaws.com

You definitely should not block the hosts-file.net host. It is the source of four of the hosts files in the blocking file types.
hosts-file.net is erroneously included in the adblock.mahakala.is hosts file which is included in two blocking file types.

But that is not a problem because:
What you need to know is that while the blocking file updates, only a single hosts file is active: Peter Lowe's pgl.yoyo.org/adservers.
This is a VERY conservative and minimal list.

Or maybe I misunderstood your question, it's late here.

If someone has Skynet installed first and uses a custom filter, they may have problems installing AB-Solution. When AB-Solution is installing, there's a part that whitelists IPs in Skynet. What I was suggesting is that this whitelisting happens before AB-Solution downloads host files. Therefore, Skynet isn't blocking the downloading of host files. Does that make sense now?

 

[thelonelycoder]

If someone has Skynet installed first and uses a custom filter, they may have problems installing AB-Solution. When AB-Solution is installing, there's a part that whitelists IPs in Skynet. What I was suggesting is that this whitelisting happens before AB-Solution downloads host files. Therefore, Skynet isn't blocking the downloading of host files. Does that make sense now?

That I understand.
I could update the shared-AB-whitelist before I run the the blocking file update.
But that does not help because Skynet does not act on changed file creation time.

 

[Adamm]

That I understand.
I could update the shared-AB-whitelist before I run the the blocking file update.
But that does not help because Skynet does not act on changed file creation time.

A workaround could be, if Skynet is detected the following is executed in a subshell;

sh /jffs/scripts/firewall whitelist refresh

Which regenerates Skynets whitelist (thus picking up the "new" shared-AB-whitelist) and you could just redirect the output to /dev/null. Not great depending on other scripts but there's not many other real solutions currently.

 

[Butterfly Bones]

Copy all files first to a save place. For AB it's the ab-solution.sh file and the complete /adblocking/ and /entware/ folder.
Then re-format device and put these files back on it.
Plug it into the router and start AB with the long start command:
sh /mnt/<your device>/ab-solution.sh
AB-Solution will take care of everything while starting up.

I did this today with a new USB drive hoping to solve my disk corruption issues on reboots. Watching ABS fix everything was astonishing, truly mind blowing. You are a script genius, I swear. Wow!

 

[Raphie]

Since the 3.10 release version and using amtm Skynet has a rights issue writing banmalware updates? This started since ab-solution starts with about (it goes very fast!) 10 chmod command lines opening and closing ab-solution. How can this be fixed?

 

[thelonelycoder]

Watching ABS fix everything was astonishing, truly mind blowing. You are a script genius, I swear. Wow!

That capability is unique. I have not seen it in any kind of Software to be able to fix itself without further user input.
The next version of amtm expands on that. More about it when I release version 0.2.

 

[thelonelycoder]

Since the 3.10 release version and using amtm Skynet has a rights issue writing banmalware updates? This started since ab-solution starts with about (it goes very fast!) 10 chmod command lines opening and closing ab-solution. How can this be fixed?

You seem to have a lot of odd errors. I'm sure this has nothing to do with amtm or AB-Solution. None of them interferes in any way with Skynet to cause it to fail or change permissions in it's area.

 

[thelonelycoder]

A workaround could be, if Skynet is detected the following is executed in a subshell;

sh /jffs/scripts/firewall whitelist refresh

Which regenerates Skynets whitelist (thus picking up the "new" shared-AB-whitelist) and you could just redirect the output to /dev/null. Not great depending on other scripts but there's not many other real solutions currently.

I can do that but it's a significant change in that file.
I wonder why I have to make all these changes to mitigate problems caused by another script.

 

[Adamm]

I can do that but it's a significant change in that file.
I wonder why I have to make all these changes to mitigate problems caused by another script.

It's sort of a chicken and the egg situation. Another alternative would be shorter timeout values when downloading these lists if they are down or being blocked. AB hangs for 5+ minutes (possibly longer but at this point I quit the process) in my previous experience. Then Skynet would automatically resolve the issue before the next blocking file update.

 

[thelonelycoder]

It's sort of a chicken and the egg situation. Another alternative would be shorter timeout values when downloading these lists if they are down or being blocked. AB hangs for 5+ minutes (possibly longer but at this point I quit the process) in my previous experience. Then Skynet would automatically resolve the issue before the next blocking file update.

I'll look into the timeout first and work out a way from there.
I agree with you on that evolutionary question.
No matter which script is installed first, there's bound to be a problem for some users.
It's just that I never hear about blocked IPs from users of the other firewall scripts.

 

[Adamm]

It's just that I never hear about blocked IPs from users of the other firewall scripts.

Any script that uses reputation based blocking from sourced lists will most likely run into the same issue. The only IP this situation really revolves around is "213.230.210.230" (pgl.yoyo.org). For whatever reason this website is blocked by one of the most popular blocking lists Firehol Level 3.

 

[thelonelycoder]

Any script that uses reputation based blocking from sourced lists will most likely run into the same issue. The only IP this situation really revolves around is "213.230.210.230" (pgl.yoyo.org). For whatever reason this website is blocked by one of the most popular blocking lists Firehol Level 3.

While some of the hosts lists have mirrors, pgl.yoyo.org does not, at least not officially.
I host all hosts files on my AB server, mainly for my own testing and for beta testers if they select to use these.

The simplest way to solve @MacG32 s lament is using a fallback mirror.
I could use my server's hosts lists if no one objects to it.

 

[SMS786]

Long time user, first time poster.

First and foremost, thank you RMerlin and thelonelycoder for the amazing work you put in for us all.

With all the noise of coin mining scripts being used in the background of browsing sessions, is it possible to add an additional custom hosts file (on top of the ones selected during installation) that automatically updates periodically from the web? The one I have in mind is here: https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/hosts.txt.

I have already manually added the domains to the blacklist, but was wondering if there is an automated option that I'm missing.
Thanks much!

 

[SMS786]

Long time user, first time poster.

First and foremost, thank you RMerlin and thelonelycoder for the amazing work you put in for us all.

With all the noise of coin mining scripts being used in the background of browsing sessions, is it possible to add an additional custom hosts file (on top of the ones selected during installation) that automatically updates periodically from the web? The one I have in mind is here: https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/hosts.txt.

I have already manually added the domains to the blacklist, but was wondering if there is an automated option that I'm missing.
Thanks much!

Finally figured it out, set up a custom blocking file and added the anti-coin mining hosts file url to custom_hosts_list.txt. Amazing what a little tinkering can do!

Just curious about the syntax, do the IP numbers matter in front of the domains, for example will having "0.0.0.0 coin-hive.com" as opposed to "127.0.0.1 11.rtstats.com" have the same blocking effect for the respective domains?
--------------------------------------------------------------
Edit: Nevermind, just saw the header for custom_hosts_list.txt:

# Add direct dowload link to hosts file, one per line.
# Blocking IP must be 127.0.0.1 or 0.0.0.0

Thanks to all again!

 

[Raphie]

Yeah, above was solved with a reboot (probably some files locked by another process/instance) and the opt path symlink refers to the wrong directory in my installation for some reason.

I need to do a clean full reinstall of everything in the right order to probably solve that, but will wait until Merlin has a new version.

It all runs now, I’m really happy with all of the developments from you. @Adamm and @kvic in the past couple of weeks. You guys make all of this up and above functionallity happen, doing all this stuff that users like me read about, but don’t know how to do it ourselves.

The good thing is, that when I have no questions, a script is pretty much idiot proof

You seem to have a lot of odd errors. I'm sure this has nothing to do with amtm or AB-Solution. None of them interferes in any way with Skynet to cause it to fail or change permissions in it's area.

 

[thelonelycoder]

Finally figured it out, set up a custom blocking file and added the anti-coin mining hosts file url to custom_hosts_list.txt. Amazing what a little tinkering can do!

Just curious about the syntax, do the IP numbers matter in front of the domains, for example will having "0.0.0.0 coin-hive.com" as opposed to "127.0.0.1 11.rtstats.com" have the same blocking effect for the respective domains?
--------------------------------------------------------------
Edit: Nevermind, just saw the header for custom_hosts_list.txt:

# Add direct dowload link to hosts file, one per line.
# Blocking IP must be 127.0.0.1 or 0.0.0.0

Thanks to all again!

I often look at my monitors (I use 5 large ones) and think of all that time I spent to get AB-Solution to where it is today.
Some of the functions took a lot of time to code, including repeated revisits to improve it.

But the joy of my coding is to see it work and in use.
Oftentimes, I lean back, lift my cup of coffee and salute myself for how AB-Solution just works.
The most amazing part to me is the capability of AB to fix itself. It can restore itself in most cases without a single input from the user.
AB just does it's checks and silent fixes and when done, presents the UI, green all over, not a single error. That is the most satisfying moment to me.

 

[majnu]

Unfortunately this Ad blocking solution no longer benefits me as it no longer blocks ads on streams/videos in Twitch and Youtube.
It was great whilst it lasted though so unless there is something people add to BlackList which works effectively I will have to look for other adblockers.

 

[thelonelycoder]

Unfortunately this Ad blocking solution no longer benefits me as it no longer blocks ads on streams/videos in Twitch and Youtube.
It was great whilst it lasted though so unless there is something people add to BlackList which works effectively I will have to look for other adblockers.

There's nothing a hosts based ad-blocker like AB-Solution and Pi-Hole can do when unwanted content is served from the same domain as the wanted goodies.

 

[MacG32]

@thelonelycoder Have you ever looked at the filters the Chrome Extension uBlock Origin uses? They might be of interest to you.

 

[thelonelycoder]

@thelonelycoder Have you ever looked at the filters the Chrome Extension uBlock Origin uses? They might be of interest to you.

They are indeed of interest, but useless to the way hosts based ad-blocking works.
https://www.ab-solution.info/use/hosts-files.html