AB-Solution - The Ad Blocking Solution

[martinr]

If not Pi-Hole, then what were you using and what was the reason to abandon it?

Thanks
thelonelycoder / Martin (my given name also)

It was something developed by Marcus Roskosch http://roskosch.de/ the developer of the iOS Network Toolbox app about 3 years ago. I don’t know enough to tell you how it differs from Pi Hole but I believe it was a slightly better system. I could be wrong, but I believe its strong point was that it could deal with sub-domains without having to explicitly define them in the blocking file. Marcus took the details down from his website a couple of years ago because he’d hoped to develop it commercially but it didn’t happen. Sadly he didn’t put the details back up afterwards.

I’ve not abandoned it... yet. I’m not clever enough to automate the updates on the Pi. So I use the yoyo list and the malwaredomains list and sort them in Notepad++ every couple of months, which helps stop me going too rusty on how to do such things.

However, I thought I should try
AB-Solution, if only as a learning exercise, and then decide what to do. I’ve already learned a lot, and it also helps stop me going rusty on
how to SSH into the router and find my way around.

 

[thelonelycoder]

However, I thought I should try
AB-Solution, if only as a learning exercise, and then decide what to do. I’ve already learned a lot, and it also helps stop me going rusty on
how to SSH into the router and find my way around.

I'm not sorry to say that AB offers not much in the way of learning SSH commands. The goal of this project is to limit it to the absolute minimum.

 

[DonnyJohnny]

Well... thanks to all the wonderful coders making our life easier.
For me, able to go in to SSH is a milestone.. hahaha..

 

[thelonelycoder]

For me, able to go in to SSH is a milestone.. hahaha..

Kudos to everyone that understands the rudimentary PuTTY UI on first sight.

I remember having to google how to use that non-intuitive jumble of options.
I soon moved on to various other tabbed SSH clients with ever degrading satisfaction until I found Xshell.
Haven't looked back since.

 

[Twiglets]

Another vote for Xshell.
[Found because of your ScreenCaps for AB-Solution ..... no other application I could find gave the clarity & colours of your ScreenCaps ]

Also the company (NetSarang Computer Inc) has a very responsive CS which have been the best I have dealt with for ANY product !!!
And Xshell is free for Home/School use.
Sorry for the Advert but I think they deserve it !!!

 

[thelonelycoder]

Another vote for Xshell.
[Found because of your ScreenCaps for AB-Solution ..... no other application I could find gave the clarity & colours of your ScreenCaps ]

Also the company (NetSarang Computer Inc) has a very responsive CS which have been the best I have dealt with for ANY product !!!
And Xshell is free for Home/School use.
Sorry for the Advert but I think they deserve it !!!

Oh, they do indeed deserve it!
https://www.ab-solution.info/use/development-tools.html

 

[MasterBash]

Well, it sais so here, the often gives it away:

just a misunderstanding as i tried to get around the loop i was stuck in during installation and trying out different settings to get them to work. anyway, no big deal. Sorry if I was vague, I hate typing on a phone.

sucks that the ac86u seems to have a memory management issue as it is a fantastic router. however i decided to mess around with it again and everything works perfectly with a swap file.

im wondering how do you guys find domains that u want to whitelist? lets say i specifically want to get the fb chat/messenger in the browser to work, how do i look up the exact domain i need to whitelist?

EDIT : I played the guessing game for fb chat and found out what to whitelist, but I still don't know how to do so if it happens on other sites. Now, as an example... wowhead.com is a site that still display ads that I wish to block.

 

[Protik]

For the ' Top 10 domains for top 10 clients:' part of the stats email, the IP of the device itself is showing up in the list. Is that a possible bug?

 192.168.2.13, an android device:
 --------------------------------------------------------
 512    api.smyte.com
 448    ping.taplytics.com                        blocked
 436    192.168.2.13
 428    epdg.epc.mnc260.mcc310.pub.3gppnetwork.org
 334    www.cdn.viber.com
 310    s-usc1c-nss-239.firebaseio.com
 309    ssl.google-analytics.com                  blocked
 280    e.crashlytics.com                         blocked
 180    pubads.g.doubleclick.net                  blocked
 178    www.google.com

 192.168.2.20, an iOS device:
 --------------------------------------------------------
 1454   lb._dns-sd._udp.0.2.168.192.in-addr.arpa
 123    192.168.2.20
 114    e.crashlytics.com                         blocked
 85     star.c10r.facebook.com
 74     www-cdn.icloud.com.akadns.net
 74     google.com
 71     e6858.dsce9.akamaiedge.net
 69     www.google.com
 69     www.apple.com
 62     apple.com

 

[thelonelycoder]

Sorry if I was vague, I hate typing on a phone.

I feel your pain. I'm always frustrated with the small screens on these things.

sucks that the ac86u seems to have a memory management issue as it is a fantastic router. however i decided to mess around with it again and everything works perfectly with a swap file.

I'm sure it will be sorted out eventually by Asus.
Is pixelserv now installed through AB? I've heard no complaints from other 86U users having problems installing through AB.

EDIT : I played the guessing game for fb chat and found out what to whitelist, but I still don't know how to do so if it happens on other sites. Now, as an example... wowhead.com is a site that still display ads that I wish to block.

That is the most tricky part, finding the offensive domain in a sea of good ones.
A matter of patience and time usually brings success. The f option 1 is your first stop to find it.
wowhead.com seems to either feed some ads from their own domains or through javascript. When served from their own domain filtering them out with AB is impossible.

 

[thelonelycoder]

For the ' Top 10 domains for top 10 clients:' part of the stats email, the IP of the device itself is showing up in the list. Is that a possible bug?

No, not a bug, just local clients that try to get resolved by upstream DNS.
You can suppress this in Dnsmasq, AB-Solution has a setting for it:
In experimental settings es enable dnsmasq settings, then set cache-size to default, log--async to default and set domain-needed to on.
Next complete router stats with this setting in the weekly period will have these removed.

 

[thelonelycoder]

As always, this is real, source code for the latter part:

add_theme(){
    echo
    echo "$OK All clear to install $appName $appVersion"

    if [ "$appTheme" = "local" ]; then
        echo
        echo "$INFO But first, lets add some color!"
        get_file theme.add new /tmp/absolution
        . /tmp/absolution/theme.add   
        appTheme=blue_on_white
        theme_$appTheme
        echo
        echo "$INFO Theme $RED_BG $appTheme $NC set"
        echo
        echo "$QUESTION Will 2018 be a good year?"
        echo "$ATTENTION Of course it will! Silly question."
        echo "$QUESTION When will $appName $appVersion come out?"
        echo
        echo "$ERROR $appName encountered an unknown exception."
        echo " Additionally, @thelonelycoder experiences memory problems."
        echo
        echo "$NOK Rebooting router now..."
        echo "$ATTENTION HEY! I'm not$DONE yet! Answer my question!"
        echo
        echo "$INFO Goodbye, see you when I'm$DONE"
        echo "$OK Wishing you all a Happy and$OK New Year$ATTENTION"
        echo
    fi
}

 

[eclp]

Great work, even on the last day of the year. But when will the new version be available?
Waiting is so difficult... probably not before next year....

 

[Protik]

Awesome! Your attention to these details never cease to amaze me.

No, not a bug, just local clients that try to get resolved by upstream DNS.
You can suppress this in Dnsmasq, AB-Solution has a setting for it:
In experimental settings es enable dnsmasq settings, then set cache-size to default, log--async to default and set domain-needed to on.
Next complete router stats with this setting in the weekly period will have these removed.

 

[stinger2k]

Hallo hab dein Script auf der Stock-Firmware laufen, alles super....
Änderung in
Zeile 1440: (ergänzt)

asus)    echo -e " Stock-AsusWRT Firmware detected, continuing without pixelserv-tls...";;    # Should be an option without entrypoint in menu...

Zeile 1476: (kommentiert urspr. Zeile 1475)

####### exit 0   :: opkg update && opkg install dos2unix ???

Zeile 2506: (service restart funktioniert nicht mit den zusätzlichen Optionen - ohne persistenten Configfile)

# generated by $appName $appVersion"
script_postmount="if [ -d \"$abSolutionDevice\" ];then
    killall -9 dnsmasq
    sh /jffs/scripts/dnsmasq.postconf
    dnsmasq
    logger \"AB-Solution added entries via \$0\"
fi"

Vielleicht liese sich das Script dahingehend erweitern, es würde auch die Stockfirmware damit erweitern

 

[thelonelycoder]

Hallo hab dein Script auf der Stock-Firmware laufen, alles super....
Änderung in
Zeile 1440: (ergänzt)
... ()
Vielleicht liese sich das Script dahingehend erweitern, es würde auch die Stockfirmware damit erweitern

I'm continuing this conversation in English, this forum is in that language only and enforced by the owner/admin.

With your modifications and some more, one is indeed able to install AB-Solution on stock Asus firmware, albeit with a long list of (correctly) printed error messages.
While the install works somehow, and I must say, it does a remarkable job at trying to do so anyway, AB-Solution does not actually work.
It'll show its User Interface after install and some more error messages. However, there's no actual ad-blocking happening.
Any modifications the installer was able to make will be lost after the next reboot of the router.

I won't go into details why it will not work on stock Asus firmware for the reason that this is unsupported firmware and I rather spend my time further developing for the firmware or devices AB-Solution is/will be designed for.

 

[XIII]

I'm thinking of using AB-Solution with pixelserv, but guests won't have the pixelserv certificates installed.

Is it technically possible to use these ad blockers on my main network, but not on the guest networks? (If so, how?)

 

[stinger2k]

I'm continuing this conversation in English, this forum is in that language only and enforced by the owner/admin.

With your modifications and some more, one is indeed able to install AB-Solution on stock Asus firmware, albeit with a long list of (correctly) printed error messages.
While the install works somehow, and I must say, it does a remarkable job at trying to do so anyway, AB-Solution does not actually work.
It'll show its User Interface after install and some more error messages. However, there's no actual ad-blocking happening.
Any modifications the installer was able to make will be lost after the next reboot of the router.

I won't go into details why it will not work on stock Asus firmware for the reason that this is unsupported firmware and I rather spend my time further developing for the firmware or devices AB-Solution is/will be designed for.

On latest firmware 380.7712 with installed entware, helper.sh was taken from merlin´s and linked to /opt/sbin/ -> here are some screenshots: https://www.dropbox.com/s/4s4m93szotngyaw/running.jpg?dl=0
https://www.dropbox.com/s/sml789t9dh1xbe1/log.jpg?dl=0
https://www.dropbox.com/s/2nmvdfefufia6eu/22.jpg?dl=0
https://www.dropbox.com/s/ricwdt887dgcra9/dM.jpg?dl=0
https://www.dropbox.com/s/1z7qifsr86vy4r6/environment.jpg?dl=0
https://www.dropbox.com/s/c3d0h17wpr8ylq2/htop.jpg?dl=0

If it´s ok for you, can i do the job on the base of your script?

 

[elorimer]

I'm thinking of using AB-Solution with pixelserv, but guests won't have the pixelserv certificates installed.

Is it technically possible to use these ad blockers on my main network, but not on the guest networks? (If so, how?)

Pixelserv-tls fails gracefully with https requests without a certificate, so it doesn't really matter.

 

[thelonelycoder]

If it´s ok for you, can i do the job on the base of your script?

It's open source. Just don't expect me to give support, I have no time for forks and their questions.

Apart from that, I am completely rewriting AB as we speak, barely any code from AB3.x makes it into the new version.
To be honest, I'd rather not see an old version floating around with hacks.
But then again, it's open source.
Your call.

 

[thelonelycoder]

Is it technically possible to use these ad blockers on my main network, but not on the guest networks? (If so, how?)

No it's not, Dnsmasq runs only one instance and AB depends on it.
But as @elorimer says, it's no problem. It'll work without the cert imported.