Menu
What's new
By:
Filters Better Search

AdBlocking with combined hosts file

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Savell Martin said:
I am a bit hesitant to get this going with all the command line stuff.

*EDIT* Also I have to run my router with a usb stick in it now all the time to use this?
Also do I need to do anything to the usb stick before plugging it into the router?
Format it with a specific partition system?
Click to expand...

Use some ancient small usb stick. Format it as Ext2 and leave it in. Put your traffic stats there too, as well as John's marvelous backup script. Then, start from the very first post and work through the script variations to the end, which is a very good intro (and fun!). One feature is that it is hard to make a big mistake here. At the worst, you see ads, but except for the minute you are rebooting ("DAD!! stop fooling with the internet!) the rest goes on.

You don't want this in the firmware, because it is an evolving thing--just look at the pixelserve thread (which I haven't attempted).

Looking forward to what TLC has in his set-up script.
 
Thanks for the reply :)

Is TLC re-doing this guide?

Would Ext3 work?
Do does it specifically have to be Ext2?

"DAD!! stop fooling with the internet!"
Its a good thing my daughter is only 4 weeks old, too young to mess with the internet ;)
Just gotta get around the missus :D
 
Last edited:
Savell Martin said:
Thanks for the reply :)

Is TLC re-doing this guide?

Would Ext3 work?
Do does it specifically have to be Ext2?

"DAD!! stop fooling with the internet!"
Its a good thing my daughter is only 4 weeks old, too young to mess with the internet ;)
Just gotta get around the missus :D
Click to expand...
Indeed, I am working on a much easier automated install script. In fact, I have a fully running version of it ready to post. But I want one feature to be included in the release that is not done yet. So, be patient, it'll be done when its done.
 
Perfect, thanks TLC, I'll hang ten then.

In regard to the other question can I use a USB stick formatted as EXT3?
Also can I use the usb 2.o port on the back of the AC88U instead of the usb3.0 in the front?
 
Savell Martin said:
Perfect, thanks TLC, I'll hang ten then.

In regard to the other question can I use a USB stick formatted as EXT3?
Also can I use the usb 2.o port on the back of the AC88U instead of the usb3.0 in the front?
Click to expand...
Your router supports ext3 as well as ext4 so this should work. And sure, the back port is fine as well.
Just a side note: I never assign a name to the usb stick when I format them for my routers. I'd rather have the system assign a name fore it and stick with that (sda1, sdb1, whatever the UI sais). Just a preference of mine.
 
Savell Martin said:
Will do, so format no name EXT3 or EXT4.

Will get my key ready for when your script is ready :)
Thanks for the help
Click to expand...

I believe EXT3/4 are Journaling file systems, so it is recommended that EXT2 be used for (slower) USB flash drives to save unnecessary writes, and EXT3/4 be used only for USB Hard Drives.
 
thelonelycoder said:
Just a side note: I never assign a name to the usb stick when I format them for my routers. I'd rather have the system assign a name fore it and stick with that (sda1, sdb1, whatever the UI sais). Just a preference of mine.
Click to expand...
My preference is the opposite :). Although I've never suffered from it myself there have been numerous posts from people whose disk name had changed between reboots. Assigning a volume name ensures it never changes.

* Coincidently John just mentioned in another thread (http://www.snbforums.com/threads/dlna-media-server-smb-share.29610/#post-229517) that having 'Reduce USB3 interference' enabled can cause the mnt point to change during boot.
 
true, drive mounting moving around can be a terrible annoyance. Anyone having use any linux / android media player box with kodi know how that messed up your library :(.

I don't recall when drive label mounting was supported but my scripts have a nice /mnt/ASUS endpoint.
 
OK so just getting a usb stick ready for this.
Is 4gb stick OK to use?

A few questions for it:
1) Shall it be MBR or GPT?
2) Should it be Logical or Primary?

I am using MiniTool Partition Wizard if its any help...
 
Would it be possible to add a feature that alows to set some kind of iptables rules like "I would like to stop incoming traffic that has no match from inside requests except VPN traffic to the router"? What I am after is some way of blocking exactly everything that has no source from the inside (except VPN connection to the router from the outside). Would that be possible to add to the new script?
 
Bamsefar said:
Would it be possible to add a feature that alows to set some kind of iptables rules like "I would like to stop incoming traffic that has no match from inside requests except VPN traffic to the router"? What I am after is some way of blocking exactly everything that has no source from the inside (except VPN connection to the router from the outside). Would that be possible to add to the new script?
Click to expand...
No need. It's already built into the router, it's called the firewall.
 
If that was true, then we would not need to block for example all trafic from a specific country...

I think we are talking about two different things...
 
Bamsefar said:
If that was true, then we would not need to block for example all trafic from a specific country...

I think we are talking about two different things...
Click to expand...
I guess we must be talking about different things.

The routers firewall will drop all incoming packets that aren't a response to an outgoing request. The exceptions to this would be ports that you have deliberately opened for a reason, like for a VPN or FTP server.

People (like myself) want to block traffic from places like China because they can see them hitting their VPN server port. But that's only on the VPN port and it's only because I chose to open it. All other unsolicited traffic is dropped by default.
 
Well then I am wrong. Sorry for that.

Question: So the script looking for portscans, and blocking IPs that is running portscans, are useless?
 
Bamsefar said:
Well then I am wrong. Sorry for that.
Click to expand...
Not at all. You have just deduced the requirement for, and implementation of, a firewall. Go to the top of the class. 10 points :). (I'll deduct 1 point because someone thought of it before you :(.)
Question: So the script looking for portscans, and blocking IPs that is running portscans, are useless?
Click to expand...
I'm not sure if you're referring to a specific script or just a general principle...

It's not entirely useless.

Say, at some point in the future you accidently enable SSH access from the internet and have a weak password. If you've already blacklisted 99.9% of the naughty people then you're probably going to get away with it until you correct your mistake in a few weeks time. So you're being proactive + it's an automatic process.

Personally, I'm pretty OCD about my router and the only thing open to the internet is 1 VPN port. Every time someone tries (and fails) to connect to that port it creates an entry in the syslog. Periodically I review the syslog and add the naughty people to the banned list. So I'm reactive, which is not as good, but I'm fairly confident nobody's going to get into my VPN whether they're banned or not. But, it's a manual process.

My reason for blacklisting people is less a concern for security, but more my annoyance at them filling up my syslog with their failed attempts :rolleyes: There's also a certain amount of satisfaction in the feeling that you're throwing their packets on the floor and wasting their time. :D
 
Last edited:
Bamsefar said:
Would it be possible to add a feature that alows to set some kind of iptables rules like "I would like to stop incoming traffic that has no match from inside requests except VPN traffic to the router"? What I am after is some way of blocking exactly everything that has no source from the inside (except VPN connection to the router from the outside). Would that be possible to add to the new script?
Click to expand...
If I understand you correctly then this has nothing to do with adblocking.
 
Thank you very much for this great guide. I have done everything, seems it's ok and no error on my router but my TV still gets an ADs from youtube.
Any suggestions what else can block to avoid it?
 
You must log in or register to reply here.

Similar threads

MegaMango
dnsmasq-surrogate for RT-BE88U: Ad Blocking & Security Enhancement
Replies
2
Views
313
MegaMango
MegaMango
P
ASUSwrt dnsmasq addn-hosts entry limit
Replies
0
Views
499
pseu_asus
P
S
Wireguard VPN change routes ip
Replies
0
Views
580
S75
S
JGrana
chatai - version two - have a chat session with either Googles Gemini AI or Anthropics Claude (or both at once)
Replies
4
Views
462
JGrana
JGrana
Astronautspiff
YazFi GUI Tab not showing up under Guest Networks Page
Replies
3
Views
220
Tech9
Tech9
Similar threads
Thread starter Title Forum Replies Date
D How to restrict VPN network access to certain IP Range or Hosts for specific VPN client Asuswrt-Merlin 8

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,202 (members: 27, guests: 1,175)
Top