Diversion Diversion 4.3.3 - the Router Ad-Blocker, released April 02 2023

[thelonelycoder]

Welcome
This is Diversion - the Router Ad-Blocker for Asuswrt-Merlin

All install and update info's are on the Diversion website.

Juli 17 2022
Diversion 4.3.3 is now available
See this post for what's new

Diversion is free to use under the GNU General Public License version 3 (GPL-3.0).
If you like Diversion and find it useful, you can help its further development with a donation.
Thank you!

April 02 2023

 

[thelonelycoder]

I have uploaded a hotfix for Diversion, no version change

What's new
- tb now includes blocking of IPv6 type 65 queries if the IPv6 Firewall is enabled. Please disable and re-enable tb after updating if the Diversion UI does not show both active on the tb line.
- Added more verbose Syslog output for "Exclude devices from ad-blocking", this has to be disabled and re-enabled in b, 10 to take effect.

 

[Treadler]

I have uploaded a hotfix for Diversion, no version change

What's new
- tb now includes blocking of IPv6 type 65 queries if the IPv6 Firewall is enabled. Please disable and re-enable tb after updating if the Diversion UI does not show both active on the tb line.
- Added more verbose Syslog output for "Exclude devices from ad-blocking", this has to be disabled and re-enabled in b, 10 to take effect.

Type 65 blocking working very well.

 

[Kingp1n]

Type 65 blocking working very well.

Does this 65 thing only affect Apple users? Or Android as well? Thanks! I don't have any apple devices so I think I'm good.

 

[Viktor Jaep]

Does this 65 thing only affect Apple users? Or Android as well? Thanks! I don't have any apple devices so I think I'm good.

We're all android here as well, but I figure, if Apple found a way around, Android probably isn't far behind in duplicating this.

 

[Treadler]

Does this 65 thing only affect Apple users? Or Android as well? Thanks! I don't have any apple devices so I think I'm good.

AFAIK it’s an Apple ‘feature’, for now anyway.

 

[thelonelycoder]

Diversion 4.3.2 is now available

What's new
- Prevents slim chance of collision with third party scripts while sending mail.
Third party developers, please don't just copy/paste my code, do your customizing for the temp file name. Thanks.
- Additional sanity checks for tb type 65 blocking.
- tb can now be set in the Diversion WebUI.
- Upon special request, drop caches during blocking list update can now be disabled in b, 3.

Happy ad-blocking!

 

[elorimer]

Third party developers, please don't just copy/paste my code, do your customizing for the temp file name. Thanks.

Guilty, mostly. Mine had been tmp/tmp.alert, etc. You might think about making the temp file a variable in the beginning, might be a good teaching tool since it would error out if folks just copied the lower bits.

Still, this gave me a chance to re-read some parts of your code, some of which is laugh-out-loud funny. Human number indeed! And some of the old relics from the sendmail days, like Your_Friendly_Router.

 

[thelonelycoder]

Guilty, mostly. Mine had been tmp/tmp.alert, etc. You might think about making the temp file a variable in the beginning, might be a good teaching tool since it would error out if folks just copied the lower bits.

I had the Idea to ise a variable, but then coders copy paste that and complain it does not work because of the missing variable definition.
I named the file /tmp/divmail-body, because of diversion. Now I use /tmp/diversion-mail-body, that should be a hint.

Still, this gave me a chance to read some parts of your code, some of which is laugh-out-loud funny. Human number indeed! And some of the old relics from the sendmail days, like Your_Friendly_Router_Name

Was‘nt Your_Friendly_Name your suggestion back then or was it @visortgw ?
While I do have fun coding, variable names are usualy more practically oriented.

 

[elorimer]

I have a vague memory of suggesting it be signed with the model name, to differentiate one email from others sent by different routers. But I think the Your Friendly Router as a trope goes back 10 years to RMerlin's original sendmail script.

 

[faria]

Hi guys , does anyone else have a rogue"Diversion_RotateLogs# entrie on the cron job list ?

gatekeeper@RT-AX86U:/tmp/home/root# cru l


0 2 * * * ipset save BBC-DNS > /opt/tmp/BBC-DNS #BBC-DNS#
0 2 * * * ipset save UK-STREAMING-DNS > /opt/tmp/UK-STREAMING-DNS #UK-STREAMING-DNS#
0 2 * * * ipset save TUNEIN-DNS > /opt/tmp/TUNEIN-DNS #TUNEIN-DNS#
0 2 * * * ipset save RESTRICTED-DNS > /opt/tmp/RESTRICTED-DNS #RESTRICTED-DNS#
*/10 * * * * /jffs/scripts/YazFi check #YazFi#
0 2 * * * ipset save NETFLIX-DNS > /opt/tmp/NETFLIX-DNS #NETFLIX-DNS#
Diversion_RotateLogs#
0 2 * * * ipset save NATWEST-DNS > /opt/tmp/NATWEST-DNS #NATWEST-DNS#
0 2 * * * ipset save aliexpress-DNS > /opt/tmp/aliexpress-DNS #aliexpress-DNS#
0 2 * * * ipset save speedtest > /opt/tmp/speedtest #speedtest#
0 2 * * * ipset save GOOGLE-SERVICES-DNS > /opt/tmp/GOOGLE-SERVICES-DNS #GOOGLE-SERVICES-DNS#
0 2 * * * ipset save youtube-DNS > /opt/tmp/youtube-DNS #youtube-DNS#
0 2 * * * ipset save MICROSOFT-VPN > /opt/tmp/MICROSOFT-VPN #MICROSOFT-VPN#
0 2 * * * ipset save WAN-ONLY-DNS > /opt/tmp/WAN-ONLY-DNS #WAN-ONLY-DNS#
15,45 * * * * /jffs/scripts/ChkWAN.sh wan force nowait quiet #Restart_WAN#
0 0 * * * /jffs/my-addons/guest-wi-fi/rpg-passgen.sh #Reset-Guest-Password#
0 1 * * * cd /mnt/myssd/nsru/;./nvram-save.sh #nvrambu#
0 */4 * * * /jffs/scripts/System-backup.sh #System-backup#
0 * * * * echo 3 > /proc/sys/vm/drop_caches #dropCaches#
1 0 * * * /opt/bin/find /opt/var/lib/unbound/unbound.log -size +10M -exec rm -f {} \; #unboundLOG#
59 * * * * /jffs/addons/unbound/unbound_stats.sh generate #Unbound_Stats.sh#
57 * * * * /jffs/addons/unbound/unbound_log.sh #Unbound_Log.sh#
25 2 * * * sh /jffs/scripts/firewall banmalware #Skynet_banmalware#
16 1 * * Mon sh /jffs/scripts/firewall update #Skynet_autoupdate#
0 * * * * sh /jffs/scripts/firewall save #Skynet_save#
*/2 * * * * /etc/openvpn/server2/vpn-watchdog2.sh #CheckVPNServer2#
*/2 * * * * /etc/openvpn/server1/vpn-watchdog1.sh #CheckVPNServer1#
41 */12 * * * sh /jffs/scripts/firewall debug genstats #Skynet_genstats#
00 2 * * Tue /bin/sh /opt/share/diversion/file/update-bl.div reset #Diversion_UpdateBL#
00 2 * * Fri /bin/sh /opt/share/diversion/file/update-bl.div #Diversion_UpdateBLTwo#
20 5 * * * /bin/sh /opt/share/diversion/file/rotate-logs.div #Diversion_RotateLogs#
20 17 * * * diversion count_ads count #Diversion_CountAds#
30 1 * * Tue /bin/sh /opt/share/diversion/file/stats.div #Diversion_WeeklyStats#
* * * * * /bin/sh /opt/share/diversion/file/yt-blocking.div #Diversion_YTblocking#
50 1 * * Tue /bin/sh /opt/share/diversion/file/backup.div #Diversion_AutoBackup#
10 3 * * Tue /bin/sh /opt/share/diversion/file/backup.div local #Diversion_LocalBackup#
gatekeeper@RT-AX86U:/tmp/home/root#

 

[thelonelycoder]

Hi guys , does anyone else have a rogue"Diversion_RotateLogs# entrie on the cron job list ?

gatekeeper@RT-AX86U:/tmp/home/root# cru l


0 2 * * * ipset save BBC-DNS > /opt/tmp/BBC-DNS #BBC-DNS#
0 2 * * * ipset save UK-STREAMING-DNS > /opt/tmp/UK-STREAMING-DNS #UK-STREAMING-DNS#
0 2 * * * ipset save TUNEIN-DNS > /opt/tmp/TUNEIN-DNS #TUNEIN-DNS#
0 2 * * * ipset save RESTRICTED-DNS > /opt/tmp/RESTRICTED-DNS #RESTRICTED-DNS#
*/10 * * * * /jffs/scripts/YazFi check #YazFi#
0 2 * * * ipset save NETFLIX-DNS > /opt/tmp/NETFLIX-DNS #NETFLIX-DNS#
Diversion_RotateLogs#
0 2 * * * ipset save NATWEST-DNS > /opt/tmp/NATWEST-DNS #NATWEST-DNS#
0 2 * * * ipset save aliexpress-DNS > /opt/tmp/aliexpress-DNS #aliexpress-DNS#
0 2 * * * ipset save speedtest > /opt/tmp/speedtest #speedtest#
0 2 * * * ipset save GOOGLE-SERVICES-DNS > /opt/tmp/GOOGLE-SERVICES-DNS #GOOGLE-SERVICES-DNS#
0 2 * * * ipset save youtube-DNS > /opt/tmp/youtube-DNS #youtube-DNS#
0 2 * * * ipset save MICROSOFT-VPN > /opt/tmp/MICROSOFT-VPN #MICROSOFT-VPN#
0 2 * * * ipset save WAN-ONLY-DNS > /opt/tmp/WAN-ONLY-DNS #WAN-ONLY-DNS#
15,45 * * * * /jffs/scripts/ChkWAN.sh wan force nowait quiet #Restart_WAN#
0 0 * * * /jffs/my-addons/guest-wi-fi/rpg-passgen.sh #Reset-Guest-Password#
0 1 * * * cd /mnt/myssd/nsru/;./nvram-save.sh #nvrambu#
0 */4 * * * /jffs/scripts/System-backup.sh #System-backup#
0 * * * * echo 3 > /proc/sys/vm/drop_caches #dropCaches#
1 0 * * * /opt/bin/find /opt/var/lib/unbound/unbound.log -size +10M -exec rm -f {} \; #unboundLOG#
59 * * * * /jffs/addons/unbound/unbound_stats.sh generate #Unbound_Stats.sh#
57 * * * * /jffs/addons/unbound/unbound_log.sh #Unbound_Log.sh#
25 2 * * * sh /jffs/scripts/firewall banmalware #Skynet_banmalware#
16 1 * * Mon sh /jffs/scripts/firewall update #Skynet_autoupdate#
0 * * * * sh /jffs/scripts/firewall save #Skynet_save#
*/2 * * * * /etc/openvpn/server2/vpn-watchdog2.sh #CheckVPNServer2#
*/2 * * * * /etc/openvpn/server1/vpn-watchdog1.sh #CheckVPNServer1#
41 */12 * * * sh /jffs/scripts/firewall debug genstats #Skynet_genstats#
00 2 * * Tue /bin/sh /opt/share/diversion/file/update-bl.div reset #Diversion_UpdateBL#
00 2 * * Fri /bin/sh /opt/share/diversion/file/update-bl.div #Diversion_UpdateBLTwo#
20 5 * * * /bin/sh /opt/share/diversion/file/rotate-logs.div #Diversion_RotateLogs#
20 17 * * * diversion count_ads count #Diversion_CountAds#
30 1 * * Tue /bin/sh /opt/share/diversion/file/stats.div #Diversion_WeeklyStats#
* * * * * /bin/sh /opt/share/diversion/file/yt-blocking.div #Diversion_YTblocking#
50 1 * * Tue /bin/sh /opt/share/diversion/file/backup.div #Diversion_AutoBackup#
10 3 * * Tue /bin/sh /opt/share/diversion/file/backup.div local #Diversion_LocalBackup#
gatekeeper@RT-AX86U:/tmp/home/root#

Every Diversion installation has that cron job when logging is enabled. It rotates the Dnsmasq logs.

 

[faria]

Every Diversion installation has that cron job when logging is enabled. It rotates the Dnsmasq logs.

edited:
you mean this one?

20 5 * * * /bin/sh /opt/share/diversion/file/rotate-logs.div #Diversion_RotateLogs#

Then why is there another standalone "Diversion_RotateLogs# line in the file, that's what I was wondering.

 

[elorimer]

Diversion_RotateLogs#

Looks like some kind of corruption. I don't have this in mine, so less likely a problem in the diversion code than something that crept in. Just delete it?

 

[thelonelycoder]

edited:
you mean this one? Then why is there another standalone "Diversion_RotateLogs# line in the file, that's what I was wondering.

Oh, remnant from the last ice age or the router chocked while loading the job. Reboot and it’ll be gone.

 

[faria]

Oh, remnant from the last ice age or the router chocked while loading the job. Reboot and it’ll be gone.

Problem solved after a reboot, many thanks for your hard work. Dam it, ruined my uptime!

 

[Ellenswamy]

Updated to 4.3.2 today. All seems great like always. Thanks for the hard work!

 

[dacotmeister]

I have uploaded a hotfix for Diversion, no version change

What's new
- tb now includes blocking of IPv6 type 65 queries if the IPv6 Firewall is enabled. Please disable and re-enable tb after updating if the Diversion UI does not show both active on the tb line.
- Added more verbose Syslog output for "Exclude devices from ad-blocking", this has to be disabled and re-enabled in b, 10 to take effect.

Yes!! This patch on 4.3 really works like a charm on my IOS devices. Thanks for your tremendous effort!

Update: unfortunately.... some ads keep on slipping @thelonelycoder

 

[Ellenswamy]

Yes!! This patch on 4.3 really works like a charm on my IOS devices. Thanks for your tremendous effort!

Update: unfortunately.... some ads keep on slipping @thelonelycoder

This is going to depend on your block list you are using. Not diversion itself

 

[dacotmeister]

This is going to depend on your block list you are using. Not diversion itself

Well... I had the large blocklist for a couple of days, but experienced sluggish router performance, so switched back to the default. For testing sake I just updated with large, no difference