What's new

Diversion Diversion 5.1.3 - the Router Ad-Blocker, May 09, 2024

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I don't know. I was assuming with custom DNS you mean a third party DNS resolver. But you are using a Diversion service which is not custom.
Anyway, the excerpt above is the log of Diversion trying to start a separate Dnsmasq instance for the service "Exclude devices from ad-blocking" on IP 192.168.1.16 which is already in use by something else.

Are you sure this IP is not used by any of your other devices on the network?
.16 is a high number of reserved addresses as you should have set during the setup of this service in Diversion. What is the routers IP address, what is your "IP Pool Starting Address" and "IP Pool Ending Address" in LAN/DHCP Server in the routers WebUI?


This is also suspicious that your setup is completely borked or generally wrong as the main Dnsmasq instance fails to start up.
Yes, nothing out of ordinary.
Code:
dhcp-range=lan,192.168.1.32,192.168.1.254,255.255.255.0,86400s
I guess maybe pixel-serv is running somewhere?

I walk to the router, hit the power button, and then it reboots fine. The errors are similar of Diversion 5.1.0 when the dnsmasq got updated to 2.90 with 386.12_6, and that required the 5.1.1 fix. The issue appears a bit intermittent - not all the time like last time.

I guess I could try flash 386.13_2 again, so it goes to the 2nd set of partitions? I had this issue with 386.13_0, but Diversion re-install fixed that. I have daily backups, but nothing appears to have changed after I updated to 13_2.
 
Unrolled back to 386.13_0. Will see how it goes tomorrow during morning auto-reboot!

Tried to reformat /jffs and restore backup - no improvement.
Tried to unroll to 13_0, 12_6, etc - still same issues even though worked before!
Changed non-blocking DNS server from 192.168.1.16 to 192.168.1.17 in Diversion - seems like the issues have disappeared. Rebooted a bunch of times - seems to reboot fine, with things working.

Will continue monitoring!
 
Got the same issue today, but not yesterday, on .17 address. There is absolutely nothing on that IP. I now think that a hot reboot (no power off) does not seem to clear the prior info for these. See this grep of dnsmasq and Diversion.

It seems a few steps are missing in the hot reboot case. Such as this message is missing:
rc_service: service 4604:notify_rc restart_dnsmasq

Bad hot reboot:
Code:
May  5 04:06:40 dnsmasq[1161]: using nameserver 172.16.1.254#53 for domain attlocal.net
May  5 04:06:40 dnsmasq[1161]: using only locally-known addresses for mask-h2.icloud.com
May  5 04:06:40 dnsmasq[1161]: using only locally-known addresses for mask.icloud.com
May  5 04:06:40 dnsmasq[1161]: using only locally-known addresses for _dns.resolver.arpa
May  5 04:06:40 dnsmasq[1161]: using only locally-known addresses for use-application-dns.net
May  5 04:06:48 dnsmasq-dhcp[1161]: DHCPDISCOVER(br0) fc:d4:36:f2:36:aa
May  5 04:06:48 dnsmasq-dhcp[1161]: DHCPOFFER(br0) 192.168.1.41 fc:d4:36:f2:36:aa
May  5 04:06:48 dnsmasq-dhcp[1161]: DHCPREQUEST(br0) 192.168.1.41 fc:d4:36:f2:36:aa
May  5 04:06:48 dnsmasq-dhcp[1161]: DHCPACK(br0) 192.168.1.41 fc:d4:36:f2:36:aa
May  5 04:06:55 Entware: Starting Entware and Diversion services on /tmp/mnt/ac86u
May  5 04:06:57 RT-AC86U-9988 Diversion: Mounting Diversion WebUI page
May  5 04:06:57 RT-AC86U-9988 Diversion: Mounted Diversion WebUI as user3.asp in LAN/Diversion
May  5 04:06:57 RT-AC86U-9988 Diversion: created br0:ad_blocking_excl for 192.168.1.17
May  5 04:06:57 RT-AC86U-9988 dnsmasq[5227]: failed to create listening socket for 192.168.1.17: Address already in use
May  5 04:06:57 RT-AC86U-9988 dnsmasq[5227]: FAILED to start up
May  5 04:06:57 RT-AC86U-9988 Diversion: started separate Dnsmasq instance for ad-blocking exclusion on IP 192.168.1.17
May  5 04:06:57 RT-AC86U-9988 Diversion: restarted Dnsmasq to apply settings
May  5 04:06:57 RT-AC86U-9988 (dnsmasq.postconf): Updating /etc/dnsmasq.conf for unbound.....
May  5 04:06:57 RT-AC86U-9988 uiDivStats: dnsmasq has restarted, restarting taildns

Good cold reboot:
Code:
May  5 07:19:19 dnsmasq[1159]: using nameserver 172.16.1.254#53
May  5 07:19:19 dnsmasq[1159]: using nameserver 172.16.1.254#53 for domain attlocal.net
May  5 07:19:19 dnsmasq[1159]: using only locally-known addresses for mask-h2.icloud.com
May  5 07:19:19 dnsmasq[1159]: using only locally-known addresses for mask.icloud.com
May  5 07:19:19 dnsmasq[1159]: using only locally-known addresses for _dns.resolver.arpa
May  5 07:19:19 dnsmasq[1159]: using only locally-known addresses for use-application-dns.net
May  5 07:19:26 dnsmasq-dhcp[1159]: DHCPDISCOVER(br0) 1c:93:c4:5d:28:6e
May  5 07:19:26 dnsmasq-dhcp[1159]: DHCPOFFER(br0) 192.168.1.69 1c:93:c4:5d:28:6e
May  5 07:19:26 dnsmasq-dhcp[1159]: DHCPREQUEST(br0) 192.168.1.69 1c:93:c4:5d:28:6e
May  5 07:19:26 dnsmasq-dhcp[1159]: DHCPACK(br0) 192.168.1.69 1c:93:c4:5d:28:6e
May  5 07:19:29 Entware: Starting Entware and Diversion services on /tmp/mnt/ac86u
May  5 07:19:34 RT-AC86U-9988 rc_service: service 4604:notify_rc restart_dnsmasq
May  5 07:19:34 RT-AC86U-9988 custom_script: Running /jffs/scripts/service-event (args: restart dnsmasq)
May  5 07:19:30 RT-AC86U-9988 dnsmasq[4219]: started, version 2.90 cachesize 150
May  5 07:19:34 RT-AC86U-9988 dnsmasq[4219]: overflow: 7 log entries lost
May  5 07:19:35 RT-AC86U-9988 rc_service: waitting "restart_dnsmasq" via  ...
May  5 07:19:35 RT-AC86U-9988 custom_config: Appending content of /jffs/configs/dnsmasq.conf.add.
May  5 07:19:35 RT-AC86U-9988 custom_script: Running /jffs/scripts/dnsmasq.postconf (args: /etc/dnsmasq.conf)
May  5 07:19:35 RT-AC86U-9988 Diversion: created br0:ad_blocking_excl for 192.168.1.17
May  5 07:19:35 RT-AC86U-9988 dnsmasq[5518]: started, version 2.90 cachesize 150
May  5 07:19:35 RT-AC86U-9988 dnsmasq[5518]: compile time options: IPv6 GNU-getopt no-RTC no-DBus no-UBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP
May  5 07:19:35 RT-AC86U-9988 dnsmasq[5518]: read /etc/hosts - 22 names
May  5 07:19:35 RT-AC86U-9988 dnsmasq[5518]: using nameserver 172.16.1.254#53
May  5 07:19:35 RT-AC86U-9988 dnsmasq[5518]: using nameserver 172.16.1.254#53 for domain attlocal.net
May  5 07:19:35 RT-AC86U-9988 dnsmasq[5518]: using nameserver 172.16.1.254#53
May  5 07:19:35 RT-AC86U-9988 dnsmasq[5518]: using nameserver 172.16.1.254#53 for domain attlocal.net
May  5 07:19:35 RT-AC86U-9988 Diversion: started separate Dnsmasq instance for ad-blocking exclusion on IP 192.168.1.17
May  5 07:19:35 RT-AC86U-9988 Diversion: restarted Dnsmasq to apply settings
May  5 07:19:35 RT-AC86U-9988 (dnsmasq.postconf): Updating /etc/dnsmasq.conf for unbound.....
May  5 07:19:35 RT-AC86U-9988 uiDivStats: dnsmasq has restarted, restarting taildns
May  5 07:19:43 RT-AC86U-9988 rc_service: service 7970:notify_rc restart_dnsmasq
May  5 07:19:43 RT-AC86U-9988 custom_script: Running /jffs/scripts/service-event (args: restart dnsmasq)
May  5 07:19:43 RT-AC86U-9988 dnsmasq[5518]: exiting on receipt of SIGTERM
May  5 07:19:44 RT-AC86U-9988 custom_config: Appending content of /jffs/configs/dnsmasq.conf.add.
May  5 07:19:44 RT-AC86U-9988 custom_script: Running /jffs/scripts/dnsmasq.postconf (args: /etc/dnsmasq.conf)
May  5 07:19:44 RT-AC86U-9988 Diversion: created br0:ad_blocking_excl for 192.168.1.17
May  5 07:19:44 RT-AC86U-9988 dnsmasq[8642]: started, version 2.90 cachesize 150
May  5 07:19:44 RT-AC86U-9988 dnsmasq[8642]: compile time options: IPv6 GNU-getopt no-RTC no-DBus no-UBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP
May  5 07:19:44 RT-AC86U-9988 dnsmasq[8642]: read /etc/hosts - 22 names
May  5 07:19:44 RT-AC86U-9988 dnsmasq[8642]: using nameserver 172.16.1.254#53
May  5 07:19:44 RT-AC86U-9988 dnsmasq[8642]: using nameserver 172.16.1.254#53 for domain attlocal.net
 
Bad hot reboot:
What is the reason you have so many reservations: dhcp-range=lan,192.168.1.32,192.168.1.254,255.255.255.0,86400s
 
Last edited:
What is the reason you have so many reservations: dhcp-range=lan,192.168.1.32,192.168.1.254,255.255.255.0,86400s

Well, I have about 30 devices on my network - so I am thinking 220 IP addresses should more than plenty for the rest of them.

I have some bridges and other stuff under 32, mostly under 16.

Is that a problem to leave a lot of addresses out of the DHCP pool?
 
I guess I did have prior issues with warm reboots - but mostly related to logging. As I look at it - it appears that the logging messages are quite different in the course of warm and cold reboots. This is the first time it's impacting my need to have stuff - I guess it could have been a different thing, but it happened here.

Here is the bad warm reboot segment:
Code:
May  5 04:06:57 RT-AC86U-9988 Diversion: Mounting Diversion WebUI page
May  5 04:06:57 RT-AC86U-9988 Diversion: Mounted Diversion WebUI as user3.asp in LAN/Diversion
May  5 04:06:57 RT-AC86U-9988 avahi-daemon[4210]: Registering new address record for 192.168.1.17 on br0.IPv4.
May  5 04:06:57 RT-AC86U-9988 Diversion: created br0:ad_blocking_excl for 192.168.1.17
May  5 04:06:57 RT-AC86U-9988 dnsmasq[5227]: failed to create listening socket for 192.168.1.17: Address already in use
May  5 04:06:57 RT-AC86U-9988 dnsmasq[5227]: FAILED to start up
May  5 04:06:57 RT-AC86U-9988 Diversion: started separate Dnsmasq instance for ad-blocking exclusion on IP 192.168.1.17
May  5 04:06:57 RT-AC86U-9988 Diversion: restarted Dnsmasq to apply settings
May  5 04:06:57 RT-AC86U-9988 (dnsmasq.postconf): Updating /etc/dnsmasq.conf for unbound.....
May  5 04:06:57 RT-AC86U-9988 uiDivStats: dnsmasq has restarted, restarting taildns
May  5 04:06:57 RT-AC86U-9988 admin: Started ntpd from /jffs/scripts/post-mount.
May  5 04:06:57 RT-AC86U-9988 admin: Started taildns from /jffs/scripts/post-mount.
May  5 04:06:58 RT-AC86U-9988 rc_service: service 5326:notify_rc restart_dnsmasq
May  5 04:06:58 RT-AC86U-9988 rc_service: waitting "start_samba" via  ...
May  5 04:06:58 RT-AC86U-9988 dnsmasq[5256]: failed to create listening socket for 192.168.1.1: Address already in use
May  5 04:06:58 RT-AC86U-9988 dnsmasq[5256]: FAILED to start up
May  5 04:06:58 RT-AC86U-9988 Samba_Server: daemon is started
May  5 04:06:58 RT-AC86U-9988 wsdd2[5348]: starting.
May  5 04:06:58 RT-AC86U-9988 custom_script: Running /jffs/scripts/service-event (args: start logger)

Good reboot segment:
Code:
May  5 07:19:29 custom_script: Running /jffs/scripts/post-mount (args: /tmp/mnt/ac86u)
May  5 07:19:29 Entware: Starting Entware and Diversion services on /tmp/mnt/ac86u
...
May  5 07:19:35 RT-AC86U-9988 scMerlin: Mounted Sitemap page as user3.asp
May  5 07:19:35 RT-AC86U-9988 rc_service: hotplug 2467:notify_rc restart_nasapps
May  5 07:19:35 RT-AC86U-9988 rc_service: waitting "restart_dnsmasq" via  ...
May  5 07:19:35 RT-AC86U-9988 scMerlin: Mounted scMerlin WebUI page as user2.asp
May  5 07:19:35 RT-AC86U-9988 custom_config: Appending content of /jffs/configs/dnsmasq.conf.add.
May  5 07:19:35 RT-AC86U-9988 custom_script: Running /jffs/scripts/dnsmasq.postconf (args: /etc/dnsmasq.conf)
May  5 07:19:35 RT-AC86U-9988 Diversion: created br0:ad_blocking_excl for 192.168.1.17
May  5 07:19:35 RT-AC86U-9988 dnsmasq[5518]: started, version 2.90 cachesize 150
May  5 07:19:35 RT-AC86U-9988 dnsmasq[5518]: compile time options: IPv6 GNU-getopt no-RTC no-DBus no-UBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset no-nftset no-auth cryptohash DNSSEC no-ID loop-detect no-inotify no-dumpfile
May  5 07:19:35 RT-AC86U-9988 dnsmasq[5518]: read /etc/hosts - 22 names
May  5 07:19:35 RT-AC86U-9988 dnsmasq[5518]: using nameserver 172.16.1.254#53
May  5 07:19:35 RT-AC86U-9988 dnsmasq[5518]: using nameserver 172.16.1.254#53 for domain attlocal.net
May  5 07:19:35 RT-AC86U-9988 dnsmasq[5518]: using nameserver 172.16.1.254#53
May  5 07:19:35 RT-AC86U-9988 dnsmasq[5518]: using nameserver 172.16.1.254#53 for domain attlocal.net
May  5 07:19:35 RT-AC86U-9988 Diversion: started separate Dnsmasq instance for ad-blocking exclusion on IP 192.168.1.17
May  5 07:19:35 RT-AC86U-9988 Diversion: restarted Dnsmasq to apply settings
May  5 07:19:35 RT-AC86U-9988 (dnsmasq.postconf): Updating /etc/dnsmasq.conf for unbound.....
May  5 07:19:35 RT-AC86U-9988 uiDivStats: dnsmasq has restarted, restarting taildns
May  5 07:19:36 RT-AC86U-9988 custom_script: Running /jffs/scripts/service-event (args: restart nasapps)
 
@bibikalka turn off logging in Diversion and then do a warm reboot. Then look in the Syslog if any of the devices grabs that IP before Diversion kicks in.
 
@bibikalka turn off logging in Diversion and then do a warm reboot. Then look in the Syslog if any of the devices grabs that IP before Diversion kicks in.

I don't think this is an actual issue due to Diversion. It's a an issue due to a warm reboot that still "remembers" stuff.

I think that .17 IP is the ghost of the pre-warm boot Diversion server. Is there a command to release all existing IP allocations? I'd put it somewhere early in the boot process. Alternatively, I could put in a logging command early in the process, to list "active" IP addresses. Right now both "ip neigh" and "arp -a" don't show .17 even after a cold reboot. I need more potent commands :)
 
I don't think this is an actual issue due to Diversion. It's a an issue due to a warm reboot that still "remembers" stuff.

I think that .17 IP is the ghost of the pre-warm boot Diversion server. Is there a command to release all existing IP allocations? I'd put it somewhere early in the boot process. Alternatively, I could put in a logging command early in the process, to list "active" IP addresses. Right now both "ip neigh" and "arp -a" don't show .17 even after a cold reboot. I need more potent commands :)
Try this and report back:
Add this line below the Diversion entry in /jffs/scripts/unmount
Code:
ifconfig br0:ad_blocking_excl 192.168.1.17 down
 
Diversion 5.1.3 is now available

What's new

  • Deregisters additional Dnsmasq instance IPs when rebooting. Thanks to @bibikalka for reporting
On some router models a reboot does not deregister virtual IP interfaces. This fixes it. @bibikalka you can remove the line in /jffs/scripts/unmount I asked to add.
 
Anyone else having issues right now? Internet went down maybe an hour ago on most of my devices. Took me about 30 minutes to narrow it down to ad blocking essentially blocking all devices from accessing the internet. Toggling a (ad-blocking) to off fixed it. I can keep diversion enabled and everything works fine as long as adblocking is off so seems related to that and not necessarily diversion itself.

I tried updating the block list and it didn’t help. Currently using standard block list. Edit: Tried a different block list and same issue.

Edit 2: just re-enabled ad-blocking and it’s been working for the last half hour. Very weird.
 
Last edited:
Same issue with custom block list.
 
Diversion 5.1.3 is now available

What's new

  • Deregisters additional Dnsmasq instance IPs when rebooting. Thanks to @bibikalka for reporting
On some router models a reboot does not deregister virtual IP interfaces. This fixes it. @bibikalka you can remove the line in /jffs/scripts/unmount I asked to add.

Early to declare victory in my case. About a week later (~7 reboots), the issue has re-occured. My reboot is at 4:05am.

Code:
May 13 03:31:27 RT-AC86U-9988 Diversion: started separate Dnsmasq instance for ad-blocking exclusion on IP 192.168.1.17
May 13 03:37:28 RT-AC86U-9988 Diversion: created br0:ad_blocking_excl for 192.168.1.17
May 13 03:37:28 RT-AC86U-9988 Diversion: started separate Dnsmasq instance for ad-blocking exclusion on IP 192.168.1.17
May 13 03:57:35 RT-AC86U-9988 Diversion: created br0:ad_blocking_excl for 192.168.1.17
May 13 03:57:35 RT-AC86U-9988 Diversion: started separate Dnsmasq instance for ad-blocking exclusion on IP 192.168.1.17
May 13 04:05:05 RT-AC86U-9988 avahi-daemon[9553]: Leaving mDNS multicast group on interface br0.IPv4 with address 192.168.1.17.
...
May 13 04:27:01 RT-AC86U-9988 rc_service: watchdog 1180:notify_rc start_dnsmasq
May 13 04:27:01 RT-AC86U-9988 custom_script: Running /jffs/scripts/service-event (args: start dnsmasq)
May 13 04:27:01 RT-AC86U-9988 custom_config: Appending content of /jffs/configs/dnsmasq.conf.add.
May 13 04:27:01 RT-AC86U-9988 custom_script: Running /jffs/scripts/dnsmasq.postconf (args: /etc/dnsmasq.conf)
May 13 04:27:01 RT-AC86U-9988 dnsmasq[43332]: failed to create listening socket for 192.168.1.17: Address already in use
May 13 04:27:01 RT-AC86U-9988 dnsmasq[43332]: FAILED to start up
May 13 04:27:01 RT-AC86U-9988 (dnsmasq.postconf): Updating /etc/dnsmasq.conf for unbound.....
May 13 04:27:01 RT-AC86U-9988 uiDivStats: dnsmasq has restarted, restarting taildns
May 13 04:27:01 RT-AC86U-9988 dnsmasq[43394]: failed to create listening socket for 192.168.1.1: Address already in use
May 13 04:27:01 RT-AC86U-9988 dnsmasq[43394]: FAILED to start up
 
@thelonelycoder i'm noticing with Diversion enabled & using blocking list large that occasionally when webpages have been loading on my MacBook i'm not able to click links until I refresh the page. If I disable Diversion I do not have this problem. What is the suggested blocklist ?
 
For an unrelated task, I needed to add a script to dnsmasq.postconf, and I was having issues with the syntax of it, repeatedly getting outputs of
Code:
sed: -i requires an argument
such that I was testing dnsmasq.postconf by running it manually.

Whilst running the diversion part of the script, I was getting the following output
Code:
sed: -i requires an argument
./dnsmasq.postconf: /opt/share/diversion/file/post-conf.div: line 42: can't create : nonexistent directory
./dnsmasq.postconf: /opt/share/diversion/file/post-conf.div: line 42: can't create : nonexistent directory
./dnsmasq.postconf: /opt/share/diversion/file/post-conf.div: line 42: can't create : nonexistent directory
./dnsmasq.postconf: /opt/share/diversion/file/post-conf.div: line 42: can't create : nonexistent directory
./dnsmasq.postconf: /opt/share/diversion/file/post-conf.div: line 42: can't create : nonexistent directory
./dnsmasq.postconf: /opt/share/diversion/file/post-conf.div: line 42: can't create : nonexistent directory
sed: -i requires an argument

I thought that the
Code:
sed: -i requires an argument
was part of the issues I was having with the script I was trying to manually add, but I realised that even when I fixed that issue, I was still seeing the above output as the diversion part of postconf script ran. Manually removed my added script, and I was still seeing the above output.

I thought maybe there was an issue with my installation, so I uninstalled diversion, deleted the dnsmasq.postconf file, then reinstalled. But when manually running the unedited postconf script after a new install, I still see the above output.

Is this normal and expected behavior?
 
Is this normal and expected behavior?
Are you passing /etc/dnsmasq.conf as the command-line parameter to dnsmasq.postconf? It’s required.
Code:
/jffs/scripts/dnsmasq.postconf /etc/dnsmasq.conf
 
Are you passing /etc/dnsmasq.conf as the command-line parameter to dnsmasq.postconf? It’s required.
Code:
/jffs/scripts/dnsmasq.postconf /etc/dnsmasq.conf

Ah ok, maybe that't it. I assume when it's run automatically it does this by itself?

It was actually your iCloud Private Relay script from the 388.7 release thread I was adding that caused me to see this 😄

I assumed I needed to make the CONFIG line in your script read
Code:
CONFIG="/etc/dnsmasq.conf"
as that was how I got rid of the sed -i error for running your section of the dnsmasq.postconf script. Guessing I didn't need to do that? 😅

A new installation of diversion makes the dnsmasq.postconf file look like this
Code:
#!/bin/sh

. /opt/share/diversion/file/post-conf.div # Added by Diversion
with no CONFIG line nor reference to /etc/dnsmasq.conf, and brings up the sed -i error as well as the line 42 errors I included above (#598).
 
Last edited:

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top