Diversion Diversion - the Router Ad-Blocker v4.2.x (see new thread for 4.3.x)

[Galgofa]

Can you please help or point me how to setup pixelserv-tls with pihole (via dietpi environment).
Config like: running pihole on raspberry 4 with 8gig with address 72.87, running merlin on ASUS RT-AX88U with installed Diversion and pixelserv-tls with address 72.2 for pixelserv-tls.
Just wandering how to point pihole to asus pixelserv-tls, or it is stupid idea ? B/w i'm not that familiar but can follow guides and setup things.

I'm tried to install pixelserv-tls on Pihole using the guide posted here, but installation interrupt with error port 80 not accessible.

The reason i like to use pixelserv-tls is that some ads on the mobile apps (like tumblr) still coming via pihole but was blocked by asus pixelserv-tls, i beleive.

 

[thelonelycoder]

Can you please help or point me how to setup pixelserv-tls with pihole (via dietpi environment).
Config like: running pihole on raspberry 4 with 8gig with address 72.87, running merlin on ASUS RT-AX88U with installed Diversion and pixelserv-tls with address 72.2 for pixelserv-tls.
Just wandering how to point pihole to asus pixelserv-tls, or it is stupid idea ? B/w i'm not that familiar but can follow guides and setup things.

I'm tried to install pixelserv-tls on Pihole using the guide posted here, but installation interrupt with error port 80 not accessible.

The reason i like to use pixelserv-tls is that some ads on the mobile apps (like tumblr) still coming via pihole but was blocked by asus pixelserv-tls, i beleive.

I don't see a way how this would work. Pi-hole does not have a function like Diversion does to point to an external pixelserv-tls IP.

 

[Galgofa]

I don't see a way how this would work. Pi-hole does not have a function like Diversion does to point to an external pixelserv-tls IP.

As an idea, now i have excluded Piholes' IP from dns filtering, but if i enable for pihole filtering does this will forward all pihole requests to diversion ?

 

[thelonelycoder]

As an idea, now i have excluded Piholes' IP from dns filtering, but if i enable for pihole filtering does this will forward all pihole requests to diversion ?

Not sure and I cannot test that at the moment.

 

[Zastoff]

Awesome script Thanks @thelonelycoder

 

[Sonyrolfy]

Great feature Sir. (Diversion: started separate Dnsmasq instance for ad-blocking exclusion). I can finally see dynamic picture TV frame updates on my smart tv Watching old static frames was like if time was standing still. Now the tv data grabbers can have party to Cheers!

 

[John Fitzgerald]

Is Pixelserv-tls relevant, working, useful at this time?
Will it be incorporated in future updates or discontinued?

Thanks.

 

[thelonelycoder]

Is Pixelserv-tls relevant, working, useful at this time?
Will it be incorporated in future updates or discontinued?

Thanks.

It’s relevant and remains part of Diversion until there’s something better. Which I doubt.

 

[Ellsworth]

I have a small question about the latest diversion 4.2.1. It seems like the menu takes 4-5 minutes to appear on my rt-ac68u with the new 386.4 from Asuswrt-Merlin using putty. I don't remember it taking this long before. Has something changed in diversion to cause this? It also takes a lot of time after I hit the more options button in the menu.

One other minor problem is that after I do an update to the blocking lists it goes through the normal process of downloading the lists and applying them but after it is done, it also takes a long time to respond. Are all these problems with my USB stick or have I been hacked?

 

[al cons]

Hello, I just updated FW on my AC88U to 386.4. After update was complete, I tried to update Diversion via GUI from 4.2.0 to 4.2.1. Update is stuck at 10%. Any advice on how to fix the problem would be awesome.

 

[thelonelycoder]

Hello, I just updated FW on my AC88U to 386.4. After update was complete, I tried to update Diversion via GUI from 4.2.0 to 4.2.1. Update is stuck at 10%. Any advice on how to fix the problem would be awesome.

Start Diversion in the SSH UI and run the u command from there. If necessary run uu to force update Diversion.

 

[thelonelycoder]

I have a small question about the latest diversion 4.2.1. It seems like the menu takes 4-5 minutes to appear on my rt-ac68u with the new 386.4 from Asuswrt-Merlin using putty. I don't remember it taking this long before. Has something changed in diversion to cause this? It also takes a lot of time after I hit the more options button in the menu.

One other minor problem is that after I do an update to the blocking lists it goes through the normal process of downloading the lists and applying them but after it is done, it also takes a long time to respond. Are all these problems with my USB stick or have I been hacked?

Reboot your router and see if the problem remains. If so, consider using a new USB device. Or you could first try by enabling the disc check feature in amtm with dc. After enabling it, reboot the router so it can do the check. Then in amtm check with dcl if the check had something found to fix.

 

[Lyrath]

Hello!

I had a problem with updating Diversion. I then tried to uninstall it completely and do a reinstall.
When I used the curl command, nothing happened. It turned out that curl didn't fetch anything because the SSL/TLS certificate from diversion.ch was too old, which probably was the reason no update would work.
I did a workaround and disabled all SSL checks in curl, just to install Diversion again. This doesn' t feel very safe though.
Anyone else had this problem? Is there a better solution?

Thx for an awesome script/adblocker. Been using it for ages!

curl -O https://diversion.ch/install
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (60) SSL certificate problem: certificate has expired
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

 

[SomeWhereOverTheRainBow]

I don't see a way how this would work. Pi-hole does not have a function like Diversion does to point to an external pixelserv-tls IP.

you can in IP blocking mode with pihole you point the IP at the IP used by pixenserv-tls, it is very complex and in the end the results are not really worth it. you have to use their configuration guide and add the appropriate options in /etc/pihole/setupVars.conf , but in the end pixelserv-tls and pihole would have to be installed on the same device for it to properly work.

 

[thelonelycoder]

Hello!

I had a problem with updating Diversion. I then tried to uninstall it completely and do a reinstall.
When I used the curl command, nothing happened. It turned out that curl didn't fetch anything because the SSL/TLS certificate from diversion.ch was too old, which probably was the reason no update would work.
I did a workaround and disabled all SSL checks in curl, just to install Diversion again. This doesn' t feel very safe though.
Anyone else had this problem? Is there a better solution?

Thx for an awesome script/adblocker. Been using it for ages!

curl -O https://diversion.ch/install
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
curl: (60) SSL certificate problem: certificate has expired
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

I'm sure you found out yourself: The certificate on my server certainly is not the problem here. Rather, your router uses outdated firmware and therefore uses expired CA certificates.

Not sure you found my little helper script ca_cert_check.sh in this post. It will solve that problem.

 

[Gary_Dexter]

Pixelserv is currently responsible for all the DCD errors people are seeing in System Log. Disabling it fixes that issue - but how much does it limit the ad-blocking capabilities by having it disabled?

 

[SomeWhereOverTheRainBow]

Pixelserv is currently responsible for all the DCD errors people are seeing in System Log. Disabling it fixes that issue - but how much does it limit the ad-blocking capabilities by having it disabled?

shouldn't limit you at all, you just wont have the blank spaces filled in by the pixel.

 

[Lyrath]

I'm sure you found out yourself: The certificate on my server certainly is not the problem here. Rather, your router uses outdated firmware and therefore uses expired CA certificates.

Not sure you found my little helper script ca_cert_check.sh in this post. It will solve that problem.

Thank you!
I’m using an AC87U router which explains the old firmware.
I downloaded and ran your script now, so far so good

 

[KevyMatts]

Hi Is the compatible for AX68U?

 

[underdose]

Hi Is the compatible for AX68U?

From the diversion.ch website:

Supported router models​

All Asus Wireless Routers supported by RMerlin's Asuswrt-Merlin and its forks: