Zonkd
Very Senior Member
Thanks for the reply. Why does Diversion need to use a web server at all? Why not just block the ads by IP or domain, similar to ad blocking in a browser? I'm not questioning it in a negative way, I just want to better understand it. It has always worked here flawlessly.
thanks, Bj
A general answer for anyone out there with similar question:
Diversion harnesses dnsmasq server to proactively filter dns requests. It does this by loading domains from a block-list and forcing them to resolve to 0.0.0.0. Diversion cannot block IP addresses, nor can it block ads delivered through an encrypted https session (without pixelserv). It also cannot block dns requests sent via DNS over HTTPS.
Skynet harnesses the firewall to filter inbound/outbound network traffic to IP addresses. It does this by loading IP addresses or IP ranges from a block list and forces sent/received packets to be dropped. Skynet cannot block domain names, nor can it inspect and filter network traffic for machines that are tunneling through their own VPN.
Skynet and Diversion are developed to compliment one-another. I use both. I don’t use pixelserv.
Browser based adblockers use differently formatted blocklists (more advanced rules for cosmetic filtering) and they are not compatible with Diversion. Browser based adblockers can filter traffic delivered via https because they are able to see the traffic as it is decrypted inside the browser. They do not proactively block domains like Diversion does, they are just reactive and filter web pages as they are loaded.