Diversion Diversion - the Router Ad-Blocker

[Jack Yaz]

Yep that's one way, using the alternate blocking file: https://diversion.ch/diversion/manual/alternate-blocking-file.html

It also gives you an opportunity to still block ads (use the Standard list) and not restrict anything else. That way your LAN device on the alternate blocking file will still listen to your WAN DoT settings. Another option would be as @bluzfanmr1 mentioned, however you won't be using DoT and you would need to go upstream to some other kind of device capable of DoT (such as a Pi-hole). This is the exact quandary I am in at the moment:
https://www.snbforums.com/threads/diversion-the-router-ad-blocker.48538/page-178#post-510991

Did my suggestion not help?

 

[HairyA00]

Did my suggestion not help?

Your suggestion was/is great. Literally haven't had a chance to dive in, and I'm still trying to determine if my setup is optimized at this point.

 

[thelonelycoder]

One year ago Diversion 4.0 was released and replaced AB-Solution.
Happy 1st birthday Diversion!

 

[Kingp1n]

One year ago Diversion 4.0 was released and replaced AB-Solution.
Happy 1st birthday Diversion!

Thanks for all the great memories

 

[martinr]

One year ago Diversion 4.0 was released and replaced AB-Solution.
Happy 1st birthday Diversion!

But do you remember exactly where you were when Diversion was released? I was updating ABSolution and doing various things with the menus. In the middle of this, the name ABSolution vanished to be replaced with “Diversion”. First thoughts: a hacker was announcing his diversion of the control of my router. When my pulse rate came down and I saw the webui was still in English and not Korean, I headed for the forum and saw the thread on Diversion had just been opened.

A very happy birthday. May there be many, many more.

 

[thelonelycoder]

But do you remember exactly where you were when Diversion was released? I was updating ABSolution and doing various things with the menus. In the middle of this, the name ABSolution vanished to be replaced with “Diversion”. First thoughts: a hacker was announcing his diversion of the control of my router. When my pulse rate came down and I saw the webui was still in English and not Korean, I headed for the forum and saw the thread on Diversion had just been opened.

A very happy birthday. May there be many, many more.

I also remember where I was. At home, uploading the Diversion files and preparing this new thread. I was very nervous.

 

[Asad Ali]

I also remember where I was. At home, uploading the Diversion files and preparing this new thread. I was very nervous.

And I was waiting patiently for ABS-4 and all of a sudden you broke my dream of getting 4 pack abs and drop the Diversion Bomb. [emoji1787][emoji16]

 

[z0ki]

I installed Diversion and all went fine. But I am still seeing ads. Tried a few different helpful tips found in this thread but nothing works.

I set it up correctly, but ads are still being shown

 

[dave14305]

I set it up correctly, but ads are still being shown

Then something is amiss with your client or browser using its own DNS.

 

[z0ki]

Then something is amiss with your client or browser using its own DNS.

Hmmm how would I go about diagnosing this?

Do my settings seem correct as shown in the images?

 

[dave14305]

Hmmm how would I go about diagnosing this?

Do my settings seem correct as shown in the images?

Do you use a DNS over HTTPS capable browser like Firefox, or Android Pie?

Nothing in your screenshots look bad, but how about the LAN DNSFILTER page to force clients to use Diversion with “Router” mode?

 

[z0ki]

Nothing in your screenshots look bad, but how about the LAN DNSFILTER page to force clients to use Diversion with “Router” mode?

Funny you should mention that! I just went into that section and turned on Enable DNS-based Filtering and changed Global Filter Mode to Router and low and behold it looks to be blocking ads now.

I am using CloudFlare DNS 1.1.1.1 - 1.0.0.1 but that is set in the WAN DNS Setting section (under WAN)

But for now, it looks like it's all working. I tested it on my iPad on a site that is known to have ads and none are being shown

 

[z0ki]

Another issue.

Since setting this up, I am now noticing that my unRaid server is longer being shown as available in Networks in File Explorer. Any ideas on this?


*EDIT

Not to worry this fixed it lol.

 

[thelonelycoder]

A minor Diversion update is available, no version change

What's changed
- Fix for newly added domains not being immediately whitelisted when done through el for both local or hosted whitelist.
- The hard-coded whitelist now includes all whitelisted domains from the default Diversion whitelist.

The current hard-coded list includes the following domains, additional domains are added automatically for your hosted lists or hosts files domains.

1drv.ms
adblock.mahakala.is
asuswrt.lostrealm.ca
asuswrt-merlin.net
www.asuswrt-merlin.net
fwupdate.asuswrt-merlin.net
bin.entware.net
codeload.github.com
diversion.ch
hosts-file.net
maurerr.github.io
onedrive.live.com
pgl.yoyo.org
pkg.entware-backports.tk
pkg.entware.net
raw.githubusercontent.com
someonewhocares.org
sourceforge.net
support.it-mate.co.uk
winhelp2002.mvps.org
www.malwaredomainlist.com

The newly added domains are the following. They are there to allow a certain amount of ads to get through on the SmallNetBuilder sites.
Despite my pleas to leave these domains in the whitelist to support this very board, I see publicly hosted whitelists not including them.

aax-eu.amazon-adsystem.com
aax-us-east.amazon-adsystem.com
ad2.netshelter.net
assets.omidoo.com
flashtalking.com
fls-na.amazon-adsystem.com
images-na.ssl-images-amazon.com
ir-na.amazon-adsystem.com
ir-uk.amazon-adsystem.com
pagead2.googlesyndication.com
servedby.flashtalking.com
tgdaily.com
tgdaily.net
vma.tgdaily.com
vma.tgdaily.net
wms-eu.amazon-adsystem.com
wms-na.amazon-adsystem.com
wms-na.assoc-amazon.com
ws-eu.amazon-adsystem.com
ws-na.amazon-adsystem.com
z-na.amazon-adsystem.com

To block any of the hard-coded whitelist domains, add it to the blacklist if you absolutely must.

 

[IT Guy]

How do I block ads from this webpage:
https://www.dobreprogramy.pl/

Also video ads:
https://www.dobreprogramy.pl/Nowosc...-P30-Pro.-Zobacz-jak-dziala,Wideo,102253.html

Its very difficult...

 

[PeterR]

How do I block ads from this webpage:
https://www.dobreprogramy.pl/

Also video ads:
https://www.dobreprogramy.pl/Nowosc...-P30-Pro.-Zobacz-jak-dziala,Wideo,102253.html

Its very difficult...

I added telewizja.wp.pl & moto.wp.pl to the blacklist, they're not included in Standard+.

 

[thelonelycoder]

Diversion is at a crossroads with the continued support and development of pixelserv-tls at an apparent standstill.
Its developer Stephen Yip aka @kvic has not been seen or heard from for months. I sincerely hope that he is well and happy, doing whatever he likes best.

With the upcoming update of iOS 13 and macOS restrictions come into place that affect the performance and capability of pixelserv-tls. This is likely to expand to other platforms and OSes in the near future.

Concerned users are trying to patch the current pixelserv-tls GitHub branch and compile binaries for their own systems with @Jack Yaz making good progress. I posted in the pixelserv-tls thread, asking for the required packages to be made available by anyone with the required skill set.

I am not sure how the future looks for Diversion with its central piece of software gradually becoming out of date.
While I don't want to paint the future black, this worries me a bit and I wanted to let you know of my concerns.

If you can help out, head over to the pixelserv-tls thread and get involved.

 

[HairyA00]

Diversion is at a crossroads with the continued support and development of pixelserv-tls at an apparent standstill.
Its developer Stephen Yip aka @kvic has not been seen or heard from for months. I sincerely hope that he is well and happy, doing whatever he likes best.

With the upcoming update of iOS 13 and macOS restrictions come into place that affect the performance and capability of pixelserv-tls. This is likely to expand to other platforms and OSes in the near future.

Concerned users are trying to patch the current pixelserv-tls GitHub branch and compile binaries for their own systems with @Jack Yaz making good progress. I posted in the pixelserv-tls thread, asking for the required packages to be made available by anyone with the required skill set.

I am not sure how the future looks for Diversion with its central piece of software gradually becoming out of date.
While I don't want to paint the future black, this worries me a bit and I wanted to let you know of my concerns.

If you can help out, head over to the pixelserv-tls thread and get involved.

Hey @thelonelycoder, can we block https domains similar to the way Pi-hole pulls it off? Instead of answering HTTPS domains with Pixelserv-tls' LAN address, can we not block these domains with NULL? Example of what I'm attempting to explain here: https://docs.pi-hole.net/ftldns/blockingmode/

Or is this what Diversion Lite is essentially already doing? Just dumping http or https domains completely to 0.0.0.0?

Old discussion: https://discourse.pi-hole.net/t/pi-hole-v4-0-and-pixelserv-tls/12439

 

[thelonelycoder]

Or is this what Diversion Lite is essentially already doing? Just dumping http or https domains completely to 0.0.0.0?

It's a step backwards. Diversion Lite or Diversion Standard with pixelserv-tls disabled block with the non-routing 0.0.0.0 IP address. It's fast but not as blazingly fast as pixelserv-tls is.

 

[thelonelycoder]

Hey @thelonelycoder, can we block https domains similar to the way Pi-hole pulls it off? Instead of answering HTTPS domains with Pixelserv-tls' LAN address, can we not block these domains with NULL? Example of what I'm attempting to explain here: https://docs.pi-hole.net/ftldns/blockingmode/

One could compile the Faster Than Light DNS FTLDNS which is based on Dnsmasq to run in the Entware environment. But that would mean having Dnsmasq AND FTLDNS as resolvers running on the router.