Diversion Diversion - the Router Ad-Blocker

[HairyA00]

It's a step backwards. Diversion Lite or Diversion Standard with pixelserv-tls disabled block with the non-routing 0.0.0.0 IP address. It's fast but not as blazingly fast as pixelserv-tls is.

I'm not arguing which is better or faster or even logically more sound. If pixelserv-tls becomes abandonware, I'm suggesting a backup.

If one simply disables the pixelserv-tls service and routes to 0.0.0.0, I'm assuming that also blocks https requests? Just not as fast and/or eloquently as pixelserv-tls does?

 

[thelonelycoder]

I'm not arguing which is better or faster or even logically more sound. If pixelserv-tls becomes abandonware, I'm suggesting a backup.

If one simply disables the pixelserv-tls service and routes to 0.0.0.0, I'm assuming that also blocks https requests? Just not as fast and/or eloquently as pixelserv-tls does?

As the name says, pixelserv is able to serve a pixel sized image instead of the ad. That is less and less the case in today's world but it usually fills the gap that is left where the ad should display. That capability only works with the necessary certificate and authority to respond to the request. This cannot be done by using 0.0.0.0.
The backup is already built into Diversion. Disable pixelserv-tls or use/install Diversion Lite.

 

[HairyA00]

As the name says, pixelserv is able to serve a pixel sized image instead of the ad. That is less and less the case in today's world but it usually fills the gap that is left where the ad should display. That capability only works with the necessary certificate and authority to respond to the request. This cannot be done by using 0.0.0.0.
The backup is already built into Diversion. Disable pixelserv-tls or use/install Diversion Lite.

Oh, the difference is noticeable, agreed. Especially on mobile devices with gigantic grey sad-face squares. Just confirming that the existing backup in Diversion blocks both http and https requests, it's just uglier and slower.

EDIT: Example from Android.

 

[Jack Yaz]

Diversion is at a crossroads with the continued support and development of pixelserv-tls at an apparent standstill.
Its developer Stephen Yip aka @kvic has not been seen or heard from for months. I sincerely hope that he is well and happy, doing whatever he likes best.

With the upcoming update of iOS 13 and macOS restrictions come into place that affect the performance and capability of pixelserv-tls. This is likely to expand to other platforms and OSes in the near future.

Concerned users are trying to patch the current pixelserv-tls GitHub branch and compile binaries for their own systems with @Jack Yaz making good progress. I posted in the pixelserv-tls thread, asking for the required packages to be made available by anyone with the required skill set.

I am not sure how the future looks for Diversion with its central piece of software gradually becoming out of date.
While I don't want to paint the future black, this worries me a bit and I wanted to let you know of my concerns.

If you can help out, head over to the pixelserv-tls thread and get involved.

I'm confident I've patched what's needed, I just lack the skills to build for ARM. I tried following the entware building guide, and got thoroughly lost https://github.com/Entware/Entware/wiki/How-to-add-a-new-package

EDIT: I've taken a fresh look...progress being made...watch this space

 

[QuikSilver]

I'm confident I've patched what's needed, I just lack the skills to build for ARM. I tried following the entware building guide, and got thoroughly lost https://github.com/Entware/Entware/wiki/How-to-add-a-new-package

EDIT: I've taken a fresh look...progress being made...watch this space

What did we do to deserve you all! Keep up the great work fellas!

 

[Jack Yaz]

I'm confident I've patched what's needed, I just lack the skills to build for ARM. I tried following the entware building guide, and got thoroughly lost https://github.com/Entware/Entware/wiki/How-to-add-a-new-package

EDIT: I've taken a fresh look...progress being made...watch this space

Not going so well, stumbling when it's looking for openssl files

 

[consorts]

hi, can anyone tell me what command i enter to stop diversion completely
it seems to be using 100% of core2 of my cpu while stuck on some update;

Aug 30 19:19:23 custom_script: Running /jffs/scripts/service-event (args:  updateresolv) - max timeout = 120s
Aug 30 19:19:24 dnsmasq[1172]: bad name at /opt/share/diversion/list/blockinglist line 2289
Aug 30 19:19:25 dnsmasq[1172]: bad name at /opt/share/diversion/list/blockinglist line 12299
Aug 30 19:19:27 dnsmasq[1172]: bad name at /opt/share/diversion/list/blockinglist line 20070

in putty when i type in "diversion" it just hangs, like it's stuck somewhere.
amtm also hangs once it gets to the "diversion" line of it's gui.

 

[thelonelycoder]

hi, can anyone tell me what command i enter to stop diversion completely
it seems to be using 100% of core2 of my cpu while stuck on some update;

Aug 30 19:19:23 custom_script: Running /jffs/scripts/service-event (args:  updateresolv) - max timeout = 120s
Aug 30 19:19:24 dnsmasq[1172]: bad name at /opt/share/diversion/list/blockinglist line 2289
Aug 30 19:19:25 dnsmasq[1172]: bad name at /opt/share/diversion/list/blockinglist line 12299
Aug 30 19:19:27 dnsmasq[1172]: bad name at /opt/share/diversion/list/blockinglist line 20070

in putty when i type in "diversion" it just hangs, like it's stuck somewhere.
amtm also hangs once it gets to the "diversion" line of it's gui.

Remove the USB device through the WebUI, then unplug it. Wait a few seconds, then plug it back in.
Diversion will autostart.
What Diversion version are you running? The current version filters out domain names with non-ascii characters which Dnsmasq is complaining about in the Syslog. In any case, these entries are nothing to worry about, Dnsmasq ignores such entries.

 

[thelonelycoder]

Diversion is at a crossroads with the continued support and development of pixelserv-tls at an apparent standstill.

Things start to look better on the pixelserv-tls "new certificate generation" front.
Time to settle down and wait for the updated files.

 

[elorimer]

As the name says, pixelserv is able to serve a pixel sized image instead of the ad.

And, it serves it back to the requesting page much faster than it takes a null https request to time out.

 

[JaimeZX]

Honestly I haven't used the Pixelserv part of Diversion since I reinstalled all the scripts and I'm still perfectly satisfied... I never seemed to get it working properly in the first place except on one machine. Dunno. Appreciate all you guys do!

 

[z0ki]

Diversion isn't blocking ads anymore. Nothing has changed any ideas what it could be? Every device is pointing to my router as a DNS.

Also is it possible to add full lists of blacklists instead of adding them one by one? That is the most tedious way I can think of doing it. I see an option to add host lists but it looks like you can only add one?

 

[JaimeZX]

I had this issue with ONE machine on my network; had to clear the DNS cache in the browsers.

 

[thelonelycoder]

Also is it possible to add full lists of blacklists instead of adding them one by one? That is the most tedious way I can think of doing it. I see an option to add host lists but it looks like you can only add one?

Understand what the lists do.
Blocking list: Uses hosts file(s) to assemble the blocking list.

Whitelist, blacklist wildcard-blacklist: Are there to fine tune your blocking experience.
Need an extra domain whitelisted or blacklisted? Add it to the respective list. Use a larger/smaller blocking file or add/remove hosts files to the blocking list if your whitelist or blacklist grows too large. I consider these files large if more than 40 domains need to be added to these lists.
There is an option to use a hosted list. This helps in cases where one controls multiple routers so that the lists can be maintained centrally.

To be specific for your remark that adding domains to the blacklist is a tedious procedure: You do it wrong, read above to understand its function. The blacklist is not the same as the blocking list, though they both block domains.

 

[Skeptical.me]

I have updated to the most recent Diversion and I'm getting Ads on every webpage.

Merlin 384.13_0
Diversion 4.1.3

Right now its the 5th of September, this indicates it stopped at 5:20pm yesterday

 

[HairyA00]

I have updated to the most recent Diversion and I'm getting Ads on every webpage.

Merlin 384.13_0
Diversion 4.1.3

Right now its the 5th of September, this indicates it stopped at 5:20pm yesterday

It's because the following have now been added to the hard-coded whitelist:
aax-us-east.amazon-adsystem.com
pagead2.googlesyndication.com

to get around the issue, add them to your blacklist and a boatload of ads are going to go away!

 

[Skeptical.me]

It's because the following have now been added to the hard-coded whitelist:
aax-us-east.amazon-adsystem.com
pagead2.googlesyndication.com

to get around the issue, add them to your blacklist and a boatload of ads are going to go away!

I added the addresses to the blacklist but I'm still getting ads

Edit: I just checked my other devices and Ads are being blocked on the iPad and iPhone but not the iMac

 

[HairyA00]

I added the addresses to the blacklist but I'm still getting ads

Did you process the blacklist after making the changes?

 

[jsbeddow]

I have updated to the most recent Diversion and I'm getting Ads on every webpage.

Merlin 384.13_0
Diversion 4.1.3

Right now its the 5th of September, this indicates it stopped at 5:20pm yesterday

Actually, the 5:20 reference in the screenshot refers to how many ads have been blocked since then, not that Diversion stopped working then. Try to follow the dnsmasq.log, filtered or unfiltered, to see more details while loading pages with ads. You might find that dnsmasq.log won't show, which could indicate USB drive corruption (you can probably guess how I know this...).

 

[jsbeddow]

So you have one device that is bypassing the DNS based filtering setup by Diversion, nothing more.