Diversion Diversion - the Router Ad-Blocker

[thelonelycoder]

No, the idea is to check my own whitelist/blacklist to see if some hosts are dead, alive, down or not found at all in order to clean them from useless lines.
I found only for windows but I would like to check from router as well!
Still searching for such script.
basically the script will read a file black/whitelist and write the results in other file, without those hosts that are not to be found.
In the end it could be good for all!

During the blocking file update it would report to the Syslog if one of the remote files failed. That includes hosted white, black and wildcard blacklist.

 

[dave14305]

During the blocking file update it would report to the Syslog if one of the remote files failed. That includes hosted white, black and wildcard blacklist.

I think he wants to flood his upstream DNS servers with queries to ensure all blocked domains in the lists return an IP (and not NXDOMAIN). Try that with hosts.oisd.nl!

 

[Asad Ali]

No, the idea is to check my own whitelist/blacklist to see if some hosts are dead, alive, down or not found at all in order to clean them from useless lines.
I found only for windows but I would like to check from router as well!
Still searching for such script.

You need something like this and edit it further for your own use case:

https://github.com/funilrys/PyFunce...availability-or-syntax-of-domains-ipv4-or-url

 

[Mircica]

During the blocking file update it would report to the Syslog if one of the remote files failed. That includes hosted white, black and wildcard blacklist.

Where I can find this?
My personal blacklist is over 1,7MB but I've noticed some hosts are no longer available so, how do I clean this if blocking is active and ping not available?

 

[Mircica]

Found a solution:
1. Go to here:
https://www.coretechnologies.com/products/http-ping/
and download http-ping.exe
2. Find a good SSL proxy, there are plenty at www.aliveproxy.com, just grab one!
3. Then go to:
http://www.bonusbits.com/wiki/HowTo:Use_Ping_List_Batch_Script
and download th script!

Now instead of "ping".exe (you can't ping through proxy/tunnel) use ["http-ping".exe] and you can verify every line of your block/white list properly even if those are blocked in Diversion!

To do so just modify the line 43 (Notepad++) as I have done it before:

Line 43: http-ping -n 1 -w 500 -ipv4 -p http://SSL-Site:Port %1 > pinglog

Enjoy!
Grab a beer in the meantime because it will take some time, a lot if list is large enough...

P.S.: For more command line options see here:
https://www.coretechnologies.com/products/http-ping/#usage
Feel free to ask more info if necessary!

 

[bluepoint]

It appears the “frogeye” list mentioned above may be included in the “large” Diversion blocking list - hosts.oisd.nl. ??
If I’m understanding correctly.......

What made you think about that? Just curious cause I have frogeye's tracking and oisd.nl customized and the total is larger than just oisd. In fact, with frogeye I have to whitelist 8 Microsoft domains as it blocks Windowsupdate and Office updates. The author doesn't seems to like MS.

 

[Treadler]

I think he wants to flood his upstream DNS servers with queries to ensure all blocked domains in the lists return an IP (and not NXDOMAIN). Try that with hosts.oisd.nl!

Chuckle. Might cause a break out of perspiration on the relevant client.

 

[Treadler]

What made you think about that? Just curious cause I have frogeye's tracking and oisd.nl customized and the total is larger than just oisd. In fact, with frogeye I have to whitelist 8 Microsoft domains as it blocks Windowsupdate and Office updates. The author doesn't seems to like MS.

I think you’re correct. I chose a random domain from the frogeye list & checked to see if it was on the Oisd.nl list. It wasn’t. So, please ignore my previous post, I was obviously imagining stuff!

 

[jadog]

Great job with Diversion! It's great to see it continually progressing. One question I have though is, when I do a google search and the promoted ad links appear from Amazon, Walmart, etc, I click on one because it is something I want to view and it is blocked and the webpage simply shows "Secure Connection Failed" in Chrome and "Your connection is not private" in Firefox.

My wife and kids especially find this annoying. If I want these links to be useful, then have to whitelist the below:

googleadservices.com
www.googleadservices.com
clickserve.dartsearch.net
dartsearch.net
www.dartsearch.net
ad.doubleclick.net

Is this the expected or is there a better way to handle this?

 

[Mutzli]

My wife and kids especially find this annoying. If I want these links to be useful, then have to whitelist the below:

googleadservices.com
www.googleadservices.com
clickserve.dartsearch.net
dartsearch.net
www.dartsearch.net
ad.doubleclick.net

Is this the expected or is there a better way to handle this?

Your listed web sites are the biggest tracking sites. I personally wouldn't allow any of these trackers. Are you using pixelserv -tls with Diversion? If so, did you load the pixelserv certificate on the devices that show this message?

 

[jadog]

Yes, I use pixelserv-tls and loaded the certificate on all my devices. Are you saying that this behavior shouldn't be happening?

 

[Stevens243]

Yes, I use pixelserv-tls and loaded the certificate on all my devices. Are you saying that this behavior shouldn't be happening?

He is saying that the blocking is a feature, not a bug and that you likely don't want to change it.

 

[dave14305]

Yes, I use pixelserv-tls and loaded the certificate on all my devices. Are you saying that this behavior shouldn't be happening?

Firefox has a separate certificate store than Windows. Did you install it in both places?

 

[jadog]

Firefox has a separate certificate store than Windows. Did you install it in both places?

Yes, I installed in Firefox previously by visiting http://pixelserv ip/ca.crt. And I replaced the pixelserv ip with the actual IP address of pixelserv. I just tried it again and got the message "This certificate is already installed as a certificate authority."

Can anybody else confirm they also get the same behavior when clicking the sponsored links? I love that it blocks the add images, but if it's going to leave a link for me, it seems this should be one that can resolve.

 

[dave14305]

Yes, I installed in Firefox previously by visiting http://pixelserv ip/ca.crt. And I replaced the pixelserv ip with the actual IP address of pixelserv. I just tried it again and got the message "This certificate is already installed as a certificate authority."

Can anybody else confirm they also get the same behavior when clicking the sponsored links? I love that it blocks the add images, but if it's going to leave a link for me, it seems this should be one that can resolve.

I didn't see that behavior on my Firefox (I disabled uBlock Origin and FF Enhanced Tracking protection to make sure only Diversion was blocking). I got a blank page with the Pixelserv favicon in the tab after clicking one of the router ads. No warnings.

 

[thelonelycoder]

Yes, I installed in Firefox previously by visiting http://pixelserv ip/ca.crt. And I replaced the pixelserv ip with the actual IP address of pixelserv. I just tried it again and got the message "This certificate is already installed as a certificate authority."

Can anybody else confirm they also get the same behavior when clicking the sponsored links? I love that it blocks the add images, but if it's going to leave a link for me, it seems this should be one that can resolve.

After the first message, try reloading that webpage again, the security issue message might be gone then.

For each new requested https website that is blocked, pixelserv-tls has to generate a persistent domain certificate (that's what I named it in Diversion). Subsequent requests to that domain will then no longer trigger that "warning".

 

[jadog]

After the first message, try reloading that webpage again, the security issue message might be gone then.

For each new requested https website that is blocked, pixelserv-tls has to generate a persistent domain certificate (that's what I named it in Diversion). Subsequent requests to that domain will then no longer trigger that "warning".

Reloading didn't make a difference for me. Ok, so step by step for what I'm doing.

1. Point my browser to google.
2. Search for asus rt-ac88u
3. Click on the sponsored link for Amazon - it works fine. Same for Walmart.
4. When I click on the link for Newegg, it shows the previously mentioned error message.

I just tried it in Chrome and the message is slightly different than with Firefox.

 

[Davidncali001]

I just did an M&M reset on RMerlin's 384.13 firmware and added Jack Yaz's uiDivStats so I can see blocked domains in the routers GUI.

I've been using Diversion and uiDivStats for a long time and never seen the entry that keeps popping up and growing. It's DHCPREQUEST(br0).

I don't believe it's supposed to be there as I have never seen it before. Anyone have any ideas what it is and how to stop it from being in my top 10 requested domains list?

attached a photo:

 

[PeterR]

Reloading didn't make a difference for me. Ok, so step by step for what I'm doing.

1. Point my browser to google.
2. Search for asus rt-ac88u
3. Click on the sponsored link for Amazon - it works fine. Same for Walmart.
4. When I click on the link for Newegg, it shows the previously mentioned error message.

I just tried it in Chrome and the message is slightly different than with Firefox.

Read this webpage https://github.com/kvic-z/pixelserv...-the-CA-Certificate#prepare-your-root-ca-cert

 

[jadog]

Read this webpage https://github.com/kvic-z/pixelserv...-the-CA-Certificate#prepare-your-root-ca-cert

Yes, I did all that. Should I re-create the CA cert?