Diversion Diversion - the Router Ad-Blocker

[thelonelycoder]

I'm setting up an Asus AC66u B1 with Merlin at my brothers house.
I will need DoT with CF and Diversion.
I only used Pinhole for adblocking. Considering to abandon Pihole and use Diversion. How do I add Pihole blocklists to Diversion? Is there a way to convert these lists to Diversion format? Thanks

In Pi-hole, copy the URLs under Settings / Blocklist one by one into Diversion b, 1, 2 (Customize hosts list).
Note that Diversion ONLY supports hosts lists, NO domain-only lists like Pi-hole does.
As of Diversion 4.1.7, domain lists are now supported.
See https://diversion.ch/diversion/use/blocking-file-hosts-files.html

To test if a hosts file URL works, add it to the customized hosts list and run the blocking list update verbose with b, 4. It will say something like 'URL not hosts file'.

 

[SomeWhereOverTheRainBow]

I'm setting up an Asus AC66u B1 with Merlin at my brothers house.
I will need DoT with CF and Diversion.
I only used Pinhole for adblocking. Considering to abandon Pihole and use Diversion. How do I add Pihole blocklists to Diversion? Is there a way to convert these lists to Diversion format? Thanks

I see you don't like pihole ? why are you using pinhole?

Most list links can be simply copied over as @thelonelycoder prescribes if you need to place domains on diversion "some" are supported as they can be used as wildcard blacklist domains, where they have more than one type of sub domain up under the same domain, but you are limited to 1000, choose carefully.

 

[szimat]

I see you don't like pihole ? why are you using pinhole?

Most list links can be simply copied over as @thelonelycoder prescribes if you need to place domains on diversion "some" are supported as they can be used as wildcard blacklist domains, where they have more than one type of sub domain up under the same domain, but you are limited to 1000, choose carefully.

Many thanks! Is there a way to convert these lists to Diversion compatible? Like and Adblock Plus list?

 

[SomeWhereOverTheRainBow]

Many thanks! Is there a way to convert these lists to Diversion compatible? Like and Adblock Plus list?

if you know how to parse those list using python scripts or sed, cat, awk, gawk, grep, or print to make it a host file that is compatible then yes, but then you still have to devise a way to host it and re-download it into diversion, unless you know about running custom scripts in which case you can make your own host file. then those list also have to have something you are able to extract to a host file, if they don't then you are out of luck. This is why @thelonelycoder does not have diversion setup to do it, because most of the list you will ever need are already compiled into a host format. all the straggler list usually are already included in one of the bigger host files.

 

[thelonelycoder]

Many thanks! Is there a way to convert these lists to Diversion compatible? Like and Adblock Plus list?

Diversion only works with proper hosts files, Adblock plus or Ublock filter lists DO NOT work in Diversion, again please read https://diversion.ch/diversion/use/blocking-file-hosts-files.html.
As of Diversion 4.1.7, domain lists are now supported.

 

[szimat]

if you know how to parse those list using python scripts or sed, cat, awk, gawk, grep, or print to make it a host file that is compatible then yes, but then you still have to devise a way to host it and re-download it into diversion, unless you know about running custom scripts in which case you can make your own host file. then those list also have to have something you are able to extract to a host file, if they don't then you are out of luck. This is why @thelonelycoder does not have diversion setup to do it, because most of the list you will ever need are already compiled into a host format. all the straggler list usually are already included in one of the bigger host files.

No, I'm not good enough to do that.
I will see how the Diversion lists work, compared to Pihole I have at home. I red everything about it.
I have some Hungarian specific ads to block, so guess I can add those manually.
Btw, should I use the biggest list?

 

[Treadler]

No, I'm not good enough to do that.
I will see how the Diversion lists work, compared to Pihole I have at home. I red everything about it.
I have some Hungarian specific ads to block, so guess I can add those manually.
Btw, should I use the biggest list?

I use the biggest list, works fine.

 

[nitro001]

Quick question. I am running diversion, and pixelserv on an AC-3100. Right now it is on a USB 3.1-enabled thumb drive, but I am only utilizing the USB 2.0 port.
I understand there is quite a speed difference in the two; but I wasn't sure for the type of activity that diversion or pixelserv is doing if that would make a difference or not.
I also know there has been some indicators on the forums of USB 3.0 interference with the 2.4GHz band in some situations.

Has anyone utilized diversion and pixelserv on USB 2 then changed to USB 3 and saw any changes? If so, did you also experience additional interference?

 

[thelonelycoder]

Quick question. I am running diversion, and pixelserv on an AC-3100. Right now it is on a USB 3.1-enabled thumb drive, but I am only utilizing the USB 2.0 port.
I understand there is quite a speed difference in the two; but I wasn't sure for the type of activity that diversion or pixelserv is doing if that would make a difference or not.
I also know there has been some indicators on the forums of USB 3.0 interference with the 2.4GHz band in some situations.

Has anyone utilized diversion and pixelserv on USB 2 then changed to USB 3 and saw any changes? If so, did you also experience additional interference?

You will not notice any difference. But if you want to try, use a short USB 3 cable to attach the thumb drive to the router. I do that on my routers.

 

[thelonelycoder]

Two spoilers, coming with the next Diversion update, no ETA as of yet.
Consider this a XMAS gift for those literally screaming at me to add support for these features.

1:

processing file 4 of 6
 remote file same: using local hosts file
 https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
 file is in hosts file format (IP-domain pair)
 processing file 4 done

 processing file 5 of 6
 remote file same: using local hosts file
 https://mirror1.malwaredomains.com/files/justdomains
 file is in domain only format
 processing file 5 done

2:
- New option to update the blocking list once (standard) or twice a week in b, 3.

 

[cmkelley]

2) Enable SSH: LAN + WAN

DO NOT DO THIS!!! Do not allow SSH access from the WAN. LAN, yes, you need to to be able to SSH into your router, but WAN, absolutely not. Enable SSH should be set to 'LAN only'

The router's implementation of SSH (dropbear) has a history of vulnerabilities. The only secure way to access your router remotely is through an OpenVPN connection, preferably using a shared key (not password) system.

 

[Mutzli]

Two spoilers, coming with the next Diversion update, no ETA as of yet.
Consider this a XMAS gift for those literally screaming at me to add support for these features.

1:

processing file 4 of 6
 remote file same: using local hosts file
 https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
 file is in hosts file format (IP-domain pair)
 processing file 4 done

 processing file 5 of 6
 remote file same: using local hosts file
 https://mirror1.malwaredomains.com/files/justdomains
 file is in domain only format
 processing file 5 done

2:
- New option to update the blocking list once (standard) or twice a week in b, 3.

Fantastic news!

 

[thelonelycoder]

Diversion 4.1.7 is now available

What's new in Diversion 4.1.7
- Fixes double entry of cache-size in alternate-bf.conf with alternate blocking file enabled. Thanks @SomeWhereOverTheRainBow for reporting.
- Reverts pixelserv-tls root CA key size generation from 2048 to 1024 bit, as recommended by @kvic. This only applies for new installations or when the root CA is regenerated in ep.
- Statistics compilation fix (same as in uiDivStats). Thanks @dave14305 for your contribution.
- Prevents duplicate dnsmasq.conf entries (bogus-priv and domain-needed). Thanks @Jumpstarter for reporting.
- Fix for when following the logfile in f, lines are incorrectly highlighted as blocked. Thanks @relic for reporting.
- New follow the logfile option in f to filter blocked domains by a device IP address. Thanks @Asad Ali for the suggestion.
- New option to update the blocking list once (standard) or twice a week in b, 3.
- Adds support for domain only hosts list beside the "IP domain" pair hosts files, just as Pi-hole does
- The email password is now encrypted and stored as emailpw.enc in the Diversion .conf folder. Passwords may now contain special characters without escaping. Thanks @AurelM for triggering this overdue change.

Note, if you've used special characters in the password and have manually escaped them in the email.conf file, set your password again after updating Diversion in c, 5, then send a test email.

How to update
Use u to update to this latest version.

 

[Treadler]

Diversion 4.1.7 is now available

What's new in Diversion 4.1.7
- Fixes double entry of cache-size in alternate-bf.conf with alternate blocking file enabled. Thanks @SomeWhereOverTheRainBow for reporting.
- Reverts pixelserv-tls root CA key size generation from 2048 to 1024 bit, as recommended by @kvic. This only applies for new installations or when the root CA is regenerated in ep.
- Statistics compilation fix (same as in uiDivStats). Thanks @dave14305 for your contribution.
- Prevents duplicate dnsmasq.conf entries (bogus-priv and domain-needed). Thanks @Jumpstarter for reporting.
- Fix for when following the logfile in f, lines are incorrectly highlighted as blocked. Thanks @relic for reporting.
- New follow the logfile option in f to filter blocked domains by a device IP address. Thanks @Asad Ali for the suggestion.
- New option to update the blocking list once (standard) or twice a week in b, 3.
- Adds support for domain only hosts list beside the "IP domain" pair hosts files, just as Pi-hole does
- The email password is now encrypted and stored as emailpw.enc in the Diversion .conf folder. Passwords may now contain special characters without escaping. Thanks @AurelM for triggering this overdue change.

Note, if you've used special characters in the password and have manually escaped them in the email.conf file, set your password again after updating Diversion in c, 5, then send a test email.

How to update
Use u to update to this latest version.

Many thanks!

I have updated, but pixelserv is still showing as v2.3.0.
Should it be v2.3.1 as per your screen shot, or do I have to purge/re-generate certificate to make that happen?

 

[thelonelycoder]

Many thanks!

I have updated, but pixelserv is still showing as v2.3.0.
Should it be v2.3.1 as per your screen shot, or do I have to purge/re-generate certificate to make that happen?

You'll have to wait until the Entware team releases the new version.

 

[Makaveli]

You'll have to wait until the Entware team releases the new version.

Or he can follow the instructions that were posted and update it manually.

Something I will be doing myself later this week.

 

[Treadler]

Or he can follow the instructions that were posted and update it manually.

Something I will be doing myself later this week.

I tried that, broke pixelserv, it wouldn’t restart.
Obviously I did something untoward.......
My skill level with router inner workings is basic to say the least.

I ended up having to uninstall Diversion & start all over again to get everything happy.

 

[Makaveli]

I tried that, broke pixelserv, it wouldn’t restart.
Obviously I did something untoward.......
My skill level with router inner workings is basic to say the least.

I ended up having to uninstall Diversion & start all over again to get everything happy.

Thanks for the heads up I will see how it goes when I give it a try. That won't be until Xmas break though, no rush for me since there are no iOS devices in my environment.

 

[Butterfly Bones]

Thanks for the heads up I will see how it goes when I give it a try. That won't be until Xmas break though, no rush for me since there are no iOS devices in my environment.

I did it the day it released, thanks to DonnyJohnny with no issues. I have iOS, macOS, and my main computer is Ubuntu Linux, all need the update. So my screenshot is cool too, like the one from thelonelycoder.

 

[Makaveli]

I did it the day it released, thanks to DonnyJohnny with no issues. I have iOS, macOS, and my main computer is Ubuntu Linux, all need the update. So my screenshot is cool too, like the one from thelonelycoder.

Ubuntu is affected by this also?

I have a laptop with it and didn't notice any issues while on previous versions