What's new
  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

And I converted my 4K+ hosts list to just 549 WildCard entries and me and my router are both happy and ads-free [emoji1787][emoji1787][emoji1787]

I’ve realised that’s what I’ve been slowly doing over time too; converting hosts list domains to more and more wild card entries. Heck, even ended up blocking whole TLDs and except for the occasional whitelist addition, things have been working great.
What’s the official word on too many domains being....umm, too many?
 
And I converted my 4K+ hosts list to just 549 WildCard entries and me and my router are both happy and ads-free [emoji1787][emoji1787][emoji1787]

I block *a lot* of porn sites, I have nieces and nephews come over, so I try to block as much rubbish as possible. I also block as many tracking domains as I reasonably can.

I may use Wildcard entries more in the future though.
 
Last edited:
The general consensus in the scripting community may be to check for the linked path before creating your link.
Code:
 [ -d /opt/sbin ] && ln -sf "{{.Executable}}" "/opt/sbin/{{.Name}}"
I think you might be still risking a conflict by referring to /tmp/opt/sbin.
You might be right, as NextDNS 1.4.27 unfortunately still broke Diversion/Entware at reboot.

@Olivier Poitrey Can you please have a look?
 
I took some hosts lists from NextDNS and now have 1.999Million domains in Diversion lol
uxqMGYt.png
another weird number
upload_2020-2-3_4-39-23.png

upload_2020-2-3_4-39-59.png

upload_2020-2-3_4-43-16.png
 

Attachments

  • upload_2020-2-3_4-38-53.png
    upload_2020-2-3_4-38-53.png
    19.5 KB · Views: 156
It is just pre-compiled from several sources that are known not to break anything, I white list as needed. This has a mixture of places that has ads,malware, and trackers. I will update once a week.
if a site is safe and it's on the list should I add it to white list or report it somewhere?
 
Yea and Diversion isn't why i am idling at 83 percent. ;) i idle between 70 and 73 with diversion and I have "my stuffs" turned off.

I also run an OpenVPN profile (ExpressVPN) 99% of the time, I don't appear to have any issue with the router/RAM (touch wood).
 
I block *a lot* of porn sites, I have nieces and nephews come over, so I try to block as much rubbish as possible. I also block as many tracking domains as I reasonably can.

I may use Wildcard entries more in the future though.


Spoil sport. [emoji3]
 
What’s the official word on too many domains being....umm, too many?

Well, I prefer quality over quantity. A carefully curated list depending on your network needs is way better than bulk blocking of millions of entries which I'm pretty sure 80-90% of it won't even get used on a daily basis and it'll just stay there consuming precious router resources day and night.
 
Did the upgrade update the init script correctly so the symlink creation is no longer there?
That's indeed gone from /jffs/nextdns/nextdns.init.

I'm not sure what happened then. Will see at the next reboot (when new beta/final firmware arrives).
 
@dave14305 I guess then I'm Microsoft-y through and through as I reboot many systems daily. Whether or not they're Windows-based. :)
 
Forgive me is this has already been answered (I've read every single page of this thread but my memory is not great). Back when the 2.3.x work around versions came out for the new iOS versions I thought I remember seeing some instructions to remove and recreate certs. And then also there was some talk on how to handle this on clients. Is there anything I need to do with pixelserv-tls or my Android clients when upgrading to the official 2.3.1? Thanks!

Edit: I have some regular iPhone users. I have not had them add the cert in the past. Do I need to do anything special in Diversion before having them import the cert once 2.3.1 is installed?
 
Last edited:
@doczenith1, if you followed this post,

https://www.snbforums.com/threads/diversion-the-router-ad-blocker.48538/page-253#post-546210

Then verified that the pixelserv-tls compiled date is January 31, 2020 (and not December 19, 2019) in the GUI (if using uiDivStats),

https://www.snbforums.com/threads/p...server-for-adblock.26114/page-168#post-546289

And, if it's not on that version, the only way I got it to upgrade was by using this post by @martinr,

https://www.snbforums.com/threads/diversion-the-router-ad-blocker.48538/page-254#post-546433

And then uninstalling and then re-installing diversion and letting it use the backup file created above. :)

Finally, at this point, repeat what @thelonelycoder recommended (first link above) and then import the newly created ca.crt file into your devices.

Whew! :D

Looking forward to being corrected as needed! :)
 
@doczenith1, if you followed this post,

https://www.snbforums.com/threads/diversion-the-router-ad-blocker.48538/page-253#post-546210

Then verified that the pixelserv-tls compiled date is January 31, 2020 (and not December 19, 2019) in the GUI (if using uiDivStats),

https://www.snbforums.com/threads/p...server-for-adblock.26114/page-168#post-546289

And, if it's not on that version, the only way I got it to upgrade was by using this post by @martinr,

https://www.snbforums.com/threads/diversion-the-router-ad-blocker.48538/page-254#post-546433

And then uninstalling and then re-installing diversion and letting it use the backup file created above. :)

Finally, at this point, repeat what @thelonelycoder recommended (first link above) and then import the newly created ca.crt file into your devices.

Whew! :D

Looking forward to being corrected as needed! :)

Perhaps I didn't phrase my question very well. I have just yesterday upgraded to 2.3.1 without issue (from the previous entware version 2.2.1 I think?). My concern was whether or not I need to do anything special with the certs whether on my router and/or client devices.

Sounds like I need to ep 3 2 to re-generate the certificate? And then do I delete the current cert off clients first before importing the new cert or does it overwrite the old cert. Again, I apologize as I do remember seeing this info a while back but I can't even imagine what to search for to find my answers without returning many, many hits in this very large thread.
 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top