Diversion Diversion - the Router Ad-Blocker

[Rhialto]

Is there a way to have stats at the top updated for each page refresh instead of having to press ac each time?

 

[bitmonster]

And can the log tail be filtered for just blocks or can I just run tail itself with an appropriate flag...

Wouldn't systems just cache DNS so let a lot through and should all DNS caches be flushed or what

Sent from my SM-G965F using Tapatalk

 

[Rhialto]

And can the log tail be filtered for just blocks or can I just run tail itself with an appropriate flag...

Yeah I just installed it (finally, I know) and while it is cool to follow the dnsmasq.log file in realtime, I would also like the option to only see the red lines show up. Is that possible?

 

[bitmonster]

I'm thinking running Tail itself on the log file with a filter or filters, grep or something..

Sent from my SM-G965F using Tapatalk

 

[bitmonster]

tail -f logfile | grep <string> works where <string> = block but not blocked, for some reason. I would also like to see the line before it for the source.

e.g

cat /opt/var/log/dnsmasq.log | grep block

works but not if I use 'blocked'.. Same with Tail

Sep 29 17:14:50 dnsmasq[5016]: /opt/share/diversion/list/blockinglist ssl.google-analytics.com is 192.168.2.2
Sep 29 17:14:53 dnsmasq[5016]: /opt/share/diversion/list/blockinglist ssl.google-analytics.com is 192.168.2.2
Sep 29 17:14:54 dnsmasq[5016]: /opt/share/diversion/list/blockinglist www.google-analytics.com is 192.168.2.2
Sep 29 17:15:18 dnsmasq[5016]: /opt/share/diversion/list/blockinglist settings.crashlytics.com is 192.168.2.2

 

[tomsk]

tail -f logfile | grep <string> works where <string> = block but not blocked, for some reason. I would also like to see the line before it for the source.

e.g

cat /opt/var/log/dnsmasq.log | grep blockcat /opt/var/log/dnsmasq.log | grep block

works but not if I use 'blocked'..

Sep 29 17:14:50 dnsmasq[5016]: /opt/share/diversion/list/blockinglist ssl.google-analytics.com is 192.168.2.2
Sep 29 17:14:53 dnsmasq[5016]: /opt/share/diversion/list/blockinglist ssl.google-analytics.com is 192.168.2.2
Sep 29 17:14:54 dnsmasq[5016]: /opt/share/diversion/list/blockinglist www.google-analytics.com is 192.168.2.2
Sep 29 17:15:18 dnsmasq[5016]: /opt/share/diversion/list/blockinglist settings.crashlytics.com is 192.168.2.2

if you turn on the log-queries=extra dnsmasq setting using the ds function in diversion , the query and subsequent responses are all tied together with a number...... a bit of scripting might be able to make use of that ( the 8196 ties the two entries in the example below)

Sep 29 05:30:10 dnsmasq[1164]: 8196 10.10.10.150/36629 query[A] ssl.google-analytics.com from 10.10.10.150
Sep 29 05:30:10 dnsmasq[1164]: 8196 10.10.10.150/36629 /opt/share/diversion/list/blockinglist ssl.google-analytics.com is 10.10.10.3

 

[thobux]

I wonder why I get doubleclick.net ads. The domain is blacklisted? Any idea?

 

[bitmonster]

if you turn on the log-queries=extra dnsmasq setting using the ds function in diversion , the query and subsequent responses are all tied together with a number...... a bit of scripting might be able to make use of that

Good points . Scripting probably could, and also be able to help identify individual device's.

 

[chewy74]

Is there a way to change the port used by pixelserv-tls? I use the aicloud app and it limits its functionality. There's no option in the app to change its port to the 9443 .. So I want to change the pixelserv-tls to that instead

Thanks

 

[kvic]

Good points . Scripting probably could, and also be able to help identify individual device's.

Allow me to spoil the party a bit.

There is excellent data: client ip & port that makes ad request, blocked domain name as well as the complete URL and much more from pixelserv-tls logging.

If you’re going to come up with a simple script, I would say it’s better to tap in pixelserv-tls log instead. Could start as a simple standalone script. Later if u want, modify a bit as diversion “plugin”

I would think that’s a much interesting project. good news is that the coming pixelserv-tls 2.2 release will have negligible impact on speed in serving empty ads with excessive lighting turned on!

 

[kvic]

Is there a way to change the port used by pixelserv-tls? I use the aicloud app and it limits its functionality. There's no option in the app to change its port to the 9443 .. So I want to change the pixelserv-tls to that instead

Thanks

once you move pixelserv-tls away from port 443, you cripple a large portion of its functionality. almost all clients and websites are programmed to talk to their real servers on port 443. That’s where pixelserv-tls should listen.

I don’t know how other aicloud users solve this problem. Perhaps someone have convoluted iptables rules to workaround it. You never know!

 

[tomsk]

you can change the Aicloud web access port in the settings tab of the UI

 

[chewy74]

you can change the Aicloud web access port in the settings tab of the UI

Dammit .. I was looking in the wrong settings for it and it was right in front of my face the whole time

Thanks for the help

 

[sentinelvdx]

Is there a way to change the port used by pixelserv-tls? I use the aicloud app and it limits its functionality. There's no option in the app to change its port to the 9443 .. So I want to change the pixelserv-tls to that instead

Thanks

Move AiCloud to 444, I did it that way to let pixelserv-tls work better with websites

Sent from S.G. S9+ Duos

 

[kvic]

you can change the Aicloud web access port in the settings tab of the UI

That's very good news. Thanks for chime in.

I never used AiCloud and haven't logged in WebGUI for a very long time. And I'm stuck on 380.66 FW.

And I don't want to appear like no empathy as apparently I saw @chewy74's question. So in future people pls be understandable that I'm not in a best position to answer..not that I don't answer questions..

 

[sentinelvdx]

I'm setting up e-mail notifications in diversion and found that now asks on one setting "ssl flag" what should I put there for yahoo?

Sent from S.G. S9+ Duos

 

[Bionikle]

hi,
I have a hard disk with ntfs file system connected to the usb, can I install diversion on a small ext2 partition?

thank you so much!

 

[M@rco]

I have a hard disk with ntfs file system connected to the usb, can I install diversion on a small ext2 partition?

Yes, you can.

 

[bitmonster]

Does using a custom DNS such as Google or Comodo break Diversion? I tried using Google and then Comodo DNS and then Diversion seemed to stop working with lots of 'bogus' and 'insecure response received' messages throughout the log, and Pi ad-block tester said no ad blocking was in place.

Restored back to ISP DNS and rebooted the router and seems ok now.

Has anyone set up Google or Comodo or other secure DNS on this?

I would like dual layer protection - Diversion, and then something like Comodo to protect from malicious sites.

Or would I just be better off running Skynet and blocking at the router level if freely available blocking lists are available? I just like the reporting dashboard on Comodo, although it is of course a privacy concern with the service being 'free' (and we all know what 'free' means online).

 

[bitmonster]

Seems working now, I also now have Skynet running which when going back in to Diversion prompted me to update the lists or something (done).
So now if I can enable a secure DNS server (recommendations welcome) I presume I will be about as secure as one can be on this router.

When I enable DNSSEC support though pages stop working (stalls, no loading) and the log fills with 'insecure response received' and 'bogus' error. Works ok again when disabling DNSSEC.

Tried again with Cloudflare 1.1.1.1 DNS (DNSSEC / rebind protection) and again Diversion broke - ad-block testers showing 'no ad protection'.

Am I doing something wrong around setting up a custom DNS Server? When I restore to my ISP DNS it works ok (no DNSSEC / rebind protection).