That will work perfect and it's exactly what I need. I'm unclear how this is different than what Diversion Pro would offer.
Diversion Diversion - the Router Ad-Blocker
- Thread starter thelonelycoder
- Start date
That will work perfect and it's exactly what I need. I'm unclear how this is different than what Diversion Pro would offer.
JacquesR
Regular Contributor
Once Diversion Pro is released, and we have any information about it, this would presumably become clear.
Hi there,
I'm seeing these lines in my filtered log:
blocked by wildcard-blacklist c4a61d1d-3bff-a2b0-1cd5-1b07773c88ca.local
blocked by wildcard-blacklist creeper24.local
and more. basically every machine from my local network gets blocked and I get 0.0.0.0 IP as the response from my router, but nslookup to for example creeper24.local works
update:
when I read the Unfiltered log, I'm seeing this (not related exactly to the excerpt above):
Oct 13 20:51:31 dnsmasq[1048]: query[AAAA] SEkodril.local from 10.0.0.4
Oct 13 20:51:31 dnsmasq[1048]: blocked by wildcard-blacklist SEkodril.local is NODATA-IPv6
Oct 13 20:47:30 dnsmasq[1048]: query[AAAA] SEkodril.local from 10.0.0.4
Oct 13 20:47:30 dnsmasq[1048]: blocked by wildcard-blacklist SEkodril.local is NODATA-IPv6
is this just some log entry saying that IPV6 is disabled? Can I ignore these?
thanks
latest clean install, everything up to date (13th of October 2018), wc_blacklist and blacklist files are empty.
I'm seeing these lines in my filtered log:
blocked by wildcard-blacklist c4a61d1d-3bff-a2b0-1cd5-1b07773c88ca.local
blocked by wildcard-blacklist creeper24.local
and more. basically every machine from my local network gets blocked and I get 0.0.0.0 IP as the response from my router, but nslookup to for example creeper24.local works
update:
when I read the Unfiltered log, I'm seeing this (not related exactly to the excerpt above):
Oct 13 20:51:31 dnsmasq[1048]: query[AAAA] SEkodril.local from 10.0.0.4
Oct 13 20:51:31 dnsmasq[1048]: blocked by wildcard-blacklist SEkodril.local is NODATA-IPv6
Oct 13 20:47:30 dnsmasq[1048]: query[AAAA] SEkodril.local from 10.0.0.4
Oct 13 20:47:30 dnsmasq[1048]: blocked by wildcard-blacklist SEkodril.local is NODATA-IPv6
is this just some log entry saying that IPV6 is disabled? Can I ignore these?
thanks
latest clean install, everything up to date (13th of October 2018), wc_blacklist and blacklist files are empty.
thelonelycoder
Part of the Furniture
Nothing to worry about, the "unfiltered" log text is modified for simpler reading in Diversion.
Your local machines are not blocked.
To eliminate that glitch I need you to post the content of the /etc/dnsmasq.conf file. Use sf in Diversion to show the file.
Also, how and where did you add the local names in the router WebUI?
Thanks.
thanks for the reply,
dnsmasq.conf content (removed mac addresses to shorten the list):
cannot paste it, cloudflare thinks I'm doing some kind of DDOS attack .. will try to post it here per partes
The local names were added in LAN > DHCP Server > Manually Assigned IP around the DHCP list
some of the names were also changed in the Network Map client list (View List button).
IPv6 support is disabled
dnsmasq.conf content (removed mac addresses to shorten the list and replaced slash / with <>, hope it's readable. with / I could not send a reply):
START FILE, --- lines are not part of file
---------------------------------------------------
pid-file=<>var<>run<>dnsmasq.pid
user=nobody
bind-dynamic
interface=br0
interface=pptp*
no-dhcp-interface=pptp*
no-resolv
servers-file=<>tmp<>resolv.dnsmasq
no-poll
no-negcache
cache-size=1500
min-port=4096
domain=local
expand-hosts
bogus-priv
domain-needed
local=<>local<>
dhcp-range=lan,10.0.0.100,10.0.0.200,255.255.255.0,86400s
dhcp-option=lan,3,10.0.0.1
dhcp-option=lan,15,local
dhcp-option=lan,44,10.0.0.1
dhcp-option=lan,252,"<>n"
dhcp-authoritative
interface=tun21
interface=tun22
addn-hosts=<>etc<>hosts.dnsmasq
dhcp-host=AB:CD:EF:01:12:23,10.0.0.2
... more dhcp-host entries deleted...
dhcp-name-match=set:wpad-ignore,wpad
dhcp-ignore-names=tag:wpad-ignore
# start of Diversion directives #
address=<>0.0.0.0<>0.0.0.0
ptr-record=0.0.0.0.in-addr.arpa,0.0.0.0
addn-hosts=<>opt<>share<>diversion<>list<>blacklist
addn-hosts=<>opt<>share<>diversion<>list<>blockinglist
log-async
log-queries
log-facility=<>opt<>var<>log<>dnsmasq.log
# end of Diversion directives #
---------------------------------------------------
END FILE
START FILE, --- lines are not part of file
---------------------------------------------------
pid-file=<>var<>run<>dnsmasq.pid
user=nobody
bind-dynamic
interface=br0
interface=pptp*
no-dhcp-interface=pptp*
no-resolv
servers-file=<>tmp<>resolv.dnsmasq
no-poll
no-negcache
cache-size=1500
min-port=4096
domain=local
expand-hosts
bogus-priv
domain-needed
local=<>local<>
dhcp-range=lan,10.0.0.100,10.0.0.200,255.255.255.0,86400s
dhcp-option=lan,3,10.0.0.1
dhcp-option=lan,15,local
dhcp-option=lan,44,10.0.0.1
dhcp-option=lan,252,"<>n"
dhcp-authoritative
interface=tun21
interface=tun22
addn-hosts=<>etc<>hosts.dnsmasq
dhcp-host=AB:CD:EF:01:12:23,10.0.0.2
... more dhcp-host entries deleted...
dhcp-name-match=set:wpad-ignore,wpad
dhcp-ignore-names=tag:wpad-ignore
# start of Diversion directives #
address=<>0.0.0.0<>0.0.0.0
ptr-record=0.0.0.0.in-addr.arpa,0.0.0.0
addn-hosts=<>opt<>share<>diversion<>list<>blacklist
addn-hosts=<>opt<>share<>diversion<>list<>blockinglist
log-async
log-queries
log-facility=<>opt<>var<>log<>dnsmasq.log
# end of Diversion directives #
---------------------------------------------------
END FILE
thelonelycoder
Part of the Furniture
OK, that's enough infos for me. Will get to it asap.
maybe this helps, I'm getting these too:
note the NODATA-IPv6 and NXDOMAIN replies. looks like my Mac tries both IPv6 and IPv4. Not sure what c4a61d1d-3bff-a2b0-1cd5-1b07773c88ca.local is tho
Oct 13 21:41:26 dnsmasq[16450]: query[AAAA] SEkodril.local from 10.0.0.4
Oct 13 21:41:26 dnsmasq[16450]: blocked by wildcard-blacklist SEkodril.local is NODATA-IPv6
Oct 13 21:41:26 dnsmasq[16450]: query[A] SEkodril.local from 10.0.0.4
Oct 13 21:41:26 dnsmasq[16450]: <>etc<>hosts.dnsmasq SEkodril.local is 10.0.0.51
Oct 13 21:41:28 dnsmasq[16450]: query[A] c4a61d1d-3bff-a2b0-1cd5-1b07773c88ca.local from 10.0.0.4
Oct 13 21:41:28 dnsmasq[16450]: blocked by wildcard-blacklist c4a61d1d-3bff-a2b0-1cd5-1b07773c88ca.local is NXDOMAIN
Oct 13 21:41:28 dnsmasq[16450]: query[AAAA] c4a61d1d-3bff-a2b0-1cd5-1b07773c88ca.local from 10.0.0.4
Oct 13 21:41:28 dnsmasq[16450]: blocked by wildcard-blacklist c4a61d1d-3bff-a2b0-1cd5-1b07773c88ca.local is NXDOMAIN
note the NODATA-IPv6 and NXDOMAIN replies. looks like my Mac tries both IPv6 and IPv4. Not sure what c4a61d1d-3bff-a2b0-1cd5-1b07773c88ca.local is tho
Oct 13 21:41:26 dnsmasq[16450]: query[AAAA] SEkodril.local from 10.0.0.4
Oct 13 21:41:26 dnsmasq[16450]: blocked by wildcard-blacklist SEkodril.local is NODATA-IPv6
Oct 13 21:41:26 dnsmasq[16450]: query[A] SEkodril.local from 10.0.0.4
Oct 13 21:41:26 dnsmasq[16450]: <>etc<>hosts.dnsmasq SEkodril.local is 10.0.0.51
Oct 13 21:41:28 dnsmasq[16450]: query[A] c4a61d1d-3bff-a2b0-1cd5-1b07773c88ca.local from 10.0.0.4
Oct 13 21:41:28 dnsmasq[16450]: blocked by wildcard-blacklist c4a61d1d-3bff-a2b0-1cd5-1b07773c88ca.local is NXDOMAIN
Oct 13 21:41:28 dnsmasq[16450]: query[AAAA] c4a61d1d-3bff-a2b0-1cd5-1b07773c88ca.local from 10.0.0.4
Oct 13 21:41:28 dnsmasq[16450]: blocked by wildcard-blacklist c4a61d1d-3bff-a2b0-1cd5-1b07773c88ca.local is NXDOMAIN
58chev
Regular Contributor
Just had time to upgrade Merlin to 384.7.
Reinstalled Diversion and now I get the following: Things are obviously not right. What do I need to do to fix it?
Reinstalled Diversion and now I get the following: Things are obviously not right. What do I need to do to fix it?
Code:
Oct 13 12:56:08 pixelserv-tls[22735]: pixelserv-tls 2.1.2 (compiled: Sep 8 2018 20:33:38) options: <none>
Oct 13 12:56:08 pixelserv-tls[22735]: Listening on :*:443
Oct 13 12:56:08 pixelserv-tls[22735]: Abort: Address already in use - :*:80
consorts
Senior Member
this post is more an observation not a complaint - because i'm new to host list keeping;
i have to change diversion from the default "standard" to the "small" blocking file.
the problem i had is with websights that seem to pass control to some
marketing entity that then passes you to your intended destination.
(basically you don't have the destination link handy, the passer does).
examples were: while logging into yahoo or aol, between the login screen and the home page,
i would get trapped in some full screen ad referrer and could not go any further.
some live stream websights kept reporting "certificate" issues
sale discussion and referral forums like slickdeals dot net where you click on a sales link and
may get passed between one or two pages of referral trackers before getting to the retail sight,
in this case again you'd get hung on a full page referral screen without any way to resolve it
because the original referral link you clicked on is so convoluted with weird syntax.
so i guess my question is; without doing a lot of white listing, are there custom set of lists
between small : standard : medium that i should be considering? or just leave it at small
and figure something is better than nothing...
i have to change diversion from the default "standard" to the "small" blocking file.
the problem i had is with websights that seem to pass control to some
marketing entity that then passes you to your intended destination.
(basically you don't have the destination link handy, the passer does).
examples were: while logging into yahoo or aol, between the login screen and the home page,
i would get trapped in some full screen ad referrer and could not go any further.
some live stream websights kept reporting "certificate" issues
sale discussion and referral forums like slickdeals dot net where you click on a sales link and
may get passed between one or two pages of referral trackers before getting to the retail sight,
in this case again you'd get hung on a full page referral screen without any way to resolve it
because the original referral link you clicked on is so convoluted with weird syntax.
so i guess my question is; without doing a lot of white listing, are there custom set of lists
between small : standard : medium that i should be considering? or just leave it at small
and figure something is better than nothing...
Last edited:
Protik
Senior Member
If you have AiCloud enabled, that has an IP of 192.168.*.2. So the IPs are conflicting. Either disable AiCloud or change pixelserv-tls IP.
Sent from my Moto G (5) Plus using Tapatalk
Sent from my Moto G (5) Plus using Tapatalk
Hi,
Maybe it was asked several times, but since I haven't found it yet I hope you can help me.
After I installed Diversion and pixelserv on my Asus RT-AC68U, all of my external VPN clients are no longer able to reach my VPN server (OpenVPN) running on the same Asus router... what is bad.
Since I need VPN running on my Asus router: How to solve that?
My VPN server is using port 1194.
Maybe it was asked several times, but since I haven't found it yet I hope you can help me.
After I installed Diversion and pixelserv on my Asus RT-AC68U, all of my external VPN clients are no longer able to reach my VPN server (OpenVPN) running on the same Asus router... what is bad.
Since I need VPN running on my Asus router: How to solve that?
My VPN server is using port 1194.
Xentrk
Part of the Furniture
I also use port 1194 with Diversion and never had an issue on four routers. Try turning off pixelserv and see what happens. Log in the system log for clues.
Compare settings with this post as well.
https://x3mtek.com/openvpn-server-setup-instructions-for-asuswrt-merlin/
thelonelycoder
Part of the Furniture
The pixelserv-tls IP is not set, do it in ep, 5. Change pixelserv-tls.
Then to correctly register the ad-blocking IP, disable pixelserv-tls in ep (your ad-blocking IP is now 0.0.0.0) then enable pixelserv-tls in ep.
The ad-blocking and pixelserv-tls IP are now the same and all should be working.
No, still does not work.
According to the client, the certificate is not correctly signed by the trusted CA. ???
Do I need to export to another OVPN file after installing pixelserv?
SMS786
Senior Member
Thank you @thelonelycoder and @ColinTaylor for your help. I'll reformat my USB stick and see if that helps. Yes, it happens to be a small 1GB stick I found laying around the house, perhaps it's time to replace it.
Edit: typo
Last edited:
thelonelycoder
Part of the Furniture
No, you don't need to.
What DDNS Server are you using in WAN / DDNS?
thelonelycoder
Part of the Furniture
1 GB is plenty for Diversion. It is best to use a Linux machine to format the drive if possible.
thelonelycoder
Part of the Furniture
To correct this glitch, I have uploaded a Diversion hot-fix. Use 1233 in the Diversion UI to download all files, then test again if your local clienst show as blocked.
They should not.
58chev
Regular Contributor
Similar threads
Similar threads
Similar threads
-
Diversion Diversion 5.3 - the Router Ad-Blocker, August 11, 2024
- Started by thelonelycoder
- Replies: 40
-
Diversion Diversion 5.1.3 - the Router Ad-Blocker, May 09, 2024
- Started by thelonelycoder
- Replies: 695
-
-
-
-
-
Diversion Diversion and Breezeline Customer Portal
- Started by Fox23
- Replies: 5
-
Is Diversion better than NextDNS, PiHole or AdGuard Home?
- Started by Logi
- Replies: 10
-
Diversion Diversion install is getting the best of me- Started by keef
- Replies: 10
Latest threads
-
-
-
-
Release ASUS ZenWiFi XD5 Firmware version 3.0.0.4.388_24011 (2024/11/13)
- Started by fruitcornbread
- Replies: 0
-
Release ASUS RT-AC88U Firmware version 3.0.0.4.386_48313 (2024/11/13)
- Started by fruitcornbread
- Replies: 0
Support SNBForums w/ Amazon
If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!
Sign Up For SNBForums Daily Digest
Get an update of what's new every day delivered to your mailbox. Sign up here!