What's new
  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I am using Diversion Lite because when I use the Diversion Standard installation, some commercial websites do not work (example is Amazon Shopping app on Android). I've searched the forums and haven't found any clear answers on if this is resolvable; I would definitely like to give pixelserv-tls another shot, but not if commercial websites are causing issues. I am intimately familiar with white-listing domains, and have gone down that path to no avail. I'm wondering if the issue is truly one of white-listing? I've tailed the log live, and nothing indicates that any domains are being blocked when the infamous "oops, there's something wrong in our side" message appears. Don't get me wrong, Diversion Lite with some minor tweaks and SkyNet are fantastic; my network is amazing.

Is anyone aware of a workaround? Searching the forums leads to dead-ends.
Is it simply par for the course that some of the big guys (Amazon, Google, etc) are just going to have issues when running a pixelserv-tls server?

I am relatively new to Diversion, but not new to DNS sinkholing and troubleshooting. Any thoughts? Maybe I am just expecting it to work out of the box and perhaps there is something additional I should be doing (albeit I would prefer to not install certificates across the 30 devices on this network).
Can you list the sites you whitelisted regarding Amazon's issues under Android?
 
I use the following hosted whitelist:
https://raw.githubusercontent.com/anudeepND/whitelist/master/domains/whitelist.txt

Do note that Amazon works perfectly fine right now using Diversion Lite. If I enable pixelserv-tls, it will break.
Try adding the following sites to your whitelist:
aax-us-east.amazon-adsystem.com
fls-na.amazon-adsystem.com
images-na.ssl-images-amazon.com
ir-na.amazon-adsystem.com
ir-uk.amazon-adsystem.com
wms-eu.amazon-adsystem.com
wms-na.amazon-adsystem.com
wms-na.assoc-amazon.com
ws-eu.amazon-adsystem.com
ws-na.amazon-adsystem.com
z-na.amazon-adsystem.com
 
when I search for something, in this case content of /jffs/....., I just do " cd /" and go from there

I have the following aliases inside of /jffs/configs/profile.add for commonly accessed directories.

Code:
alias logdir='cd /opt/var/log'
alias js='cd /jffs/scripts'
alias jc='cd /jffs/configs
 
Try adding the following sites to your whitelist:
aax-us-east.amazon-adsystem.com
fls-na.amazon-adsystem.com
images-na.ssl-images-amazon.com
ir-na.amazon-adsystem.com
ir-uk.amazon-adsystem.com
wms-eu.amazon-adsystem.com
wms-na.amazon-adsystem.com
wms-na.assoc-amazon.com
ws-eu.amazon-adsystem.com
ws-na.amazon-adsystem.com
z-na.amazon-adsystem.com

With all those domains white-listed, it seems to work better (meaning that it takes LONGER for the "oops, there's something wrong in our side" message to occur), but it eventually still happens. Any chance that Amazon thinks it is a MITM type of situation and bails out (meaning it's the SSL cert where it's choking)?
 
With all those domains white-listed, it seems to work better (meaning that it takes LONGER for the "oops, there's something wrong in our side" message to occur), but it eventually still happens. Any chance that Amazon thinks it is a MITM type of situation and bails out (meaning it's the SSL cert where it's choking)?
There may be one or more additional hosts that need to be added to the whitelist. Follow the Diversion log for blocked hosts to determine which one(s).
 
There may be one or more additional hosts that need to be added to the whitelist. Follow the Diversion log for blocked hosts to determine which one(s).
It's a pixel-serv issue. I have everything for amazon whitelisted. It breaks the app on Android. It's fine on iOS. PSVue also breaks with pixel-serv enabled. Those two services I have noticed do not like pixelserv intercepting traffic.
 
It's a pixel-serv issue. I have everything for amazon whitelisted. It breaks the app on Android. It's fine on iOS. PSVue also breaks with pixel-serv enabled. Those two services I have noticed do not like pixelserv intercepting traffic.
Yeah, I may just end up leaving it disabled. Diversion Lite will sinkhole any domain on the blocklist, which is exactly what Pi-hole or AdGuard Home are doing, or any other DNS sinkhole. I'm honestly not sure what pixelserv-tls's benefits are, especially when legit services do not work when it's enabled.
 
With all those domains white-listed, it seems to work better (meaning that it takes LONGER for the "oops, there's something wrong in our side" message to occur), but it eventually still happens. Any chance that Amazon thinks it is a MITM type of situation and bails out (meaning it's the SSL cert where it's choking)?
Can you tell me what you're trying to open when you get the "oops" error message? I can try to mirror what you're doing to see if i get the same error message.
 
Can you tell me what you're trying to open when you get the "oops" error message? I can try to mirror what you're doing to see if i get the same error message.
Sure, open the Android Shopping app. Then click on any item (doesn't matter which). Scroll down quickly toward the bottom of the page to read reviews. Eventually the 'oops' message appears (at some point while scrolling down). Using a Nokia 7.1 and a Moto Z3 Play, both running Android Pie.
 
Last edited:
Yeah, I may just end up leaving it disabled. Diversion Lite will sinkhole any domain on the blocklist, which is exactly what Pi-hole or AdGuard Home are doing, or any other DNS sinkhole. I'm honestly not sure what pixelserv-tls's benefits are, especially when legit services do not work when it's enabled.
Amazon is using image trackers in their app to see what customers look at and pixelserv probably interferes with their tracking reports. If a tracker sends back an incomplete request it triggers an error on your end. The advantage of pixelserv is that it not only stops an ad from being displayed it also fills the space left by blocked content where possible with a pixel. So you're not left with a browser error message throughout your website for every blocked content.
 
Amazon is using image trackers in their app to see what customers look at and pixelserv probably interferes with their tracking reports. If a tracker sends back an incomplete request it triggers an error on your end. The advantage of pixelserv is that it not only stops an ad from being displayed it also fills the space left by blocked content where possible with a pixel. So you're not left with a browser error message throughout your website for every blocked content.

Gotcha. So for one, it's definitely less ugly than the gigantic grey squares on mobile devices. Basically replaces that content to make things look better. I'd imagine that can actually speed things up to a degree, too?

That being said, are all clients forced to the pixelserv-tls server address? Can some clients forward ads to 0.0.0.0 and others to the pixelserv-tls server? Or is it a one setting deal?
 
The sites you mentioned are not showing ads for me, but many file hosting sites are displaying ads. Trakt.tv website is also displaying ads now and it did not before.

Quick question... ads seem to be getting through now...

As troubleshooting steps, I just ran the update and re-downloaded all the blocking lists in the GUI. If I Follow the dnsmasq log, it SHOWS lots of domains being blocked, but going to sportingnews or foxnews or wunderground (etc.) all bring up plenty of ads... so I dunno what it actually IS blocking. I'm used to all of them being ad-free.

Also double-checked that my computer is using the router for DNS...

Suggestions?
 
Could someone please check https://trakt.tv/shows/trending

And see if ads are being blocked. I will try a fresh install if it's just happening to me. I already tried flushing my browser dns cache with no luck.

Thanks

No issues with my RT-AC86U with amtm and many scripts on RMerlin 384.13 Beta 1 and DoT (Quad9)/DNSSEC enabled too. :)
 
Could someone please check https://trakt.tv/shows/trending

And see if ads are being blocked. I will try a fresh install if it's just happening to me. I already tried flushing my browser dns cache with no luck.

Thanks
I'm getting ads. If they're served by the website itself, they (likely) can't be blocked. Given that they have the "VIP" thing, I'd imagine they are serving the adds themselves.
upload_2019-7-26_10-27-42.png
 
I'm getting ads. If they're served by the website itself, they (likely) can't be blocked. Given that they have the "VIP" thing, I'd imagine they are serving the adds themselves.
View attachment 18742
Same here, looks like the ads are hosted on the same site as the other content.
 
Is anyone else having issues with the android app Fandango? I keep getting the message in the attached screenshot when trying to select a time for buying movie tickets. I've tried whitelisting blocked domains with the [f] (follow dnsmasq.log) option to no avail. The app works if I disable ad blocking.

android fandango app.jpg
 
Is anyone else having issues with the android app Fandango? I keep getting the message in the attached screenshot when trying to select a time for buying movie tickets. I've tried whitelisting blocked domains with the [f] (follow dnsmasq.log) option to no avail. The app works if I disable ad blocking.

View attachment 18748
Try leaving blocking enabled, but disable pixelserv. See if you still get the issue. There are some site that don’t like pixelserv.
 

Similar threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top