Diversion Diversion - the Router Ad-Blocker

[XIII]

Hope you can still enjoy your lunch.

So you found the root cause? Curious about the technical details.

 

[dave14305]

OK, I have to contain my anger I feel at the moment, let me have dinner lunch first to settle down before I post anything stupid.
But FCK NextDNS. That is not how one plays nice with other coders

There’s a GitHub issue that I believe is started by @XIII that I commented on their approach to integration. Feel free to add to it:

https://github.com/nextdns/nextdns/issues/77

 

[thelonelycoder]

There’s a GitHub issue that I believe is started by @XIII that I commented on their approach to integration. Feel free to add to it:

https://github.com/nextdns/nextdns/issues/77

That's a minor problem compared to what I found.
More on that later, dessert is ready .

 

[SomeWhereOverTheRainBow]

That's a minor problem compared to what I found.
More on that later, dessert is ready .

Oh boy cats out of the bag! For anyone who frequently uses nextdns servers for doh you are welcome to use dnscrypt-proxy using the sdns stamp through our installer @Zastoff can post details on how to set it up for anyone interested. Users have reported success with this method and using diversion together. For further inquiries on that matter refer to https://www.snbforums.com/threads/release-dnscrypt-installer-for-asuswrt.36071/page-74 for questions or support.

 

[Jack Yaz]

OK, I have to contain my anger I feel at the moment, let me have dinner lunch first to settle down before I post anything stupid.
But FCK NextDNS. That is not how one plays nice with other coders

Corporate greed from NextDNS rearing it's head already?

 

[dave14305]

That's a minor problem compared to what I found.
More on that later, dessert is ready .

mkdir -p /tmp/opt/sbin

?

 

[SomeWhereOverTheRainBow]

Corporate greed from NextDNS rearing it's head already?

greed maybe, but carelessness is definitely a need of concern. Probably why Merlin doesn't default local router traffic through stubby. it is too much hassle.

 

[XIII]

mkdir -p /tmp/opt/sbin

Line 193 in here?

That's why I wanted to learn how Entware mounting works...

(I thought it might conflict, but was/am not sure about this, without more knowledge)

 

[dave14305]

Line 193 in here?

That's why I wanted to learn how Entware mounting works...

(I thought it might conflict, but was/am not sure about this, without more knowledge)

Yes, it looks like it will subvert the linking of Entware after a reboot, if services-start runs before post-mount. Comment that line out and reboot.

For all the testing I did with NextDNS, I don’t think I ever rebooted with it installed.

 

[SomeWhereOverTheRainBow]

For all the testing I did with NextDNS, I don’t think I ever rebooted with it installed.

do you ever reboot...
or is this a masters of the universe are exemption clause?

 

[thelonelycoder]

Line 193 in here?

That's why I wanted to learn how Entware mounting works...

(I thought it might conflict, but was/am not sure about this, without more knowledge)

Spot on!

 

[SomeWhereOverTheRainBow]

Spot on!

looking back at my post earlier

Diversion - the Router Ad-Blocker

I feel like I should be dubbed the residential psychic now as this reeks of foreshadowing the apocalypse.

 

[thelonelycoder]

@Olivier Poitrey I'm posting this here and not on GitHub. This concerns my users directly. A prompt fix and an apology is in order.

This bug affects Entware and with it Diversion and many more scripts that depend on it.
You hijack Entware here by symlinking the entware folder in opt and placing your /sbin entry on the USB device.
It appears to work while installing NextDNS but after a reboot you do whatever causes this, probably running your script before the /entware folder has a chance to be symlinked to /opt.

I tested this on an RT-AC1900P with 384.14_2 and an RT-AC86U on 384.15_beta1.

For users affected by this, there is only one way out of it at the moment: Remove NextDNS and let Diversion handle the ad-blocking.

someonewhocares@RT-AC86U-AD60:/tmp/home/root# cd /opt/
someonewhocares@RT-AC86U-AD60:/tmp/opt# ls -la
drwxrwxrwx    3 someonewhocares      root            80 Feb  2 14:51 .
drwxrwxrwx   18 someonewhocares      root          1120 Feb  2 14:58 ..
lrwxrwxrwx    1 someonewhocares      root            20 Feb  2 14:51 entware -> /tmp/mnt/8GB/entware
drwxrwxrwx    2 someonewhocares      root            60 May  5  2018 sbin
someonewhocares@RT-AC86U-AD60:/tmp/opt# cd entware/
someonewhocares@RT-AC86U-AD60:/tmp/mnt/8GB/entware# cd ..
someonewhocares@RT-AC86U-AD60:/tmp/opt# cd sbin/
someonewhocares@RT-AC86U-AD60:/tmp/opt/sbin# ls
nextdns
someonewhocares@RT-AC86U-AD60:/tmp/opt/sbin# cd
someonewhocares@RT-AC86U-AD60:/tmp/home/root# cd /opt/
someonewhocares@RT-AC86U-AD60:/tmp/opt# ls -la
drwxrwxrwx    3 someonewhocares      root            80 Feb  2 14:51 .
drwxrwxrwx   18 someonewhocares      root          1120 Feb  2 14:59 ..
lrwxrwxrwx    1 someonewhocares      root            20 Feb  2 14:51 entware -> /tmp/mnt/8GB/entware
drwxrwxrwx    2 someonewhocares      root            60 May  5  2018 sbin
someonewhocares@RT-AC86U-AD60:/tmp/opt# cd entware/
someonewhocares@RT-AC86U-AD60:/tmp/mnt/8GB/entware# ls -la
drwxr-xr-x   13 someonewhocares      root          4096 Jan 31 14:27 .
drwxrwxrwx    5 someonewhocares      root          4096 Feb  1 21:26 ..
drwxr-xr-x    2 someonewhocares      root          4096 Feb  2 11:16 bin
drwxr-xr-x    5 someonewhocares      root          4096 Jan 31 14:27 etc
drwxr-xr-x    2 someonewhocares      root          4096 Mar 20  2019 home
drwxr-xr-x    3 someonewhocares      root          4096 Feb  1 21:26 lib
drwxr-xr-x    2 someonewhocares      root          4096 Feb  1 21:26 libexec
drwxr-xr-x    2 someonewhocares      root          4096 May 23  2019 root
drwxr-xr-x    2 someonewhocares      root          4096 Feb  2 14:50 sbin
drwxr-xr-x    5 someonewhocares      root          4096 Oct  3 23:10 share
drwxrwxrwx    3 someonewhocares      root          4096 Feb  2 11:40 tmp
drwxr-xr-x    4 someonewhocares      root          4096 Mar 20  2019 usr
drwxr-xr-x    9 someonewhocares      root          4096 Jan 31 14:27 var
someonewhocares@RT-AC86U-AD60:/tmp/mnt/8GB/entware# cd ..
someonewhocares@RT-AC86U-AD60:/tmp/opt# cd sbin/
someonewhocares@RT-AC86U-AD60:/tmp/opt/sbin# ls -la
drwxrwxrwx    2 someonewhocares      root            60 May  5  2018 .
drwxrwxrwx    3 someonewhocares      root            80 Feb  2 14:51 ..
lrwxrwxrwx    1 someonewhocares      root            21 May  5  2018 nextdns -> /jffs/nextdns/nextdns

Edit: NextDNS completely replaces /jffs/configs/dnsmasq.conf.add and does nor restore the previous file after uninstall.

 

[thelonelycoder]

The issue above is posted on the NextDNS GitHub, linked back here.

 

[XIII]

Thank you for investigating this!

Maybe the NextDNS team was not aware of Entware on our routers?

 

[SomeWhereOverTheRainBow]

Thank you for investigating this!

Maybe the NextDNS team was not aware of Entware on our routers?

Oh they know. They probably are not aware of the complex dynamics and timings needed to properly Jive with AMTM and Diversion, as I explained before. @thelonelycoder has made all this done in a very tight window to make it where it causes little impact to the users performance.

 

[thelonelycoder]

Thank you for investigating this!

Maybe the NextDNS team was not aware of Entware on our routers?

If they had tested it against Diversion as I did the other way round earlier then they'd find that Entware is present whenever Diversion is.
Diversion installs Entware, together with the amtm Entware installer my scripts probably install 99% of the Entware installations on Asuswrt-Merlin (that figure may be a tad too high ).

 

[XIII]

together with the amtm Entware installer my scripts probably install 99% of the Entware installations on Asuswrt-Merlin

I joined those ranks (recently), now that's the (only) official way, as approved by RMerlin.

 

[thelonelycoder]

I joined those ranks (recently), now that's the (only) official way, as approved by RMerlin.

The next amtm and Diversion will have an even better and verbose Entware mounting script. Helps to track down errors like you had with NextDNS. There would have been entries in the syslog that would have helped a lot in tracking that down.
No more with the next round of amtm/Diversion updates.

 

[Olivier Poitrey]

I will fix that ASAP, thanks for the heads up. If this is breaking something, it was not intentional. Please don’t assume evil intent.

I added this symlink so the nextdns binary can be in the path. It is just a convenience. Please tell me if there is a better way to do that without breaking entware.