Menu
What's new
By:
Filters Better Search

pixelserv pixelserv - A Better One-pixel Webserver for Adblock

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

visortgw said:
Why are you using curl? From browser, try:

Click to expand...
I was using curl because I tried to access my router remotely using ssh.

Now back home the URL does not work either:

Code: 
The connection has timed out
The server at 192.168.1.2 is taking too long to respond.

Update:

I disabled and re-enabled ad-blocking; now the page is working...

Wonder why Diversion stated it was running, but nothing worked...
 
Last edited:
XIII said:
I was using curl because I tried to access my router remotely using ssh.

Now back home the URL does not work either:

Code: 
The connection has timed out
The server at 192.168.1.2 is taking too long to respond.

Update:

I disabled and re-enabled ad-blocking; now the page is working...

Wonder why Diversion stated it was running, but nothing worked...
Click to expand...
The pixelserv process can be “running” but with some or all portions not serving correctly. I’ve seen that many times with pre release testing versions, though that’s not typically the case with public builds.
 
RMerlin said:
You also need to set the key usage to Web Server:

https://github.com/RMerl/asuswrt-merlin.ng/commit/e786dfa2a5faac92c77c499a9b7fb0923efce892

Adjust this in the openssl.cnf config file you are using.

Might also want to ensure that the clock is accurately set before generating the cert with a 2 years duration, otherwise your certificate may expire prematurely if someone is running an older firmware release.

https://github.com/RMerl/asuswrt-merlin.ng/commit/9e1566a472b3babcbe463e21e5b00a1b1efff30a
Click to expand...

I’m a little confused by this bit. If we are generating our own certs, is there a way of achieving this without an openssl.cnf file? In the command thelonelycoder suggests, there is no reference to a openssl.cnf file, so if I just want to copy that command but add in the serverAuth to the Extended Key Usage attributes, is there a way of doing that?
 
JimbobJay said:
I’m a little confused by this bit. If we are generating our own certs, is there a way of achieving this without an openssl.cnf file? In the command thelonelycoder suggests, there is no reference to a openssl.cnf file, so if I just want to copy that command but add in the serverAuth to the Extended Key Usage attributes, is there a way of doing that?
Click to expand...
Never mind, after some more research I added the line to my default openssl.cnf file and it seems to have worked.
 
^^^^^ From my experience, using your own openssl.cnf file IS the simplest way to keep all the darn options correct...
 
heysoundude said:
Hey XIII - what's the significance of tav, what's a good number, and how does one tweak it?
Click to expand...
tav is the statistic that tells you what pixelserv’s average response time is, lower is better, and there’s not much you can do to tweak it beyond run it on better hardware. There are options you can adjust to modify things, but as of 2.2.1 the best choices more or less are the default choices, so it’s not something to worry about really.
 
I think tav may be time-weighted, and I think it goes down as the percentage of certs are pregenerated. I think you can increase the cache size, which reduces the reloading of a pre-generated certs. And I think you can be sure you are using 0-RTT, which also might improve things.

It still amazes me that some requests are over 100K in size.
 
I have installed IOS 13 on my iPhone and noticed only while I'm using the Reddit app that the links to websites within the app are showing up as insecure. Is this due to pixelserv and I just need to wait for the new pixelserv update to come out?

When I was using the previous IOS this didn't happen.

D9D0D6A4-D9F7-4EDF-9783-FDF55D4B9C26.png
 
Davidncali001 said:
I have installed IOS 13 on my iPhone and noticed only while I'm using the Reddit app that the links to websites within the app are showing up as insecure. Is this due to pixelserv and I just need to wait for the new pixelserv update to come out?

When I was using the previous IOS this didn't happen.

View attachment 19312
Click to expand...
Yes, it has been discussed now for days, start with the link below, and read to here to get updated as to the issue and attempts to address it.
https://www.snbforums.com/threads/p...server-for-adblock.26114/page-148#post-511516
 
I've just now caught up with the rush of what's going on with this thread and the why of it...
this has been (hopefully past tense applies) quite the team effort, with what appears from my perspective to be some pretty heavy lifting; the David vs Goliath proportions to this are not lost on me.
 
jrmwvu04 said:
To be honest I've been concerned about him. For those of you not following the news, Hong Kong is not an ideal place to be lately. To quote another user, the silence is now worrisome.
Click to expand...
It's been 5 months to the day since he published anything to his blog/site:
https://kazoo.ga/all-articles/
I'm crossing my fingers that he's fine and simply on sabbatical far away from the troubles at "home"
 
heysoundude said:
I've just now caught up with the rush of what's going on with this thread and the why of it...
this has been (hopefully past tense applies) quite the team effort, with what appears from my perspective to be some pretty heavy lifting; the David vs Goliath proportions to this are not lost on me.
Click to expand...
Yeah, and there are still hurdles. I’m still working on it but no breakthroughs yet because frankly I’m a compiling novice. I can build it for amd64 Debian and everything is good there but there are considerations for building it for asuswrt platforms I have not figured out yet.
 
Lovers in a dangerous time keep kicking at the darkness til it bleeds daylight...
One of you will have the appropriate penny drop or find the right crack in the wall to bust through. [emoji1303][emoji1303]


Sent from my iPhone using Tapatalk
 
The static builds in the end turned out not to be necessary or deliver what it was thought they delivered, last time around.
 
Jack Yaz said:
Whatever version i built performs just fine on my 86U, so I'm not entirely sure of the reasoning?
Click to expand...
Reading up on it, it doesn’t appear that will be useful for most people anymore. At some point between when I left and came back, Entware adopted OpenSSL 1.1.1 and I assume most people are using that install method. So, no worries. I’ll figure out my own thing or just switch to Entware
 
You must log in or register to reply here.

Similar threads

MegaMango
dnsmasq-surrogate for RT-BE88U: Ad Blocking & Security Enhancement
Replies
2
Views
578
MegaMango
MegaMango
L
pixelserv SOLVED - Is PixelServ WebGui script trustworthy at the moment? Redirects to strange website...
Replies
10
Views
4K
gspannu
gspannu
thelonelycoder
Diversion Need help with selecting new set of filter lists / block lists for Diversion 5.0
2
Replies
21
Views
4K
thelonelycoder
thelonelycoder
blacksheep
pixelserv Does "How to best run Pixelserv tls on asuswrt" still apply?
Replies
3
Views
3K
elorimer
E
garycnew
Entware [SOLUTION] Cross-Compile PixelServ-TLS 2.4 Entware Package via Debian Live DVD
Replies
13
Views
3K
garycnew
garycnew
Similar threads
Thread starter Title Forum Replies Date
C Diversion Pixelserv replacement Asuswrt-Merlin AddOns 2
L Is Diversion better than NextDNS, PiHole or AdGuard Home? Asuswrt-Merlin AddOns 10

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 865 (members: 37, guests: 828)
Top