pixelserv pixelserv - A Better One-pixel Webserver for Adblock
- Thread starter kvic
- Start date
We cannot rule out there are genuine clients behaving like that. For example, during rapid browsing, you switch to a new page (or close the page) while the previous page is still being loaded.
Given that said, you're right that a majority of counts, if not all, registered under slc shall belong to clients without Pixelserv CA cert imported.
Note that such counts for HTTPS are also registered under cls. But such counts for HTTP only register in cls not slc.
Thanks. Note that in both @Makaveli and your cases, near 90% (slc/req) of ad requests are HTTPS. But seems both of you don't have the CA cert imported in your main browsing devices (like desktop or phone). That's perfectly fine.
Though with the CA cert imported, you might notice a smoother browsing experience, especially on desktop with ad heavy sites such as CNN, Foxnews and Daily Mail..
Perhaps consider spending sometime over the weekend to go through this guide Import ca.crt into clients.
SMS786
Senior Member
Great to know, thanks. Installing the ps certs on all the fam's devices is still a work in progress
After 17h
Code:
slh 1205 # of accepted HTTPS requests
slm 122 # of rejected HTTPS requests (missing certificate)
sle 0 # of rejected HTTPS requests (certificate available but bad)
slc 565 # of dropped HTTPS requests (client disconnect without sending any request)
slu 690 # of dropped HTTPS requests (unknown error)
sct 69 ssl cache: # of cached cert
sch 1777 ssl cache: # of cache hit
scm 191 ssl cache: # of cache miss
scp 0 ssl cache: # of purge to free up slots
pattiri
Senior Member
well, both my PC and phone are high end devices. on my desktop firefox can use up to 4 gb of ram
but still everything is smooth. I'm not sure if this is related but I've imported CA cert to both. Thank you for the advise and the good work 
jrmwvu04
Very Senior Member
It is easy to forget how far the responsiveness has come, let alone the utility. Was not so long ago that it was quite different, with response times in the 100s of ms.
If you don’t import certs, you’re forfeiting a lot of the benefits of pixelserv-tls. Also those warning notifications will get tedious not only for yourself, but also for any less tech savvy users who may be on your WiFi. Trust me. It is a bit of a pain, but the payoff is worth it.Great to know, thanks. Installing the ps certs on all the fam's devices is still a work in progress
Also, it causes people to hastily dismiss browser security warnings which while might be beyond your control, is something you don’t want to contribute to.
thelonelycoder
Part of the Furniture
AB-Solution 3.11.2 is now available
Use cu to update to this latest version.
What's new in version 3.11.2
Compatibility updates due to upcoming pixelserv-tls v2.1.x changes.
- AB-Solution UI now shows the currently installed version. For pixelserv-tls v35.HZ12.Kk and older the version is shown as "likely v.Kk"
- Updating or upgrading Entware packages through the AB UI only restarts pixelserv-tls if a newer version has been installed
- Version compatibility changes due to an upcoming pixelserv-tls version numbering change
- Added support for pixelserv-tls -c and -A switch (version 2.1.x and higher only)
Use cu to update to this latest version.
What's new in version 3.11.2
Compatibility updates due to upcoming pixelserv-tls v2.1.x changes.
- AB-Solution UI now shows the currently installed version. For pixelserv-tls v35.HZ12.Kk and older the version is shown as "likely v.Kk"
- Updating or upgrading Entware packages through the AB UI only restarts pixelserv-tls if a newer version has been installed
- Version compatibility changes due to an upcoming pixelserv-tls version numbering change
- Added support for pixelserv-tls -c and -A switch (version 2.1.x and higher only)
jrmwvu04
Very Senior Member
Not that I mind, but it seems as though you might be in the wrong spot.
Edit: perhaps not. carry on, friend.
thelonelycoder
Part of the Furniture
These updates are all because of upcoming pixelserv-tls changes.
My post targets the audience with AB installed and are likely to browse this thread.
thelonelycoder
Part of the Furniture
No problem. I appreciate your thorough testing and reporting here. And your keen eye!
jrmwvu04
Very Senior Member
I pieced it together after I saw the post was already in the AB thread. While you're here, what is the apparent use case for the new -A switch? Options are good, of course, but why would this need to be changed?
thelonelycoder
Part of the Furniture
To obscure the ps stats for others. It was requested by a semi-commercial user of pixelserv-tls for his installation.
Since the switch is there and could also be useful for users of AB I added it. See the GitHub thread or the ps website for more info.
Thank you @thelonelycoder appreciate all the hard work!
Option '-A' is actually already in Km-test.3. Likely won't be needed for a small LAN or by most users at home. When I thought about it, might not be a bad idea. For example, someone with a smart kid who decides to spank his dad's router by turning on "/log=5" with "http://listen ip/log=5." This is going to swamp most home router's syslog and eventually a crash.
With '-A', users can apply firewall rules on what IPs and etc are allowed to access "/log" and "/servstats" and future commands that I might dream up. I mentioned this feature on my blog with Km-test.3 and also has a ticket #5 on GitHub.
I mentioned this user's project before in this thread as well as on Wiki. His project is open for public use. I'm actually not sure if the project is of commercial nature or any sort. I didn't ask for details either.
New beta version Km-test.4 aka v2.1.0-test.4
Thanks again for all the testing on the prior versions.
This version includes a few new features, notably prefetch ssl cache from disk and save part of ssl cache to disk on exit. All automatic. Once users are familiar with it, can customise the list for prefetch as initial condition.
And added a disk benchmark option '-B'. Pls reead the details on my blog for a demo. Also new is log LEVEL 3 to see what's prefetch into and possibly purged from ssl cache.
For details in this test version and the upcoming v2.1.0 release, pls read the latest on kazoo.ga/pixelserv-tls.
Entware (ARMv7, mipsel, ARMv8) users can use the one liner below as usual or otherwise to install.
Will appreciate any feedback.
Thanks again for all the testing on the prior versions.
This version includes a few new features, notably prefetch ssl cache from disk and save part of ssl cache to disk on exit. All automatic. Once users are familiar with it, can customise the list for prefetch as initial condition.
And added a disk benchmark option '-B'. Pls reead the details on my blog for a demo. Also new is log LEVEL 3 to see what's prefetch into and possibly purged from ssl cache.
For details in this test version and the upcoming v2.1.0 release, pls read the latest on kazoo.ga/pixelserv-tls.
Entware (ARMv7, mipsel, ARMv8) users can use the one liner below as usual or otherwise to install.
Code:
sh -c "$(wget -qO - https://kazoo.ga/pixelserv-tls/install-beta.sh)"
Protik
Senior Member
Installed and working perfectly. I am loving the prefetch ssl cache option. That would make everything much faster! The ssl cache restores the cache without any issues so far. Will let you know of any development.
jrmwvu04
Very Senior Member
Similar threads
Similar threads
| Thread starter | Title | Forum | Replies | Date |
|---|---|---|---|---|
| C | Diversion Pixelserv replacement | Asuswrt-Merlin AddOns | 2 | |
| L | Is Diversion better than NextDNS, PiHole or AdGuard Home? | Asuswrt-Merlin AddOns | 10 |
Similar threads
-
-
Is Diversion better than NextDNS, PiHole or AdGuard Home?
- Started by Logi
- Replies: 10