Xentrk
Part of the Furniture
I will keep you posted. I run another host file ad blocker solution I found on the web. I will update the post with the link when I get home. It is not as comprehensive as ABS. But it does the job.
pixelserv pixelserv - A Better One-pixel Webserver for Adblock
- Thread starter kvic
- Start date
@Xentrk @Lost Dog
I know some users have been compiling pixelserv-tls for LEDE/OpenWRT. You can make a request to OpenWRT to add pixelserv-tls to their packages. You may also try to contact the person in this ticket. See if he can share his build or create one compatible for your travel router. I can also link his work to the supported platforms page.
On the other hand, there is a OpenWRT package known as "adblock" which does a similar job of preparing blocked host files for DNSmasq. It seems doing a good job on performance.
I know some users have been compiling pixelserv-tls for LEDE/OpenWRT. You can make a request to OpenWRT to add pixelserv-tls to their packages. You may also try to contact the person in this ticket. See if he can share his build or create one compatible for your travel router. I can also link his work to the supported platforms page.
On the other hand, there is a OpenWRT package known as "adblock" which does a similar job of preparing blocked host files for DNSmasq. It seems doing a good job on performance.
Xentrk
Part of the Furniture
Thanks @kvic,
I did some research on the adblock package. The prerequisite is LEDE project, tested with latest stable release (LEDE 17.01) and with current LEDE snapshot. I'd have to flash LEDE and it looked like more effort than I wanted to put into it for the little I use the travel router.
I will do as you suggest in regard to pixelserv. I just came across this one https://github.com/jjack/openwrt-adblock and has a link to a 1 pixel gif.
The link to the site I got the code from is here. https://paul.is-a-geek.org/2015/06/dns-based-adblock-using-openwrt-opendns-and-dnsmasq/. But the site is not working to an invalid certificate.
#!/bin/sh
#Block ads, malware, etc.
logger -t "adblock" -s 'Starting adblock setup...'
#Delete the old adblock_hosts to make room for the updates
rm /tmp/adblock_hosts
logger -t "adblock" -s 'Downloading hosts lists...'
wget -qO- "http://winhelp2002.mvps.org/hosts.txt" | awk '/^0.0.0.0/' > /tmp/block.build.list
wget -qO- "http://www.malwaredomainlist.com/hostslist/hosts.txt" | awk '{sub(/^127.0.0.1/, "0.0.0.0")} /^0.0.0.0/' >> /tmp/block.build.list
wget -qO- "http://hosts-file.net/ad_servers.txt" | awk '{sub(/^127.0.0.1/, "0.0.0.0")} /^0.0.0.0/' >> /tmp/block.build.list
wget -qO- "http://adaway.org/hosts.txt" | awk '{sub(/^127.0.0.1/, "0.0.0.0")} /^0.0.0.0/' >> /tmp/block.build.list
if [ -s "/etc/black.list" ]
then
logger -t "adblock" -s 'Adding blacklist...'
awk '/^[^#]/ { print "0.0.0.0",$1 }' /etc/black.list >> /tmp/block.build.list
fi
logger -t "adblock" -s 'Sorting lists...'
awk '{sub(/\r$/,"");print $1,$2}' /tmp/block.build.list|sort -u > /tmp/block.build.before
if [ -s "/etc/white.list" ]
then
#Filter the blacklist, supressing whitelist matches
# This is relatively slow =-(
logger -t "adblock" -s 'Filtering white list...'
awk '/^[^#]/ {sub(/\r$/,"");print $1}' /etc/white.list | grep -vf - /tmp/block.build.before > /tmp/adblock_hosts
else
cat /tmp/block.build.before > /tmp/adblock_hosts
fi
logger -t "adblock" -s 'Cleaning up...'
#Delete files used to build list to free up the limited space
rm -f /tmp/block.build.before
rm -f /tmp/block.build.list
logger -t "adblock" -s 'Restarting dnsmasq...'
/etc/init.d/dnsmasq restart
logger -t "adblock" -s 'Finished adblock setup'
exit 0
#Block ads, malware, etc.
logger -t "adblock" -s 'Starting adblock setup...'
#Delete the old adblock_hosts to make room for the updates
rm /tmp/adblock_hosts
logger -t "adblock" -s 'Downloading hosts lists...'
wget -qO- "http://winhelp2002.mvps.org/hosts.txt" | awk '/^0.0.0.0/' > /tmp/block.build.list
wget -qO- "http://www.malwaredomainlist.com/hostslist/hosts.txt" | awk '{sub(/^127.0.0.1/, "0.0.0.0")} /^0.0.0.0/' >> /tmp/block.build.list
wget -qO- "http://hosts-file.net/ad_servers.txt" | awk '{sub(/^127.0.0.1/, "0.0.0.0")} /^0.0.0.0/' >> /tmp/block.build.list
wget -qO- "http://adaway.org/hosts.txt" | awk '{sub(/^127.0.0.1/, "0.0.0.0")} /^0.0.0.0/' >> /tmp/block.build.list
if [ -s "/etc/black.list" ]
then
logger -t "adblock" -s 'Adding blacklist...'
awk '/^[^#]/ { print "0.0.0.0",$1 }' /etc/black.list >> /tmp/block.build.list
fi
logger -t "adblock" -s 'Sorting lists...'
awk '{sub(/\r$/,"");print $1,$2}' /tmp/block.build.list|sort -u > /tmp/block.build.before
if [ -s "/etc/white.list" ]
then
#Filter the blacklist, supressing whitelist matches
# This is relatively slow =-(
logger -t "adblock" -s 'Filtering white list...'
awk '/^[^#]/ {sub(/\r$/,"");print $1}' /etc/white.list | grep -vf - /tmp/block.build.before > /tmp/adblock_hosts
else
cat /tmp/block.build.before > /tmp/adblock_hosts
fi
logger -t "adblock" -s 'Cleaning up...'
#Delete files used to build list to free up the limited space
rm -f /tmp/block.build.before
rm -f /tmp/block.build.list
logger -t "adblock" -s 'Restarting dnsmasq...'
/etc/init.d/dnsmasq restart
logger -t "adblock" -s 'Finished adblock setup'
exit 0
Thanks for the links, had read some of it before, but still, I don't get it. Sorry for going on about this, but what do you mean by "Importing the CA certificate on clients allows graceful communication between clients and pixelserv-tls server"? What is the purpose of the certificate and what are the benefits of importing it into my web-browser? If someone could explain it in really simple terms I would really appreciate it. Please feel free to PM me if you don't want to clutter the thread with this. Again, sorry for beeing thick in the head and thanks for putting your effort into this, it's great work!
thelonelycoder
Part of the Furniture
Operating systems and browsers have a list of trusted certificates.
Apps and browsers check that list first before communicating with a server running on the secure protocol, https is one of them. If no valid certificate is found, communication is aborted.
Pixelserv uses a self-signed certificate which is not in that list. And since pixelserv-tls is just another server running on https from the viewpoint of apps or browsers, communication with it is refused.
Unless you import the pixelserv certificate and with that set it as trusted in the list.
Ok, that cleared some things up. So if I am understanding it correctly: Since I have not imported the certificate to my browser, that's the reason for some sites/links beeing blocked (for example some of the google shopping links), right? And if I were to import the certificate, those site would load (but still without the ads), correct?
thelonelycoder
Part of the Furniture
That's the gist of it.
When you visit a website the page is dowloaded which may contain links to other sources. The browser/app then requests that content. If the source is blocked in AB-Solution the request either dead ends at or is answered with a pixel sized image by pixelserv. The app/browser trusts the response from pixelserv if you have the certificate imported.
Well, thank you very much for straighten this out for me!
@Xentrk
I believe the "adblock" description meant to say it tested to work on the latest OpenWRT. Not that it depends on anything specific to LEDE. Note that LEDE and OpenWRT merged already this month, and "adblock" package (which is a bash script) started on OpenWRT when LEDE didn't exist yet.
I would think it shall work in any recent versions of OpenWRT/LEDE. The script you posted will do the job too. So in the end, it's personal preference really but I've to praise the author of picking NXDOMAIN. Pls read the speed benchmark of pixelserv-tls against NXDOMAIN.
I believe the "adblock" description meant to say it tested to work on the latest OpenWRT. Not that it depends on anything specific to LEDE. Note that LEDE and OpenWRT merged already this month, and "adblock" package (which is a bash script) started on OpenWRT when LEDE didn't exist yet.
I would think it shall work in any recent versions of OpenWRT/LEDE. The script you posted will do the job too. So in the end, it's personal preference really but I've to praise the author of picking NXDOMAIN. Pls read the speed benchmark of pixelserv-tls against NXDOMAIN.
Xentrk
Part of the Furniture
Very kewl! Thanks for the update. When I last researched this, I learned there was a plan to merge the two together. If I recall, LEDE was forked from OpenWRT? I will get with Gli support to see if a new OS version is available or in the works. I will let you know.
I don't know if it's asked before, but I'm currently using version: v35.HZ12.Kk compiled: Sep 25 2017 that came with AB-Solution. Can i just update with
sh -c "$(wget -qO - https://kazoo.ga/pixelserv-tls/install-beta.sh)" to v2.0.1 or do I wait for an update of ab-solution?
sh -c "$(wget -qO - https://kazoo.ga/pixelserv-tls/install-beta.sh)" to v2.0.1 or do I wait for an update of ab-solution?
thelonelycoder
Part of the Furniture
You can do it manually with your link or use amtm:
https://www.snbforums.com/threads/amtm-the-snbforum-asuswrt-merlin-terminal-menu-v1-0.42415/
I haven't lost sight of this. Post 608 has 58 likes. Are we there yet?
froggy666uk
Occasional Visitor
You sir are a legend! _/-\o_
I'm extending my offer to Easter Saturday so that ppl get a bit more time to work on it
Happy holidays!
Adamm
Part of the Furniture
You can access the files via network on a windows device. I also believe these files are backed up with AB-Solution if you use that in conjunction with pixelserv
You can use WinSCP. But, if you are using pixelserv you should go along to AB-Solution too.
thelonelycoder
Part of the Furniture
Looks like you have AB-Solution installed. It comes with a backup function: bu
This includes the certificate files.
Similar threads
Similar threads
| Thread starter | Title | Forum | Replies | Date |
|---|---|---|---|---|
| C | Diversion Pixelserv replacement | Asuswrt-Merlin AddOns | 2 | |
| L | Is Diversion better than NextDNS, PiHole or AdGuard Home? | Asuswrt-Merlin AddOns | 10 |
Similar threads
-
-
Is Diversion better than NextDNS, PiHole or AdGuard Home?
- Started by Logi
- Replies: 10