ublockr - a minimalists approach to adblocking

[swetoast]

So here is my minimal ~155 lines adblocker called ublockr.

Features

• Blocks around 85 to 100k hosts
• IPv6 Support
• uses Pixelserv-TLS
• Whitelist filter
• Automated System Detection (Padavan / OpenWrt / ASUSWRT-Merlin)
• Configuration file for settings.
• Self-Update using -update as switch

Prerequisites

1. A router supporting entware
2. A usb drive mounted on system with swap setup on it.
3. Changing port from 80 to another port number
4. Basic knowledge of linux

Here is a step by step tutorial for AsusWRT-Merlin
1st line downloads the script, 2nd line downloads the config, 3rd line makes the script executable, 4 line adds it to services to run on midnight every night (only run if you have a services-start at config directory on asuswrt-merlin)

Padavan users check here for installation instructions
https://gitlab.com/spitfire-project/ublockr/blob/master/README.md

wget https://gitlab.com/spitfire-project/ublockr/raw/master/ublockr -O /opt/bin/ublockr --no-check-certificate
wget https://gitlab.com/spitfire-project/ublockr/raw/master/ublockr.cfg -O /opt/etc/ublockr.cfg --no-check-certificate
chmod +x /opt/bin/ublockr
echo "cru a ublockr "0 0 * * * /opt/bin/ublockr" >> /jffs/scripts/services-start

Notes
too configure ublockr see the ublockr.cfg files for options AsusWRT not Merlin users have to specify others due to broken system detetection, the parameter to what lan interface ublockr uses set nic parameter to use the lan interface to the interface used for lan.

• AsusWRT uses br0
• Padavan uses br0
• Openwrt uses br-lan

Rest of the configuration should be pretty obvious regarding paths etc. If ublockr blocks a domain that your actively using add that domain to whitelist.filter in your ublockr folder path. use the bugtracker on my gitlab for reporting issues.

Planned features

• Verify list integrity in case of defunct lists

Uninstall uBlockr
Incase you want to uninstall ublockr edit /jffs/scripts/services-start and remove the entry of ublockr

rm /opt/bin/ublockr
rm /opt/etc/ublockr.cfg
rm -r /opt/var/cache/ublockr

 

[jeff288]

What's the advantage of this over AB-Solutions? Besides IPv6 support, which it should have soon, is it just that this shows a transparent pixel for the ads it blocks? Also, to not get the annoying insecure SSL url icon in the browser, don't you have to install a CA for every device browser you use?

 

[swetoast]

1. Well for those that like to tinker this offers more customization then AB-Solutions might be more for the novice users rather then beginners.
2. yes ads gets replaced by a pixel, and no it isn't annoying on most devices it doesn't even show the insecure ssl.
3. yes pixelserv is still pixelserv, you need to use the ca the browser you use as it demands per the installation instructions.

Hope that answers your questions i like AB-Solutions thelonelycoder has really done a nice job for beginners/novice users but if your hobby tinker like me this script has appeal since its really customize able.

i like minimal things that doesnt use alot to do stuff most effort least lines.

 

[kvic]

I have neither used AB-Solution nor ublockr. I have my own minimalist script.

But thanks for making it work with pixelserv!

 

[swetoast]

tnx for making it

outta curiosity how many lines is your script ?

avg hosts blocked also ?

 

[martinr]

You probably can't speak for AB Solutions, but how does this sort of package get updated as new domains enter the list and defunct ones get dropped?

Is it purely blocking ads or is it blocking malicious domains as well?

 

[kvic]

tnx for making it

outta curiosity how many lines is your script ?

avg hosts blocked also ?

For pixelserv, I'm just one contributor for adding HTTPS plus a few fringe cosmetic changes. A few other other people did the heavy lifting, including @mstombs in the pixelserv thread. If you read the codes, you could tell they worked really hard..

My minimalist adblock script is 126 lines.

Block ~30k domains..

 

[swetoast]

currently im using 12 diffrent lists that blocks ads and malware domain might get a list updater that i maintain currently their at static it just downloads the lists

aslo i added a malware blocker that uses ipset to block ips on the asuswrt-merlin wiki
https://github.com/RMerl/asuswrt-merlin/wiki/Using-ipset#malware-filter

 

[swetoast]

well kvic thx for contributing then just seen your repo at github thats why i assumed you had a part in it.

my script is currently at 103 could probably trim it down to 100 or less even.

 

[tijaune]

I have to append an additional argument to the wget...
wget https://gitlab.com/spitfire-project/ublockr/raw/master/ublockr -o /jffs/scripts/ublockr --no-check-certificate

 

[swetoast]

yeah your right forgot that wget is useless without ca-certificates tnx

 

[tijaune]

I have some missing dependencies for pixelserv-tls?

opkg list-installed
ca-certificates - 20150426
findutils - 4.5.14-1
grep - 2.21-2
ldconfig - 0.9.32-1
libc - 0.9.32-1
libgcc - 4.6.4-1
libpcre - 8.37-2
libpthread - 0.9.32-1
librt - 0.9.32-1
libstdcpp - 4.6.4-1
uclibc-opt - 0.9.32-5

opkg install ca-certificates
Package ca-certificates (20150426) installed in root is up to date.

opkg install pixelserv-tls
Unknown package 'pixelserv-tls'.
Collected errors:
* opkg_install_cmd: Cannot install package pixelserv-tls.

 

[swetoast]

got an up2date opkg list ? cause it should be in the mips and arm repo

http://pkg.entware.net/binaries/mipsel/Packages.html
http://pkg.entware.net/binaries/armv5/Packages.html
http://pkg.entware.net/binaries/armv7/Packages.html

 

[kvic]

I have to append an additional argument to the wget...
wget https://gitlab.com/spitfire-project/ublockr/raw/master/ublockr -o /jffs/scripts/ublockr --no-check-certificate

Another alternative maybe to install ca-certificates from Entware-ng.

I think that will have certificates properly validated without using that CLI option.

 

[swetoast]

ublockr does when it runs

# SET APPCHECK
if [ -z "$(which wget)" ]; then opkg install wget; fi
if [ -z "$(opkg list-installed | grep ca-certificates)" ]; then opkg install ca-certificates; fi
if [ -z "$(which pixelserv-tls)" ]; then opkg install pixelserv-tls; fi
if [ -z "$(opkg list-installed | grep grep)" ]; then opkg install grep; fi
# END APPCHECK

 

[mstombs]

What's the advantage of this over AB-Solutions?... is it just that this shows a transparent pixel for the ads it blocks? Also, to not get the annoying insecure SSL url icon in the browser, don't you have to install a CA for every device browser you use?

Originally the 1x1 transparent pixel allowed browsers to not show broken image symbol and collapse holes in web pages, but actually very few null pixels served these days, because ads are not simple images - and dumb Internet Explorer often used to try to execute the gif binary as a script if it was expecting javascript. But without pixelserv some web sites would stall with multiple timeouts - which are OS/browser dependent - diverting to 127.0.0.1 or 0.0.0.0 can mean the browser looks for a webserver on the client machine. Having a null response from pixelserv should allow things to proceed more smoothly. Prior to @kvic 's tls extension all pixelserv could do was to try to close the attempt at https connection quickly, but that could trigger retries with alternate lower security.

 

[tijaune]

turn out I have the old Entware from merlin wiki page. I followed https://www.hqt.ro/how-to-install-new-generation-entware/ and now ublockr script install correctly.

I need to check on pixelsvr thread now Thanks!

 

[swetoast]

doesn`t work for me....probably install tutorial is not clear.....

isnt really a tutorial but ill go with it first connect to your router via ssh make sure that entware is installed

for how to do that please consult the following pages:
https://github.com/Entware-ng/Entware-ng/wiki/Install-on-Asus-stock-firmware
https://github.com/Entware-ng/Entware-ng/wiki/Install-on-RMerlin-firmware

or if your upgrading from an old repository:
https://github.com/Entware-ng/Entware-ng/wiki/Upgrade-from-Entware
https://github.com/Entware-ng/Entware-ng/wiki/Upgrade-from-Entware-arm

then use the above script to install ublockr and it should work.

 

[swetoast]

no

1. do you have entware-ng installed on your router ? if so do the rest of this list
2. just take the above script and save it as installer.sh
3. then sh installer.sh
4. rm installer.sh

 

[swetoast]

how come you want to use both ab-solutions and ublockr? that seems like a bad idea since hostslists uses alot of ram..

and its NOT a tutorial its a minimalist script only included the installer script in the OP as an example.