What's new
  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.
HI Guys, I have RT-AC68U with 3.0.0.380_3831.
using downloadmaster heavily and spotify via chromecast.
the thing is spotify works much better if you use the embedded "devices available" casting feature but it come with a price - lots of ads.
1. does anyone managed to block spotify ads using Entware script on marlin FW?
2. will I need to search for an alternative solution for downloadmaster?

Thank
relsaar
 
Have some problems here. I just have to run the 4 lines from post 1 correct or is there anything else i need to do?

admin@r7000:/tmp/home/root# /opt/bin/ublockr
Installing wget (1.18-1) to root...
Downloading http://pkg.entware.net/binaries/armv7/wget_1.18-1_armv7soft.ipk.
Installing libpcre (8.39-1) to root...
Downloading http://pkg.entware.net/binaries/armv7/libpcre_8.39-1_armv7soft.ipk.
Installing libopenssl (1.0.2h-1) to root...
Downloading http://pkg.entware.net/binaries/armv7/libopenssl_1.0.2h-1_armv7soft. ipk.
Configuring libpcre.
Configuring libopenssl.
Configuring wget.
Installing ca-certificates (20160104) to root...
Downloading http://pkg.entware.net/binaries/armv7/ca-certificates_20160104_all.i pk.
Configuring ca-certificates.
Installing grep (2.25-1) to root...
Downloading http://pkg.entware.net/binaries/armv7/grep_2.25-1_armv7soft.ipk.
Configuring grep.
Installing pixelserv-tls (V35.HZ12.Kh-20160429-1) to root...
Downloading http://pkg.entware.net/binaries/armv7/pixelserv-tls_V35.HZ12.Kh-2016 0429-1_armv7soft.ipk.
Configuring pixelserv-tls.
Place ca.crt and ca.key to /opt/var/cache/pixelserv before starting HTTPS mode.
Start options can be adjusted via /opt/etc/init.d/S80pixelserv-tls.

See 'pixelserv-tls -h' for details
/opt/var/cache/ublo [ <=> ] 351.62K 269KB/s in 1.3s
/opt/var/cache/ublo 100%[===================>] 488.24K 350KB/s in 1.4s
/opt/var/cache/ublo [ <=> ] 13.46K --.-KB/s in 0.02s
/opt/var/cache/ublo 100%[===================>] 1.74M 1.16MB/s in 1.5s
/opt/var/cache/ublo 100%[===================>] 39.14K 60.4KB/s in 0.6s
/opt/var/cache/ublo [ <=> ] 11.33K 33.9KB/s in 0.3s
/opt/var/cache/ublo [ <=> ] 372.23K 121KB/s in 3.1s
/opt/var/cache/ublo 100%[===================>] 951 --.-KB/s in 0s
/opt/var/cache/ublo 100%[===================>] 49.52K 80.5KB/s in 0.6s
/opt/var/cache/ublo 100%[===================>] 115.26K --.-KB/s in 0.06s
/opt/var/cache/ublo 100%[===================>] 85.97K 163KB/s in 0.5s
/opt/var/cache/ublo 100%[===================>] 313.69K 103KB/s in 3.0s
/opt/var/cache/ublo 100%[===================>] 49.52K 154KB/s in 0.3s
grep: /jffs/configs/dnsmasq.conf.add: No such file or directory
 
HI Guys, I have RT-AC68U with 3.0.0.380_3831.
1. does anyone managed to block spotify ads using Entware script on merlin FW?
2. will I need to search for an alternative solution for downloadmaster?

1. Blocking Spotify ads can be tricky since they are probly embedded in the stream.
2. doubt that download master would be impacted unless it uses port 80 or 443.
 
Spotify offer an ads free service - you should consider it.
 
grep: /jffs/configs/dnsmasq.conf.add: No such file or directory

seems like it doesnt create the add file for some odd reason

what you could do is

touch /jffs/configs/dnsmasq.conf.add

then rerun ublockr
 
Hi @swetoast, great piece of software you provide, thanks!
The only issue I faced with is that it messes up Yandex web apps (it's like Google maps, mail etc. more convenient here in Russia :)). I see yandex How can it be fixed? I see a lot of *.yandex.ru records in the ublockr lists. Unfortunatly I cannot figure out which exact domain is impacted. Tried to whitelist the yandex.ru domain, but it didn't help, looks like I need to whitelist the exact domains. Could you please hint on the optimal solution?
Thank you in advance!
 
yandex.ru

Add that domain to whitelist it should work if it doesn't then I'm going to see if there are any issues
 
Hi @swetoast, I don't know the reason, but the blocking starts being unstable over time. After router restart it's okay, whitelisting works fine, but within several hours the yandex websites stop loading. Any clue?
 
@kvic : do these stats look normal?

Code:
pixelserv-tls version: v35.HZ12.Ki compiled: Dec 26 2016 18:42:33 options: 

uts    0d 02:36    pixelserv uptime
log    0    logging access to syslog (0=disabled 1=enabled)
req    22    total # of requests (HTTP, HTTPS, success, failure etc)
avg    381 bytes    average length of request URL
rmx    394 bytes    maximum length of request URL
tav    9 ms    average processing time (per request)
tmx    49 ms    maximum processing time (per request)
slh    0    # of accepted HTTPS requests
slm    0    # of rejected HTTPS requests (missing certificate)
sle    0    # of rejected HTTPS requests (certificate available but bad)
slu    0    # of dropped HTTPS requests (unknown error)
nfe    3    # of GET requests for server-side scripting
gif    0    # of GET requests for GIF
ico    0    # of GET requests for ICO
txt    0    # of GET requests for Javascripts
jpg    0    # of GET requests for JPG
png    0    # of GET requests for PNG
swf    0    # of GET requests for SWF
sta    19    # of GET requests for HTML stats
stt    0    # of GET requests for plain text stats
ufe    0    # of GET requests /w unknown file extension
rdr    0    # of GET requests resulted in REDIRECT response
nou    0    # of GET requests /w empty URL
pth    0    # of GET requests /w malformed URL
204    0    # of GET requests (HTTP 204 response)
pst    0    # of POST requests (HTTP 501 response)
hed    0    # of HEAD requests (HTTP 501 response)
bad    0    # of unknown HTTP requests (HTTP 501 response)
err    0    # of dropped requests (failed to accept client connection)
tmo    0    # of dropped requests (client timeout before connection accepted)
cls    0    # of dropped requests (client disconnect before connection accepted)

I looks like nothing is blocked at all..
What seems strange to me is that whenever I enter a blacklisted domain I get redirected to the router login page... Entering the ip of pixelserv works fine on the other hand. Thanks in advance
 
@kvic : do these stats look normal?

Code:
pixelserv-tls version: v35.HZ12.Ki compiled: Dec 26 2016 18:42:33 options:

uts    0d 02:36    pixelserv uptime
log    0    logging access to syslog (0=disabled 1=enabled)
req    22    total # of requests (HTTP, HTTPS, success, failure etc)
avg    381 bytes    average length of request URL
rmx    394 bytes    maximum length of request URL
tav    9 ms    average processing time (per request)
tmx    49 ms    maximum processing time (per request)
slh    0    # of accepted HTTPS requests
slm    0    # of rejected HTTPS requests (missing certificate)
sle    0    # of rejected HTTPS requests (certificate available but bad)
slu    0    # of dropped HTTPS requests (unknown error)
nfe    3    # of GET requests for server-side scripting
gif    0    # of GET requests for GIF
ico    0    # of GET requests for ICO
txt    0    # of GET requests for Javascripts
jpg    0    # of GET requests for JPG
png    0    # of GET requests for PNG
swf    0    # of GET requests for SWF
sta    19    # of GET requests for HTML stats
stt    0    # of GET requests for plain text stats
ufe    0    # of GET requests /w unknown file extension
rdr    0    # of GET requests resulted in REDIRECT response
nou    0    # of GET requests /w empty URL
pth    0    # of GET requests /w malformed URL
204    0    # of GET requests (HTTP 204 response)
pst    0    # of POST requests (HTTP 501 response)
hed    0    # of HEAD requests (HTTP 501 response)
bad    0    # of unknown HTTP requests (HTTP 501 response)
err    0    # of dropped requests (failed to accept client connection)
tmo    0    # of dropped requests (client timeout before connection accepted)
cls    0    # of dropped requests (client disconnect before connection accepted)

I looks like nothing is blocked at all..
What seems strange to me is that whenever I enter a blacklisted domain I get redirected to the router login page... Entering the ip of pixelserv works fine on the other hand. Thanks in advance

req = 22 sta=19 means at least 3 ad requests hitting pixelserv. So I think it's working for you.

Did you follow swetoast's instructions to have ublockr setup properly?
 
@kvic yeah I followed his instructions. What should I see after I enter a blacklisted domain. I used a self-compiled pixelserv (very early one) version on an old dd-wrt router and every time I entered a blacklisted domain I got redirected to the pixel itself. Now I get to the merlin login page.

@swetoast here are the logs after a reboot. I removed some kernel/openvpn entries.
Code:
Aug  1 02:00:14 stop_nat_rules: apply the redirect_rules!
Aug  1 02:00:14 WAN Connection: ISP's DHCP did not function properly.
Aug  1 02:00:18 custom config: Appending content of /jffs/configs/dnsmasq.conf.add.
Aug  1 02:00:18 dnsmasq[434]: failed to load names from /opt/var/cache/ublockr/ipv4_hosts: No such file or directory
Aug  1 02:00:18 RT-AC68U: start httpd - SSL
Aug  1 02:00:18 RT-AC68U: start httpd
Aug  1 02:00:19 disk monitor: be idle
Aug  1 02:00:19 hour monitor: daemon is starting
Aug  1 02:00:19 hour monitor: daemon terminates
Aug  1 02:00:19 syslog: Generating SSL certificate...
Aug  1 02:00:21 Samba Server: daemon is started
Aug  1 02:00:22 custom script: Running /jffs/scripts/services-start
Aug  1 02:00:22 jffs2: valid logs(1)
Aug  1 02:00:23 miniupnpd[518]: HTTP listening on port 47539
Aug  1 02:00:23 miniupnpd[518]: Listening for NAT-PMP/PCP traffic on port 5351
Aug  1 02:00:23 dnsmasq[434]: failed to load names from /opt/var/cache/ublockr/ipv4_hosts: No such file or directory
Aug  1 02:00:23 syslog: module ledtrig-usbdev not found in modules.dep
Aug  1 02:00:23 syslog: module leds-usb not found in modules.dep
Aug  1 02:00:23 custom script: Running /jffs/scripts/wan-start (args: 0)
Aug  1 02:00:23 rc_service: udhcpc 530:notify_rc start_firewall
Aug  1 02:00:23 dnsmasq[434]: failed to load names from /opt/var/cache/ublockr/ipv4_hosts: No such file or directory
Aug  1 02:00:23 wan-start: waiting for the internet connection to come up
Aug  1 02:00:23 kernel: SCSI subsystem initialized
Aug  1 02:00:23 wan: finish adding multi routes
Aug  1 02:00:23 kernel: csw_retry 100
Aug  1 02:00:23 rc_service: udhcpc 530:notify_rc stop_upnp
Aug  1 02:00:23 rc_service: waitting "start_firewall" via udhcpc ...
Aug  1 02:00:24 WAN Connection: WAN was restored.
Aug  1 02:00:24 miniupnpd[518]: add_filter_rule() : chain FUPNP not found
Aug  1 02:00:26 kernel: scsi 0:0:0:0: Direct-Access                               1100 PQ: 0 ANSI: 4
Aug  1 02:00:26 kernel: sd 0:0:0:0: Attached scsi generic sg0 type 0
Aug  1 02:00:26 kernel: sd 0:0:0:0: [sda] 7913472 512-byte logical blocks: (4.05 GB/3.77 GiB)
Aug  1 02:00:26 kernel: sd 0:0:0:0: [sda] Write Protect is off
Aug  1 02:00:26 kernel: sd 0:0:0:0: [sda] Assuming drive cache: write through
Aug  1 02:00:26 kernel: sd 0:0:0:0: [sda] Assuming drive cache: write through
Aug  1 02:00:26 kernel: sd 0:0:0:0: [sda] Assuming drive cache: write through
Aug  1 02:00:26 kernel: sd 0:0:0:0: [sda] Attached SCSI removable disk
Aug  1 02:00:26 start_nat_rules: apply the nat_rules(/tmp/nat_rules_eth0_eth0)!
Aug  1 02:00:26 start_nat_rules: apply the nat_rules(/tmp/nat_rules_eth0_eth0)!
Aug  1 02:00:28 kernel: nf_conntrack_rtsp v0.6.21 loading
Aug  1 02:00:28 wan-start: br0:pixelserv 192.168.1.3 created.
Aug  1 02:00:28 usb: USB ext3 fs at /dev/sda1 mounted on /tmp/mnt/sda1.
Aug  1 02:00:29 kernel: nf_nat_rtsp v0.6.21 loading
Aug  1 02:00:29 custom script: Running /jffs/scripts/post-mount (args: /tmp/mnt/sda1)
Aug  1 02:00:29 post-mount: /tmp/mnt/sda1
Aug  1 02:00:29 rc_service: udhcpc 530:notify_rc start_upnp
Aug  1 02:00:29 rc_service: waitting "stop_upnp" via udhcpc ...
Aug  1 02:00:30 kernel: EXT3-fs (sda1): error: cannot change data mode on remount. The filesystem is mounted in data=ordered mode and you try to remount it in data=writeback mode.
Aug  1 02:00:30 miniupnpd[518]: shutting down MiniUPnPd
Aug  1 02:00:31 rc_service: udhcpc 530:notify_rc start_vpnserver1
Aug  1 02:00:31 miniupnpd[756]: HTTP listening on port 42917
Aug  1 02:00:31 miniupnpd[756]: Listening for NAT-PMP/PCP traffic on port 5351
Aug  1 02:00:32 ntp: start NTP update
Jan  6 11:43:37 rc_service: ntp 754:notify_rc restart_upnp
Jan  6 11:43:37 rc_service: waitting "start_vpnserver1" via udhcpc ...
Jan  6 11:43:37 dhcp client: bound XXX.XXX.XXX.3 via XXX.XXX.XXX.1 during 300 seconds.
Jan  6 11:43:40 miniupnpd[756]: shutting down MiniUPnPd
Jan  6 11:43:40 miniupnpd[894]: HTTP listening on port 33610
Jan  6 11:43:40 miniupnpd[894]: Listening for NAT-PMP/PCP traffic on port 5351
Jan  6 11:43:41 rc_service: ntp 754:notify_rc restart_diskmon
Jan  6 11:43:41 disk_monitor: Finish
Jan  6 11:43:42 disk monitor: be idle
Jan  6 11:43:57 admin: Started pixelserv-tls from .
Jan  6 11:43:57 rc_service: hotplug 695:notify_rc restart_nasapps
Jan  6 11:43:57 iTunes: daemon is stopped
Jan  6 11:43:57 FTP Server: daemon is stopped
Jan  6 11:43:57 pixelserv[918]: Listening on :192.168.1.3:80
Jan  6 11:43:57 pixelserv[918]: Listening on :192.168.1.3:443
Jan  6 11:43:58 Samba Server: smb daemon is stopped
Jan  6 11:43:58 kernel: gro disabled
Jan  6 11:43:58 Timemachine: daemon is stopped
Jan  6 11:43:58 miniupnpd[894]: shutting down MiniUPnPd
Jan  6 11:43:59 kernel: gro enabled with interval 2
Jan  6 11:44:00 Samba Server: daemon is started
Jan  6 11:44:00 miniupnpd[943]: HTTP listening on port 47170
Jan  6 11:44:00 miniupnpd[943]: Listening for NAT-PMP/PCP traffic on port 5351
Jan  6 11:44:06 crond[443]: time disparity of 755203 minutes detected
Jan  6 11:47:22 dropbear[1106]: Pubkey auth succeeded for 'admin' with key sha1!! cb:97:d9:ea:e9:c0:a6:02:53:69:9d:7d:fc:b9:4f:48:0f:78:c9:c5 from 192.168.1.149:55704
Jan  6 11:47:36 admin: Reading ublockr config....
Jan  6 11:47:37 admin: updating adblock lists.
Jan  6 11:48:25 admin: ipv4_hosts is present in /jffs/configs/dnsmasq.conf.add
Jan  6 11:48:25 rc_service: service 1200:notify_rc restart_dnsmasq
Jan  6 11:48:25 admin: reloaded dnsmasq to read in new hosts
Jan  6 11:48:25 custom config: Appending content of /jffs/configs/dnsmasq.conf.add.
Jan  6 11:48:26 admin: updated ipv4 adblock lists, 93060 ads sites blocked
 
Jan 6 11:48:26 admin: updated ipv4 adblock lists, 93060 ads sites blocked

try a domain thats on that list and see if it points toward pixelserv on you router
 
Code:
admin@RT-AC68U:/tmp/home/root# cat /opt/var/cache/ublockr/ipv4_hosts | grep
www.doubleclick.com
192.168.1.1    www.doubleclick.com
Results:
  • web gui access via http & https: redirected to the web gui
  • web gui access only via https: safari couldn't load site (certs are installed though; also my MacBook ran out of memory when I enabled https...)

So it seems like it's working, right?

Btw... thanks for your help!
 
Status
Not open for further replies.

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top