Yamaraj,
I tried this and works great!. But seems bit aggressive list. Do you have a lite version of the blacklist?
With this current list I see issues with,
facebook and some deal sites such as Slickdeals.com and some legitimate redirect links.
I have introduced a BLITZ mode switch in the latest revision. You can set it to 0 to tone down the aggressiveness. By default it's set to 1. I also encourage you to go through the whilelist and blacklist files and make amendments as you see fit. Start with a blank blacklist, and add slickdeals.com to whitelist, for example.
[rev37]: introduced BLITZ mode switch to turn the more aggressive lists on or off. BLITZ=1 is the default. Updated installation instructions. _________________ Routers
NETGEAR R7800 x2: DD-WRT v3.0-r42847 std (04/06/20)
NETGEAR R8500: DD-WRT v3.0-r41517 std (11/11/19)
[rev38]: BLITZ=0 [off] by default. Lots of improvements. Better YT ad blocking. Added bitcoin miners, trackers, telemetry, and fingerprinting domains to the list. Most porn sites blocked by default, except pornhub and erome - for testing. Use whitelist for exceptions.
For beginners: Since whitelist has precedence over blacklist, I suggest leaving blacklist as it is, and adding exceptions to the file whitelist. Run the script after making changes.
Joined: 11 Jun 2015 Posts: 37 Location: Germany/Mexico/China
Posted: Tue Jan 16, 2018 2:26 Post subject:
Yamaraj wrote:
[rev38]: BLITZ=0 [off] by default. Lots of improvements. Better YT ad blocking. Added bitcoin miners, trackers, telemetry, and fingerprinting domains to the list. Most porn sites blocked by default, except pornhub and erome - for testing. Use whitelist for exceptions.
For beginners: Since whitelist has precedence over blacklist, I suggest leaving blacklist as it is, and adding exceptions to the file whitelist. Run the script after making changes.
Yesterday I finally was able to get the scrip running on my DD-WRT. Maybe in the description for the beginners it should be mentioned that jffs should be enabled before starting.
Good work.
I did not run the scrip as requested in the description.
eventhough the script seams to work.
I tried to reach kayak.com and the site was blocked. By just adding kayak.com in the whitelist the address should be reachable again?
But the scrip as mentioned above needs to run again?
I just change to the dnsmasq directory and write adbhostgen.sh and then the scrip is running?
Additional configuration: OpenVPN client and an 8 GiB pendrive partitioned and formatted as swap, /jffs, and /opt running Kong's optware.
I recommend using a pendrive (I use 8 GiB) for /jffs. I'll update my original post with instructions and screenshots.
If you downloaded the 7z archive, it already includes the hosts file, however your router will auto generate fresh hosts file twice a week, as per included instructions. Note that if you make any changes, you should run the script and restart dnsmasq or reboot the router.
Yes, you can add kayak.com to whitelist, but you must run the script again and restart dnsmasq or reboot your router.
1. SSH to router
2. cd /jffs/dnsmasq
3. nano whitelist (add domains you don't want blocked), Ctrl+O and Ctrl+X to save and exit nano.
4. ./adbhostgen.sh
5. reboot _________________ Routers
NETGEAR R7800 x2: DD-WRT v3.0-r42847 std (04/06/20)
NETGEAR R8500: DD-WRT v3.0-r41517 std (11/11/19)
Joined: 11 Jun 2015 Posts: 37 Location: Germany/Mexico/China
Posted: Tue Jan 16, 2018 10:48 Post subject:
@Yamaraj
thanks for your explanation.
I did not get your point why a USB drive is needed & VPN connection.
I just loaded it directly to the jffs folder. Not a good idea?
Thanks also for answering the next question I had. In which interval the update is done. I tried to understand the cron job but only Saturday (6) was my outcome.
Script is currently running. Takes some time as I can see.
Ignore the VPN part, it's just a part of my config, not required for this script. Using a pendrive is recommended considering the space required, and the frequent I/O. Note that I use the same pendrive for /opt too. Any inexpensive 8 GiB should suffice, provided your router has a free USB port. If not, use a reliable USB hub.
The first line runs the script every Sunday and Thursday at 0600 hours. Second line restarts dns service 30 minutes later, giving the script enough time to generate the hosts file.
Joined: 11 Jun 2015 Posts: 37 Location: Germany/Mexico/China
Posted: Wed Jan 17, 2018 15:39 Post subject:
Hello Yamaraj,
still playing a little bit around with the new script and see what is blocked that I could use before.
I found out that my Avast Antivirus cannot update its program anymore correctly. I needed to uninstall it and try to reinstall, but I get http errors.
I also get yahoo mail issue. I can send mails with my iPad but not with my PC. I still don't know if the new scrip is the reason or if it is something different. That's why I have uninstalled Avast.
smtp.mail.yahoo.com is in the mphosts list.
I added it to the white list, running the script, now my wife is happy again because she can send mails.
When I started working on this script, I only had two options. Either start from scratch and compile a huge blacklist, or block almost everything even remotely suspicious and start whitelisting parts of web I needed access to. The latter was far more practical and feasible. As such, the defaults are tailored to meet my needs. Since the lists my script downloads and merges together are independently compiled by different individuals, I suppose more or less the same approach applies to them. A few of these lists often include domains that shouldn't be blocked, and they usually exclude them after reports. But it can be very, very counterproductive even if just for a few days.
The best possible solution is to look for domains and servers you need and whitelist them. In your case, Yahoo mail servers. It would be a great idea if we all merged our whitelists together. I'd gladly update the official whitelist file to include your whitelisted domains after a careful review. You may upload your whitelist file here after curating it for a few days.
Glad you got it working. I spent a few hours tracking down and whitelisting a dozen Apple servers the last time one of those blacklists went rogue. _________________ Routers
NETGEAR R7800 x2: DD-WRT v3.0-r42847 std (04/06/20)
NETGEAR R8500: DD-WRT v3.0-r41517 std (11/11/19)
Joined: 11 Jun 2015 Posts: 37 Location: Germany/Mexico/China
Posted: Wed Jan 31, 2018 5:00 Post subject:
Hello Yamaraj,
script works still like a sharm.
I haven't changed it yet to a USB Drive, as you suggested. I will do this later some time. Need to figure out how to mount the USB Drive. Never done until now
It runs quite good I would say with the internal flash.
Thanks for the good work
Wickiman _________________ Netgear AC1900/R7000 DD-WRT v3.0-r37015M (09/23/18 ) kongac
[rev40]: Important changes to the script. Good news for those not using a pendrive for /jffs. The script now uses /tmp (RAM) for most of the file generation and processing steps. It now also restarts DNS (dnsmasq) automatically so no separate cron job is required anymore. Logging enabled (thanks to Arthur Borsboom).
Go through the first post, download the latest version and follow instructions.
Joined: 11 Jun 2015 Posts: 37 Location: Germany/Mexico/China
Posted: Thu Feb 15, 2018 12:17 Post subject:
@ Yamaraj
unfortunately the update did not really work for me.
I have had several websites I could not reach anymore.
www.google.com
whatsapp did not work anymore
@Wickiman, I'm surprised to hear there are issues. Works perfectly on the three routers I have tested on. The latest blacklist and whitelist files have been carefully curated. Make sure you have the latest script and blacklist/whitelist files in /jffs/dnsmasq. Installation instructions have changed a bit, so it'd be a good idea to go through the first post again.
Joined: 11 Jun 2015 Posts: 37 Location: Germany/Mexico/China
Posted: Thu Feb 15, 2018 15:39 Post subject:
@ Yamaraj
I tried again and this time it worked.
As I am in China, I need VPN and maybe there was something not working correctly that's why google and whatsapp had their problems.
Now, everything looks like smoothly working.
Thanks for your work.
Wickiman _________________ Netgear AC1900/R7000 DD-WRT v3.0-r37015M (09/23/18 ) kongac
Posted: Tue Feb 20, 2018 1:30 Post subject: quick question from the beginner
Thanks Yamaraj and others for testing this.
From the beginners point of reading, the steps isnt clear yet (atleast to me), or i overlooked the critical steps.
I have a router Dir868L with DDWRT v24sp-2-std build 25974. A 8GB USB is formatted as /swap and ready to be plugged-in.
My questions are
1. Do we need to ENABLE or DISABLE jffs in the router. Screenshot shows disabled.
2. If its disabled how to proceed ; do I need to create the /dnsmasq folder in /jffs path. will this work
3. If /jffs is enable, will the /dsmasq, /mphosts, /mpdomains still need to created.
4. will the UUID for mounting the partition be explicitly added or automatically detected.