Joined: 04 Aug 2018 Posts: 1447 Location: Appalachian mountains, USA
Posted: Thu Sep 12, 2019 22:09 Post subject:
Confession: going back to edit the last posted version just a wee bit to eliminate the stupid use of cat from the big pipeline. Works fine, but it's pointless, as are most cats in pipelines. When you are tempted to have a cat feed a pipe, stop and think. _________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
Joined: 16 Nov 2015 Posts: 6437 Location: UK, London, just across the river..
Posted: Fri Sep 13, 2019 6:53 Post subject:
well, back to the thing that put me off...
first my sbc.io has most of the lines needed...and according to my script it Dl about 56k lines...so...
i print it out and i can see any other lines than 0.0.0.0...there is nothing alien...with your script
it trims down to 36k lines and i do not see 20k in trimmings, if you know what i mean..yep many lines are missing...for 20k reduction this is almost a half
not to mention that if i use 2 sources than all the lines are not more than 39k to be precise... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Joined: 04 Aug 2018 Posts: 1447 Location: Appalachian mountains, USA
Posted: Fri Sep 13, 2019 14:26 Post subject:
Alozaros wrote:
well, back to the thing that put me off...
first my sbc.io has most of the lines needed...and according to my script it Dl about 56k lines...so...
i print it out and i can see any other lines than 0.0.0.0...there is nothing alien...with your script
it trims down to 36k lines and i do not see 20k in trimmings, if you know what i mean..yep many lines are missing...for 20k reduction this is almost a half
not to mention that if i use 2 sources than all the lines are not more than 39k to be precise...
Let's investigate. How many lines does the curl download pull from sbc.io?
The CLI wrote:
# curl http://sbc.io/hosts/hosts >sbc
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 1236k 100 1236k 0 0 642k 0 0:00:01 0:00:01 --:--:-- 642k
# wc -l sbc
44441 sbc
Now the interesting one. How many of those lines are entirely blank or comment lines?
Quote:
# grep -E '^[ \t]*(#.*)?$' sbc | wc -l
2155
And 44441 - 2155 = 42286.
So basically, your numbers are all wrong. If you have a 50K file, then it involves more than just sbc.io. If it involves both files without redundancies removed, then those redundancies are the rest of your answer. But I leave it to you do to the legwork to investigate those details.
I'm confident in my script. I checked it out very, very carefully. _________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
Joined: 16 Nov 2015 Posts: 6437 Location: UK, London, just across the river..
Posted: Fri Sep 13, 2019 22:11 Post subject:
yep sry now it shows 42286
you are wright and this is with my script
few days ago it was showing 56031 so it vary's
there was a something with your script i use a very short version of it
anyways my mistake i ll stick to my script until you
finalize yours, i cant play much with it as im not around the router, and i cant leave my colleges without internet.. _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Joined: 04 Aug 2018 Posts: 1447 Location: Appalachian mountains, USA
Posted: Sat Sep 14, 2019 16:02 Post subject:
Edited 25 September 2019 (date of my post below pointing out the correction) to add the -f flag to the curl, to provide correct behavior when a download site doesn't exist at the URL given.
I think functionally my script is stable, but I did do a cleanup pass on the code this morning to make it more compact on the page and so use less startup-code storage, to make it easier to add or remove download targets, and to make it easier to switch from curl -k to wget -O - with the latter now only a matter of doing exactly that substitution in exactly one place.
Of course by now everyone has noticed that I keep thinking that tweaking is done, then I think of a new tweak.
_________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
Joined: 16 Nov 2015 Posts: 6437 Location: UK, London, just across the river..
Posted: Sun Sep 15, 2019 1:27 Post subject:
this one does some strange errs, i got only one line facebook bla bla bla in cat tmp/badhosts..
it says err code 527 or something like..
tried with curl and wget too... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Joined: 04 Aug 2018 Posts: 1447 Location: Appalachian mountains, USA
Posted: Sun Sep 15, 2019 15:11 Post subject:
Alozaros wrote:
this one does some strange errs, i got only one line facebook bla bla bla in cat tmp/badhosts..
it says err code 527 or something like..
tried with curl and wget too...
Interesting... Which dd-wrt version? Is this the old one? (Here it works on BS releases 40009 and 40784.) Then let's start with the basic checks. Here's how they look here. Can you post what you get?
CLI wrote:
root@TheRouter:~# cd /tmp
root@TheRouter:/tmp# cat badhosts.codes
0 0 0
root@TheRouter:/tmp# cat badhosts.log
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 423k 100 423k 0 0 756k 0 --:--:-- --:--:-- --:--:-- 755k
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 1236k 100 1236k 0 0 771k 0 0:00:01 0:00:01 --:--:-- 770k
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 403k 100 403k 0 0 238k 0 0:00:01 0:00:01 --:--:-- 238k
root@TheRouter:/tmp# wc -l badhosts
42384 badhosts
root@TheRouter:/tmp# cat badhosts.whitelist
/( |\.)hulu\.com$/d
/( |\.)huluad\.com$/d
root@TheRouter:/tmp# cat badhosts.blacklist
0.0.0.0 graph.facebook.com
_________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
Joined: 04 Aug 2018 Posts: 1447 Location: Appalachian mountains, USA
Posted: Sun Sep 15, 2019 21:07 Post subject:
[Edit: I responded to the below too quickly. Actually, the fact that you had two wget error codes in the log points to wget being run twice. The only way that could happen is if using the function is fine, since the function is called twice. So check carefully the use of wget. Careful that "-O" is followed, after a space, by "-" since omitting that would certainly crash things.]
cat /tmp/dlhosts.codes 127 127
/tmp/custom.sh: line 11: curl: not found
/tmp/custom.sh: line 11: curl: not found
hmm it seems this curl i installed via opkg is
not working as it should..
and weget -O does this
user.notice startup-code adblocker: dlhosts has 1 lines, exit codes 255 255
The documentation I can find on wget only shows exit codes 0 through 8, so there's no telling what 255 is.
I assume you have wget -O - instead of curl -k, including the final hyphen?
I had the impression that the earlier version worked with wget for you, and the biggest change in the new version was using a bash function, so I wonder whether you're on an old dd-wrt and whether the BusyBox shell back then perhaps didn't have functions? Can you duplicate this little test, by copy/pasting the bold red commands into the CLI and seeing whether you get the bold blue response? (No need to be in /tmp.)
If you don't get that response, then your shell is too old and you'll want to stick with an earlier version, before I added the Download function. _________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
Joined: 16 Nov 2015 Posts: 6437 Location: UK, London, just across the river..
Posted: Mon Sep 16, 2019 4:44 Post subject:
yep some builds are like that things are missin...
and this is 8MB flash size device, so it's normal...
some things are stripped off in order to fit in the flash size...
no output of that function, so this is the bugger
it says bbx 1.31 built-in shell (ash) ...
yep im ok with the old script..or yours...the short version of it, its also fine... _________________ Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Joined: 04 Aug 2018 Posts: 1447 Location: Appalachian mountains, USA
Posted: Wed Sep 25, 2019 20:55 Post subject:
Bug fix!
I'm editing it into the earlier posted versions of the script in this thread.
Replace "curl -k" in the adblocker with "curl -kf" so that if the site doesn't exist, a nonzero exit code will be returned and no stdout will be produced. I mistakenly assumed curl did this anyway, like wget did in my early versions. Turns out it doesn't though. Without the -f a nonexistent site makes it return a zero exit code and send an "OMG THERE'S NO SUCH SITE?" or some such (OK, with more conventional wording), in html, to stdout. The sed commands will filter out the nonsense output, so it shouldn't contaminate the badhosts file. But the error codes will not show anything is wrong. _________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
Joined: 04 Aug 2018 Posts: 1447 Location: Appalachian mountains, USA
Posted: Wed Sep 25, 2019 23:18 Post subject:
Edited 9 Dec 2019 to add wait loop before curls, to make sure the network is available, and an outer subshell (first two noncomment lines and a final closing parenthesis) that can be exited early if a lockfile shows it's already been run. You likely won't need either tweak in a shell version that you run with cron.
So while I am in a fixing mood, and continuing my idiotic tradition of posting new versions way too soon and after minimal testing of changes (a dd-wrt tradition!), here's the latest adblocker code for GUI>Administration>Commands, Startup. Note the first comment re the other GUI edit required.
The main point here is just cleanup for readability. However, there are actual changes here to that earlier hurried kluge of syslog-entry machinery. This version is cleaner. Pointless group-command braces in the Download function have been removed as well. While I've badmouthed cats in pipelines, even in this very thread, I don't actually see a cleaner way here (in the syslog-entry code). So there it lurks.
Any URLs containing $ or & (maybe some other characters also) must be enclosed in single quotes like 'https://blah.com/foo?bar&bat' and such quotes never hurt. Don't use double quotes. Note as before that the sleep may need lengthening for some router/build/config combinations. Try it and check the log entry, looking for 0 0 0 for exit codes (or look at /tmp/badhosts.codes in the CLI) and a decent-length badhosts file. As of today -- it can vary a bit day to day as the files posted at the URLs are edited -- I have 43276 lines. On the first try it's a good idea to look at /tmp/badhosts.log in the CLI to verify that the curls are doing something reasonable.
If you have an old or small build that doesn't have curl, you can replace curl -kf with wget -O - but be careful to include that final hyphen, and note that O is the letter "Oh" and not a zero. You'll likely get nothing but an error from the third Download line, as the wget in dd-wrt does not, by default anyway, handle https sites. You can just delete that third Download line and get by just fine on two, with a slightly smaller badhosts file resulting.
The whitelist entries here allow hulu ads, without which hulu will not stream, and the blacklist entries hamper some of facebook's spying and ad displays. The connect.facebook.net entry will likely break logging into other sites using facebook credentials in addition to hampering their spying. Edit: It appears that blacklisting graph.facebook.com kills facebook messenger, also in addition to hampering their spying. Boo hoo.
Whitelist entries can be either domains, as above, or linux extended regular expressions that expand to domains when each "." is escaped. The latter means the two entries here could be condensed to the one line hulu(ad)?.com or hulu(|ad).com if desired. A whitelisted domain foo.com implicitly whitelists x.foo.com and such as well. All that flexibility is absent for the blacklist, however. Those names must be domains. Either list can be empty, with zero lines. _________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
Hi there..
SurprisedItWorks.. I registered today to ddwrt just to say thank you.
This method is so simple and automatic, no need of flash drive, tuning something in addition, and just simply works.
I must say I had a lot of fun watching the posts updates, from one method then using curl.. then wget.. then optimizing the sequences.. really perfect mindset and script.
Joined: 04 Aug 2018 Posts: 1447 Location: Appalachian mountains, USA
Posted: Thu Nov 07, 2019 5:13 Post subject:
Thank you, Pierrick! Unusual that people bother with that. It is appreciated.
And so here's a bonus, something I just added to my routers a couple of weeks ago. Add this as a new line after the sleep and before the first sed:
until ping -c 1 -w 10 &> /dev/null cloudflare.com; do sleep 110; done
This prevents things from going further until the router is able to ping cloudflare.com. Tries the ping every two minutes.
I was moved to add this when I had a power failure at home for an hour, and when the power came back up, the router booted before the modem. This meant the router was trying to do the Download steps before success was possible, and as a result all the Downloads failed and badhosts remained empty. This way it won't try the downloads until the network is up with DNS functioning. _________________ 2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.