Author
Message
saphirely DD-WRT User Joined: 13 Dec 2020 Posts: 270
Posted: Tue Nov 09, 2021 20:43 Post subject:
what I used is "nvram submit", but I think nvram commit is also right.
Back to top
Sponsor
the-joker DD-WRT Developer/Maintainer Joined: 31 Jul 2021 Posts: 2146 Location: All over YOUR webs
Back to top
saphirely DD-WRT User Joined: 13 Dec 2020 Posts: 270
Posted: Wed Nov 10, 2021 22:59 Post subject:
Yes, but it real works.
Even after reboot, it works.
Before my ntp_timer is 216000, when I set to 216001 then nvram submit, it is changed then reboot, it is still ntp_timer 216001.
BusyBox v1.34.1 (2021-11-05 06:12:50 +07) built-in shell (ash)
root@DD-WRT:~# nvram show | grep ntp
ntp_timer=216001
size: 37659 bytes (27877 left)
usb_mntpoint=mnt
ntp_enable=1
ntp_server=78.138.17.129 216.239.35.0
ntp_done=1
ntp_mode=auto
ntp_success=0
Back to top
saphirely DD-WRT User Joined: 13 Dec 2020 Posts: 270
Posted: Sat Nov 20, 2021 2:14 Post subject:
Latest update.
Yes, Must Disable "Query DNS in Strict Order" if dnsmasq working with unbound otherwise Buffers will be very low to work stable.
I keep on monitoring the better value for unbound.conf with adjusting...
Back to top
saphirely DD-WRT User Joined: 13 Dec 2020 Posts: 270
Posted: Wed Nov 24, 2021 22:35 Post subject:
Final version which works stable additional porn blocked in conf-file=/jffs/etc/P
root@DD-WRT:/tmp# cat dnsmasq.conf
interface=br0
resolv-file=/tmp/resolv.dnsmasq
server=127.0.0.1#7053
no-resolv
dhcp-leasefile=/tmp/dnsmasq.leases
dhcp-lease-max=15
dhcp-option=br0,3,192.168.1.1
dhcp-authoritative
dhcp-range=br0,192.168.1.9,192.168.1.23,255.255.255.0,1440m
bogus-priv
conf-file=/etc/rfc6761.conf
stop-dns-rebind
dhcp-option=252,"\n"
cache-size=0
conf-file=/jffs/etc/P
root@DD-WRT:/jffs/etc# cat P.sh
#!/bin/sh
echo " Download Porn manuelly for saving in internal ..."
echo " Reference additional Dnsmasq Options: conf-file=/jffs/etc/P"
curl -sS -L --compressed "https://raw.githubusercontent.com/chadmayfield/my-pihole-blocklists/master/lists/pi_blocklist_porn_top1m.list" |awk '{print "address=\/"$1"/0.0.0.0"}' |sort|uniq > /jffs/etc/P
stopservice dnsmasq && startservice dnsmasq
Back to top
saphirely DD-WRT User Joined: 13 Dec 2020 Posts: 270
Posted: Wed Nov 24, 2021 22:43 Post subject:
Final version
root@DD-WRT:/jffs/etc# cat unbound.conf
Code:
server:
verbosity: 1
interface: 0.0.0.0@7053
tls-cert-bundle: "/etc/ssl/ca-bundle.crt"
include: "/jffs/etc/U.conf"
outgoing-num-tcp: 12
incoming-num-tcp: 24
num-queries-per-thread: 36
msg-buffer-size: 8192
msg-cache-size: 4m
rrset-cache-size: 8m
key-cache-size: 400k
neg-cache-size: 40k
infra-cache-numhosts: 1000
do-ip4: yes
do-ip6: no # so that linux pc use ipv4 only in dig or drill
username: ""
pidfile: "/var/run/unbound.pid"
root-hints: "/etc/unbound/named.cache"
target-fetch-policy: "2 1 0 0 0 0"
harden-short-bufsize: yes
harden-large-queries: yes
so-reuseport: yes
num-threads: 2
msg-cache-slabs: 2
rrset-cache-slabs: 2
infra-cache-slabs: 2
key-cache-slabs: 2
outgoing-range: 462
access-control: 127.0.0.0/8 allow
access-control: 192.168.1.1/24 allow
local-data: "localhost A 127.0.0.1"
local-data: "DD-WRT A 192.168.1.1"
cache-max-ttl: 14400
cache-min-ttl: 1200
prefetch: yes
prefetch-key: yes
minimal-responses: yes
serve-expired: yes
serve-expired-ttl: 43200
ip-ratelimit: 0
so-rcvbuf: 256k
udp-upstream-without-downstream: yes
hide-identity: yes
hide-version: yes
do-not-query-localhost: no
qname-minimisation: yes
harden-below-nxdomain: yes
rrset-roundrobin: yes
aggressive-nsec: yes
deny-any: yes
auto-trust-anchor-file: "/etc/unbound/root.key"
python:
remote-control:
forward-zone:
name: "."
forward-tls-upstream: yes
forward-addr: 185.213.26.187@853#dot.ny.ahadns.net
forward-addr: 193.29.62.196@853#dot.chi.ahadns.net
auth-zone:
name: "."
master: 192.203.230.10
master: 192.5.5.241
master: 192.33.4.12
fallback-enabled: yes
for-downstream: no
for-upstream: yes
root@DD-WRT:/jffs/etc# cat U.conf
local-data: "www.google.com A 216.239.38.120"
local-data: "www.google.ca A 216.239.38.120"
local-data: "www.bing.com A 204.79.197.220"
local-data: "www.canada.ca A 23.3.126.101"
local-data: "forum.dd-wrt.com A 185.84.6.126"
local-data: "download1.dd-wrt.com A 185.84.6.100"
local-data: "distrowatch.com A 82.103.129.71"
local-data: "coronavirus.jhu.edu A 13.107.213.40"
local-data: "github.com A 140.82.112.3"
local-data: "news.google.com A 142.251.41.14"
local-data: "freebsd.org A 96.47.72.84"
local-data: "librespeed.org A 78.46.162.45"
local-data: "openspeedtest.com A 23.239.29.5"
Hope you can enjoy this clear solution.
Back to top
saphirely DD-WRT User Joined: 13 Dec 2020 Posts: 270
Posted: Wed Nov 24, 2021 22:46 Post subject:
root@DD-WRT:/jffs/etc# cat P
address=/007milf.com/0.0.0.0
address=/0xxx.ws/0.0.0.0
address=/1000facials.com/0.0.0.0
address=/1000porno.net/0.0.0.0
address=/1001xxx.com/0.0.0.0
address=/100bestpornsites.com/0.0.0.0
address=/100boyself.com/0.0.0.0
address=/100bucksbabes.com/0.0.0.0
address=/100gbtube.com/0.0.0.0
address=/100panty.com/0.0.0.0
address=/101boyvideos.com/0.0.0.0
address=/101domain.com/0.0.0.0
address=/10musume.com/0.0.0.0
address=/16honeys.com/0.0.0.0
address=/171gifs.com/0.0.0.0
address=/18-teen-xxx.com/0.0.0.0
address=/18andabused.com/0.0.0.0
address=/18asiansex.com/0.0.0.0
address=/18asiantube.com/0.0.0.0
address=/18boysex.com/0.0.0.0
address=/18closeup.com/0.0.0.0
address=/18cuteteenboys.com/0.0.0.0
address=/18eighteen.com/0.0.0.0
address=/18girlssex.com/0.0.0.0
address=/18indian.com/0.0.0.0
address=/18nudeteens.net/0.0.0.0
address=/18paradise.com/0.0.0.0
address=/18porno.tv/0.0.0.0
address=/18pornsex.com/0.0.0.0
address=/18pussyclub.com/0.0.0.0
address=/18qt.com/0.0.0.0
address=/18teenporn.net/0.0.0.0
address=/18teenporno.tv/0.0.0.0
address=/18teensex.club/0.0.0.0
address=/18teenslut.com/0.0.0.0
address=/18tubehd.com/0.0.0.0
address=/18yearsold.com/0.0.0.0
address=/18yoteen.com/0.0.0.0
address=/1919gogo.com/0.0.0.0
address=/19teensex.tv/0.0.0.0
address=/1classtube.com/0.0.0.0
address=/1moviesearch.com/0.0.0.0
address=/1pondo.tv/0.0.0.0
address=/1porn.tv/0.0.0.0
address=/2001photo.com/0.0.0.0
.
.
.
.
.
.
address=/zootube1.com/0.0.0.0
address=/zootube8.com/0.0.0.0
address=/zootubex.com/0.0.0.0
address=/zooxhamster.com/0.0.0.0
address=/zooxxxporn.com/0.0.0.0
address=/zooyouporn.com/0.0.0.0
address=/zoozooporn.com/0.0.0.0
address=/zoozootube.com/0.0.0.0
address=/zteenporn.com/0.0.0.0
address=/ztod.com/0.0.0.0
address=/zubby.com/0.0.0.0
address=/zzbabes.com/0.0.0.0
address=/zzcartoon.com/0.0.0.0
address=/zzgays.com/0.0.0.0
address=/zzpornpics.com/0.0.0.0
address=/zztube.com/0.0.0.0
address=/zzztube.com/0.0.0.0
Back to top
saphirely DD-WRT User Joined: 13 Dec 2020 Posts: 270
Posted: Sat Nov 27, 2021 1:18 Post subject:
I found if use the following value in unbound.conf, it will be more stable, at least Buffers always over 1.4MiB.
Code:
msg-cache-size: 3m
rrset-cache-size: 6m
key-cache-size: 300k
neg-cache-size: 30k
infra-cache-numhosts: 600
Back to top