My Ad/Malware block script

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Goto page Previous  1, 2, 3, 4, 5, 6  Next
Author Message
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Mon Sep 09, 2019 12:31    Post subject: Reply with quote
so this line is not needed
logger -t ': adblocker wget exit codes' <badhosts.codes

as well those badhosts.codes will not be created ...
i dont need any reports as i can see badhosts content via CLI im fine, just trying to cut some space Razz and speed up the start up Razz : P

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Sponsor
SurprisedItWorks
DD-WRT Guru


Joined: 04 Aug 2018
Posts: 1446
Location: Appalachian mountains, USA

PostPosted: Mon Sep 09, 2019 12:56    Post subject: Reply with quote
Alozaros wrote:
so this line is not needed
logger -t ': adblocker wget exit codes' <badhosts.codes

as well those badhosts.codes will not be created ...
i dont need any reports as i can see badhosts content via CLI im fine, just trying to cut some space Razz and speed up the start up Razz : P

The logger line takes input from badhosts.codes but does not make it go away. If we want a shortened version that simply doesn't create badhosts.codes, we can strip down your wget version even more:
Code:
#ad blocking, needs in dnsmasq Add'l Config: addn-hosts=/tmp/badhosts
  ( cd /tmp; touch badhosts; sleep 30
    ( wget -O - http://winhelp2002.mvps.org/hosts.txt
      wget -O - http://sbc.io/hosts/hosts ) 2>badhosts.log \
    | sed 's/\t/ /g; /^0\.0\.0\.0 /!d; s/ *\#.*$//; s/\r//' | sort -u \
    | sed -E '/\.hulu(|ad)\./d' > badhosts
  ) && killall -HUP dnsmasq &
With this abbreviated version, you have to look at the contents of /tmp/badhosts.log to verify that everything went OK. I always do wc -l /tmp/badhosts in the CLI as well, to count the number of lines in the badhosts file.
_________________
2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Mon Sep 09, 2019 15:32    Post subject: Reply with quote
SurprisedItWorks wrote:
Alozaros wrote:
so this line is not needed
logger -t ': adblocker wget exit codes' <badhosts.codes

as well those badhosts.codes will not be created ...
i dont need any reports as i can see badhosts content via CLI im fine, just trying to cut some space Razz and speed up the start up Razz : P

The logger line takes input from badhosts.codes but does not make it go away. If we want a shortened version that simply doesn't create badhosts.codes, we can strip down your wget version even more:
Code:
#ad blocking, needs in dnsmasq Add'l Config: addn-hosts=/tmp/badhosts
  ( cd /tmp; touch badhosts; sleep 30
    ( wget -O - http://winhelp2002.mvps.org/hosts.txt
      wget -O - http://sbc.io/hosts/hosts ) 2>badhosts.log \
    | sed 's/\t/ /g; /^0\.0\.0\.0 /!d; s/ *\#.*$//; s/\r//' | sort -u \
    | sed -E '/\.hulu(|ad)\./d' > badhosts
  ) && killall -HUP dnsmasq &
With this abbreviated version, you have to look at the contents of /tmp/badhosts.log to verify that everything went OK. I always do wc -l /tmp/badhosts in the CLI as well, to count the number of lines in the badhosts file.


yep i stripped off like that...
thinking you can add wc -l /tmp/badhosts to it, so you can see the results in the syslog instead ???

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
SurprisedItWorks
DD-WRT Guru


Joined: 04 Aug 2018
Posts: 1446
Location: Appalachian mountains, USA

PostPosted: Mon Sep 09, 2019 16:00    Post subject: Reply with quote
Alozaros wrote:
SurprisedItWorks wrote:
I always do wc -l /tmp/badhosts in the CLI as well, to count the number of lines in the badhosts file.

yep i stripped off like that...
thinking you can add wc -l /tmp/badhosts to it, so you can see the results in the syslog instead ???
Replace the logger line with this:
Code:
wc -l /tmp/badhosts \
| awk '{print $1,"/tmp/badhosts lines"}' \
| logger -t ": startup-code adblocker"
Or remove the awk line for a briefer version that shows the wc output with no modification. Or edit either double-quoted string to your taste. We could come up with a longer and less clear version that would include both the line count and the exit codes, but it would take a bit of thought to figure out the cleanest way.
_________________
2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
SurprisedItWorks
DD-WRT Guru


Joined: 04 Aug 2018
Posts: 1446
Location: Appalachian mountains, USA

PostPosted: Tue Sep 10, 2019 16:15    Post subject: Reply with quote
Edit: The correction noted in the next post has been incorporated here.

2nd Edit, 25 September 2019, (date of my post below pointing out the correction) to add the -f flag to each curl, to provide correct behavior when a download site doesn't exist at the URL given.

The adblocker project here has evolved further. Here is a version that makes whitelisting very easy, as long as you are willing to edit the dd-wrt startup code. This is the grand version that uses curl, does a relatively comprehensive syslog entry, and now does proper whitelisting.
Code:
#Hosts to block in dnsmasq using Add'l Config: addn-hosts=/tmp/badhosts
#Inspired by Alozaros 7/8/18 post:
#https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=315773
  ( cd /tmp; touch badhosts; sleep 30
    sed 's/\./\\./g;s/.*/\/( |\\.)&$\/d/' <<'ENDOFWHITE' >badhosts.whitelist
hulu.com
huluad.com
ENDOFWHITE
    ( EXA=0 ; EXB=0 ; EXC=0
      curl -f  http://winhelp2002.mvps.org/hosts.txt || EXA=$?
      curl -f  http://sbc.io/hosts/hosts || EXB=$?
      curl -kf https://someonewhocares.org/hosts/zero/hosts || EXC=$?
      echo $EXA $EXB $EXC > badhosts.codes
    ) 2>badhosts.log \
    | sed 's/\t/ /g; /^0\.0\.0\.0 /!d; s/ *\#.*$//; s/\r//' | sort -u \
    | sed -Ef badhosts.whitelist > badhosts
    echo $(wc -l /tmp/badhosts | awk '{print $2,"has",$1,"lines,"}') \
         'curl exit codes' $(cat badhosts.codes) \
    | logger -p user.info -t "startup-code adblocker"
  ) && killall -HUP dnsmasq &

For those who need to strip it down, I'll color code the pieces that could be removed. Here I show it all unindented, for the space savers among us.

( cd /tmp; touch badhosts; sleep 30
sed 's/\./\\./g;s/.*/\/( |\\.)&$\/d/' <<'ENDOFWHITE' >badhosts.whitelist
hulu.com
huluad.com
ENDOFWHITE

( EXA=0 ; EXB=0 ; EXC=0
curl -f http://winhelp2002.mvps.org/hosts.txt || EXA=$?
curl -f http://sbc.io/hosts/hosts || EXB=$?
curl -kf https://someonewhocares.org/hosts/zero/hosts || EXC=$?
echo $EXA $EXB $EXC > badhosts.codes
) 2>badhosts.log \
| sed 's/\t/ /g; /^0\.0\.0\.0 /!d; s/ *\#.*$//; s/\r//' | sort -u \
| sed -Ef badhosts.whitelist
> badhosts
echo $(wc -l /tmp/badhosts | awk '{print $2,"has",$1,"lines,"}') \
'curl exit codes' $(cat badhosts.codes) \
| logger -p user.info -t "startup-code adblocker"

) && killall -HUP dnsmasq &

The wget people will want to change each curl -f to wget -O - and then remove the third curl/wget line (including the url, which refuses to color) and associated exit-code variable. To not log to syslog, three lines near the end can be removed. To skip whitelisting, remove the creation of the whitelist script near the top and the application of the script just before the syslog material.

Edit: Note that whitelisting hulu.com implicitly whitelists www.hulu.com, ads.hulu.com, etc. Any additional part of a domain name to the left of what is in the whitelist, with a dot separating them, is implicitly whitelisted as well. To whitelist, say, only www.hulu.com, one would include www.hulu.com in the whitelist but not hulu.com.

I hope this is all correct! (But then being dd-wrt people, you are used to being beta testers, right?)

_________________
2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.


Last edited by SurprisedItWorks on Wed Sep 25, 2019 21:02; edited 3 times in total
SurprisedItWorks
DD-WRT Guru


Joined: 04 Aug 2018
Posts: 1446
Location: Appalachian mountains, USA

PostPosted: Tue Sep 10, 2019 16:54    Post subject: Reply with quote
Oops. Too fast! Error in the first sed line. The one ^ there should be a space. Will fix in the original later today.
_________________
2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
SurprisedItWorks
DD-WRT Guru


Joined: 04 Aug 2018
Posts: 1446
Location: Appalachian mountains, USA

PostPosted: Wed Sep 11, 2019 20:11    Post subject: Reply with quote
Edit: Per my short post several posts down from here, I'm making a minor cleanup edit to the code below to eliminate the pointless use of cat. Either version of the code works fine, so no need to change it in your router if you've already grabbed it.[i]

[i]Another edit, 25 September 2019 (date of my post below pointing out the correction), to add the -f flag to each curl, to provide correct behavior when a download site doesn't exist at the URL given.


And finally, here is a version that has a blacklist as well as a whitelist. Either can be empty, so that, for example, you could delete the two hulu lines here to have no whitelist, or you could delete the facebook line to have no blacklist beyond the ones the three online sites provide. Or you can add more lines to either the whitelist or blacklist or both. Obviously, if this is in startup code (remember, this is tailored to systems that reboot regularly), you won't want either the blacklist or whitelist to be particularly long, but at least you can tailor things a little. (Anything more becomes a /jffs project, and I don't use /jffs.)
Code:
#Hosts to block in dnsmasq using Add'l Config: addn-hosts=/tmp/badhosts
#Inspired by Alozaros 7/8/18 post:
#https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=315773
  ( cd /tmp; touch badhosts; sleep 30
    sed 's/\./\\./g;s/.*/\/( |\\.)&$\/d/' <<'ENDOFWHITE' >badhosts.whitelist
hulu.com
huluad.com
ENDOFWHITE
    awk '{print "0.0.0.0 "$1}' <<'ENDOFBLACK' >badhosts.blacklist
graph.facebook.com
ENDOFBLACK
    ( EXA=0 ; EXB=0 ; EXC=0
      curl -f  http://winhelp2002.mvps.org/hosts.txt || EXA=$?
      curl -f  http://sbc.io/hosts/hosts || EXB=$?
      curl -kf https://someonewhocares.org/hosts/zero/hosts || EXC=$?
      echo $EXA $EXB $EXC > badhosts.codes
    ) 2>badhosts.log \
    | sed 's/\t/ /g; /^0\.0\.0\.0 /!d; s/ *\#.*$//; s/\r//' \
    | sort -u - badhosts.blacklist | sed -Ef badhosts.whitelist > badhosts
    echo $(wc -l /tmp/badhosts | awk '{print $2,"has",$1,"lines,"}') \
         'curl exit codes' $(cat badhosts.codes) \
    | logger -p user.info -t "startup-code adblocker"
  ) && killall -HUP dnsmasq &

There is (at least) one small unresolved mystery. At least one of the three block lists downloaded here contains the line 0.0.0.0 0.0.0.0, but I have no idea why. (Do head /tmp/badhosts in the CLI to see that it is the first line of the final badhosts file.) What does such a line do (in an /etc/hosts file, effectively)? Should 0.0.0.0 be included in the whitelist so that the mystery line is not included in the badhosts file? Or is there a good reason to have it in badhosts? I can handle a bit of linux scripting but am most surely not a networking person, and this is beyond me. Anyone?

_________________
2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.


Last edited by SurprisedItWorks on Wed Sep 25, 2019 21:04; edited 2 times in total
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Thu Sep 12, 2019 9:19    Post subject: Reply with quote
hmmm, the thing i noticed and stop using your script..

it was DL less lines...
i have 2 sources where with my, script it was DL more lines than that...
i checked all the printed outputs and couldn't find most of the lines..i can see there are cuts as those are not needed lines, but i cant see 20k less, so there is something, wrong with it...

my script DL 58k lines 1 source
your 37k...2 sources...

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
SurprisedItWorks
DD-WRT Guru


Joined: 04 Aug 2018
Posts: 1446
Location: Appalachian mountains, USA

PostPosted: Thu Sep 12, 2019 15:00    Post subject: Reply with quote
Alozaros wrote:
hmmm, the thing i noticed and stop using your script..

it was DL less lines...
i have 2 sources where with my, script it was DL more lines than that...
i checked all the printed outputs and couldn't find most of the lines..i can see there are cuts as those are not needed lines, but i cant see 20k less, so there is something, wrong with it...

my script DL 58k lines 1 source
your 37k...2 sources...

Hi Alozaros... I'm not sure what version of your own script you use these days, but your script that I cite in the comment at the top of my script uses the downloaded files without editing. There isn't really anything there to eliminate redundancy.

My script is put together differently, largely because of the sed 's/\t/ /g; /^0\.0\.0\.0 /!d; s/ *\#.*$//; s/\r//' line, which turns tabs into spaces, eliminates all lines not beginning with "0.0.0.0 ", and eliminates trailing spaces and comments. Eliminating comment lines alone will trim the number of total lines considerably. The 0.0.0.0 requirement is largely for safety, as it precludes having lines in the final result that could lead to a DNS request being replied to with a malicious IP. The main point of these processing steps, however, is to standardize the forms of the lines remaining so that a final, separate processing step of sort -u can eliminate redundant lines. In the end then, there can be only one 0.0.0.0 faeceborg.com line even if such a line, possibly with different comments or whitespace, appears in two or three of the original source files. This redundancy elimination is hugely important in determining the number of lines in the final result, because the source files are hugely redundant. In fact, the sbc.io file contains very nearly everything. The others are there mostly as redundancy, in case the sbc.io file is someday not posted at all.

Here are the numbers of lines in the final badhosts file according to which of the download sites are used in the script:

11807 lines, first site alone
42263 lines, second site alone
14275 lines, third site alone
42263 lines, first two sites together
42384 lines, all three sites together

We can see from these numbers that
  • The first site contributes nothing that the second site doesn't already provide. It is completely redundant.
  • The third site is very nearly redundant as well but not quite, as it does contribute 42384 - 42263 = 121 additional lines to badhosts that were not already provided by the second site (or the first two together).
  • Without the step of redundancy elimination, the first two sites together would yield a badhosts file of 11807 + 42263 = 54070 lines.
  • Some of these three downloaded files contain lots of comment lines, so if you do not carefully eliminate those first, your totals will be higher than these.
Does that shed some light on the situation?

_________________
2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Thu Sep 12, 2019 15:39    Post subject: Reply with quote
yeb sbc.io that's the one that's 56k lines
with your scrip sbc.io and one more private... 36k
so, i looked at the both prints and on your script was incomplete...tried few restarts same results...

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
SurprisedItWorks
DD-WRT Guru


Joined: 04 Aug 2018
Posts: 1446
Location: Appalachian mountains, USA

PostPosted: Thu Sep 12, 2019 15:55    Post subject: Reply with quote
Alozaros wrote:
yeb sbc.io that's the one that's 56k lines
with your scrip sbc.io and one more private... 36k
so, i looked at the both prints and on your script was incomplete...tried few restarts same results...

I can't investigate further without more details. Can you give me an example of a site that is in the download files but not in the final badhosts file?

_________________
2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
tinkeruntilitworks
Guest





PostPosted: Thu Sep 12, 2019 20:40    Post subject: Reply with quote
when you guys go to a big news website for example

do you still get ads?

i use firefox with ublock origin & privacy badger because i still get ads. plus the cosmetic fixes are nice.

i'm trying to figure out if dns blocking is far worse or if blocking in general is harder all around
SurprisedItWorks
DD-WRT Guru


Joined: 04 Aug 2018
Posts: 1446
Location: Appalachian mountains, USA

PostPosted: Thu Sep 12, 2019 21:42    Post subject: Reply with quote
tinkeruntilitworks wrote:
when you guys go to a big news website for example

do you still get ads?

i use firefox with ublock origin & privacy badger because i still get ads. plus the cosmetic fixes are nice.

i'm trying to figure out if dns blocking is far worse or if blocking in general is harder all around

I assume the approaches taken by adblock plus, ublock, etc. are domain based and therefore essentially the same as our DNS adblocking in effectiveness of basic approach. The difference may be simply the quality of the lists.

In any case, I do see way fewer ads now. I particularly notice their absence on news sites, where it seems like I rarely see ads now, and this includes some big-name newspapers and big-deal news-commentary blogs. News apps also. Many display as if the ads never existed, while others display with big empty spots where the ads "should" go.

Aside: I'm not interested in the argument that I should support them by allowing ads, so they can afford to do their journalism. I'd rather add to the pressure to find a different approach to funding altogether, because the ad-supported model is bankrupt and is destroying minds. It's worst on TV. On the major news networks here, I routinely count 9 consecutive ads between short news blocks of a few minutes. I haven't clocked it, but I think we're talking about some 50% of total time going to ads. It seems I can't get around those with this DNS approach. I assume those ads are embedded in the stream from my internet-TV provider.

In any case, the DNS adblocking approach is certainly not perfect. Some sites don't ask your browser or app or whatever to load ads from third-party sites but instead get the ads from those sites themselves and embed the ads right in what they are feeding you, leaving your ad-blocking system no way to distinguish ads from desired material. I particularly notice this now with the TV streaming sites. A year ago I could still block a lot of streaming ads at the DNS level. Not so much anymore. Some are still blockable, but many are not.

Personally I am not as obsessed with blocking ads as I am with blocking trackers. I just don't want my browsing history to be widely shared across the advertising industry. It's just revolting at a gut level.

_________________
2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
tinkeruntilitworks
Guest





PostPosted: Thu Sep 12, 2019 21:45    Post subject: Reply with quote
thanks for the response
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6410
Location: UK, London, just across the river..

PostPosted: Thu Sep 12, 2019 22:02    Post subject: Reply with quote
yep, this is true, as well some devices like TV's and ect. use layer 7 DNS like 8.8.8.8, so i guess they go around your adblocker ...

in general ads are not a bad thing, but our ISP floods
internet with ads, so ad-blocker is a must, otherwise browsing is a challenge...

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Goto page Previous  1, 2, 3, 4, 5, 6  Next Display posts from previous:    Page 2 of 6
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum