Diversion Diversion - the Router Ad-Blocker

[thelonelycoder]

Awesome! I'll be interested to see how it works when it's finished!

That might be good or bad. At the moment the test router sits behind the main router which has all the directives for my network.
If it were the main router, some local services would not be available for the 'jailed' devices.

This is beta, and I'd like to find out if the auto-generated Dnsmasq config file works properly on other systems.
Also, the memory footprint is a tad higher with two Dnsmasq instances running, each using a largish blocking file.

 

[HuskyHerder]

Forgive me for not clearly understanding. I think, I have it, if I am reading you post correctly.

This would eliminate the need for me to use LAN>DNS filter for specific devices (old way)? The way I read it is, I could have a large blocking file for things I want to normally block, and then my Apple TV, or the Mrs Mac can use another blocking file so that my large blocking file doesn't filter AcornTV, and certain sites, she uses for work. But she could still benefit from a smaller list.

Again sorry to re hash your post. If I am reading it correctly, I am super excited to give it a go.

 

[thelonelycoder]

Forgive me for not clearly understanding. I think, I have it, if I am reading you post correctly.

This would eliminate the need for me to use LAN>DNS filter for specific devices (old way)? The way I read it is, I could have a large blocking file for things I want to normally block, and then my Apple TV, or the Mrs Mac can use another blocking file so that my large blocking file doesn't filter AcornTV, and certain sites, she uses for work. But she could still benefit from a smaller list.

Again sorry to re hash your post. If I am reading it correctly, I am super excited to give it a go.

Exactly. Requests for a feature to have a general blocking file and another one for specific devices came up several times.
I tinkered with it for a while, the fs feature was a side project to have two blocking files at the ready and in preparation for the second Dnsmasq instance.

 

[^Tripper^]

As briefly mentioned on Twitter, a beta feature is coming with the upcoming Diversion 4.0.6!

Help me name that feature, I am not happy with '6. Enable second blocking file'.

Suggested names;

1) SYM (Save Your Marriage)
2) HWHL (Happy Wife Happy Life)
3) Nagging Reducer
4) Hostility Suppressor
5) Peace Mode
6) ITOTC (I’m Tired Of This Crap)

Honestly, I still like the “original” name; Wife Mode

 

[FadgewackeR]

Suggested names;

1) SYM (Save Your Marriage)
2) HWHL (Happy Wife Happy Life)
3) Nagging Reducer
4) Hostility Suppressor
5) Peace Mode [emoji3522]
6) ITOTC (I’m Tired Of This Crap)

Honestly, I still like the “original” name; Wife Mode

LHGPF - Long Haired General Placation Filter

 

[user1085]

The highlighted follow dnsmasq is great! In addition is it possible to add these two features?

1. Highlight the filtered by term log as well?
   
2. Remove a specific domain from filtered log? eg. while following dns requests from my Roku, cooper.roku.com domain is blocked 10s of times every second. Therefore it pollutes the filtered log making it really really hard to observe if there were other domains blocked why trying to debug why a channel doesn't load

@thelonelycoder - Can you look into this feature request?https://www.snbforums.com/members/thelonelycoder.25480/

 

[martinr]

As briefly mentioned on Twitter, a beta feature is coming with the upcoming Diversion 4.0.6!

Help me name that feature, I am not happy with '6. Enable second blocking file'.

What does it do?
When fs (Blocking file fast switch) is enabled, the menu to activate the secondary blocking file is enabled, as shown here:

Once enabled, it starts a second Dnsmasq instance with the secondary blocking file active, listening on a virtual IP. Clients can then be directed through LAN/DNSFilter to use this IP as the Custom DNS.
This is helpful for those having a nagging partner or children with demands that certain websites do not work.
This is a permanent solution instead of using fs to temporarily use a (presumably smaller) blocking file.
fs still works and switches blocking files on the primary Dnsmasq instance, while the second Dnsmasq instance remains on the secondary blocking file.

ETA for v4.0.6 is this year.

The problem with a name that isn’t self-explanatory is that someone new hasn’t a clue what it does and there will be a steady stream of posts asking, for example, what exactly is Wife Mode?. A name that gives even a hint of the function is a great help.

Maybe Blocking File 1 and Blocking File 2? (It’s possible someone might have a more restrictive blocking file as the second one, so I don’t think Enable less restrictive blocking file is a good idea.)

Enable dual blocking file setup?

 

[thelonelycoder]

The problem with a name that isn’t self-explanatory is that someone new hasn’t a clue what it does and there will be a steady stream of posts asking, for example, what exactly is Wife Mode?. A name that gives even a hint of the function is a great help.

Maybe Blocking File 1 and Blocking File 2? (It’s possible someone might have a more restrictive blocking file as the second one, so I don’t think Enable less restrictive blocking file is a good idea.)

Enable dual blocking file setup?

Diversion never had a wife mode, it's always been the blocking file fast switch, or fs as the command.
I too look for a name that makes sense. 'Second Dnsmasq instance' is perfectly clear to me but not for novices.
Maybe 'second blocking file instance' or something similar.

 

[Asad Ali]

Diversion never had a wife mode, it's always been the blocking file fast switch, or fs as the command.
I too look for a name that makes sense. 'Second Dnsmasq instance' is perfectly clear to me but not for novices.
Maybe 'second blocking file instance' or something similar.

-Primary Blocking File ( Use for normal setups )
-Secondary Blocking File ( Use for custom setups )

 

[cmkelley]

Diversion never had a wife mode, it's always been the blocking file fast switch, or fs as the command.
I too look for a name that makes sense. 'Second Dnsmasq instance' is perfectly clear to me but not for novices.
Maybe 'second blocking file instance' or something similar.

Besides which "wife mode" is rather inherently sexist ...

 

[Marin]

6. Enable Blocking file options;

1. “Default” Blocking File (default setup)

2. “Custom” Blocking File (for custom configurations requiring setup of a secondary Dnsmasq)


Considering that the two options proposed are somewhat independent in their functions, I agree that the use of “secondary” as one of the options of Blocking file may be somewhat confusing especially to those who are new at this and may make them think that it is the “next” step in their blocking file setup rather than an alternative setup.

The two options must have titles that clearly distinguish them as two different configuration options.

My 2 cents. Thank you @thelonelycoder! Merry Christmas to you and everyone!



Sent from my iPhone using Tapatalk

 

[Mutzli]

Diversion never had a wife mode, it's always been the blocking file fast switch, or fs as the command.
I too look for a name that makes sense. 'Second Dnsmasq instance' is perfectly clear to me but not for novices.
Maybe 'second blocking file instance' or something similar.

Would that still work in combination with Skynet? Or would Skynet use the last active blocking file and ignore the first one that was active before switching.

 

[john9527]

How about
Alternate Blocking File (specified clients)

 

[Diamond67]

Exactly. Requests for a feature to have a general blocking file and another one for specific devices came up several times.
I tinkered with it for a while, the fs feature was a side project to have two blocking files at the ready and in preparation for the second Dnsmasq instance.

Sounds nice!

I wonder if you could attach some screen captures of the final settings (both Router GUI (if needed) and Diversion Menu) which would show us how to force a certain device (IP and MAC) to use the Secondary Blocking File (in my case "The Freeway" instead of maybe a bit more strict Primary or Default Blocking File)?

If I for example have a Manually Assigned IP and MAC address (LAN - DHCP Server) for my television and I want it to use the Secondary Blocking File.

How about DNS-based Filtering (LAN - DNSFilter) of the router? We still need it to be Enabled? Settings?

 

[thelonelycoder]

The highlighted follow dnsmasq is great! In addition is it possible to add these two features?

1. Highlight the filtered by term log as well?
   
2. Remove a specific domain from filtered log? eg. while following dns requests from my Roku, cooper.roku.com domain is blocked 10s of times every second. Therefore it pollutes the filtered log making it really really hard to observe if there were other domains blocked why trying to debug why a channel doesn't load

1:
Filtered term is already highlighted, it's just that the filtered results do not fall within the explicit highlighted lines.
To test it use 'dnsmasq' (without the '') as the filter term. Since the term dnsmasq is in every line of the log file, the result is just as option '1. Unfiltered log' in f.

2:
The filtered by term uses grep and something like

grep "filter term" | grep -v "cooper.roku.com" /opt/var/log/dnsmasq.log

could be used to look for 'filter term' but exclude 'cooper.roku.com' from the results.
However, the way I coded the function it will not work with a filter by using this as the filter term:

"filter term" | grep -v "cooper.roku.com"

I may look into it to make this possible.

 

[thelonelycoder]

Would that still work in combination with Skynet? Or would Skynet use the last active blocking file and ignore the first one that was active before switching.

This does not affect Skynet operation at all as Skynet does not use the blocking file, only the shared whitelist.

 

[thelonelycoder]

How about
Alternate Blocking File (specified clients)

I believe we have a winner!

 

[thelonelycoder]

Sounds nice!

I wonder if you could attach some screen captures of the final settings (both Router GUI (if needed) and Diversion Menu) which would show us how to force a certain device (IP and MAC) to use the Secondary Blocking File (in my case "The Freeway" instead of maybe a bit more strict Primary or Default Blocking File)?

If I for example have a Manually Assigned IP and MAC address (LAN - DHCP Server) for my television and I want it to use the Secondary Blocking File.

How about DNS-based Filtering (LAN - DNSFilter) of the router? We still need it to be Enabled? Settings?

Hmm, read this post again: https://www.snbforums.com/threads/diversion-the-router-ad-blocker.48538/page-77#post-454959

 

[Skeptical.me]

When I tried out AdGuard Home, I saw these in Terminal (there may be more but these are the ones I caught). This is the first time I've added Host Files to Diversion. I wasn't sure if others would be interested in these:

https://adaway.org/hosts.txt

https://hosts-file.net/ad_servers.txt

http://www.malwaredomainlist.com/hostslist/hosts.txt

 

[thelonelycoder]

When I tried out AdGuard Home, I saw these in Terminal (there may be more but these are the ones I caught). This is the first time I've added Host Files to Diversion. I wasn't sure if others would be interested in these:

https://adaway.org/hosts.txt

https://hosts-file.net/ad_servers.txt

http://www.malwaredomainlist.com/hostslist/hosts.txt

FYI:
https://adaway.org/hosts.txt and http://www.malwaredomainlist.com/hostslist/hosts.txt are included in https://github.com/StevenBlack/hosts which is used in the Standard, Medium and Large blocking files.

https://hosts-file.net/ad_servers.txt is used in the Large blocking file.